avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru Open in urlscan Pro
45.147.197.153  Public Scan

URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Submission: On September 20 via api from US — Scanned from US

Summary

This website contacted 28 IPs in 4 countries across 22 domains to perform 187 HTTP transactions. The main IP is 45.147.197.153, located in Netherlands and belongs to ON-LINE-DATA Server location - Netherlands, Dronten, NL. The main domain is avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru.
TLS certificate: Issued by R3 on September 20th 2023. Valid for: 3 months.
This is the only time avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 45.147.197.153 204601 (ON-LINE-D...)
12 2607:f8b0:400... 15169 (GOOGLE)
1 2 88.212.202.52 39134 (UNITEDNET)
1 89.184.81.35 28907 (MIROHOST ...)
5 11 2a02:6b8::1:119 208722 (GLOBAL_DC)
2 13 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
8 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
35 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2620:100:a001... 19750 (AS-CRITEO)
22 2620:100:a001::4 19750 (AS-CRITEO)
8 2600:141b:13:... 20940 (AKAMAI-ASN1)
2 74.119.119.147 19750 (AS-CRITEO)
2 2600:9000:26f... 16509 (AMAZON-02)
2 4 142.250.65.198 15169 (GOOGLE)
2 3.208.227.70 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 2607:f8b0:400... 15169 (GOOGLE)
8 34.117.228.201 396982 (GOOGLE-CL...)
4 142.251.35.162 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
6 2620:100:a001... 19750 (AS-CRITEO)
2 2620:100:a001::3 19750 (AS-CRITEO)
16 2620:100:a001::9 19750 (AS-CRITEO)
187 28
Apex Domain
Subdomains
Transfer
47 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 122
tpc.googlesyndication.com — Cisco Umbrella Rank: 169
574 KB
44 criteo.net
static.criteo.net — Cisco Umbrella Rank: 897
csm.us.criteo.net — Cisco Umbrella Rank: 5069
imageproxy.us.criteo.net — Cisco Umbrella Rank: 5260
227 KB
17 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
ad.doubleclick.net — Cisco Umbrella Rank: 180
112 KB
16 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 676
rtb0.doubleverify.com — Cisco Umbrella Rank: 1113
rtbc-ue1.doubleverify.com — Cisco Umbrella Rank: 4110
tps.doubleverify.com — Cisco Umbrella Rank: 722
tpsc-ue1.doubleverify.com — Cisco Umbrella Rank: 2374
252 KB
11 bookmp3.ru
avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
201 KB
8 gstatic.com
www.gstatic.com
fonts.gstatic.com
100 KB
8 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 6180
3 KB
6 criteo.com
ads.us.criteo.com — Cisco Umbrella Rank: 4918
cat.va.us.criteo.com — Cisco Umbrella Rank: 5006
rtb.va.us.criteo.com — Cisco Umbrella Rank: 10891
93 KB
5 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1368
www.googleadservices.com — Cisco Umbrella Rank: 178
601 B
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 254
227 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 96
21 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2472
55 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 410
10 KB
2 samplicio.us
tracker.samplicio.us — Cisco Umbrella Rank: 2646
606 B
2 agkn.com
d.agkn.com — Cisco Umbrella Rank: 1055
1 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
ajax.googleapis.com — Cisco Umbrella Rank: 720
32 KB
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 7583
2 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 11
256 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 408
27 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
80 KB
1 hit.ua
c.hit.ua — Cisco Umbrella Rank: 121529
739 B
0 frontroute.org Failed
xp4stm90bvzr.frontroute.org Failed
187 22
Domain Requested by
35 tpc.googlesyndication.com googleads.g.doubleclick.net
www.gstatic.com
tpc.googlesyndication.com
avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
22 static.criteo.net ads.us.criteo.com
cdnjs.cloudflare.com
static.criteo.net
16 imageproxy.us.criteo.net avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
ads.us.criteo.com
13 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
12 pagead2.googlesyndication.com avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
11 avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
8 cdn.doubleverify.com ads.us.criteo.com
cdn.doubleverify.com
avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
8 mc.yandex.com 3 redirects avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
mc.yandex.ru
7 www.gstatic.com googleads.g.doubleclick.net
6 csm.us.criteo.net ads.us.criteo.com
4 www.googleadservices.com avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
4 ad.doubleclick.net 2 redirects ads.us.criteo.com
4 www.googletagservices.com googleads.g.doubleclick.net
3 www.google-analytics.com avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
www.google-analytics.com
www.googletagmanager.com
3 mc.yandex.ru 2 redirects avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
2 tpsc-ue1.doubleverify.com cdn.doubleverify.com
2 rtb.va.us.criteo.com avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
2 tps.doubleverify.com cdn.doubleverify.com
2 cdnjs.cloudflare.com ads.us.criteo.com
2 rtbc-ue1.doubleverify.com cdn.doubleverify.com
2 rtb0.doubleverify.com cdn.doubleverify.com
2 tracker.samplicio.us ads.us.criteo.com
2 d.agkn.com ads.us.criteo.com
2 cat.va.us.criteo.com ads.us.criteo.com
2 ads.us.criteo.com googleads.g.doubleclick.net
2 counter.yadro.ru 1 redirects avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
1 www.google.com 1 redirects
1 s0.2mdn.net tpc.googlesyndication.com
1 ajax.googleapis.com tpc.googlesyndication.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com www.google-analytics.com
1 fonts.googleapis.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 c.hit.ua avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
0 xp4stm90bvzr.frontroute.org Failed avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
187 35

This site contains links to these domains. Also see Links.

Domain
mir-knigi.info
vk.com
www.facebook.com
twitter.com
bookmp3.ru
www.liveinternet.ru
hit.ua
Subject Issuer Validity Valid
avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
R3
2023-09-20 -
2023-12-19
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
hit.ua
R3
2023-09-04 -
2023-12-03
3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018
2023-08-14 -
2024-01-24
5 months crt.sh
*.googleadservices.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
*.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-01 -
2023-12-02
3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-08-05 -
2023-10-31
3 months crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1
2023-05-07 -
2024-05-07
a year crt.sh
*.va.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-11 -
2023-10-13
3 months crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2023-09-07 -
2024-09-29
a year crt.sh
*.samplicio.us
Amazon RSA 2048 M01
2022-11-16 -
2023-12-15
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
*.us.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-08-09 -
2023-11-07
3 months crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2
2022-09-28 -
2023-10-30
a year crt.sh

This page contains 16 frames:

Primary Page: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Frame ID: 8CD62B1EDFFE419A4F8314FD1BED1020
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20190131/zrt_lookup.html
Frame ID: 08545637ED8322EDD79272593F77B763
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&adk=1812271804&adf=3025194257&lmt=1695227693&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Favito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695191692565&bpp=7&bdt=1562&idt=429&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8239861751691&frm=20&pv=2&ga_vid=1915655829.1695191693&ga_sid=1695191693&ga_hid=1939529460&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803122%2C21065725&oid=2&pvsid=3600284936222131&tmod=1913480835&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=472
Frame ID: 637988802C488E92FF9CCF779ECF32BE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=600&slotname=7639484812&adk=992306218&adf=1633998875&pi=t.ma~as.7639484812&w=300&fwrn=4&fwrnh=100&lmt=1695227693&rafmt=1&format=300x600&url=https%3A%2F%2Favito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695191692572&bpp=3&bdt=1570&idt=471&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8239861751691&frm=20&pv=1&ga_vid=1915655829.1695191693&ga_sid=1695191693&ga_hid=1939529460&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803122%2C21065725&oid=2&pvsid=3600284936222131&tmod=1913480835&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=evMtBxa3UR&p=https%3A//avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru&dtd=479
Frame ID: 031EB4F419697EB4A21101E03A1B3640
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=1032&slotname=7256341433&adk=2496561252&adf=1568110953&pi=t.ma~as.7256341433&w=300&cr_col=1&cr_row=13&fwrn=2&lmt=1695227693&rafmt=9&format=300x1032&url=https%3A%2F%2Favito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru%2F&crui=image_sidebyside&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695191692575&bpp=5&bdt=1572&idt=485&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=8239861751691&frm=20&pv=1&ga_vid=1915655829.1695191693&ga_sid=1695191693&ga_hid=1939529460&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=707&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803122%2C21065725&oid=2&pvsid=3600284936222131&tmod=1913480835&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pZdl5OliPc&p=https%3A//avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru&dtd=489
Frame ID: 4B7214839156CB05AFE0DC9ED9D35F95
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3231D8673A2851BADC38B9AFDD50CCDF
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1
Frame ID: 386DE5ADC76065E354459F6ABBA6217F
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1
Frame ID: 94CF7AB9FEADC028D338FD7671713498
Requests: 13 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjIKwUgkAAODLtMp_t2poD09Hz-0qg&u=%7CouQHdnFa5Kmf2p4Bss1sMgOH8sVBwyqn%2BiF0%2Bahdfb4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMFJuvFqbjSDMVND0YNpbXxw_g68WQBYp6weOwM57j-9gqQp1XQI8p1GzWVoJL-MYPH3XWkzenv5tUiwVrgfGWP8oCqnSa-uDWK7Am0l0x6-ooZO9aEmPM-LmJvTGNiOWjUEiMrXG5v6LCR_wUr4vBKoVnzJw5iRomwS_WqazraITJwrdaznTla_p_q9CCjN0dMdpo8cyL1qRUUbK2CpcPoAmULxFtvIb8PkVAHAhKpur_O8geRTjDnHA4pRh7r0NoC1zZarfAPSpY9klgZfcD45lW_80lVdKRNCiBqggAW3--_dgHPvJXkCcfUmvyHXpgRMAy0psZqYIFgiL0PPC-RL84VUze1wivglauOObXP0eXCF02Qxr6n9zly1M4A4NmjztEd1OoVvBH-RZ8QvZMdfMi4qxuRFmMz-DsI7wp1bK7t3Gie4Z0zO_6bJ8n2J9BunLe3m5qPkZgjDm7Wrdrpy91igJ5HQOY6GA5htN0tmr5Z47H1NsjIr0qAVuccaMquy__4Z8i73S7JJlZrxPIrE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgg18jZIKZbKkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_Q3h13zMhKVR_2VR6pDKSyJ8cpmeAwGXcAo5EfC7LSLx2k3CY7oa93tBTOCUlepQPwNuNWvZM706ttHSNnsbEH7pnon_oFajyWuRBAtJ_ha9lTABC1xnhU3yqkPwBptf8tYI9bRGDjQ4uZsM9rFgenV-RZpZNYBmyNBW1pVl8sLF4V2FMm7DDpQsptCFUbO44Iy__AZBvzYOhaJZ54uTCjEutn6BDB-VqiGQ5WUbPASV3HnsPcMUNvlA1d46bqRxZWrn8de6mDaIHGuP_0FJbyyUdpFYRxPhNbrPEu1EmRJvAm-yIFepvpFwdMSoSjGkg43ndpieUsTnm4O73eb57g8akm5AJHgw-jpGASS0RySRxZAuEs6vfU2dSdm4AGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eW35jhhplwIs8GhpqjfKJDoFWkA%26client%3Dca-pub-1618592205083780%26adurl%3D
Frame ID: 6C665FC15A1F596494A68CD726B81439
Requests: 33 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjMKwUgkAAODLtfuqiyibdXypa9hKg&u=%7CouQHdnFa5KnkG6Bv5lBUSAyMN3q30ZfBr7A226mMTag%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMIRPtA8mHpd_-JT7UN-K7LyBnpFyFibQgWNAweRv4OYXzsw4WE3JlyPWZJBB8-Lzgj0JaPVk-aQbNp-GKMDBYD1TXLVMb7qiyj4VnKKfJiiBsuefuZNsL4ONCL2xZURRfouiuEx4qRytmVLY3b0R_aAmDqxaaBBL3xxqUI0vi_z3UaOmE2TUHYVeanSA5k0s37eFDdnWQAGHYS55XWJsjgP6MDuhRqMp6zGKJXOn4JsS9I2D5QxO0yALfnoP5Uqil-4vd3YCDut-IqcuqODjzL8TWqVHAmkDKfzPzNmNx_OhMPoMquhfJvogtj69LH19framrHaEts-2i8SGupPZHdKU6Phtl5wxefB--p1xW39HHiKpmIYy_imHPp1uxUXU4qE9SFOeOFn9PwPhX2fAdMH9JFRd5ldWXzFuLvvEEM2yIOxsSpyZTAlwBe0xE2F2A58larT59RxotFXJqpsLYMIWTAn_6LYTNgEr_relg4b5mcTXW801ulqaQUiuOe3LOadEh2kgtL6M2PEmoR4pyi8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxoxUjZIKZbOkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_QljaJmzFSWLzf3mM6nAdD6Xr_UE5A1gSYWNBK4RWl0BeftaRouryjXYhAm6VC9-snD6cPYqRbwWe5TtLl2UCHKFfamyQSzNhxnGeMyFq_N0D9B0xyA-2wU_VIe-VTIq26_amnTp2IfdprhO_aRpFiSvkrV1hyEYOxQdSqt3_hMCAo3ze9XVaJ0RkqNY4rl-lksPCBxxVK4pE58Hqz9M0hZKJCSSCg3qGMiayggF2tXcaAMIR6yoO6spGpkJIKuLsBSVWUDHeMiiPwvmIlCydj_m3yBC_DZm1mBliqJdqAJWmCYkbA_UEHKXXA3bTQ67av4ID2nM3N1iikg63HgKcnXrpdW2Xvbkv7g6IfK9NFgq0Z4SfxPJ4cTfw1dIAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3bC8y1qNe_Ow3SY0S8gLKGbfj6nA%26client%3Dca-pub-1618592205083780%26adurl%3D
Frame ID: C2B2C538061255ACD6EEAA86DD6AC7A7
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 975AF1162863B3EB4B7AD628FB72EC0F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
Frame ID: 17F615EE2BEB4C85365AB2D61C5E0184
Requests: 25 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js
Frame ID: 6482D541FC7C9C845A04BDA24089A72E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js
Frame ID: 095276ECF505AA47DCA58F547AFCA7DF
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4705.js
Frame ID: EBF298D028B092C464267C556BB665DB
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4705.js
Frame ID: 520705F7166B4808C19B6865075B75FA
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Аудиокниги слушать онлайн бесплатно :: bookmp3.ru

Detected technologies

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

187
Requests

89 %
HTTPS

71 %
IPv6

22
Domains

35
Subdomains

28
IPs

4
Countries

2017 kB
Transfer

5525 kB
Size

31
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://counter.yadro.ru/hit?t11.6;r;s1600*1200*24;uhttps%3A//avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/;0.3324251688392945 HTTP 302
  • https://counter.yadro.ru/hit?q;t11.6;r;s1600*1200*24;uhttps%3A//avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/;0.3324251688392945
Request Chain 35
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10132.7ThiGdM1wmxnpQrGc1Bnrw9hbLmWUtHrANCLmWmLmRxk3dguLRT8Sgo6bFiJ-7Od.fKUtuhnj4jTtlxc7-a1_4LmSTmc%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10132.ngF-1BgyidJw6zJxzFG-ChR-4SfyX8vqDYJywF4aCw9aAhnDve3x92WIOwJcsUnsNG8SKzX7tiVq2TTCaHFjIh5hn1Xw8BBASoghTEopc28%2C.FWpzW6SEuO0IaBlb_PCqPiVpcsg%2C
Request Chain 71
  • https://mc.yandex.com/watch/46501593?wmode=7&page-url=https%3A%2F%2Favito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3wcjej5lmwx5238tghrt8yj%3Afp%3A3216%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1111%3Acn%3A1%3Adp%3A0%3Als%3A170078542288%3Ahid%3A588255791%3Az%3A-600%3Ai%3A20230919203453%3Aet%3A1695191693%3Ac%3A1%3Arn%3A713347924%3Arqn%3A1%3Au%3A1695191693242285976%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A35%2C220%2C1519%2C2%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1695191689142%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1695191694%3At%3A%D0%90%D1%83%D0%B4%D0%B8%D0%BE%D0%BA%D0%BD%D0%B8%D0%B3%D0%B8%20%D1%81%D0%BB%D1%83%D1%88%D0%B0%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%3A%3A%20bookmp3.ru&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/46501593/1?wmode=7&page-url=https%3A%2F%2Favito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3wcjej5lmwx5238tghrt8yj%3Afp%3A3216%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1111%3Acn%3A1%3Adp%3A0%3Als%3A170078542288%3Ahid%3A588255791%3Az%3A-600%3Ai%3A20230919203453%3Aet%3A1695191693%3Ac%3A1%3Arn%3A713347924%3Arqn%3A1%3Au%3A1695191693242285976%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A35%2C220%2C1519%2C2%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1695191689142%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1695191694%3At%3A%D0%90%D1%83%D0%B4%D0%B8%D0%BE%D0%BA%D0%BD%D0%B8%D0%B3%D0%B8%20%D1%81%D0%BB%D1%83%D1%88%D0%B0%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%3A%3A%20bookmp3.ru&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1
Request Chain 84
  • https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B30251533.372411465;dc_trk_aid=563043988;dc_trk_cid=195958998;dcopt=anid;ord=650a928d0b2d0d9e04e0a00b4ad4b9bf;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B30251533.372411465;dc_pre=CKnmrJbJuIEDFdMRaAgdcDgHaw;dc_trk_aid=563043988;dc_trk_cid=195958998;dcopt=anid;ord=650a928d0b2d0d9e04e0a00b4ad4b9bf;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=
Request Chain 116
  • https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B30251533.372411465;dc_trk_aid=563043988;dc_trk_cid=195958998;dcopt=anid;ord=650a928dc3070b3af4ac0ac57c46a7fd;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B30251533.372411465;dc_pre=CMHlrJbJuIEDFUbOswodLnEIGQ;dc_trk_aid=563043988;dc_trk_cid=195958998;dcopt=anid;ord=650a928dc3070b3af4ac0ac57c46a7fd;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=
Request Chain 118
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 120
  • https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10132.BZW03SE6OyuLa8q6rajk6-yphNsZSPsGWU-mIp-HRZ9Z90jvwL_2s5EEcN5WGmxH.AcMYc-hgtn9kiJW2XwmqDzJ8NTc%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10132.p7ojeiMgM9Nc-HjN4qZe1i1rcL_cqwACIVITDR5X5rjr1HZKib8C-7JDOj139LGqaSncqIAi-pVZh54I6mapTUwBWWcRRgzz9T0t2LATeTU%2C.B-eDt5EE9JKzlL2ZV4cUtTivnLM%2C
Request Chain 125
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C5lyUjZIKZczmBq6mrr4P366QoAH98NjfcrW3ienKEZqXwszkPBABIP7voD5gyYaAgNyjxBCgAar9sOwCyAEBqAMByAPLBKoEpwJP0GtatYEVIEYI8F1QLJt0IHPbhSCDhDUTeNovYedF2fpBNMpsZF_ID_x-U1jQ2VEhYk0LS0ADOsZajQl2QSzS3Xn9UDuCPlnTYijc3KsZPBn5KCD1LkA7CEmvuScGMDtIPPHa4NY0U7-_DV1VrlpB0WHJjEiFRBVooZK7F5_o4HQuqrzFfFThXNATM4mOAz5m5QB6Q4U3tedCXfVJa318LhNY9KZQVSpT8LAl9whX1a89GLvMJAQVEoOXHlOv3qOTbpA6UVkJ95HezloCH4CL2A0b16THDnq1DnO9tCYCWS61HHm-5RVftEWuaonZH0Ak6QerOTAy2CBIOhcj4sqOnjafZSKiaSH08TObIx8OHm2kDtH1GnXPDHPyuTYsGVE0kLgOLdr6wATD8ejUrgSIBZmon8NLkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB76Cz5MBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ0PMc0ggUCIBhEAEYHzICigI6AoBASL39wTqaCXNodHRwczovL3d3dy5zb3V0aGdhdGV0b3dlcnNtaWFtaS5jb20_dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1jcGMmdXRtX2NhbXBhaWduPXVuaXRkaXNwbGF5JnV0bV9jb250ZW50PTFiZWRyb29tgAoByAsB2gwQCgoQsLiRyd2o0fJ3EgIBA9gTDYgUAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xNjE4NTkyMjA1MDgzNzgwGAA&sigh=-c7T0tW-9Hg&uach_m=[UACH]&ase=2&cid=CAQSTABpAlJWfejW16XLpoDe9FUkY5kT4jgAaHc6RET2eb2bYExP6ebkIPB1I7m3qcXLZm9aF9lj24I7pd2GEdqKyNXqbeEfNZV-c-lzFWYYAQ&template_id=5001&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x8fac813774db6690000000000000000%22,%222%22:%220x1b2ab52a414e00840000000000000000%22,%223%22:%220x8b6964352730707e0000000000000000%22,%224%22:%220xc0d449ee123b02210000000000000000%22,%225%22:%220xb1819572684682500000000000000000%22},%22debug_key%22:%229595431205157930313%22,%22debug_reporting%22:true,%22destination%22:%22https://southgatetowersmiami.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22764165802%22],%224%22:[%2209-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225345790364602800865%22}&andc=true
Request Chain 127
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CL6R5jZIKZbSkBqSQhQauho74AdOkz_1ygYqIgboRiv2ghMMBEAEg_u-gPmDJhoCA3KPEEKABiKPkpAPIAQmoAwHIA0iqBKwCT9ATI5piCxBEvjnboqh2Hed4lHxq9J6qg4D5usZzRrifZNr-16-FjjHd0FrUMbVAvlnsy0i84l5zddETlVU6S6GWbY6nboxQHokFo7vWA_HUNgmHnkNjx0fwPZ7cYCZB5F7tT6P66O8dMV9gPLM9aJUsuYYR3xdveo_6FvvNoWZvVLiLFIWacgjNkwru7wvvQ7k-HzN-zAlD9SsNN26pgK-9kdP8qr1jBoD_qDpvKha-QhlhIAw7t28RjqmCR8Qg4EzKOYrQblDX0hcJiG_-0fbNmi-QcEUZJv1lrcjxSB8zmWD9F_2LqZ2lgV44eWArlmXfCjPlrm47DQIGwkLoL0BmNMgBEKPxhp3PWhFBcCVlu6m2bpDUru7K0sDxe2qa2INz_kTpKDpMVm--wASdh7eLpgSIBdTE7ZdKkgUECAQYAZIFBAgFGASgBi6AB-Dcm1uoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCzqRfSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJrwJodHRwczovL3NsYWNrLmNvbS9ncm93LWJ1c2luZXNzP2Q9NzAxM3kwMDAwMDJWNkJOQUEwJm5jPTcwMTN5MDAwMDAyVjhiY0FBQyZ1dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWRpc3BsYXkmdXRtX2NhbXBhaWduPUFNRVJfVVNfRU5fRXZlcmdyZWVuX1NMS0NPTl9Hb29nbGVfU0xBQ0stUEctU1MtQWxsLUdETi1HUkItSW5tYXJrZXQmdXRtX2NvbnRlbnQ9c2xhY2stcGctc3MtYWxsLWlubWFya2V0aGVscGRlc2tfNzAxM3kwMDAwMDJWNkJOQUEwJnV0bV90ZXJtPWlubWFya2V0aGVscGRlc2tfLl9pbmZvJmdjbHNyYz1hdy5kcyaACgHICwHaDBEKCxDQsfvI4ODSw9cBEgIBA9gTAogUA9AVAZgWAYAXAbIXHAoaCAASFHB1Yi0xNjE4NTkyMjA1MDgzNzgwGAA&sigh=d3O0rlrM4o8&uach_m=[UACH]&ase=2&cid=CAQSTABpAlJWXLtmR2jRT9SnKY1wN1uNOBOUG27eYWjDMiqblkSfImUJorMKhCL7rZjUGtHpakNNNmjzNoQ6q8l6HM6DRlLhCbrQrHI4w3sYAQ&template_id=419&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd777e5ab001747980000000000000000%22,%222%22:%220x7824d7428be9c7890000000000000000%22,%223%22:%220x7444a81e69a26b880000000000000000%22,%224%22:%220x4ece106574a68b480000000000000000%22,%225%22:%220xdeeee9e032fa000b0000000000000000%22},%22debug_key%22:%228184110463521037874%22,%22debug_reporting%22:true,%22destination%22:%22https://slack.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22882446728%22],%224%22:[%2209-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222670554152702331409%22}&andc=true

187 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
62 KB
12 KB
Document
General
Full URL
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
vm1670795.nvme.had.yt
Software
ddos-guard / PHP/7.1.33
Resource Hash
143defa52b166183926838badf1a67040d8ed3f3c35a3b1ad9e11a67b62888b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
cache-control
max-age=1, private, must-revalidate
content-encoding
gzip
content-length
11746
content-type
text/html; charset=UTF-8
date
Wed, 20 Sep 2023 06:34:50 GMT
expires
Wed, 20 Sep 2023 06:34:51 GMT
server
ddos-guard
strict-transport-security
max-age=31536000;
vary
Accept-Encoding
x-powered-by
PHP/7.1.33
jquery.js
avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/js/
89 KB
0
Script
General
Full URL
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/js/jquery.js
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
vm1670795.nvme.had.yt
Software
ddos-guard /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000;
last-modified
Tue, 10 Oct 2017 08:53:06 GMT
server
ddos-guard
age
0
etag
W/"536b8-55b2d6f820080-gzip"
vary
Accept-Encoding
content-type
application/javascript
ddg-cache-status
MISS
cache-control
max-age=2592000, private
accept-ranges
bytes
expires
Wed, 20 Sep 2023 06:34:52 GMT
main.js
avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/js/
860 B
569 B
Script
General
Full URL
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/js/main.js
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
vm1670795.nvme.had.yt
Software
ddos-guard /
Resource Hash
a94755ecd90a113ceb5ffbb9a9834639bbf215711895074c4181eb309929ca25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000;
last-modified
Wed, 25 Oct 2017 18:13:28 GMT
server
ddos-guard
age
0
etag
W/"35c-55c630327a200-gzip"
vary
Accept-Encoding
content-type
application/javascript
ddg-cache-status
MISS
cache-control
max-age=2592000, private
accept-ranges
bytes
expires
Wed, 20 Sep 2023 06:34:52 GMT
style.css
avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/css/
94 KB
15 KB
Stylesheet
General
Full URL
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/css/style.css?v=2.6
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
vm1670795.nvme.had.yt
Software
ddos-guard /
Resource Hash
47a37cabd33f930dd28119e3ba60cca269770f1b2a774a52bad0a75d8076cd8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:22:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000;
last-modified
Wed, 30 Jun 2021 13:22:17 GMT
server
ddos-guard
age
4350
etag
"17698-5c5fb9c888be4-gzip"
vary
Accept-Encoding
content-type
text/css
ddg-cache-status
HIT
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
15374
expires
Fri, 20 Oct 2023 05:22:21 GMT
font-awesome.min.css
avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/css/font-awesome.min.css
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
vm1670795.nvme.had.yt
Software
ddos-guard /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:22:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000;
last-modified
Tue, 10 Oct 2017 15:14:28 GMT
server
ddos-guard
age
4350
etag
"7918-55b32c3619d00-gzip"
vary
Accept-Encoding
content-type
text/css
ddg-cache-status
HIT
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
7053
expires
Fri, 20 Oct 2023 05:22:21 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
144 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1618592205083780
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b2136198a96109ea6a4f977e5bf73ee59c411f9b977b393b414e167c5bf0d074
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Origin
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50677
x-xss-protection
0
server
cafe
etag
1450635336261710069
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 20 Sep 2023 06:34:52 GMT
audiobook-znatok-zootekhnik.jpg
xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/5/7/0/2/
0
0

audiobook-ljubov-neljubov.jpg
xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/5/7/0/1/
0
0

audiobook-attrakcion-1.jpg
xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/5/7/0/0/
0
0

audiobook-chetyre-cveta-pamjati.jpg
xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/5/6/9/9/
0
0

audiobook-rasskazy-203.jpg
xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/5/6/9/8/
0
0

audiobook-my-tak-ljubim-glendu.jpg
xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/5/6/9/7/
0
0

audiobook-kogo-mne-bojatsja.jpg
xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/5/6/9/6/
0
0

audiobook-gorkie-zjorna-1.jpg
xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/5/6/9/5/
0
0

audiobook-est-li-zhizn-na-mks.jpg
xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/5/6/9/4/
0
0

audiobook-chetvertyjj.jpg
xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/5/6/9/3/
0
0

audiobook-kozhanyjj-meshok.jpg
xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/5/6/8/8/
0
0

audiobook-nedotepino-korolevstvo.jpg
xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/5/6/8/7/
0
0

webfont.js
avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/js/
13 KB
5 KB
Script
General
Full URL
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/js/webfont.js
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
vm1670795.nvme.had.yt
Software
ddos-guard /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000;
last-modified
Tue, 10 Oct 2017 08:53:02 GMT
server
ddos-guard
age
1
etag
W/"3384-55b2d6f44f780-gzip"
vary
Accept-Encoding
content-type
application/javascript
ddg-cache-status
MISS
cache-control
max-age=2592000, private
accept-ranges
bytes
expires
Wed, 20 Sep 2023 06:34:52 GMT
audioplayer.js
avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/js/
386 KB
58 KB
Script
General
Full URL
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/js/audioplayer.js
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
vm1670795.nvme.had.yt
Software
ddos-guard /
Resource Hash
f919c02713441d1502a5297ec6201783ecf8070a47d5df866a78ca2fb83bc865
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000;
last-modified
Tue, 10 Oct 2017 14:24:22 GMT
server
ddos-guard
age
2
etag
W/"607be-55b321035b180-gzip"
vary
Accept-Encoding
content-type
application/javascript
ddg-cache-status
MISS
cache-control
max-age=2592000, private
accept-ranges
bytes
expires
Wed, 20 Sep 2023 06:34:53 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
144 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1618592205083780
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db5086b55769640f409c37deb5be301986d682f25a704ce17ebe51e358bbe91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Origin
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50675
x-xss-protection
0
server
cafe
etag
12184006800422113653
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 20 Sep 2023 06:34:52 GMT
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t11.6;r;s1600*1200*24;uhttps%3A//avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/;0.3324251688392945
  • https://counter.yadro.ru/hit?q;t11.6;r;s1600*1200*24;uhttps%3A//avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/;0.3324251688392945
753 B
1 KB
Image
General
Full URL
https://counter.yadro.ru/hit?q;t11.6;r;s1600*1200*24;uhttps%3A//avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/;0.3324251688392945
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
HTTP/1.1
Server
88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host152.rax.ru
Software
nginx/1.17.9 /
Resource Hash
a61735542ef93f832ab8321f9670a83ff11f58b5e122b2fb014199e32de05312
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Sep 2023 06:34:53 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
753
Expires
Mon, 19 Sep 2022 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 20 Sep 2023 06:34:53 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit?q;t11.6;r;s1600*1200*24;uhttps%3A//avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/;0.3324251688392945
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Mon, 19 Sep 2022 21:00:00 GMT
hit
c.hit.ua/
471 B
739 B
Image
General
Full URL
https://c.hit.ua/hit?i=84925&g=0&x=1&s=1&c=1&t=600&w=1600&h=1200&d=24&0.508093425878825&r=&u=https%3A//avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.184.81.35 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US),
Reverse DNS
c.hit.ua
Software
nginx/1.17.9 /
Resource Hash
2b31ea37efec8b62b7e0f61908f2436720602d45ed8942849663a957e417128c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="UNI"
pragma
no-cache
date
Wed, 20 Sep 2023 06:34:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/png
server
nginx/1.17.9
expires
0
watch.js
mc.yandex.ru/metrika/
153 KB
55 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
f0f2fc153daf5d3ef66c6e26f9b8d244212b12c27e725e237b5d2afc2bd35afe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Thu, 07 Sep 2023 11:49:37 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"64f98ea1-d821"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
55329
expires
Wed, 20 Sep 2023 07:34:52 GMT
bookmp3-logo.png
avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/images/
27 KB
27 KB
Image
General
Full URL
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/images/bookmp3-logo.png?v1
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/css/style.css?v=2.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
vm1670795.nvme.had.yt
Software
ddos-guard /
Resource Hash
12d8aae0cf51d039bfbef1c8f7ec828851423f05c8f9e5d290b2c2e15cd9a8a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/css/style.css?v=2.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:22:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Sat, 21 Oct 2017 10:38:23 GMT
server
ddos-guard
age
4351
etag
"6d15-55c0c3048e5c0"
content-type
image/png
ddg-cache-status
HIT
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
27925
expires
Fri, 20 Oct 2023 05:22:22 GMT
icon-menu-dd.png
avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/images/
190 B
269 B
Image
General
Full URL
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/images/icon-menu-dd.png?v1
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/css/style.css?v=2.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
vm1670795.nvme.had.yt
Software
ddos-guard /
Resource Hash
db0d17ee9c24794dc313d2588c0c19bccccb2f7439a0dcb6be8cc985df84baf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/css/style.css?v=2.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:22:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Thu, 12 Oct 2017 17:43:11 GMT
server
ddos-guard
age
4350
etag
"be-55b5d12ea89c0"
content-type
image/png
ddg-cache-status
HIT
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
190
expires
Fri, 20 Oct 2023 05:22:22 GMT
icon-search.png
avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/images/
380 B
461 B
Image
General
Full URL
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/images/icon-search.png?v1
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/css/style.css?v=2.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
vm1670795.nvme.had.yt
Software
ddos-guard /
Resource Hash
3be3f024c46ff93eb55bb00f599911ef69c7957b19c8c3df9aca743259f35ae3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/css/style.css?v=2.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:22:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Thu, 12 Oct 2017 17:41:41 GMT
server
ddos-guard
age
4350
etag
"17c-55b5d0d8d3f40"
content-type
image/png
ddg-cache-status
HIT
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
380
expires
Fri, 20 Oct 2023 05:22:22 GMT
fontawesome-webfont.woff2
avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/fonts/
75 KB
76 KB
Font
General
Full URL
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
vm1670795.nvme.had.yt
Software
ddos-guard /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/css/font-awesome.min.css
Origin
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:52 GMT
strict-transport-security
max-age=31536000;
last-modified
Tue, 10 Oct 2017 15:17:21 GMT
server
ddos-guard
age
2
etag
"12d68-55b32cdb16240"
ddg-cache-status
MISS
cache-control
max-age=1
accept-ranges
bytes
content-length
77160
expires
Wed, 20 Sep 2023 06:34:53 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/
379 KB
128 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1618592205083780
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
220ebcdddfdee4799bb0e64d42463c1dd5a729ad01fe79b2c64ee9da97b658eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131519
x-xss-protection
0
server
cafe
etag
18068816096568125013
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Sep 2023 06:34:52 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230918/r20190131/ Frame 0854
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230918/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1618592205083780
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
23835
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4438
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Sep 2023 23:57:37 GMT
etag
8554266389219770021
expires
Tue, 03 Oct 2023 23:57:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/
387 B
601 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru&callback=_gfp_s_&client=ca-pub-1618592205083780
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eaaef360f1450bfc123aca7bca508e538adbfe851dd6a3a9dc63fe579c12005c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6379
259 KB
50 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&adk=1812271804&adf=3025194257&lmt=1695227693&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Favito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695191692565&bpp=7&bdt=1562&idt=429&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8239861751691&frm=20&pv=2&ga_vid=1915655829.1695191693&ga_sid=1695191693&ga_hid=1939529460&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803122%2C21065725&oid=2&pvsid=3600284936222131&tmod=1913480835&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=472
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
818e46d52c7bdaf6d2afb411fb2be26db570b68738968520134ba2f3c91949f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
51217
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 06:34:53 GMT
expires
Wed, 20 Sep 2023 06:34:53 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=b-topbar&ign=false&pw=1600&ph=1200&x=800&y=0
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 06:34:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 031E
123 KB
42 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=600&slotname=7639484812&adk=992306218&adf=1633998875&pi=t.ma~as.7639484812&w=300&fwrn=4&fwrnh=100&lmt=1695227693&rafmt=1&format=300x600&url=https%3A%2F%2Favito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695191692572&bpp=3&bdt=1570&idt=471&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8239861751691&frm=20&pv=1&ga_vid=1915655829.1695191693&ga_sid=1695191693&ga_hid=1939529460&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803122%2C21065725&oid=2&pvsid=3600284936222131&tmod=1913480835&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=evMtBxa3UR&p=https%3A//avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru&dtd=479
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9370e7158d331d5ad9758cd98ff674ffcb4ca1308b9f2a8f43a900d41ea5492e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
42367
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 06:34:53 GMT
expires
Wed, 20 Sep 2023 06:34:53 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4B72
715 B
576 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=1032&slotname=7256341433&adk=2496561252&adf=1568110953&pi=t.ma~as.7256341433&w=300&cr_col=1&cr_row=13&fwrn=2&lmt=1695227693&rafmt=9&format=300x1032&url=https%3A%2F%2Favito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru%2F&crui=image_sidebyside&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695191692575&bpp=5&bdt=1572&idt=485&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=8239861751691&frm=20&pv=1&ga_vid=1915655829.1695191693&ga_sid=1695191693&ga_hid=1939529460&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=707&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803122%2C21065725&oid=2&pvsid=3600284936222131&tmod=1913480835&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pZdl5OliPc&p=https%3A//avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru&dtd=489
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a026628b5e49092d8db4bfb5afcbed4211479fa313b3b9605ba0cbfda54754c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
355
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 06:34:53 GMT
expires
Wed, 20 Sep 2023 06:34:53 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 20 Sep 2023 04:40:55 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6838
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 20 Sep 2023 06:40:55 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10132.7ThiGdM1wmxnpQrGc1Bnrw9hbLmWUtHrANCLmWmLmRxk3dguLRT8Sgo6bFiJ-7Od.fKUtuhnj4jTtlxc7-a1_4LmSTmc%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10132.ngF-1BgyidJw6zJxzFG-ChR-4SfyX8vqDYJywF4aCw9aAhnDve3x92WIOwJcsUnsNG8SKzX7tiVq2TTCaHFjIh5hn1Xw8BBASoghTEopc28%2C.FWpzW6SEuO0IaBlb_PCqPiVpcsg%2C
43 B
67 B
Image
General
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10132.ngF-1BgyidJw6zJxzFG-ChR-4SfyX8vqDYJywF4aCw9aAhnDve3x92WIOwJcsUnsNG8SKzX7tiVq2TTCaHFjIh5hn1Xw8BBASoghTEopc28%2C.FWpzW6SEuO0IaBlb_PCqPiVpcsg%2C
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:53 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=10132.ngF-1BgyidJw6zJxzFG-ChR-4SfyX8vqDYJywF4aCw9aAhnDve3x92WIOwJcsUnsNG8SKzX7tiVq2TTCaHFjIh5hn1Xw8BBASoghTEopc28%2C.FWpzW6SEuO0IaBlb_PCqPiVpcsg%2C
date
Wed, 20 Sep 2023 06:34:53 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/
43 B
162 B
Image
General
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:53 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 07 Sep 2023 11:49:37 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"64f98ea1-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Wed, 20 Sep 2023 07:34:53 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/
154 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ddf0ccefce3d5a4cfde5d72e16d6e8ac3d386d739d61195afa43655409ec8a92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53706
x-xss-protection
0
server
cafe
etag
7541566870809314529
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Sep 2023 06:34:53 GMT
2ab36c0d951b69d9c04f85f5eb613648.js
www.gstatic.com/mysidia/ Frame 031E
9 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/2ab36c0d951b69d9c04f85f5eb613648.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=600&slotname=7639484812&adk=992306218&adf=1633998875&pi=t.ma~as.7639484812&w=300&fwrn=4&fwrnh=100&lmt=1695227693&rafmt=1&format=300x600&url=https%3A%2F%2Favito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695191692572&bpp=3&bdt=1570&idt=471&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8239861751691&frm=20&pv=1&ga_vid=1915655829.1695191693&ga_sid=1695191693&ga_hid=1939529460&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803122%2C21065725&oid=2&pvsid=3600284936222131&tmod=1913480835&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=evMtBxa3UR&p=https%3A//avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru&dtd=479
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f36c6941b3a0b755df6e1c1ba6919dc8eeab051a52504ff431c3564d4d791a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 18:28:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
475578
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3933
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 17:48:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 18:28:35 GMT
eb24e5338fb35f0e823aa45ca63cea7d.js
www.gstatic.com/mysidia/ Frame 031E
11 KB
5 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/eb24e5338fb35f0e823aa45ca63cea7d.js?tag=text/vanilla_highlight_ms
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=600&slotname=7639484812&adk=992306218&adf=1633998875&pi=t.ma~as.7639484812&w=300&fwrn=4&fwrnh=100&lmt=1695227693&rafmt=1&format=300x600&url=https%3A%2F%2Favito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695191692572&bpp=3&bdt=1570&idt=471&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8239861751691&frm=20&pv=1&ga_vid=1915655829.1695191693&ga_sid=1695191693&ga_hid=1939529460&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803122%2C21065725&oid=2&pvsid=3600284936222131&tmod=1913480835&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=evMtBxa3UR&p=https%3A//avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru&dtd=479
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6dcbbfd3b2b395e8440193551d30cf590736083dfed83bb67f976badca15699
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 18:28:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
475578
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4726
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 17:48:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 18:28:35 GMT
css
fonts.googleapis.com/ Frame 031E
14 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=600&slotname=7639484812&adk=992306218&adf=1633998875&pi=t.ma~as.7639484812&w=300&fwrn=4&fwrnh=100&lmt=1695227693&rafmt=1&format=300x600&url=https%3A%2F%2Favito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695191692572&bpp=3&bdt=1570&idt=471&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8239861751691&frm=20&pv=1&ga_vid=1915655829.1695191693&ga_sid=1695191693&ga_hid=1939529460&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803122%2C21065725&oid=2&pvsid=3600284936222131&tmod=1913480835&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=evMtBxa3UR&p=https%3A//avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru&dtd=479
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 20 Sep 2023 06:34:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 20 Sep 2023 06:32:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 20 Sep 2023 06:34:54 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 031E
2 KB
926 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=600&slotname=7639484812&adk=992306218&adf=1633998875&pi=t.ma~as.7639484812&w=300&fwrn=4&fwrnh=100&lmt=1695227693&rafmt=1&format=300x600&url=https%3A%2F%2Favito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695191692572&bpp=3&bdt=1570&idt=471&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8239861751691&frm=20&pv=1&ga_vid=1915655829.1695191693&ga_sid=1695191693&ga_hid=1939529460&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803122%2C21065725&oid=2&pvsid=3600284936222131&tmod=1913480835&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=evMtBxa3UR&p=https%3A//avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru&dtd=479
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 15:32:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
54162
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 15:32:12 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/ Frame 031E
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=600&slotname=7639484812&adk=992306218&adf=1633998875&pi=t.ma~as.7639484812&w=300&fwrn=4&fwrnh=100&lmt=1695227693&rafmt=1&format=300x600&url=https%3A%2F%2Favito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695191692572&bpp=3&bdt=1570&idt=471&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8239861751691&frm=20&pv=1&ga_vid=1915655829.1695191693&ga_sid=1695191693&ga_hid=1939529460&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803122%2C21065725&oid=2&pvsid=3600284936222131&tmod=1913480835&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=evMtBxa3UR&p=https%3A//avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru&dtd=479
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 19:55:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
38381
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 19:55:13 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 031E
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=600&slotname=7639484812&adk=992306218&adf=1633998875&pi=t.ma~as.7639484812&w=300&fwrn=4&fwrnh=100&lmt=1695227693&rafmt=1&format=300x600&url=https%3A%2F%2Favito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695191692572&bpp=3&bdt=1570&idt=471&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8239861751691&frm=20&pv=1&ga_vid=1915655829.1695191693&ga_sid=1695191693&ga_hid=1939529460&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803122%2C21065725&oid=2&pvsid=3600284936222131&tmod=1913480835&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=evMtBxa3UR&p=https%3A//avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru&dtd=479
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 15:32:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
54162
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 15:32:12 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 031E
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=600&slotname=7639484812&adk=992306218&adf=1633998875&pi=t.ma~as.7639484812&w=300&fwrn=4&fwrnh=100&lmt=1695227693&rafmt=1&format=300x600&url=https%3A%2F%2Favito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695191692572&bpp=3&bdt=1570&idt=471&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8239861751691&frm=20&pv=1&ga_vid=1915655829.1695191693&ga_sid=1695191693&ga_hid=1939529460&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803122%2C21065725&oid=2&pvsid=3600284936222131&tmod=1913480835&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=evMtBxa3UR&p=https%3A//avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru&dtd=479
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 15:32:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
54161
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 15:32:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 031E
182 KB
57 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=600&slotname=7639484812&adk=992306218&adf=1633998875&pi=t.ma~as.7639484812&w=300&fwrn=4&fwrnh=100&lmt=1695227693&rafmt=1&format=300x600&url=https%3A%2F%2Favito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695191692572&bpp=3&bdt=1570&idt=471&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8239861751691&frm=20&pv=1&ga_vid=1915655829.1695191693&ga_sid=1695191693&ga_hid=1939529460&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803122%2C21065725&oid=2&pvsid=3600284936222131&tmod=1913480835&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=evMtBxa3UR&p=https%3A//avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru&dtd=479
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57988
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694604874705780"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Sep 2023 06:34:53 GMT
9041af033b7a690ba70e3134a2c135bf.js
www.gstatic.com/mysidia/ Frame 031E
36 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=600&slotname=7639484812&adk=992306218&adf=1633998875&pi=t.ma~as.7639484812&w=300&fwrn=4&fwrnh=100&lmt=1695227693&rafmt=1&format=300x600&url=https%3A%2F%2Favito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695191692572&bpp=3&bdt=1570&idt=471&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8239861751691&frm=20&pv=1&ga_vid=1915655829.1695191693&ga_sid=1695191693&ga_hid=1939529460&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803122%2C21065725&oid=2&pvsid=3600284936222131&tmod=1913480835&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=evMtBxa3UR&p=https%3A//avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru&dtd=479
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 21:44:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
463843
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15189
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 17:48:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 21:44:11 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/ Frame 3231
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
18709
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4438
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 01:23:04 GMT
etag
8554266389219770021
expires
Wed, 04 Oct 2023 01:23:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/ Frame 386D
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
18709
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4438
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 01:23:04 GMT
etag
8554266389219770021
expires
Wed, 04 Oct 2023 01:23:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/ Frame 94CF
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
18709
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4438
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 01:23:04 GMT
etag
8554266389219770021
expires
Wed, 04 Oct 2023 01:23:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/
15 B
256 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1939529460&t=pageview&_s=1&dl=https%3A%2F%2Favito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru%2F&ul=en-us&de=UTF-8&dt=%D0%90%D1%83%D0%B4%D0%B8%D0%BE%D0%BA%D0%BD%D0%B8%D0%B3%D0%B8%20%D1%81%D0%BB%D1%83%D1%88%D0%B0%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%3A%3A%20bookmp3.ru&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAACAAI~&jid=668131358&gjid=963562863&cid=1915655829.1695191693&tid=UA-109514583-1&_gid=668133251.1695191694&_r=1&_slc=1&z=876464361
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
bc4540a14193a6537e0c03127bbf19848e6226bd437f2550d18f1f385c55eccb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 06:34:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
220 KB
80 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XR25G8TDFM&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a4e80fbdbd2fe979c79ea4356e6f1b957acceb1be77df17ee70134ba728ce05f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81069
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 20 Sep 2023 06:34:54 GMT
afr.php
ads.us.criteo.com/delivery/r/ Frame 6C66
132 KB
46 KB
Document
General
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjIKwUgkAAODLtMp_t2poD09Hz-0qg&u=%7CouQHdnFa5Kmf2p4Bss1sMgOH8sVBwyqn%2BiF0%2Bahdfb4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMFJuvFqbjSDMVND0YNpbXxw_g68WQBYp6weOwM57j-9gqQp1XQI8p1GzWVoJL-MYPH3XWkzenv5tUiwVrgfGWP8oCqnSa-uDWK7Am0l0x6-ooZO9aEmPM-LmJvTGNiOWjUEiMrXG5v6LCR_wUr4vBKoVnzJw5iRomwS_WqazraITJwrdaznTla_p_q9CCjN0dMdpo8cyL1qRUUbK2CpcPoAmULxFtvIb8PkVAHAhKpur_O8geRTjDnHA4pRh7r0NoC1zZarfAPSpY9klgZfcD45lW_80lVdKRNCiBqggAW3--_dgHPvJXkCcfUmvyHXpgRMAy0psZqYIFgiL0PPC-RL84VUze1wivglauOObXP0eXCF02Qxr6n9zly1M4A4NmjztEd1OoVvBH-RZ8QvZMdfMi4qxuRFmMz-DsI7wp1bK7t3Gie4Z0zO_6bJ8n2J9BunLe3m5qPkZgjDm7Wrdrpy91igJ5HQOY6GA5htN0tmr5Z47H1NsjIr0qAVuccaMquy__4Z8i73S7JJlZrxPIrE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgg18jZIKZbKkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_Q3h13zMhKVR_2VR6pDKSyJ8cpmeAwGXcAo5EfC7LSLx2k3CY7oa93tBTOCUlepQPwNuNWvZM706ttHSNnsbEH7pnon_oFajyWuRBAtJ_ha9lTABC1xnhU3yqkPwBptf8tYI9bRGDjQ4uZsM9rFgenV-RZpZNYBmyNBW1pVl8sLF4V2FMm7DDpQsptCFUbO44Iy__AZBvzYOhaJZ54uTCjEutn6BDB-VqiGQ5WUbPASV3HnsPcMUNvlA1d46bqRxZWrn8de6mDaIHGuP_0FJbyyUdpFYRxPhNbrPEu1EmRJvAm-yIFepvpFwdMSoSjGkg43ndpieUsTnm4O73eb57g8akm5AJHgw-jpGASS0RySRxZAuEs6vfU2dSdm4AGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eW35jhhplwIs8GhpqjfKJDoFWkA%26client%3Dca-pub-1618592205083780%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
a95c8500edd31478a3745ec45409ef9b5738c9f3c4da7d1a9bb2c7f7fd4e44c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 06:34:54 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=Z378FzqsedvcrcC29qdIWWPlet3QT2ffi5MnOwRJKPXR4FDRRy5mXMVUJCa69x2k9DJby38K9RIvxw5MCDed1XsdRr9IXuw6UA_Twv6SA-qaIN0oD1HdY9HTUfieQWISpegmW4C8clJJB8RQdgYcMyk4nXrdImLDzvLRllYDHSzzEAHiuQnUAVQ7-hQS4IKVIvJXnNNerOc0Bzv7ULlyFNf4ZNVcxoD_TGtmX-j0wGErgRiKXQJBkAdjUaOSaZvEDj-fag"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
56343090
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 3231
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 15:32:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
54161
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 15:32:12 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 3231
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 15:32:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
54161
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 15:32:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3231
182 KB
57 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57988
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694604874705780"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Sep 2023 06:34:53 GMT
afr.php
ads.us.criteo.com/delivery/r/ Frame C2B2
132 KB
46 KB
Document
General
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjMKwUgkAAODLtfuqiyibdXypa9hKg&u=%7CouQHdnFa5KnkG6Bv5lBUSAyMN3q30ZfBr7A226mMTag%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMIRPtA8mHpd_-JT7UN-K7LyBnpFyFibQgWNAweRv4OYXzsw4WE3JlyPWZJBB8-Lzgj0JaPVk-aQbNp-GKMDBYD1TXLVMb7qiyj4VnKKfJiiBsuefuZNsL4ONCL2xZURRfouiuEx4qRytmVLY3b0R_aAmDqxaaBBL3xxqUI0vi_z3UaOmE2TUHYVeanSA5k0s37eFDdnWQAGHYS55XWJsjgP6MDuhRqMp6zGKJXOn4JsS9I2D5QxO0yALfnoP5Uqil-4vd3YCDut-IqcuqODjzL8TWqVHAmkDKfzPzNmNx_OhMPoMquhfJvogtj69LH19framrHaEts-2i8SGupPZHdKU6Phtl5wxefB--p1xW39HHiKpmIYy_imHPp1uxUXU4qE9SFOeOFn9PwPhX2fAdMH9JFRd5ldWXzFuLvvEEM2yIOxsSpyZTAlwBe0xE2F2A58larT59RxotFXJqpsLYMIWTAn_6LYTNgEr_relg4b5mcTXW801ulqaQUiuOe3LOadEh2kgtL6M2PEmoR4pyi8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxoxUjZIKZbOkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_QljaJmzFSWLzf3mM6nAdD6Xr_UE5A1gSYWNBK4RWl0BeftaRouryjXYhAm6VC9-snD6cPYqRbwWe5TtLl2UCHKFfamyQSzNhxnGeMyFq_N0D9B0xyA-2wU_VIe-VTIq26_amnTp2IfdprhO_aRpFiSvkrV1hyEYOxQdSqt3_hMCAo3ze9XVaJ0RkqNY4rl-lksPCBxxVK4pE58Hqz9M0hZKJCSSCg3qGMiayggF2tXcaAMIR6yoO6spGpkJIKuLsBSVWUDHeMiiPwvmIlCydj_m3yBC_DZm1mBliqJdqAJWmCYkbA_UEHKXXA3bTQ67av4ID2nM3N1iikg63HgKcnXrpdW2Xvbkv7g6IfK9NFgq0Z4SfxPJ4cTfw1dIAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3bC8y1qNe_Ow3SY0S8gLKGbfj6nA%26client%3Dca-pub-1618592205083780%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c6329dfe33180cce86d7c4f395d190707092ce38c7ed9a9d93f75e2632713ba1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 06:34:53 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=yz3s7zqsedvcrcC2ZH1UMQbt9wpQxlMPFKcQfC3cFwNPSWrE4jCDmv0hpvLmkJdhWbhGSfL07gxBRenZ5FupXyo-66jt9Wd6JmdABIpm4HQiK81RtCaXMgHnI1AmdILysg4BL3JVa3dRK5bPzkGrdJC3-kaWUEUfh-lDsRsbvo1-7bo1rWDgw20-xG_jF_b3qrDee0FmSslZXYwSKKx0KVxVmbVHpsaDo_iod7SjAFWZjvAWhi_EPl9ud7I1FcQCEMlX3g"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
54234875
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 386D
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 15:32:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
54162
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 15:32:12 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 386D
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 15:32:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
54162
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 15:32:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 386D
182 KB
57 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57988
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694604874705780"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Sep 2023 06:34:54 GMT
2ab36c0d951b69d9c04f85f5eb613648.js
www.gstatic.com/mysidia/ Frame 94CF
9 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/2ab36c0d951b69d9c04f85f5eb613648.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f36c6941b3a0b755df6e1c1ba6919dc8eeab051a52504ff431c3564d4d791a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 18:28:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
475579
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3933
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 17:48:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 18:28:35 GMT
cd233a70afb96cd167e1530303b3d74f.js
www.gstatic.com/mysidia/ Frame 94CF
36 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/cd233a70afb96cd167e1530303b3d74f.js?tag=html5_display_upload/html5_exit_api
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0c95e145b8f28a0e8a62eb2017b95248f618344fd490af692098d82ff2d8757
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 21:37:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
550652
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14669
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 17:48:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 12 Dec 2023 21:37:22 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 94CF
2 KB
945 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 15:32:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
54162
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 15:32:12 GMT
7aa689309bcd7b42dc3616d5eb539a0d.js
www.gstatic.com/mysidia/ Frame 94CF
22 KB
9 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/7aa689309bcd7b42dc3616d5eb539a0d.js?tag=exit_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467efe85f19395240c89559ed17661f02b1b662a54af39992bb8d58158b39a04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 21:37:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
550652
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9353
x-xss-protection
0
last-modified
Wed, 06 Sep 2023 19:29:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 12 Dec 2023 21:37:22 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/ Frame 94CF
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 19:55:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
38381
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 19:55:13 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 94CF
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 15:32:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
54162
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 15:32:12 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 94CF
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 15:32:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
54162
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 15:32:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 94CF
182 KB
57 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57988
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694604874705780"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Sep 2023 06:34:54 GMT
9041af033b7a690ba70e3134a2c135bf.js
www.gstatic.com/mysidia/ Frame 94CF
36 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 21:44:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
463843
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15189
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 17:48:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 21:44:11 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/15010240574710727024/ Frame 031E
4 KB
5 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/15010240574710727024/14763004658117789537?w=300&h=300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=600&slotname=7639484812&adk=992306218&adf=1633998875&pi=t.ma~as.7639484812&w=300&fwrn=4&fwrnh=100&lmt=1695227693&rafmt=1&format=300x600&url=https%3A%2F%2Favito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695191692572&bpp=3&bdt=1570&idt=471&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8239861751691&frm=20&pv=1&ga_vid=1915655829.1695191693&ga_sid=1695191693&ga_hid=1939529460&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803122%2C21065725&oid=2&pvsid=3600284936222131&tmod=1913480835&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=evMtBxa3UR&p=https%3A//avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru&dtd=479
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da7b2c56c933d973088e491aa967753f0143d8cca8e4e047bd23f64d9d5858ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:23:37 GMT
x-content-type-options
nosniff
age
353477
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4530
x-xss-protection
0
last-modified
Mon, 09 Jan 2023 23:40:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 15 Sep 2024 04:23:37 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 975A
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=600&slotname=7639484812&adk=992306218&adf=1633998875&pi=t.ma~as.7639484812&w=300&fwrn=4&fwrnh=100&lmt=1695227693&rafmt=1&format=300x600&url=https%3A%2F%2Favito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695191692572&bpp=3&bdt=1570&idt=471&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8239861751691&frm=20&pv=1&ga_vid=1915655829.1695191693&ga_sid=1695191693&ga_hid=1939529460&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803122%2C21065725&oid=2&pvsid=3600284936222131&tmod=1913480835&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=evMtBxa3UR&p=https%3A//avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru&dtd=479
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=600&slotname=7639484812&adk=992306218&adf=1633998875&pi=t.ma~as.7639484812&w=300&fwrn=4&fwrnh=100&lmt=1695227693&rafmt=1&format=300x600&url=https%3A%2F%2Favito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695191692572&bpp=3&bdt=1570&idt=471&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8239861751691&frm=20&pv=1&ga_vid=1915655829.1695191693&ga_sid=1695191693&ga_hid=1939529460&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803122%2C21065725&oid=2&pvsid=3600284936222131&tmod=1913480835&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=evMtBxa3UR&p=https%3A//avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru&dtd=479
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
2696
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 05:49:58 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
1
mc.yandex.com/watch/46501593/
Redirect Chain
  • https://mc.yandex.com/watch/46501593?wmode=7&page-url=https%3A%2F%2Favito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3wcjej...
  • https://mc.yandex.com/watch/46501593/1?wmode=7&page-url=https%3A%2F%2Favito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3wcj...
454 B
537 B
XHR
General
Full URL
https://mc.yandex.com/watch/46501593/1?wmode=7&page-url=https%3A%2F%2Favito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3wcjej5lmwx5238tghrt8yj%3Afp%3A3216%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1111%3Acn%3A1%3Adp%3A0%3Als%3A170078542288%3Ahid%3A588255791%3Az%3A-600%3Ai%3A20230919203453%3Aet%3A1695191693%3Ac%3A1%3Arn%3A713347924%3Arqn%3A1%3Au%3A1695191693242285976%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A35%2C220%2C1519%2C2%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1695191689142%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1695191694%3At%3A%D0%90%D1%83%D0%B4%D0%B8%D0%BE%D0%BA%D0%BD%D0%B8%D0%B3%D0%B8%20%D1%81%D0%BB%D1%83%D1%88%D0%B0%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%3A%3A%20bookmp3.ru&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
270a417e9a2b117114800ac22b69416886a829edc0b3c616cc5ddf81eed7b7e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 06:34:54 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 20-Sep-2023 06:34:54 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
454
x-xss-protection
1; mode=block
expires
Wed, 20-Sep-2023 06:34:54 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 06:34:54 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 20-Sep-2023 06:34:54 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/46501593/1?wmode=7&page-url=https%3A%2F%2Favito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3wcjej5lmwx5238tghrt8yj%3Afp%3A3216%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1111%3Acn%3A1%3Adp%3A0%3Als%3A170078542288%3Ahid%3A588255791%3Az%3A-600%3Ai%3A20230919203453%3Aet%3A1695191693%3Ac%3A1%3Arn%3A713347924%3Arqn%3A1%3Au%3A1695191693242285976%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A35%2C220%2C1519%2C2%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1695191689142%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1695191694%3At%3A%D0%90%D1%83%D0%B4%D0%B8%D0%BE%D0%BA%D0%BD%D0%B8%D0%B3%D0%B8%20%D1%81%D0%BB%D1%83%D1%88%D0%B0%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%3A%3A%20bookmp3.ru&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1
access-control-allow-origin
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Wed, 20-Sep-2023 06:34:54 GMT
truncated
/ Frame 031E
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cec5fe8de68ed7b34777df244655ae569d956cb8f641cb6aea261e510bc2356

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/png
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/ Frame 17F6
5 KB
1 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/cd233a70afb96cd167e1530303b3d74f.js?tag=html5_display_upload/html5_exit_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54f8eee1848043fc26275989f47aed52e5e348d0ecd2c8692b252c3aa2fb849c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
171077
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1442
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 07:03:37 GMT
expires
Tue, 17 Sep 2024 07:03:37 GMT
last-modified
Fri, 06 Jan 2023 01:11:53 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 031E
33 KB
34 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 03:22:43 GMT
x-content-type-options
nosniff
age
357131
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Sep 2024 03:22:43 GMT
truncated
/ Frame 94CF
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e11ef1edfc4a540f832a7a022ee7b6376d2d729ad6cf15ff693077d35be1a6fd

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame C2B2
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjMKwUgkAAODLtfuqiyibdXypa9hKg&u=%7CouQHdnFa5KnkG6Bv5lBUSAyMN3q30ZfBr7A226mMTag%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMIRPtA8mHpd_-JT7UN-K7LyBnpFyFibQgWNAweRv4OYXzsw4WE3JlyPWZJBB8-Lzgj0JaPVk-aQbNp-GKMDBYD1TXLVMb7qiyj4VnKKfJiiBsuefuZNsL4ONCL2xZURRfouiuEx4qRytmVLY3b0R_aAmDqxaaBBL3xxqUI0vi_z3UaOmE2TUHYVeanSA5k0s37eFDdnWQAGHYS55XWJsjgP6MDuhRqMp6zGKJXOn4JsS9I2D5QxO0yALfnoP5Uqil-4vd3YCDut-IqcuqODjzL8TWqVHAmkDKfzPzNmNx_OhMPoMquhfJvogtj69LH19framrHaEts-2i8SGupPZHdKU6Phtl5wxefB--p1xW39HHiKpmIYy_imHPp1uxUXU4qE9SFOeOFn9PwPhX2fAdMH9JFRd5ldWXzFuLvvEEM2yIOxsSpyZTAlwBe0xE2F2A58larT59RxotFXJqpsLYMIWTAn_6LYTNgEr_relg4b5mcTXW801ulqaQUiuOe3LOadEh2kgtL6M2PEmoR4pyi8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxoxUjZIKZbOkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_QljaJmzFSWLzf3mM6nAdD6Xr_UE5A1gSYWNBK4RWl0BeftaRouryjXYhAm6VC9-snD6cPYqRbwWe5TtLl2UCHKFfamyQSzNhxnGeMyFq_N0D9B0xyA-2wU_VIe-VTIq26_amnTp2IfdprhO_aRpFiSvkrV1hyEYOxQdSqt3_hMCAo3ze9XVaJ0RkqNY4rl-lksPCBxxVK4pE58Hqz9M0hZKJCSSCg3qGMiayggF2tXcaAMIR6yoO6spGpkJIKuLsBSVWUDHeMiiPwvmIlCydj_m3yBC_DZm1mBliqJdqAJWmCYkbA_UEHKXXA3bTQ67av4ID2nM3N1iikg63HgKcnXrpdW2Xvbkv7g6IfK9NFgq0Z4SfxPJ4cTfw1dIAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3bC8y1qNe_Ow3SY0S8gLKGbfj6nA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Sep 2024 06:34:54 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame C2B2
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjMKwUgkAAODLtfuqiyibdXypa9hKg&u=%7CouQHdnFa5KnkG6Bv5lBUSAyMN3q30ZfBr7A226mMTag%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMIRPtA8mHpd_-JT7UN-K7LyBnpFyFibQgWNAweRv4OYXzsw4WE3JlyPWZJBB8-Lzgj0JaPVk-aQbNp-GKMDBYD1TXLVMb7qiyj4VnKKfJiiBsuefuZNsL4ONCL2xZURRfouiuEx4qRytmVLY3b0R_aAmDqxaaBBL3xxqUI0vi_z3UaOmE2TUHYVeanSA5k0s37eFDdnWQAGHYS55XWJsjgP6MDuhRqMp6zGKJXOn4JsS9I2D5QxO0yALfnoP5Uqil-4vd3YCDut-IqcuqODjzL8TWqVHAmkDKfzPzNmNx_OhMPoMquhfJvogtj69LH19framrHaEts-2i8SGupPZHdKU6Phtl5wxefB--p1xW39HHiKpmIYy_imHPp1uxUXU4qE9SFOeOFn9PwPhX2fAdMH9JFRd5ldWXzFuLvvEEM2yIOxsSpyZTAlwBe0xE2F2A58larT59RxotFXJqpsLYMIWTAn_6LYTNgEr_relg4b5mcTXW801ulqaQUiuOe3LOadEh2kgtL6M2PEmoR4pyi8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxoxUjZIKZbOkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_QljaJmzFSWLzf3mM6nAdD6Xr_UE5A1gSYWNBK4RWl0BeftaRouryjXYhAm6VC9-snD6cPYqRbwWe5TtLl2UCHKFfamyQSzNhxnGeMyFq_N0D9B0xyA-2wU_VIe-VTIq26_amnTp2IfdprhO_aRpFiSvkrV1hyEYOxQdSqt3_hMCAo3ze9XVaJ0RkqNY4rl-lksPCBxxVK4pE58Hqz9M0hZKJCSSCg3qGMiayggF2tXcaAMIR6yoO6spGpkJIKuLsBSVWUDHeMiiPwvmIlCydj_m3yBC_DZm1mBliqJdqAJWmCYkbA_UEHKXXA3bTQ67av4ID2nM3N1iikg63HgKcnXrpdW2Xvbkv7g6IfK9NFgq0Z4SfxPJ4cTfw1dIAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3bC8y1qNe_Ow3SY0S8gLKGbfj6nA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Sep 2024 06:34:54 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame C2B2
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjMKwUgkAAODLtfuqiyibdXypa9hKg&u=%7CouQHdnFa5KnkG6Bv5lBUSAyMN3q30ZfBr7A226mMTag%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMIRPtA8mHpd_-JT7UN-K7LyBnpFyFibQgWNAweRv4OYXzsw4WE3JlyPWZJBB8-Lzgj0JaPVk-aQbNp-GKMDBYD1TXLVMb7qiyj4VnKKfJiiBsuefuZNsL4ONCL2xZURRfouiuEx4qRytmVLY3b0R_aAmDqxaaBBL3xxqUI0vi_z3UaOmE2TUHYVeanSA5k0s37eFDdnWQAGHYS55XWJsjgP6MDuhRqMp6zGKJXOn4JsS9I2D5QxO0yALfnoP5Uqil-4vd3YCDut-IqcuqODjzL8TWqVHAmkDKfzPzNmNx_OhMPoMquhfJvogtj69LH19framrHaEts-2i8SGupPZHdKU6Phtl5wxefB--p1xW39HHiKpmIYy_imHPp1uxUXU4qE9SFOeOFn9PwPhX2fAdMH9JFRd5ldWXzFuLvvEEM2yIOxsSpyZTAlwBe0xE2F2A58larT59RxotFXJqpsLYMIWTAn_6LYTNgEr_relg4b5mcTXW801ulqaQUiuOe3LOadEh2kgtL6M2PEmoR4pyi8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxoxUjZIKZbOkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_QljaJmzFSWLzf3mM6nAdD6Xr_UE5A1gSYWNBK4RWl0BeftaRouryjXYhAm6VC9-snD6cPYqRbwWe5TtLl2UCHKFfamyQSzNhxnGeMyFq_N0D9B0xyA-2wU_VIe-VTIq26_amnTp2IfdprhO_aRpFiSvkrV1hyEYOxQdSqt3_hMCAo3ze9XVaJ0RkqNY4rl-lksPCBxxVK4pE58Hqz9M0hZKJCSSCg3qGMiayggF2tXcaAMIR6yoO6spGpkJIKuLsBSVWUDHeMiiPwvmIlCydj_m3yBC_DZm1mBliqJdqAJWmCYkbA_UEHKXXA3bTQ67av4ID2nM3N1iikg63HgKcnXrpdW2Xvbkv7g6IfK9NFgq0Z4SfxPJ4cTfw1dIAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3bC8y1qNe_Ow3SY0S8gLKGbfj6nA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 14 Sep 2024 06:34:54 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame C2B2
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjMKwUgkAAODLtfuqiyibdXypa9hKg&u=%7CouQHdnFa5KnkG6Bv5lBUSAyMN3q30ZfBr7A226mMTag%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMIRPtA8mHpd_-JT7UN-K7LyBnpFyFibQgWNAweRv4OYXzsw4WE3JlyPWZJBB8-Lzgj0JaPVk-aQbNp-GKMDBYD1TXLVMb7qiyj4VnKKfJiiBsuefuZNsL4ONCL2xZURRfouiuEx4qRytmVLY3b0R_aAmDqxaaBBL3xxqUI0vi_z3UaOmE2TUHYVeanSA5k0s37eFDdnWQAGHYS55XWJsjgP6MDuhRqMp6zGKJXOn4JsS9I2D5QxO0yALfnoP5Uqil-4vd3YCDut-IqcuqODjzL8TWqVHAmkDKfzPzNmNx_OhMPoMquhfJvogtj69LH19framrHaEts-2i8SGupPZHdKU6Phtl5wxefB--p1xW39HHiKpmIYy_imHPp1uxUXU4qE9SFOeOFn9PwPhX2fAdMH9JFRd5ldWXzFuLvvEEM2yIOxsSpyZTAlwBe0xE2F2A58larT59RxotFXJqpsLYMIWTAn_6LYTNgEr_relg4b5mcTXW801ulqaQUiuOe3LOadEh2kgtL6M2PEmoR4pyi8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxoxUjZIKZbOkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_QljaJmzFSWLzf3mM6nAdD6Xr_UE5A1gSYWNBK4RWl0BeftaRouryjXYhAm6VC9-snD6cPYqRbwWe5TtLl2UCHKFfamyQSzNhxnGeMyFq_N0D9B0xyA-2wU_VIe-VTIq26_amnTp2IfdprhO_aRpFiSvkrV1hyEYOxQdSqt3_hMCAo3ze9XVaJ0RkqNY4rl-lksPCBxxVK4pE58Hqz9M0hZKJCSSCg3qGMiayggF2tXcaAMIR6yoO6spGpkJIKuLsBSVWUDHeMiiPwvmIlCydj_m3yBC_DZm1mBliqJdqAJWmCYkbA_UEHKXXA3bTQ67av4ID2nM3N1iikg63HgKcnXrpdW2Xvbkv7g6IfK9NFgq0Z4SfxPJ4cTfw1dIAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3bC8y1qNe_Ow3SY0S8gLKGbfj6nA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 14 Sep 2024 06:34:54 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame C2B2
2 KB
1 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=13846930&cmp=30251533&sid=1340728&plc=372411465&dvregion=0&unit=200x600
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjMKwUgkAAODLtfuqiyibdXypa9hKg&u=%7CouQHdnFa5KnkG6Bv5lBUSAyMN3q30ZfBr7A226mMTag%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMIRPtA8mHpd_-JT7UN-K7LyBnpFyFibQgWNAweRv4OYXzsw4WE3JlyPWZJBB8-Lzgj0JaPVk-aQbNp-GKMDBYD1TXLVMb7qiyj4VnKKfJiiBsuefuZNsL4ONCL2xZURRfouiuEx4qRytmVLY3b0R_aAmDqxaaBBL3xxqUI0vi_z3UaOmE2TUHYVeanSA5k0s37eFDdnWQAGHYS55XWJsjgP6MDuhRqMp6zGKJXOn4JsS9I2D5QxO0yALfnoP5Uqil-4vd3YCDut-IqcuqODjzL8TWqVHAmkDKfzPzNmNx_OhMPoMquhfJvogtj69LH19framrHaEts-2i8SGupPZHdKU6Phtl5wxefB--p1xW39HHiKpmIYy_imHPp1uxUXU4qE9SFOeOFn9PwPhX2fAdMH9JFRd5ldWXzFuLvvEEM2yIOxsSpyZTAlwBe0xE2F2A58larT59RxotFXJqpsLYMIWTAn_6LYTNgEr_relg4b5mcTXW801ulqaQUiuOe3LOadEh2kgtL6M2PEmoR4pyi8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxoxUjZIKZbOkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_QljaJmzFSWLzf3mM6nAdD6Xr_UE5A1gSYWNBK4RWl0BeftaRouryjXYhAm6VC9-snD6cPYqRbwWe5TtLl2UCHKFfamyQSzNhxnGeMyFq_N0D9B0xyA-2wU_VIe-VTIq26_amnTp2IfdprhO_aRpFiSvkrV1hyEYOxQdSqt3_hMCAo3ze9XVaJ0RkqNY4rl-lksPCBxxVK4pE58Hqz9M0hZKJCSSCg3qGMiayggF2tXcaAMIR6yoO6spGpkJIKuLsBSVWUDHeMiiPwvmIlCydj_m3yBC_DZm1mBliqJdqAJWmCYkbA_UEHKXXA3bTQ67av4ID2nM3N1iikg63HgKcnXrpdW2Xvbkv7g6IfK9NFgq0Z4SfxPJ4cTfw1dIAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3bC8y1qNe_Ow3SY0S8gLKGbfj6nA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8290 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
01a35e949b55eb92431872d6a0ac846d69ccf0093596c894eb22f62f30ea6eeb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 06:34:54 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Sep 2023 10:11:15 GMT
Server
UploadServer
ETag
"27cc5fec34fb6d3042f5aab4d2f9ce87"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
932
Expires
Thu, 21 Sep 2023 06:34:54 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame C2B2
9 KB
4 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=13846930&cmp=30251533&sid=1340728&plc=372411465&adsrv=1&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.src
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjMKwUgkAAODLtfuqiyibdXypa9hKg&u=%7CouQHdnFa5KnkG6Bv5lBUSAyMN3q30ZfBr7A226mMTag%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMIRPtA8mHpd_-JT7UN-K7LyBnpFyFibQgWNAweRv4OYXzsw4WE3JlyPWZJBB8-Lzgj0JaPVk-aQbNp-GKMDBYD1TXLVMb7qiyj4VnKKfJiiBsuefuZNsL4ONCL2xZURRfouiuEx4qRytmVLY3b0R_aAmDqxaaBBL3xxqUI0vi_z3UaOmE2TUHYVeanSA5k0s37eFDdnWQAGHYS55XWJsjgP6MDuhRqMp6zGKJXOn4JsS9I2D5QxO0yALfnoP5Uqil-4vd3YCDut-IqcuqODjzL8TWqVHAmkDKfzPzNmNx_OhMPoMquhfJvogtj69LH19framrHaEts-2i8SGupPZHdKU6Phtl5wxefB--p1xW39HHiKpmIYy_imHPp1uxUXU4qE9SFOeOFn9PwPhX2fAdMH9JFRd5ldWXzFuLvvEEM2yIOxsSpyZTAlwBe0xE2F2A58larT59RxotFXJqpsLYMIWTAn_6LYTNgEr_relg4b5mcTXW801ulqaQUiuOe3LOadEh2kgtL6M2PEmoR4pyi8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxoxUjZIKZbOkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_QljaJmzFSWLzf3mM6nAdD6Xr_UE5A1gSYWNBK4RWl0BeftaRouryjXYhAm6VC9-snD6cPYqRbwWe5TtLl2UCHKFfamyQSzNhxnGeMyFq_N0D9B0xyA-2wU_VIe-VTIq26_amnTp2IfdprhO_aRpFiSvkrV1hyEYOxQdSqt3_hMCAo3ze9XVaJ0RkqNY4rl-lksPCBxxVK4pE58Hqz9M0hZKJCSSCg3qGMiayggF2tXcaAMIR6yoO6spGpkJIKuLsBSVWUDHeMiiPwvmIlCydj_m3yBC_DZm1mBliqJdqAJWmCYkbA_UEHKXXA3bTQ67av4ID2nM3N1iikg63HgKcnXrpdW2Xvbkv7g6IfK9NFgq0Z4SfxPJ4cTfw1dIAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3bC8y1qNe_Ow3SY0S8gLKGbfj6nA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8290 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
8be221978ab1beee5467f7a31e8771046489b44c7741b1245db0d11e6d36c0cf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 06:34:54 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Sep 2023 19:24:55 GMT
Server
UploadServer
ETag
"7e44f8b31225a147c105c82da1b042f0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3639
Expires
Wed, 20 Sep 2023 06:49:54 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame C2B2
43 B
347 B
Image
General
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=kli-Xcal2szQIPBKfCmByVFNlJo9d-JwBKOYoHOUZ6WOiudooSYR5XnI1TV_NQvxuS89DgSFJfZoUSJzY2UqZ2hJcaFcwX8v9jA7ZaSusv77AHb3HB-XW3EhOLGqGNUg77DAtx2FojHgPuhL9kqsSdTfEqUNX6aZp3fc9H1IO0Q2OB162O0VNqwzc2Zfrl_RhMG5zVDNU0_fRk9rVN0QZnOZ1hnihq-n1VxkUS8DD_o8AmUXp54BMqpN-7YNIVTAYhbxH6bFEa2ZO24hX_X-C43OwgXmYL8zQhJJM3OCEPnX5KirX5JfrPj9Gs_Z8n-w9noBhIfla07wRweq9DL25dXMdbk-48BBUDEWYIn-JfeX2bTWDRA3nmoxxXlGFIDBNj0OnpsenGibcG6G6g5e7D0uFX6L3xomACAXzromLJZ9XIdM
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjMKwUgkAAODLtfuqiyibdXypa9hKg&u=%7CouQHdnFa5KnkG6Bv5lBUSAyMN3q30ZfBr7A226mMTag%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMIRPtA8mHpd_-JT7UN-K7LyBnpFyFibQgWNAweRv4OYXzsw4WE3JlyPWZJBB8-Lzgj0JaPVk-aQbNp-GKMDBYD1TXLVMb7qiyj4VnKKfJiiBsuefuZNsL4ONCL2xZURRfouiuEx4qRytmVLY3b0R_aAmDqxaaBBL3xxqUI0vi_z3UaOmE2TUHYVeanSA5k0s37eFDdnWQAGHYS55XWJsjgP6MDuhRqMp6zGKJXOn4JsS9I2D5QxO0yALfnoP5Uqil-4vd3YCDut-IqcuqODjzL8TWqVHAmkDKfzPzNmNx_OhMPoMquhfJvogtj69LH19framrHaEts-2i8SGupPZHdKU6Phtl5wxefB--p1xW39HHiKpmIYy_imHPp1uxUXU4qE9SFOeOFn9PwPhX2fAdMH9JFRd5ldWXzFuLvvEEM2yIOxsSpyZTAlwBe0xE2F2A58larT59RxotFXJqpsLYMIWTAn_6LYTNgEr_relg4b5mcTXW801ulqaQUiuOe3LOadEh2kgtL6M2PEmoR4pyi8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxoxUjZIKZbOkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_QljaJmzFSWLzf3mM6nAdD6Xr_UE5A1gSYWNBK4RWl0BeftaRouryjXYhAm6VC9-snD6cPYqRbwWe5TtLl2UCHKFfamyQSzNhxnGeMyFq_N0D9B0xyA-2wU_VIe-VTIq26_amnTp2IfdprhO_aRpFiSvkrV1hyEYOxQdSqt3_hMCAo3ze9XVaJ0RkqNY4rl-lksPCBxxVK4pE58Hqz9M0hZKJCSSCg3qGMiayggF2tXcaAMIR6yoO6spGpkJIKuLsBSVWUDHeMiiPwvmIlCydj_m3yBC_DZm1mBliqJdqAJWmCYkbA_UEHKXXA3bTQ67av4ID2nM3N1iikg63HgKcnXrpdW2Xvbkv7g6IfK9NFgq0Z4SfxPJ4cTfw1dIAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3bC8y1qNe_Ow3SY0S8gLKGbfj6nA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 06:34:54 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3160697
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
d.agkn.com/pixel/8538/ Frame C2B2
43 B
561 B
Image
General
Full URL
https://d.agkn.com/pixel/8538/?che=650a928d0b2d0d9e04e0a00b4ad4b9bf&col=308271,0,0,0,11120203,650a928d0b2d0d9e04e0a00b4ad4b9bf
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjMKwUgkAAODLtfuqiyibdXypa9hKg&u=%7CouQHdnFa5KnkG6Bv5lBUSAyMN3q30ZfBr7A226mMTag%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMIRPtA8mHpd_-JT7UN-K7LyBnpFyFibQgWNAweRv4OYXzsw4WE3JlyPWZJBB8-Lzgj0JaPVk-aQbNp-GKMDBYD1TXLVMb7qiyj4VnKKfJiiBsuefuZNsL4ONCL2xZURRfouiuEx4qRytmVLY3b0R_aAmDqxaaBBL3xxqUI0vi_z3UaOmE2TUHYVeanSA5k0s37eFDdnWQAGHYS55XWJsjgP6MDuhRqMp6zGKJXOn4JsS9I2D5QxO0yALfnoP5Uqil-4vd3YCDut-IqcuqODjzL8TWqVHAmkDKfzPzNmNx_OhMPoMquhfJvogtj69LH19framrHaEts-2i8SGupPZHdKU6Phtl5wxefB--p1xW39HHiKpmIYy_imHPp1uxUXU4qE9SFOeOFn9PwPhX2fAdMH9JFRd5ldWXzFuLvvEEM2yIOxsSpyZTAlwBe0xE2F2A58larT59RxotFXJqpsLYMIWTAn_6LYTNgEr_relg4b5mcTXW801ulqaQUiuOe3LOadEh2kgtL6M2PEmoR4pyi8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxoxUjZIKZbOkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_QljaJmzFSWLzf3mM6nAdD6Xr_UE5A1gSYWNBK4RWl0BeftaRouryjXYhAm6VC9-snD6cPYqRbwWe5TtLl2UCHKFfamyQSzNhxnGeMyFq_N0D9B0xyA-2wU_VIe-VTIq26_amnTp2IfdprhO_aRpFiSvkrV1hyEYOxQdSqt3_hMCAo3ze9XVaJ0RkqNY4rl-lksPCBxxVK4pE58Hqz9M0hZKJCSSCg3qGMiayggF2tXcaAMIR6yoO6spGpkJIKuLsBSVWUDHeMiiPwvmIlCydj_m3yBC_DZm1mBliqJdqAJWmCYkbA_UEHKXXA3bTQ67av4ID2nM3N1iikg63HgKcnXrpdW2Xvbkv7g6IfK9NFgq0Z4SfxPJ4cTfw1dIAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3bC8y1qNe_Ow3SY0S8gLKGbfj6nA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26fa:da00:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 06:34:54 GMT
via
1.1 78a5d96d9c348edf8a3fca2ba77f8e64.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
image/gif
cache-control
no-cache, must-revalidate
content-length
43
x-amz-cf-id
2DAZDQxeKKvTeP3r3J47_q5rA18KTHi5R_QPd4lpd6HucKWMdliSTA==
expires
Sat, 01 Jan 2000 00:00:00 GMT
B30251533.372411465;dc_pre=CKnmrJbJuIEDFdMRaAgdcDgHaw;dc_trk_aid=563043988;dc_trk_cid=195958998;dcopt=anid;ord=650a928d0b2d0d9e04e0a00b4ad4b9bf;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/ Frame C2B2
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B30251533.372411465;dc_trk_aid=563043988;dc_trk_cid=195958998;dcopt=anid;ord=650a928d0b2d0d9e04e0a00b4ad4b9bf;dc_lat=;dc_rdid=;tag_for_ch...
  • https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B30251533.372411465;dc_pre=CKnmrJbJuIEDFdMRaAgdcDgHaw;dc_trk_aid=563043988;dc_trk_cid=195958998;dcopt=anid;ord=650a928d0b2d0d9e04e0a00b4a...
42 B
474 B
Image
General
Full URL
https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B30251533.372411465;dc_pre=CKnmrJbJuIEDFdMRaAgdcDgHaw;dc_trk_aid=563043988;dc_trk_cid=195958998;dcopt=anid;ord=650a928d0b2d0d9e04e0a00b4ad4b9bf;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=?
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjMKwUgkAAODLtfuqiyibdXypa9hKg&u=%7CouQHdnFa5KnkG6Bv5lBUSAyMN3q30ZfBr7A226mMTag%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMIRPtA8mHpd_-JT7UN-K7LyBnpFyFibQgWNAweRv4OYXzsw4WE3JlyPWZJBB8-Lzgj0JaPVk-aQbNp-GKMDBYD1TXLVMb7qiyj4VnKKfJiiBsuefuZNsL4ONCL2xZURRfouiuEx4qRytmVLY3b0R_aAmDqxaaBBL3xxqUI0vi_z3UaOmE2TUHYVeanSA5k0s37eFDdnWQAGHYS55XWJsjgP6MDuhRqMp6zGKJXOn4JsS9I2D5QxO0yALfnoP5Uqil-4vd3YCDut-IqcuqODjzL8TWqVHAmkDKfzPzNmNx_OhMPoMquhfJvogtj69LH19framrHaEts-2i8SGupPZHdKU6Phtl5wxefB--p1xW39HHiKpmIYy_imHPp1uxUXU4qE9SFOeOFn9PwPhX2fAdMH9JFRd5ldWXzFuLvvEEM2yIOxsSpyZTAlwBe0xE2F2A58larT59RxotFXJqpsLYMIWTAn_6LYTNgEr_relg4b5mcTXW801ulqaQUiuOe3LOadEh2kgtL6M2PEmoR4pyi8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxoxUjZIKZbOkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_QljaJmzFSWLzf3mM6nAdD6Xr_UE5A1gSYWNBK4RWl0BeftaRouryjXYhAm6VC9-snD6cPYqRbwWe5TtLl2UCHKFfamyQSzNhxnGeMyFq_N0D9B0xyA-2wU_VIe-VTIq26_amnTp2IfdprhO_aRpFiSvkrV1hyEYOxQdSqt3_hMCAo3ze9XVaJ0RkqNY4rl-lksPCBxxVK4pE58Hqz9M0hZKJCSSCg3qGMiayggF2tXcaAMIR6yoO6spGpkJIKuLsBSVWUDHeMiiPwvmIlCydj_m3yBC_DZm1mBliqJdqAJWmCYkbA_UEHKXXA3bTQ67av4ID2nM3N1iikg63HgKcnXrpdW2Xvbkv7g6IfK9NFgq0Z4SfxPJ4cTfw1dIAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3bC8y1qNe_Ow3SY0S8gLKGbfj6nA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Server
142.250.65.198 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 06:34:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 06:34:54 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B30251533.372411465;dc_pre=CKnmrJbJuIEDFdMRaAgdcDgHaw;dc_trk_aid=563043988;dc_trk_cid=195958998;dcopt=anid;ord=650a928d0b2d0d9e04e0a00b4ad4b9bf;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
tracker.samplicio.us/tracker/135ae744-093c-4f69-8b53-a36ce6361ac1/ Frame C2B2
35 B
303 B
Image
General
Full URL
https://tracker.samplicio.us/tracker/135ae744-093c-4f69-8b53-a36ce6361ac1/pixel.gif?c1=11120203&pid=141491&sid=8873202347851648892&crid=308271&device_id=&cachebuster=650a928d0b2d0d9e04e0a00b4ad4b9bf&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjMKwUgkAAODLtfuqiyibdXypa9hKg&u=%7CouQHdnFa5KnkG6Bv5lBUSAyMN3q30ZfBr7A226mMTag%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMIRPtA8mHpd_-JT7UN-K7LyBnpFyFibQgWNAweRv4OYXzsw4WE3JlyPWZJBB8-Lzgj0JaPVk-aQbNp-GKMDBYD1TXLVMb7qiyj4VnKKfJiiBsuefuZNsL4ONCL2xZURRfouiuEx4qRytmVLY3b0R_aAmDqxaaBBL3xxqUI0vi_z3UaOmE2TUHYVeanSA5k0s37eFDdnWQAGHYS55XWJsjgP6MDuhRqMp6zGKJXOn4JsS9I2D5QxO0yALfnoP5Uqil-4vd3YCDut-IqcuqODjzL8TWqVHAmkDKfzPzNmNx_OhMPoMquhfJvogtj69LH19framrHaEts-2i8SGupPZHdKU6Phtl5wxefB--p1xW39HHiKpmIYy_imHPp1uxUXU4qE9SFOeOFn9PwPhX2fAdMH9JFRd5ldWXzFuLvvEEM2yIOxsSpyZTAlwBe0xE2F2A58larT59RxotFXJqpsLYMIWTAn_6LYTNgEr_relg4b5mcTXW801ulqaQUiuOe3LOadEh2kgtL6M2PEmoR4pyi8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxoxUjZIKZbOkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_QljaJmzFSWLzf3mM6nAdD6Xr_UE5A1gSYWNBK4RWl0BeftaRouryjXYhAm6VC9-snD6cPYqRbwWe5TtLl2UCHKFfamyQSzNhxnGeMyFq_N0D9B0xyA-2wU_VIe-VTIq26_amnTp2IfdprhO_aRpFiSvkrV1hyEYOxQdSqt3_hMCAo3ze9XVaJ0RkqNY4rl-lksPCBxxVK4pE58Hqz9M0hZKJCSSCg3qGMiayggF2tXcaAMIR6yoO6spGpkJIKuLsBSVWUDHeMiiPwvmIlCydj_m3yBC_DZm1mBliqJdqAJWmCYkbA_UEHKXXA3bTQ67av4ID2nM3N1iikg63HgKcnXrpdW2Xvbkv7g6IfK9NFgq0Z4SfxPJ4cTfw1dIAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3bC8y1qNe_Ow3SY0S8gLKGbfj6nA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.208.227.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-227-70.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:54 GMT
strict-transport-security
max-age=604800
x-ratelimit-reset
0
x-ratelimit-limit
0
content-length
35
x-ratelimit-remaining
0
content-type
image/gif
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 17F6
6 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:32:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
167
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 21 Sep 2023 06:32:07 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 17F6
34 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 21:46:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
31731
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 20 Sep 2023 21:46:03 GMT
styles.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/ Frame 17F6
2 KB
726 B
Stylesheet
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/styles.css
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b24a7bea97a9c0ac82a595c06916c4ccb6acbe46c45c45a065388fa0728680ce
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 14 Sep 2023 03:40:45 GMT
age
528849
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
696
x-xss-protection
0
last-modified
Fri, 06 Jan 2023 01:11:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 13 Sep 2024 03:40:45 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.1/ Frame 17F6
88 KB
31 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 08:09:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
599126
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31100
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 18:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Sep 2024 08:09:28 GMT
gsap_3.11.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 17F6
69 KB
27 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.11.1_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27635
x-xss-protection
0
last-modified
Fri, 12 May 2023 16:03:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 06:34:54 GMT
screen.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/ Frame 17F6
19 KB
20 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/screen.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c7b14300fc29298190b7cf3de2769e9d73df61bd2ea58b83982b2f3d5f64774
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 18 Sep 2023 07:03:37 GMT
x-content-type-options
nosniff
age
171077
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19960
x-xss-protection
0
last-modified
Fri, 06 Jan 2023 01:11:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 17 Sep 2024 07:03:37 GMT
message1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/ Frame 17F6
13 KB
13 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/message1.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3021e724356800d3904e2dc7fb81f3f024bcec57f2033ed716be7ba49ade00cd
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 13 Sep 2023 20:53:00 GMT
x-content-type-options
nosniff
age
553314
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12844
x-xss-protection
0
last-modified
Fri, 06 Jan 2023 01:11:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 12 Sep 2024 20:53:00 GMT
message1b.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/ Frame 17F6
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/message1b.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1732fc03c90f236c26cf3a629bb9f54c0d663b276a4b672bc6896fdf662e53ab
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 13 Sep 2023 23:08:48 GMT
x-content-type-options
nosniff
age
545166
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3222
x-xss-protection
0
last-modified
Fri, 06 Jan 2023 01:11:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 12 Sep 2024 23:08:48 GMT
message1c.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/ Frame 17F6
7 KB
7 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/message1c.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba722e6fd08736b51db61f9d3e72ca2349a4bc4e970db6c752d754f11825f30e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 18 Sep 2023 07:03:37 GMT
x-content-type-options
nosniff
age
171077
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7308
x-xss-protection
0
last-modified
Fri, 06 Jan 2023 01:11:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 17 Sep 2024 07:03:37 GMT
message1d.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/ Frame 17F6
8 KB
8 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/message1d.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d419258d9150c0861265190d931abcc73a7ee347f605f0f8bd87bacf0846e88f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 18 Sep 2023 07:03:37 GMT
x-content-type-options
nosniff
age
171077
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7776
x-xss-protection
0
last-modified
Fri, 06 Jan 2023 01:11:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 17 Sep 2024 07:03:37 GMT
message2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/ Frame 17F6
16 KB
16 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/message2.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e163d198caaf2faafe39d30b94e62c24e1b8fd54109e1842008a9ccec6b28d3c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 18 Sep 2023 07:03:37 GMT
x-content-type-options
nosniff
age
171077
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16155
x-xss-protection
0
last-modified
Fri, 06 Jan 2023 01:11:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 17 Sep 2024 07:03:37 GMT
txt1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/ Frame 17F6
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/txt1.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33647c72f414271b8381ea3b5b306083cc816de283c007f9ab5435c53aeafd14
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 14 Sep 2023 12:12:26 GMT
x-content-type-options
nosniff
age
498148
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3151
x-xss-protection
0
last-modified
Fri, 06 Jan 2023 01:11:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 13 Sep 2024 12:12:26 GMT
logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/ Frame 17F6
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/logo.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f27fcc92f8d2924b2a09f4c906e238202445e6b61c00ddc0fd1898c267df568
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 14 Sep 2023 11:01:24 GMT
x-content-type-options
nosniff
age
502410
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2887
x-xss-protection
0
last-modified
Fri, 06 Jan 2023 01:11:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 13 Sep 2024 11:01:24 GMT
logo-blue.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/ Frame 17F6
549 B
582 B
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/logo-blue.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5466b61c87530258690008a33c891eef8815d90f7f30f286e0de7453ef13a9d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 14 Sep 2023 10:35:26 GMT
x-content-type-options
nosniff
age
503968
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
549
x-xss-protection
0
last-modified
Fri, 06 Jan 2023 01:11:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 13 Sep 2024 10:35:26 GMT
logo-green.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/ Frame 17F6
541 B
569 B
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/logo-green.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd529a35ec3b1559781ca5736dd0777f8838e2cc6c1b2258ef38282da7abcf80
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 14 Sep 2023 18:09:39 GMT
x-content-type-options
nosniff
age
476715
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
541
x-xss-protection
0
last-modified
Fri, 06 Jan 2023 01:11:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 13 Sep 2024 18:09:39 GMT
logo-yellow.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/ Frame 17F6
545 B
573 B
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/logo-yellow.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e2346ebe24fd0a6b2839a6f62c2fd86e6a03133676d723bdc478b7480477cf6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 14 Sep 2023 13:24:22 GMT
x-content-type-options
nosniff
age
493832
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
545
x-xss-protection
0
last-modified
Fri, 06 Jan 2023 01:11:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 13 Sep 2024 13:24:22 GMT
logo-red.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/ Frame 17F6
561 B
589 B
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/logo-red.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
113ce895d8c94e3b12a56e489b3462d2374017498288bd2620a7934d0fa3eac8
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 14 Sep 2023 02:18:53 GMT
x-content-type-options
nosniff
age
533761
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
561
x-xss-protection
0
last-modified
Fri, 06 Jan 2023 01:11:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 13 Sep 2024 02:18:53 GMT
cta.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/ Frame 17F6
1009 B
1 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/cta.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60880733ef704adbb0e85783c8e9d1f88b2f74c220dd0535318b146535922e9a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 14 Sep 2023 15:27:51 GMT
x-content-type-options
nosniff
age
486423
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1009
x-xss-protection
0
last-modified
Fri, 06 Jan 2023 01:11:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 13 Sep 2024 15:27:51 GMT
txt3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/ Frame 17F6
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/txt3.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a8e019f68a05b5ec99a299b452f722894d2ea939199f043d4c0f49a322aad98
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 14 Sep 2023 08:55:04 GMT
x-content-type-options
nosniff
age
509990
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2000
x-xss-protection
0
last-modified
Fri, 06 Jan 2023 01:11:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 13 Sep 2024 08:55:04 GMT
txt2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/ Frame 17F6
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/txt2.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea7c8fe15199460e6a9910bfd1e5bf8a0111ddee538511abc9b5f6ab268a65bc
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 18 Sep 2023 07:03:37 GMT
x-content-type-options
nosniff
age
171077
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1939
x-xss-protection
0
last-modified
Fri, 06 Jan 2023 01:11:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 17 Sep 2024 07:03:37 GMT
txt12.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/ Frame 17F6
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/txt12.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
551cff4b9a266c395d307a18b099ac2cd87269b22b6cb83e0f4b581fe6633375
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 18 Sep 2023 07:03:37 GMT
x-content-type-options
nosniff
age
171077
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3455
x-xss-protection
0
last-modified
Fri, 06 Jan 2023 01:11:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 17 Sep 2024 07:03:37 GMT
txt13.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/ Frame 17F6
713 B
753 B
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/txt13.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66a96c67f9b57d873920227284dae154cd664510a1dc3a90940b265109c262f9
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 18 Sep 2023 07:03:37 GMT
x-content-type-options
nosniff
age
171077
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
713
x-xss-protection
0
last-modified
Fri, 06 Jan 2023 01:11:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 17 Sep 2024 07:03:37 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 6C66
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjIKwUgkAAODLtMp_t2poD09Hz-0qg&u=%7CouQHdnFa5Kmf2p4Bss1sMgOH8sVBwyqn%2BiF0%2Bahdfb4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMFJuvFqbjSDMVND0YNpbXxw_g68WQBYp6weOwM57j-9gqQp1XQI8p1GzWVoJL-MYPH3XWkzenv5tUiwVrgfGWP8oCqnSa-uDWK7Am0l0x6-ooZO9aEmPM-LmJvTGNiOWjUEiMrXG5v6LCR_wUr4vBKoVnzJw5iRomwS_WqazraITJwrdaznTla_p_q9CCjN0dMdpo8cyL1qRUUbK2CpcPoAmULxFtvIb8PkVAHAhKpur_O8geRTjDnHA4pRh7r0NoC1zZarfAPSpY9klgZfcD45lW_80lVdKRNCiBqggAW3--_dgHPvJXkCcfUmvyHXpgRMAy0psZqYIFgiL0PPC-RL84VUze1wivglauOObXP0eXCF02Qxr6n9zly1M4A4NmjztEd1OoVvBH-RZ8QvZMdfMi4qxuRFmMz-DsI7wp1bK7t3Gie4Z0zO_6bJ8n2J9BunLe3m5qPkZgjDm7Wrdrpy91igJ5HQOY6GA5htN0tmr5Z47H1NsjIr0qAVuccaMquy__4Z8i73S7JJlZrxPIrE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgg18jZIKZbKkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_Q3h13zMhKVR_2VR6pDKSyJ8cpmeAwGXcAo5EfC7LSLx2k3CY7oa93tBTOCUlepQPwNuNWvZM706ttHSNnsbEH7pnon_oFajyWuRBAtJ_ha9lTABC1xnhU3yqkPwBptf8tYI9bRGDjQ4uZsM9rFgenV-RZpZNYBmyNBW1pVl8sLF4V2FMm7DDpQsptCFUbO44Iy__AZBvzYOhaJZ54uTCjEutn6BDB-VqiGQ5WUbPASV3HnsPcMUNvlA1d46bqRxZWrn8de6mDaIHGuP_0FJbyyUdpFYRxPhNbrPEu1EmRJvAm-yIFepvpFwdMSoSjGkg43ndpieUsTnm4O73eb57g8akm5AJHgw-jpGASS0RySRxZAuEs6vfU2dSdm4AGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eW35jhhplwIs8GhpqjfKJDoFWkA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Sep 2024 06:34:54 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 6C66
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjIKwUgkAAODLtMp_t2poD09Hz-0qg&u=%7CouQHdnFa5Kmf2p4Bss1sMgOH8sVBwyqn%2BiF0%2Bahdfb4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMFJuvFqbjSDMVND0YNpbXxw_g68WQBYp6weOwM57j-9gqQp1XQI8p1GzWVoJL-MYPH3XWkzenv5tUiwVrgfGWP8oCqnSa-uDWK7Am0l0x6-ooZO9aEmPM-LmJvTGNiOWjUEiMrXG5v6LCR_wUr4vBKoVnzJw5iRomwS_WqazraITJwrdaznTla_p_q9CCjN0dMdpo8cyL1qRUUbK2CpcPoAmULxFtvIb8PkVAHAhKpur_O8geRTjDnHA4pRh7r0NoC1zZarfAPSpY9klgZfcD45lW_80lVdKRNCiBqggAW3--_dgHPvJXkCcfUmvyHXpgRMAy0psZqYIFgiL0PPC-RL84VUze1wivglauOObXP0eXCF02Qxr6n9zly1M4A4NmjztEd1OoVvBH-RZ8QvZMdfMi4qxuRFmMz-DsI7wp1bK7t3Gie4Z0zO_6bJ8n2J9BunLe3m5qPkZgjDm7Wrdrpy91igJ5HQOY6GA5htN0tmr5Z47H1NsjIr0qAVuccaMquy__4Z8i73S7JJlZrxPIrE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgg18jZIKZbKkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_Q3h13zMhKVR_2VR6pDKSyJ8cpmeAwGXcAo5EfC7LSLx2k3CY7oa93tBTOCUlepQPwNuNWvZM706ttHSNnsbEH7pnon_oFajyWuRBAtJ_ha9lTABC1xnhU3yqkPwBptf8tYI9bRGDjQ4uZsM9rFgenV-RZpZNYBmyNBW1pVl8sLF4V2FMm7DDpQsptCFUbO44Iy__AZBvzYOhaJZ54uTCjEutn6BDB-VqiGQ5WUbPASV3HnsPcMUNvlA1d46bqRxZWrn8de6mDaIHGuP_0FJbyyUdpFYRxPhNbrPEu1EmRJvAm-yIFepvpFwdMSoSjGkg43ndpieUsTnm4O73eb57g8akm5AJHgw-jpGASS0RySRxZAuEs6vfU2dSdm4AGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eW35jhhplwIs8GhpqjfKJDoFWkA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Sep 2024 06:34:54 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 6C66
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjIKwUgkAAODLtMp_t2poD09Hz-0qg&u=%7CouQHdnFa5Kmf2p4Bss1sMgOH8sVBwyqn%2BiF0%2Bahdfb4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMFJuvFqbjSDMVND0YNpbXxw_g68WQBYp6weOwM57j-9gqQp1XQI8p1GzWVoJL-MYPH3XWkzenv5tUiwVrgfGWP8oCqnSa-uDWK7Am0l0x6-ooZO9aEmPM-LmJvTGNiOWjUEiMrXG5v6LCR_wUr4vBKoVnzJw5iRomwS_WqazraITJwrdaznTla_p_q9CCjN0dMdpo8cyL1qRUUbK2CpcPoAmULxFtvIb8PkVAHAhKpur_O8geRTjDnHA4pRh7r0NoC1zZarfAPSpY9klgZfcD45lW_80lVdKRNCiBqggAW3--_dgHPvJXkCcfUmvyHXpgRMAy0psZqYIFgiL0PPC-RL84VUze1wivglauOObXP0eXCF02Qxr6n9zly1M4A4NmjztEd1OoVvBH-RZ8QvZMdfMi4qxuRFmMz-DsI7wp1bK7t3Gie4Z0zO_6bJ8n2J9BunLe3m5qPkZgjDm7Wrdrpy91igJ5HQOY6GA5htN0tmr5Z47H1NsjIr0qAVuccaMquy__4Z8i73S7JJlZrxPIrE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgg18jZIKZbKkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_Q3h13zMhKVR_2VR6pDKSyJ8cpmeAwGXcAo5EfC7LSLx2k3CY7oa93tBTOCUlepQPwNuNWvZM706ttHSNnsbEH7pnon_oFajyWuRBAtJ_ha9lTABC1xnhU3yqkPwBptf8tYI9bRGDjQ4uZsM9rFgenV-RZpZNYBmyNBW1pVl8sLF4V2FMm7DDpQsptCFUbO44Iy__AZBvzYOhaJZ54uTCjEutn6BDB-VqiGQ5WUbPASV3HnsPcMUNvlA1d46bqRxZWrn8de6mDaIHGuP_0FJbyyUdpFYRxPhNbrPEu1EmRJvAm-yIFepvpFwdMSoSjGkg43ndpieUsTnm4O73eb57g8akm5AJHgw-jpGASS0RySRxZAuEs6vfU2dSdm4AGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eW35jhhplwIs8GhpqjfKJDoFWkA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 14 Sep 2024 06:34:54 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 6C66
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjIKwUgkAAODLtMp_t2poD09Hz-0qg&u=%7CouQHdnFa5Kmf2p4Bss1sMgOH8sVBwyqn%2BiF0%2Bahdfb4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMFJuvFqbjSDMVND0YNpbXxw_g68WQBYp6weOwM57j-9gqQp1XQI8p1GzWVoJL-MYPH3XWkzenv5tUiwVrgfGWP8oCqnSa-uDWK7Am0l0x6-ooZO9aEmPM-LmJvTGNiOWjUEiMrXG5v6LCR_wUr4vBKoVnzJw5iRomwS_WqazraITJwrdaznTla_p_q9CCjN0dMdpo8cyL1qRUUbK2CpcPoAmULxFtvIb8PkVAHAhKpur_O8geRTjDnHA4pRh7r0NoC1zZarfAPSpY9klgZfcD45lW_80lVdKRNCiBqggAW3--_dgHPvJXkCcfUmvyHXpgRMAy0psZqYIFgiL0PPC-RL84VUze1wivglauOObXP0eXCF02Qxr6n9zly1M4A4NmjztEd1OoVvBH-RZ8QvZMdfMi4qxuRFmMz-DsI7wp1bK7t3Gie4Z0zO_6bJ8n2J9BunLe3m5qPkZgjDm7Wrdrpy91igJ5HQOY6GA5htN0tmr5Z47H1NsjIr0qAVuccaMquy__4Z8i73S7JJlZrxPIrE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgg18jZIKZbKkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_Q3h13zMhKVR_2VR6pDKSyJ8cpmeAwGXcAo5EfC7LSLx2k3CY7oa93tBTOCUlepQPwNuNWvZM706ttHSNnsbEH7pnon_oFajyWuRBAtJ_ha9lTABC1xnhU3yqkPwBptf8tYI9bRGDjQ4uZsM9rFgenV-RZpZNYBmyNBW1pVl8sLF4V2FMm7DDpQsptCFUbO44Iy__AZBvzYOhaJZ54uTCjEutn6BDB-VqiGQ5WUbPASV3HnsPcMUNvlA1d46bqRxZWrn8de6mDaIHGuP_0FJbyyUdpFYRxPhNbrPEu1EmRJvAm-yIFepvpFwdMSoSjGkg43ndpieUsTnm4O73eb57g8akm5AJHgw-jpGASS0RySRxZAuEs6vfU2dSdm4AGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eW35jhhplwIs8GhpqjfKJDoFWkA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 14 Sep 2024 06:34:54 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 6C66
2 KB
1 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=13846930&cmp=30251533&sid=1340728&plc=372411465&dvregion=0&unit=200x600
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjIKwUgkAAODLtMp_t2poD09Hz-0qg&u=%7CouQHdnFa5Kmf2p4Bss1sMgOH8sVBwyqn%2BiF0%2Bahdfb4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMFJuvFqbjSDMVND0YNpbXxw_g68WQBYp6weOwM57j-9gqQp1XQI8p1GzWVoJL-MYPH3XWkzenv5tUiwVrgfGWP8oCqnSa-uDWK7Am0l0x6-ooZO9aEmPM-LmJvTGNiOWjUEiMrXG5v6LCR_wUr4vBKoVnzJw5iRomwS_WqazraITJwrdaznTla_p_q9CCjN0dMdpo8cyL1qRUUbK2CpcPoAmULxFtvIb8PkVAHAhKpur_O8geRTjDnHA4pRh7r0NoC1zZarfAPSpY9klgZfcD45lW_80lVdKRNCiBqggAW3--_dgHPvJXkCcfUmvyHXpgRMAy0psZqYIFgiL0PPC-RL84VUze1wivglauOObXP0eXCF02Qxr6n9zly1M4A4NmjztEd1OoVvBH-RZ8QvZMdfMi4qxuRFmMz-DsI7wp1bK7t3Gie4Z0zO_6bJ8n2J9BunLe3m5qPkZgjDm7Wrdrpy91igJ5HQOY6GA5htN0tmr5Z47H1NsjIr0qAVuccaMquy__4Z8i73S7JJlZrxPIrE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgg18jZIKZbKkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_Q3h13zMhKVR_2VR6pDKSyJ8cpmeAwGXcAo5EfC7LSLx2k3CY7oa93tBTOCUlepQPwNuNWvZM706ttHSNnsbEH7pnon_oFajyWuRBAtJ_ha9lTABC1xnhU3yqkPwBptf8tYI9bRGDjQ4uZsM9rFgenV-RZpZNYBmyNBW1pVl8sLF4V2FMm7DDpQsptCFUbO44Iy__AZBvzYOhaJZ54uTCjEutn6BDB-VqiGQ5WUbPASV3HnsPcMUNvlA1d46bqRxZWrn8de6mDaIHGuP_0FJbyyUdpFYRxPhNbrPEu1EmRJvAm-yIFepvpFwdMSoSjGkg43ndpieUsTnm4O73eb57g8akm5AJHgw-jpGASS0RySRxZAuEs6vfU2dSdm4AGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eW35jhhplwIs8GhpqjfKJDoFWkA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8290 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
01a35e949b55eb92431872d6a0ac846d69ccf0093596c894eb22f62f30ea6eeb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 06:34:54 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Sep 2023 10:11:15 GMT
Server
UploadServer
ETag
"27cc5fec34fb6d3042f5aab4d2f9ce87"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
932
Expires
Thu, 21 Sep 2023 06:34:54 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame 6C66
9 KB
4 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=13846930&cmp=30251533&sid=1340728&plc=372411465&adsrv=1&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.src
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjIKwUgkAAODLtMp_t2poD09Hz-0qg&u=%7CouQHdnFa5Kmf2p4Bss1sMgOH8sVBwyqn%2BiF0%2Bahdfb4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMFJuvFqbjSDMVND0YNpbXxw_g68WQBYp6weOwM57j-9gqQp1XQI8p1GzWVoJL-MYPH3XWkzenv5tUiwVrgfGWP8oCqnSa-uDWK7Am0l0x6-ooZO9aEmPM-LmJvTGNiOWjUEiMrXG5v6LCR_wUr4vBKoVnzJw5iRomwS_WqazraITJwrdaznTla_p_q9CCjN0dMdpo8cyL1qRUUbK2CpcPoAmULxFtvIb8PkVAHAhKpur_O8geRTjDnHA4pRh7r0NoC1zZarfAPSpY9klgZfcD45lW_80lVdKRNCiBqggAW3--_dgHPvJXkCcfUmvyHXpgRMAy0psZqYIFgiL0PPC-RL84VUze1wivglauOObXP0eXCF02Qxr6n9zly1M4A4NmjztEd1OoVvBH-RZ8QvZMdfMi4qxuRFmMz-DsI7wp1bK7t3Gie4Z0zO_6bJ8n2J9BunLe3m5qPkZgjDm7Wrdrpy91igJ5HQOY6GA5htN0tmr5Z47H1NsjIr0qAVuccaMquy__4Z8i73S7JJlZrxPIrE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgg18jZIKZbKkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_Q3h13zMhKVR_2VR6pDKSyJ8cpmeAwGXcAo5EfC7LSLx2k3CY7oa93tBTOCUlepQPwNuNWvZM706ttHSNnsbEH7pnon_oFajyWuRBAtJ_ha9lTABC1xnhU3yqkPwBptf8tYI9bRGDjQ4uZsM9rFgenV-RZpZNYBmyNBW1pVl8sLF4V2FMm7DDpQsptCFUbO44Iy__AZBvzYOhaJZ54uTCjEutn6BDB-VqiGQ5WUbPASV3HnsPcMUNvlA1d46bqRxZWrn8de6mDaIHGuP_0FJbyyUdpFYRxPhNbrPEu1EmRJvAm-yIFepvpFwdMSoSjGkg43ndpieUsTnm4O73eb57g8akm5AJHgw-jpGASS0RySRxZAuEs6vfU2dSdm4AGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eW35jhhplwIs8GhpqjfKJDoFWkA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8290 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
8be221978ab1beee5467f7a31e8771046489b44c7741b1245db0d11e6d36c0cf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 06:34:54 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Sep 2023 19:24:55 GMT
Server
UploadServer
ETag
"7e44f8b31225a147c105c82da1b042f0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3639
Expires
Wed, 20 Sep 2023 06:49:54 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame 6C66
43 B
348 B
Image
General
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=Dv2owsal2szQIPBKfCmByVFNlJoA_hYhGgCi70Jh3RF8zIr7diq4UVPd0bEo459Rqv2_cTC_lsWKgI0D1BVZaU9bqDPZS53M5Y-aEOU8yZN74v1zM8gj512lWhmfpjDMWY7i42TLGw4hG1ls5Lzjhz5Y6S7O1cjbYkHk9vKtZJaAEQ6elQ65To-Qq5obg5Fo8zejRg-JB1iHEooLDI5694EJwbHl0kN51qleawk19cJuMnDfrPRZeDAFCtbsZ2jpo8IxB2KCvglpr9wSFBSVoch0JZbcm4A4OQhPSF9rnbbnxKPUUbtPtRXXCR5-yO6Rdz_WVQzKWKCBzOAX3PG5TowPzeMmH8YmfxsELOBnoJXQt3FFO2jHLufCUF8FEME0bvevya638KpCh6BOlH259e4xtdkBtLfGXS4GdJew2Tfd8dtV
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjIKwUgkAAODLtMp_t2poD09Hz-0qg&u=%7CouQHdnFa5Kmf2p4Bss1sMgOH8sVBwyqn%2BiF0%2Bahdfb4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMFJuvFqbjSDMVND0YNpbXxw_g68WQBYp6weOwM57j-9gqQp1XQI8p1GzWVoJL-MYPH3XWkzenv5tUiwVrgfGWP8oCqnSa-uDWK7Am0l0x6-ooZO9aEmPM-LmJvTGNiOWjUEiMrXG5v6LCR_wUr4vBKoVnzJw5iRomwS_WqazraITJwrdaznTla_p_q9CCjN0dMdpo8cyL1qRUUbK2CpcPoAmULxFtvIb8PkVAHAhKpur_O8geRTjDnHA4pRh7r0NoC1zZarfAPSpY9klgZfcD45lW_80lVdKRNCiBqggAW3--_dgHPvJXkCcfUmvyHXpgRMAy0psZqYIFgiL0PPC-RL84VUze1wivglauOObXP0eXCF02Qxr6n9zly1M4A4NmjztEd1OoVvBH-RZ8QvZMdfMi4qxuRFmMz-DsI7wp1bK7t3Gie4Z0zO_6bJ8n2J9BunLe3m5qPkZgjDm7Wrdrpy91igJ5HQOY6GA5htN0tmr5Z47H1NsjIr0qAVuccaMquy__4Z8i73S7JJlZrxPIrE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgg18jZIKZbKkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_Q3h13zMhKVR_2VR6pDKSyJ8cpmeAwGXcAo5EfC7LSLx2k3CY7oa93tBTOCUlepQPwNuNWvZM706ttHSNnsbEH7pnon_oFajyWuRBAtJ_ha9lTABC1xnhU3yqkPwBptf8tYI9bRGDjQ4uZsM9rFgenV-RZpZNYBmyNBW1pVl8sLF4V2FMm7DDpQsptCFUbO44Iy__AZBvzYOhaJZ54uTCjEutn6BDB-VqiGQ5WUbPASV3HnsPcMUNvlA1d46bqRxZWrn8de6mDaIHGuP_0FJbyyUdpFYRxPhNbrPEu1EmRJvAm-yIFepvpFwdMSoSjGkg43ndpieUsTnm4O73eb57g8akm5AJHgw-jpGASS0RySRxZAuEs6vfU2dSdm4AGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eW35jhhplwIs8GhpqjfKJDoFWkA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 06:34:54 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2760168
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
d.agkn.com/pixel/8538/ Frame 6C66
43 B
562 B
Image
General
Full URL
https://d.agkn.com/pixel/8538/?che=650a928dc3070b3af4ac0ac57c46a7fd&col=308271,0,0,0,11120203,650a928dc3070b3af4ac0ac57c46a7fd
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjIKwUgkAAODLtMp_t2poD09Hz-0qg&u=%7CouQHdnFa5Kmf2p4Bss1sMgOH8sVBwyqn%2BiF0%2Bahdfb4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMFJuvFqbjSDMVND0YNpbXxw_g68WQBYp6weOwM57j-9gqQp1XQI8p1GzWVoJL-MYPH3XWkzenv5tUiwVrgfGWP8oCqnSa-uDWK7Am0l0x6-ooZO9aEmPM-LmJvTGNiOWjUEiMrXG5v6LCR_wUr4vBKoVnzJw5iRomwS_WqazraITJwrdaznTla_p_q9CCjN0dMdpo8cyL1qRUUbK2CpcPoAmULxFtvIb8PkVAHAhKpur_O8geRTjDnHA4pRh7r0NoC1zZarfAPSpY9klgZfcD45lW_80lVdKRNCiBqggAW3--_dgHPvJXkCcfUmvyHXpgRMAy0psZqYIFgiL0PPC-RL84VUze1wivglauOObXP0eXCF02Qxr6n9zly1M4A4NmjztEd1OoVvBH-RZ8QvZMdfMi4qxuRFmMz-DsI7wp1bK7t3Gie4Z0zO_6bJ8n2J9BunLe3m5qPkZgjDm7Wrdrpy91igJ5HQOY6GA5htN0tmr5Z47H1NsjIr0qAVuccaMquy__4Z8i73S7JJlZrxPIrE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgg18jZIKZbKkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_Q3h13zMhKVR_2VR6pDKSyJ8cpmeAwGXcAo5EfC7LSLx2k3CY7oa93tBTOCUlepQPwNuNWvZM706ttHSNnsbEH7pnon_oFajyWuRBAtJ_ha9lTABC1xnhU3yqkPwBptf8tYI9bRGDjQ4uZsM9rFgenV-RZpZNYBmyNBW1pVl8sLF4V2FMm7DDpQsptCFUbO44Iy__AZBvzYOhaJZ54uTCjEutn6BDB-VqiGQ5WUbPASV3HnsPcMUNvlA1d46bqRxZWrn8de6mDaIHGuP_0FJbyyUdpFYRxPhNbrPEu1EmRJvAm-yIFepvpFwdMSoSjGkg43ndpieUsTnm4O73eb57g8akm5AJHgw-jpGASS0RySRxZAuEs6vfU2dSdm4AGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eW35jhhplwIs8GhpqjfKJDoFWkA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26fa:da00:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 06:34:54 GMT
via
1.1 78a5d96d9c348edf8a3fca2ba77f8e64.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
image/gif
cache-control
no-cache, must-revalidate
content-length
43
x-amz-cf-id
zM7ntGyF0Dd0Ze7YQr_KE5sWMn7a5vXJHTvsLhvkDOs9UtSpzVFuoA==
expires
Sat, 01 Jan 2000 00:00:00 GMT
B30251533.372411465;dc_pre=CMHlrJbJuIEDFUbOswodLnEIGQ;dc_trk_aid=563043988;dc_trk_cid=195958998;dcopt=anid;ord=650a928dc3070b3af4ac0ac57c46a7fd;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/ Frame 6C66
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B30251533.372411465;dc_trk_aid=563043988;dc_trk_cid=195958998;dcopt=anid;ord=650a928dc3070b3af4ac0ac57c46a7fd;dc_lat=;dc_rdid=;tag_for_ch...
  • https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B30251533.372411465;dc_pre=CMHlrJbJuIEDFUbOswodLnEIGQ;dc_trk_aid=563043988;dc_trk_cid=195958998;dcopt=anid;ord=650a928dc3070b3af4ac0ac57c...
42 B
464 B
Image
General
Full URL
https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B30251533.372411465;dc_pre=CMHlrJbJuIEDFUbOswodLnEIGQ;dc_trk_aid=563043988;dc_trk_cid=195958998;dcopt=anid;ord=650a928dc3070b3af4ac0ac57c46a7fd;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=?
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjIKwUgkAAODLtMp_t2poD09Hz-0qg&u=%7CouQHdnFa5Kmf2p4Bss1sMgOH8sVBwyqn%2BiF0%2Bahdfb4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMFJuvFqbjSDMVND0YNpbXxw_g68WQBYp6weOwM57j-9gqQp1XQI8p1GzWVoJL-MYPH3XWkzenv5tUiwVrgfGWP8oCqnSa-uDWK7Am0l0x6-ooZO9aEmPM-LmJvTGNiOWjUEiMrXG5v6LCR_wUr4vBKoVnzJw5iRomwS_WqazraITJwrdaznTla_p_q9CCjN0dMdpo8cyL1qRUUbK2CpcPoAmULxFtvIb8PkVAHAhKpur_O8geRTjDnHA4pRh7r0NoC1zZarfAPSpY9klgZfcD45lW_80lVdKRNCiBqggAW3--_dgHPvJXkCcfUmvyHXpgRMAy0psZqYIFgiL0PPC-RL84VUze1wivglauOObXP0eXCF02Qxr6n9zly1M4A4NmjztEd1OoVvBH-RZ8QvZMdfMi4qxuRFmMz-DsI7wp1bK7t3Gie4Z0zO_6bJ8n2J9BunLe3m5qPkZgjDm7Wrdrpy91igJ5HQOY6GA5htN0tmr5Z47H1NsjIr0qAVuccaMquy__4Z8i73S7JJlZrxPIrE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgg18jZIKZbKkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_Q3h13zMhKVR_2VR6pDKSyJ8cpmeAwGXcAo5EfC7LSLx2k3CY7oa93tBTOCUlepQPwNuNWvZM706ttHSNnsbEH7pnon_oFajyWuRBAtJ_ha9lTABC1xnhU3yqkPwBptf8tYI9bRGDjQ4uZsM9rFgenV-RZpZNYBmyNBW1pVl8sLF4V2FMm7DDpQsptCFUbO44Iy__AZBvzYOhaJZ54uTCjEutn6BDB-VqiGQ5WUbPASV3HnsPcMUNvlA1d46bqRxZWrn8de6mDaIHGuP_0FJbyyUdpFYRxPhNbrPEu1EmRJvAm-yIFepvpFwdMSoSjGkg43ndpieUsTnm4O73eb57g8akm5AJHgw-jpGASS0RySRxZAuEs6vfU2dSdm4AGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eW35jhhplwIs8GhpqjfKJDoFWkA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Server
142.250.65.198 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 06:34:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 06:34:54 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B30251533.372411465;dc_pre=CMHlrJbJuIEDFUbOswodLnEIGQ;dc_trk_aid=563043988;dc_trk_cid=195958998;dcopt=anid;ord=650a928dc3070b3af4ac0ac57c46a7fd;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
tracker.samplicio.us/tracker/135ae744-093c-4f69-8b53-a36ce6361ac1/ Frame 6C66
35 B
303 B
Image
General
Full URL
https://tracker.samplicio.us/tracker/135ae744-093c-4f69-8b53-a36ce6361ac1/pixel.gif?c1=11120203&pid=141491&sid=8873202347851648892&crid=308271&device_id=&cachebuster=650a928dc3070b3af4ac0ac57c46a7fd&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjIKwUgkAAODLtMp_t2poD09Hz-0qg&u=%7CouQHdnFa5Kmf2p4Bss1sMgOH8sVBwyqn%2BiF0%2Bahdfb4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMFJuvFqbjSDMVND0YNpbXxw_g68WQBYp6weOwM57j-9gqQp1XQI8p1GzWVoJL-MYPH3XWkzenv5tUiwVrgfGWP8oCqnSa-uDWK7Am0l0x6-ooZO9aEmPM-LmJvTGNiOWjUEiMrXG5v6LCR_wUr4vBKoVnzJw5iRomwS_WqazraITJwrdaznTla_p_q9CCjN0dMdpo8cyL1qRUUbK2CpcPoAmULxFtvIb8PkVAHAhKpur_O8geRTjDnHA4pRh7r0NoC1zZarfAPSpY9klgZfcD45lW_80lVdKRNCiBqggAW3--_dgHPvJXkCcfUmvyHXpgRMAy0psZqYIFgiL0PPC-RL84VUze1wivglauOObXP0eXCF02Qxr6n9zly1M4A4NmjztEd1OoVvBH-RZ8QvZMdfMi4qxuRFmMz-DsI7wp1bK7t3Gie4Z0zO_6bJ8n2J9BunLe3m5qPkZgjDm7Wrdrpy91igJ5HQOY6GA5htN0tmr5Z47H1NsjIr0qAVuccaMquy__4Z8i73S7JJlZrxPIrE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgg18jZIKZbKkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_Q3h13zMhKVR_2VR6pDKSyJ8cpmeAwGXcAo5EfC7LSLx2k3CY7oa93tBTOCUlepQPwNuNWvZM706ttHSNnsbEH7pnon_oFajyWuRBAtJ_ha9lTABC1xnhU3yqkPwBptf8tYI9bRGDjQ4uZsM9rFgenV-RZpZNYBmyNBW1pVl8sLF4V2FMm7DDpQsptCFUbO44Iy__AZBvzYOhaJZ54uTCjEutn6BDB-VqiGQ5WUbPASV3HnsPcMUNvlA1d46bqRxZWrn8de6mDaIHGuP_0FJbyyUdpFYRxPhNbrPEu1EmRJvAm-yIFepvpFwdMSoSjGkg43ndpieUsTnm4O73eb57g8akm5AJHgw-jpGASS0RySRxZAuEs6vfU2dSdm4AGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eW35jhhplwIs8GhpqjfKJDoFWkA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.208.227.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-227-70.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:54 GMT
strict-transport-security
max-age=604800
x-ratelimit-reset
0
x-ratelimit-limit
0
content-length
35
x-ratelimit-remaining
0
content-type
image/gif
si
googleads.g.doubleclick.net/pagead/drt/ Frame 975A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=600&slotname=7639484812&adk=992306218&adf=1633998875&pi=t.ma~as.7639484812&w=300&fwrn=4&fwrnh=100&lmt=1695227693&rafmt=1&format=300x600&url=https%3A%2F%2Favito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695191692572&bpp=3&bdt=1570&idt=471&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8239861751691&frm=20&pv=1&ga_vid=1915655829.1695191693&ga_sid=1695191693&ga_hid=1939529460&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803122%2C21065725&oid=2&pvsid=3600284936222131&tmod=1913480835&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=evMtBxa3UR&p=https%3A//avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru&dtd=479
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 06:34:54 GMT
expires
Wed, 20 Sep 2023 06:34:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 06:34:54 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-XR25G8TDFM&gtm=45je39i0&_p=1939529460&ul=en-us&sr=1600x1200&cid=1915655829.1695191693&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Favito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru%2F&dt=%D0%90%D1%83%D0%B4%D0%B8%D0%BE%D0%BA%D0%BD%D0%B8%D0%B3%D0%B8%20%D1%81%D0%BB%D1%83%D1%88%D0%B0%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%3A%3A%20bookmp3.ru&sid=1695191694&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XR25G8TDFM&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 06:34:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check_secondary
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10132.BZW03SE6OyuLa8q6rajk6-yphNsZSPsGWU-mIp-HRZ9Z90jvwL_2s5EEcN5WGmxH.AcMYc-hgtn9kiJW2XwmqDzJ8NTc%2C
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10132.p7ojeiMgM9Nc-HjN4qZe1i1rcL_cqwACIVITDR5X5rjr1HZKib8C-7JDOj139LGqaSncqIAi-pVZh54I6mapTUwBWWcRRgzz9T0t2LATeTU%2C.B-eDt5EE9JKzlL2ZV...
43 B
79 B
Image
General
Full URL
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10132.p7ojeiMgM9Nc-HjN4qZe1i1rcL_cqwACIVITDR5X5rjr1HZKib8C-7JDOj139LGqaSncqIAi-pVZh54I6mapTUwBWWcRRgzz9T0t2LATeTU%2C.B-eDt5EE9JKzlL2ZV4cUtTivnLM%2C
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:55 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10132.p7ojeiMgM9Nc-HjN4qZe1i1rcL_cqwACIVITDR5X5rjr1HZKib8C-7JDOj139LGqaSncqIAi-pVZh54I6mapTUwBWWcRRgzz9T0t2LATeTU%2C.B-eDt5EE9JKzlL2ZV4cUtTivnLM%2C
date
Wed, 20 Sep 2023 06:34:55 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
dvbs_src_internal121.js
cdn.doubleverify.com/ Frame C2B2
60 KB
20 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvbs_src_internal121.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=13846930&cmp=30251533&sid=1340728&plc=372411465&dvregion=0&unit=200x600
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8290 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
a6a235eb3be8edd6595e0d3a955057057947ecb9240263e146077afcc2e595a4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 06:34:54 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Sep 2023 10:11:17 GMT
Server
UploadServer
ETag
"5f080c001aa5f41de83429c4ff230ccf"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19652
Expires
Thu, 19 Sep 2024 06:34:54 GMT
dvbs_src_internal121.js
cdn.doubleverify.com/ Frame 6C66
60 KB
20 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvbs_src_internal121.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=13846930&cmp=30251533&sid=1340728&plc=372411465&dvregion=0&unit=200x600
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8290 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
a6a235eb3be8edd6595e0d3a955057057947ecb9240263e146077afcc2e595a4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 06:34:54 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Sep 2023 10:11:17 GMT
Server
UploadServer
ETag
"5f080c001aa5f41de83429c4ff230ccf"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19652
Expires
Thu, 19 Sep 2024 06:34:54 GMT
verify.js
rtb0.doubleverify.com/ Frame C2B2
443 B
577 B
Script
General
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_506927312849&jsTagObjCallback=__tagObject_callback_506927312849&num=6&ctx=13846930&cmp=30251533&plc=372411465&sid=1340728&advid=&adsrv=&unit=200x600&isdvvid=&uid=506927312849&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=117&bridua=3&dup=null&srcurlD=1&ssl=1&refD=2&tagpb=1&htmlmsging=1&tstype=128&aUrlD=1&m1=13&noc=4&fcifrms=7&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=168&eparams=DC4FC%3Dl9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau2G%3AE%40%5D2G%3AE%40%5DD36C%5DD36C32%3F%3C%5DDA3%3BJg7%3FC74%405fA%5DHHH%5DA6CD%5C%60%5D3%40%40%3C%3EAb%5DCFTar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau25D%5DFD%5D4C%3AE6%40%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETau&dvp_exetime=10.50&callbackName=__verify_callback_506927312849
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal121.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e17583e288739105a037b7ca88b6be92a2e98ba4f3092f3a79a3c0599f482626

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Sep 2023 06:34:55 GMT
Content-Encoding
br
X-DV-Response
0
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
09/19/2023 06:34:55
verify.js
rtb0.doubleverify.com/ Frame 6C66
443 B
577 B
Script
General
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_778235052983&jsTagObjCallback=__tagObject_callback_778235052983&num=6&ctx=13846930&cmp=30251533&plc=372411465&sid=1340728&advid=&adsrv=&unit=200x600&isdvvid=&uid=778235052983&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=117&bridua=3&dup=null&srcurlD=1&ssl=1&refD=2&tagpb=1&htmlmsging=1&tstype=128&aUrlD=1&m1=13&noc=4&fcifrms=7&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=168&eparams=DC4FC%3Dl9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau2G%3AE%40%5D2G%3AE%40%5DD36C%5DD36C32%3F%3C%5DDA3%3BJg7%3FC74%405fA%5DHHH%5DA6CD%5C%60%5D3%40%40%3C%3EAb%5DCFTar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau25D%5DFD%5D4C%3AE6%40%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETau&dvp_exetime=10.30&callbackName=__verify_callback_778235052983
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal121.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
4c5cc784997b0788eb27b6f73c923edb2f2c11a1206f34513d47fdc398079fe1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Sep 2023 06:34:55 GMT
Content-Encoding
br
X-DV-Response
0
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
09/19/2023 06:34:55
/
www.googleadservices.com/pagead/ar-adview/ Frame 031E
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C5lyUjZIKZczmBq6mrr4P366QoAH98NjfcrW3ienKEZqXwszkPBABIP7voD5gyYaAgNyjxBCgAar9sOwCyAEBqAMByAPLBKoEpwJP0GtatYEVIEYI8F1QLJt0IHPbhSCDhDUTeNovYedF2fp...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x8fac813774db6690000000000000000%22,%222%22:%220x1b2ab52a414e00840000000000000000%22,%223%22:%220x8b69643...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x8fac813774db6690000000000000000%22,%222%22:%220x1b2ab52a414e00840000000000000000%22,%223%22:%220x8b6964352730707e0000000000000000%22,%224%22:%220xc0d449ee123b02210000000000000000%22,%225%22:%220xb1819572684682500000000000000000%22},%22debug_key%22:%229595431205157930313%22,%22debug_reporting%22:true,%22destination%22:%22https://southgatetowersmiami.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22764165802%22],%224%22:[%2209-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225345790364602800865%22}&andc=true
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H3
Server
142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:55 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x8fac813774db6690000000000000000","2":"0x1b2ab52a414e00840000000000000000","3":"0x8b6964352730707e0000000000000000","4":"0xc0d449ee123b02210000000000000000","5":"0xb1819572684682500000000000000000"},"debug_key":"9595431205157930313","debug_reporting":true,"destination":"https://southgatetowersmiami.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["764165802"],"4":["09-20"],"6":["true"]},"priority":"500","source_event_id":"5345790364602800865"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 20 Sep 2023 06:34:55 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 20 Sep 2023 06:34:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x8fac813774db6690000000000000000","2":"0x1b2ab52a414e00840000000000000000","3":"0x8b6964352730707e0000000000000000","4":"0xc0d449ee123b02210000000000000000","5":"0xb1819572684682500000000000000000"},"debug_key":"9595431205157930313","debug_reporting":true,"destination":"https://southgatetowersmiami.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["764165802"],"4":["09-20"],"6":["true"]},"priority":"500","source_event_id":"5345790364602800865"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js
pagead2.googlesyndication.com/bg/ Frame 6482
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=600&slotname=7639484812&adk=992306218&adf=1633998875&pi=t.ma~as.7639484812&w=300&fwrn=4&fwrnh=100&lmt=1695227693&rafmt=1&format=300x600&url=https%3A%2F%2Favito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695191692572&bpp=3&bdt=1570&idt=471&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8239861751691&frm=20&pv=1&ga_vid=1915655829.1695191693&ga_sid=1695191693&ga_hid=1939529460&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803122%2C21065725&oid=2&pvsid=3600284936222131&tmod=1913480835&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=evMtBxa3UR&p=https%3A//avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru&dtd=479
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9693ec40f86e36b0af6dac9d253c9a5fb7862996352562ec52d3dafb33635611
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 20:27:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
468434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14603
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 13 Sep 2024 20:27:41 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 94CF
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CL6R5jZIKZbSkBqSQhQauho74AdOkz_1ygYqIgboRiv2ghMMBEAEg_u-gPmDJhoCA3KPEEKABiKPkpAPIAQmoAwHIA0iqBKwCT9ATI5piCxBEvjnboqh2Hed4lHxq9J6qg4D5usZzRrifZNr...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd777e5ab001747980000000000000000%22,%222%22:%220x7824d7428be9c7890000000000000000%22,%223%22:%220x7444a8...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd777e5ab001747980000000000000000%22,%222%22:%220x7824d7428be9c7890000000000000000%22,%223%22:%220x7444a81e69a26b880000000000000000%22,%224%22:%220x4ece106574a68b480000000000000000%22,%225%22:%220xdeeee9e032fa000b0000000000000000%22},%22debug_key%22:%228184110463521037874%22,%22debug_reporting%22:true,%22destination%22:%22https://slack.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22882446728%22],%224%22:[%2209-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222670554152702331409%22}&andc=true
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H3
Server
142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:55 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xd777e5ab001747980000000000000000","2":"0x7824d7428be9c7890000000000000000","3":"0x7444a81e69a26b880000000000000000","4":"0x4ece106574a68b480000000000000000","5":"0xdeeee9e032fa000b0000000000000000"},"debug_key":"8184110463521037874","debug_reporting":true,"destination":"https://slack.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["882446728"],"4":["09-20"],"6":["true"]},"priority":"500","source_event_id":"2670554152702331409"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 20 Sep 2023 06:34:55 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 20 Sep 2023 06:34:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xd777e5ab001747980000000000000000","2":"0x7824d7428be9c7890000000000000000","3":"0x7444a81e69a26b880000000000000000","4":"0x4ece106574a68b480000000000000000","5":"0xdeeee9e032fa000b0000000000000000"},"debug_key":"8184110463521037874","debug_reporting":true,"destination":"https://slack.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["882446728"],"4":["09-20"],"6":["true"]},"priority":"500","source_event_id":"2670554152702331409"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js
pagead2.googlesyndication.com/bg/ Frame 0952
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9693ec40f86e36b0af6dac9d253c9a5fb7862996352562ec52d3dafb33635611
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 20:27:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
468434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14603
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 13 Sep 2024 20:27:41 GMT
lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js
pagead2.googlesyndication.com/bg/ Frame 17F6
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9693ec40f86e36b0af6dac9d253c9a5fb7862996352562ec52d3dafb33635611
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 20:27:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
468434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14603
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 13 Sep 2024 20:27:41 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x8fac813774db6690000000000000000%22,%222%22:%220x1b2ab52a414e00840000000000000000%22,%223%22:%220x8b6964352730707e0000000000000000%22,%224%22:%220xc0d449ee123b02210000000000000000%22,%225%22:%220xb1819572684682500000000000000000%22},%22debug_key%22:%229595431205157930313%22,%22debug_reporting%22:true,%22destination%22:%22https://southgatetowersmiami.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22764165802%22],%224%22:[%2209-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225345790364602800865%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 20 Sep 2023 06:34:55 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd777e5ab001747980000000000000000%22,%222%22:%220x7824d7428be9c7890000000000000000%22,%223%22:%220x7444a81e69a26b880000000000000000%22,%224%22:%220x4ece106574a68b480000000000000000%22,%225%22:%220xdeeee9e032fa000b0000000000000000%22},%22debug_key%22:%228184110463521037874%22,%22debug_reporting%22:true,%22destination%22:%22https://slack.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22882446728%22],%224%22:[%2209-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222670554152702331409%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 20 Sep 2023 06:34:55 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
bsevent.gif
rtbc-ue1.doubleverify.com/ Frame 6C66
0
298 B
Ping
General
Full URL
https://rtbc-ue1.doubleverify.com/bsevent.gif?flvr=0&impid=24b844b9a507401b828dc68de2d79916&vfdur=286&cbust=1695191695282236
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal121.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://ads.us.criteo.com
Pragma
no-cache
Date
Wed, 20 Sep 2023 06:34:55 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2023-09-19T06:34:55
bsevent.gif
rtbc-ue1.doubleverify.com/ Frame C2B2
0
298 B
Ping
General
Full URL
https://rtbc-ue1.doubleverify.com/bsevent.gif?flvr=0&impid=58a2c4418a084ef581a72810180396bf&vfdur=299&cbust=1695191695284793
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal121.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://ads.us.criteo.com
Pragma
no-cache
Date
Wed, 20 Sep 2023 06:34:55 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2023-09-19T06:34:55
dv-measurements4705.js
cdn.doubleverify.com/ Frame EBF2
421 KB
99 KB
Script
General
Full URL
https://cdn.doubleverify.com/dv-measurements4705.js
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8290 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
c8f16b88d1787f960e55dc9a0976f51e63cdd143e000ca0f32e8a10e8103aa07

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 06:34:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Sep 2023 13:07:36 GMT
Server
UploadServer
ETag
"149ae4bdca67297fb129509289387679"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
100954
Expires
Thu, 19 Sep 2024 06:34:55 GMT
dv-measurements4705.js
cdn.doubleverify.com/ Frame 5207
421 KB
99 KB
Script
General
Full URL
https://cdn.doubleverify.com/dv-measurements4705.js
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8290 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
c8f16b88d1787f960e55dc9a0976f51e63cdd143e000ca0f32e8a10e8103aa07

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 06:34:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Sep 2023 13:07:36 GMT
Server
UploadServer
ETag
"149ae4bdca67297fb129509289387679"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
100954
Expires
Thu, 19 Sep 2024 06:34:55 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 6C66
12 KB
5 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjIKwUgkAAODLtMp_t2poD09Hz-0qg&u=%7CouQHdnFa5Kmf2p4Bss1sMgOH8sVBwyqn%2BiF0%2Bahdfb4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMFJuvFqbjSDMVND0YNpbXxw_g68WQBYp6weOwM57j-9gqQp1XQI8p1GzWVoJL-MYPH3XWkzenv5tUiwVrgfGWP8oCqnSa-uDWK7Am0l0x6-ooZO9aEmPM-LmJvTGNiOWjUEiMrXG5v6LCR_wUr4vBKoVnzJw5iRomwS_WqazraITJwrdaznTla_p_q9CCjN0dMdpo8cyL1qRUUbK2CpcPoAmULxFtvIb8PkVAHAhKpur_O8geRTjDnHA4pRh7r0NoC1zZarfAPSpY9klgZfcD45lW_80lVdKRNCiBqggAW3--_dgHPvJXkCcfUmvyHXpgRMAy0psZqYIFgiL0PPC-RL84VUze1wivglauOObXP0eXCF02Qxr6n9zly1M4A4NmjztEd1OoVvBH-RZ8QvZMdfMi4qxuRFmMz-DsI7wp1bK7t3Gie4Z0zO_6bJ8n2J9BunLe3m5qPkZgjDm7Wrdrpy91igJ5HQOY6GA5htN0tmr5Z47H1NsjIr0qAVuccaMquy__4Z8i73S7JJlZrxPIrE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgg18jZIKZbKkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_Q3h13zMhKVR_2VR6pDKSyJ8cpmeAwGXcAo5EfC7LSLx2k3CY7oa93tBTOCUlepQPwNuNWvZM706ttHSNnsbEH7pnon_oFajyWuRBAtJ_ha9lTABC1xnhU3yqkPwBptf8tYI9bRGDjQ4uZsM9rFgenV-RZpZNYBmyNBW1pVl8sLF4V2FMm7DDpQsptCFUbO44Iy__AZBvzYOhaJZ54uTCjEutn6BDB-VqiGQ5WUbPASV3HnsPcMUNvlA1d46bqRxZWrn8de6mDaIHGuP_0FJbyyUdpFYRxPhNbrPEu1EmRJvAm-yIFepvpFwdMSoSjGkg43ndpieUsTnm4O73eb57g8akm5AJHgw-jpGASS0RySRxZAuEs6vfU2dSdm4AGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eW35jhhplwIs8GhpqjfKJDoFWkA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1063023
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4418
last-modified
Thu, 22 Jun 2023 11:22:44 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942f04-1142"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PLRQrPtbXCaVUzoYmIgurF0iywJSvp%2FWn%2BxrXbrU6uGzRgphUDi5ONT0xLq8%2FCzgB4BESfvKeGhvJEyXk9JpQlSZ5aZWb6x8GvR3YBTQVNj0Za2%2FfGcY8s61yPdgD2wPUmRIcexS6fm%2BrooGh3j2Mbb%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80980ba18f39da01-MIA
expires
Mon, 09 Sep 2024 06:34:55 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame C2B2
12 KB
5 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjMKwUgkAAODLtfuqiyibdXypa9hKg&u=%7CouQHdnFa5KnkG6Bv5lBUSAyMN3q30ZfBr7A226mMTag%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMIRPtA8mHpd_-JT7UN-K7LyBnpFyFibQgWNAweRv4OYXzsw4WE3JlyPWZJBB8-Lzgj0JaPVk-aQbNp-GKMDBYD1TXLVMb7qiyj4VnKKfJiiBsuefuZNsL4ONCL2xZURRfouiuEx4qRytmVLY3b0R_aAmDqxaaBBL3xxqUI0vi_z3UaOmE2TUHYVeanSA5k0s37eFDdnWQAGHYS55XWJsjgP6MDuhRqMp6zGKJXOn4JsS9I2D5QxO0yALfnoP5Uqil-4vd3YCDut-IqcuqODjzL8TWqVHAmkDKfzPzNmNx_OhMPoMquhfJvogtj69LH19framrHaEts-2i8SGupPZHdKU6Phtl5wxefB--p1xW39HHiKpmIYy_imHPp1uxUXU4qE9SFOeOFn9PwPhX2fAdMH9JFRd5ldWXzFuLvvEEM2yIOxsSpyZTAlwBe0xE2F2A58larT59RxotFXJqpsLYMIWTAn_6LYTNgEr_relg4b5mcTXW801ulqaQUiuOe3LOadEh2kgtL6M2PEmoR4pyi8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxoxUjZIKZbOkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_QljaJmzFSWLzf3mM6nAdD6Xr_UE5A1gSYWNBK4RWl0BeftaRouryjXYhAm6VC9-snD6cPYqRbwWe5TtLl2UCHKFfamyQSzNhxnGeMyFq_N0D9B0xyA-2wU_VIe-VTIq26_amnTp2IfdprhO_aRpFiSvkrV1hyEYOxQdSqt3_hMCAo3ze9XVaJ0RkqNY4rl-lksPCBxxVK4pE58Hqz9M0hZKJCSSCg3qGMiayggF2tXcaAMIR6yoO6spGpkJIKuLsBSVWUDHeMiiPwvmIlCydj_m3yBC_DZm1mBliqJdqAJWmCYkbA_UEHKXXA3bTQ67av4ID2nM3N1iikg63HgKcnXrpdW2Xvbkv7g6IfK9NFgq0Z4SfxPJ4cTfw1dIAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3bC8y1qNe_Ow3SY0S8gLKGbfj6nA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1063023
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4418
last-modified
Thu, 22 Jun 2023 11:22:44 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942f04-1142"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0BiZsy8V3QZEQ4vh6Inyzr5uKHcwjG1zMY9arfUICKsiColv%2Bn%2FIdZRt7O7B1I%2BXWpAx4ZsV2%2Bslk105DlmLKL4O0YjlRc8h6w33BySOOnR1VG%2BtCgXGDmxdkJOicYzr4GYGURgKzy%2B5F3XjAjwUSR8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80980ba18f3ada01-MIA
expires
Mon, 09 Sep 2024 06:34:55 GMT
animejs.js
static.criteo.net/animejs/ Frame C2B2
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjMKwUgkAAODLtfuqiyibdXypa9hKg&u=%7CouQHdnFa5KnkG6Bv5lBUSAyMN3q30ZfBr7A226mMTag%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMIRPtA8mHpd_-JT7UN-K7LyBnpFyFibQgWNAweRv4OYXzsw4WE3JlyPWZJBB8-Lzgj0JaPVk-aQbNp-GKMDBYD1TXLVMb7qiyj4VnKKfJiiBsuefuZNsL4ONCL2xZURRfouiuEx4qRytmVLY3b0R_aAmDqxaaBBL3xxqUI0vi_z3UaOmE2TUHYVeanSA5k0s37eFDdnWQAGHYS55XWJsjgP6MDuhRqMp6zGKJXOn4JsS9I2D5QxO0yALfnoP5Uqil-4vd3YCDut-IqcuqODjzL8TWqVHAmkDKfzPzNmNx_OhMPoMquhfJvogtj69LH19framrHaEts-2i8SGupPZHdKU6Phtl5wxefB--p1xW39HHiKpmIYy_imHPp1uxUXU4qE9SFOeOFn9PwPhX2fAdMH9JFRd5ldWXzFuLvvEEM2yIOxsSpyZTAlwBe0xE2F2A58larT59RxotFXJqpsLYMIWTAn_6LYTNgEr_relg4b5mcTXW801ulqaQUiuOe3LOadEh2kgtL6M2PEmoR4pyi8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxoxUjZIKZbOkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_QljaJmzFSWLzf3mM6nAdD6Xr_UE5A1gSYWNBK4RWl0BeftaRouryjXYhAm6VC9-snD6cPYqRbwWe5TtLl2UCHKFfamyQSzNhxnGeMyFq_N0D9B0xyA-2wU_VIe-VTIq26_amnTp2IfdprhO_aRpFiSvkrV1hyEYOxQdSqt3_hMCAo3ze9XVaJ0RkqNY4rl-lksPCBxxVK4pE58Hqz9M0hZKJCSSCg3qGMiayggF2tXcaAMIR6yoO6spGpkJIKuLsBSVWUDHeMiiPwvmIlCydj_m3yBC_DZm1mBliqJdqAJWmCYkbA_UEHKXXA3bTQ67av4ID2nM3N1iikg63HgKcnXrpdW2Xvbkv7g6IfK9NFgq0Z4SfxPJ4cTfw1dIAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3bC8y1qNe_Ow3SY0S8gLKGbfj6nA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Sep 2024 06:34:55 GMT
animejs.js
static.criteo.net/animejs/ Frame 6C66
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjIKwUgkAAODLtMp_t2poD09Hz-0qg&u=%7CouQHdnFa5Kmf2p4Bss1sMgOH8sVBwyqn%2BiF0%2Bahdfb4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMFJuvFqbjSDMVND0YNpbXxw_g68WQBYp6weOwM57j-9gqQp1XQI8p1GzWVoJL-MYPH3XWkzenv5tUiwVrgfGWP8oCqnSa-uDWK7Am0l0x6-ooZO9aEmPM-LmJvTGNiOWjUEiMrXG5v6LCR_wUr4vBKoVnzJw5iRomwS_WqazraITJwrdaznTla_p_q9CCjN0dMdpo8cyL1qRUUbK2CpcPoAmULxFtvIb8PkVAHAhKpur_O8geRTjDnHA4pRh7r0NoC1zZarfAPSpY9klgZfcD45lW_80lVdKRNCiBqggAW3--_dgHPvJXkCcfUmvyHXpgRMAy0psZqYIFgiL0PPC-RL84VUze1wivglauOObXP0eXCF02Qxr6n9zly1M4A4NmjztEd1OoVvBH-RZ8QvZMdfMi4qxuRFmMz-DsI7wp1bK7t3Gie4Z0zO_6bJ8n2J9BunLe3m5qPkZgjDm7Wrdrpy91igJ5HQOY6GA5htN0tmr5Z47H1NsjIr0qAVuccaMquy__4Z8i73S7JJlZrxPIrE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgg18jZIKZbKkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_Q3h13zMhKVR_2VR6pDKSyJ8cpmeAwGXcAo5EfC7LSLx2k3CY7oa93tBTOCUlepQPwNuNWvZM706ttHSNnsbEH7pnon_oFajyWuRBAtJ_ha9lTABC1xnhU3yqkPwBptf8tYI9bRGDjQ4uZsM9rFgenV-RZpZNYBmyNBW1pVl8sLF4V2FMm7DDpQsptCFUbO44Iy__AZBvzYOhaJZ54uTCjEutn6BDB-VqiGQ5WUbPASV3HnsPcMUNvlA1d46bqRxZWrn8de6mDaIHGuP_0FJbyyUdpFYRxPhNbrPEu1EmRJvAm-yIFepvpFwdMSoSjGkg43ndpieUsTnm4O73eb57g8akm5AJHgw-jpGASS0RySRxZAuEs6vfU2dSdm4AGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eW35jhhplwIs8GhpqjfKJDoFWkA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Sep 2024 06:34:55 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 94CF
42 B
174 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvvmuRUgFXoWp-sQ5ZoDHL6WyDNGIGxkkaETbxDG6W1h4uUqb3BillKWnXLQorb0cOX9V2D_-CYkIaP65rMXib3KPhv8ow1VYxNN3gJcc7kiNTOHKJPnGPUhtkV0wYit84oxsbs5BFh9JigCr0-CYNg-R4s5PKIw_i_IaiN&sai=AMfl-YSzt5sFu4-5IRBCFqIh0BrIBLpfjuJ7srtq7hWJho8a1ZbpLX7imPu7ua7IDlAryAYlucDxJ2YapR_0QzjlpFPyFjf9nlt2-icgUzZLcrxeb3c-9C8VlAIrBuk2aUenIe-PUnDp8dyyJ23IAA&sig=Cg0ArKJSzGWsSNyZX8qnEAE&cid=CAQSTABpAlJWXLtmR2jRT9SnKY1wN1uNOBOUG27eYWjDMiqblkSfImUJorMKhCL7rZjUGtHpakNNNmjzNoQ6q8l6HM6DRlLhCbrQrHI4w3sYAQ&id=lidar2&mcvt=1127&p=0,0,124,1005&mtos=692,1127,1127,1127,1127&tos=692,435,0,0,0&v=20230913&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695191693659&rpt=832&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 06:34:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.us.criteo.net/ Frame 6C66
0
127 B
Ping
General
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=Z378FzqsedvcrcC29qdIWWPlet3QT2ffi5MnOwRJKPXR4FDRRy5mXMVUJCa69x2k9DJby38K9RIvxw5MCDed1XsdRr9IXuw6UA_Twv6SA-qaIN0oD1HdY9HTUfieQWISpegmW4C8clJJB8RQdgYcMyk4nXrdImLDzvLRllYDHSzzEAHiuQnUAVQ7-hQS4IKVIvJXnNNerOc0Bzv7ULlyFNf4ZNVcxoD_TGtmX-j0wGErgRiKXQJBkAdjUaOSaZvEDj-fag&sds=2&rev=88356&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjIKwUgkAAODLtMp_t2poD09Hz-0qg&u=%7CouQHdnFa5Kmf2p4Bss1sMgOH8sVBwyqn%2BiF0%2Bahdfb4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMFJuvFqbjSDMVND0YNpbXxw_g68WQBYp6weOwM57j-9gqQp1XQI8p1GzWVoJL-MYPH3XWkzenv5tUiwVrgfGWP8oCqnSa-uDWK7Am0l0x6-ooZO9aEmPM-LmJvTGNiOWjUEiMrXG5v6LCR_wUr4vBKoVnzJw5iRomwS_WqazraITJwrdaznTla_p_q9CCjN0dMdpo8cyL1qRUUbK2CpcPoAmULxFtvIb8PkVAHAhKpur_O8geRTjDnHA4pRh7r0NoC1zZarfAPSpY9klgZfcD45lW_80lVdKRNCiBqggAW3--_dgHPvJXkCcfUmvyHXpgRMAy0psZqYIFgiL0PPC-RL84VUze1wivglauOObXP0eXCF02Qxr6n9zly1M4A4NmjztEd1OoVvBH-RZ8QvZMdfMi4qxuRFmMz-DsI7wp1bK7t3Gie4Z0zO_6bJ8n2J9BunLe3m5qPkZgjDm7Wrdrpy91igJ5HQOY6GA5htN0tmr5Z47H1NsjIr0qAVuccaMquy__4Z8i73S7JJlZrxPIrE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgg18jZIKZbKkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_Q3h13zMhKVR_2VR6pDKSyJ8cpmeAwGXcAo5EfC7LSLx2k3CY7oa93tBTOCUlepQPwNuNWvZM706ttHSNnsbEH7pnon_oFajyWuRBAtJ_ha9lTABC1xnhU3yqkPwBptf8tYI9bRGDjQ4uZsM9rFgenV-RZpZNYBmyNBW1pVl8sLF4V2FMm7DDpQsptCFUbO44Iy__AZBvzYOhaJZ54uTCjEutn6BDB-VqiGQ5WUbPASV3HnsPcMUNvlA1d46bqRxZWrn8de6mDaIHGuP_0FJbyyUdpFYRxPhNbrPEu1EmRJvAm-yIFepvpFwdMSoSjGkg43ndpieUsTnm4O73eb57g8akm5AJHgw-jpGASS0RySRxZAuEs6vfU2dSdm4AGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eW35jhhplwIs8GhpqjfKJDoFWkA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 20 Sep 2023 06:34:55 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6C66
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjIKwUgkAAODLtMp_t2poD09Hz-0qg&u=%7CouQHdnFa5Kmf2p4Bss1sMgOH8sVBwyqn%2BiF0%2Bahdfb4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMFJuvFqbjSDMVND0YNpbXxw_g68WQBYp6weOwM57j-9gqQp1XQI8p1GzWVoJL-MYPH3XWkzenv5tUiwVrgfGWP8oCqnSa-uDWK7Am0l0x6-ooZO9aEmPM-LmJvTGNiOWjUEiMrXG5v6LCR_wUr4vBKoVnzJw5iRomwS_WqazraITJwrdaznTla_p_q9CCjN0dMdpo8cyL1qRUUbK2CpcPoAmULxFtvIb8PkVAHAhKpur_O8geRTjDnHA4pRh7r0NoC1zZarfAPSpY9klgZfcD45lW_80lVdKRNCiBqggAW3--_dgHPvJXkCcfUmvyHXpgRMAy0psZqYIFgiL0PPC-RL84VUze1wivglauOObXP0eXCF02Qxr6n9zly1M4A4NmjztEd1OoVvBH-RZ8QvZMdfMi4qxuRFmMz-DsI7wp1bK7t3Gie4Z0zO_6bJ8n2J9BunLe3m5qPkZgjDm7Wrdrpy91igJ5HQOY6GA5htN0tmr5Z47H1NsjIr0qAVuccaMquy__4Z8i73S7JJlZrxPIrE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgg18jZIKZbKkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_Q3h13zMhKVR_2VR6pDKSyJ8cpmeAwGXcAo5EfC7LSLx2k3CY7oa93tBTOCUlepQPwNuNWvZM706ttHSNnsbEH7pnon_oFajyWuRBAtJ_ha9lTABC1xnhU3yqkPwBptf8tYI9bRGDjQ4uZsM9rFgenV-RZpZNYBmyNBW1pVl8sLF4V2FMm7DDpQsptCFUbO44Iy__AZBvzYOhaJZ54uTCjEutn6BDB-VqiGQ5WUbPASV3HnsPcMUNvlA1d46bqRxZWrn8de6mDaIHGuP_0FJbyyUdpFYRxPhNbrPEu1EmRJvAm-yIFepvpFwdMSoSjGkg43ndpieUsTnm4O73eb57g8akm5AJHgw-jpGASS0RySRxZAuEs6vfU2dSdm4AGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eW35jhhplwIs8GhpqjfKJDoFWkA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Sep 2024 06:34:55 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 6C66
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjIKwUgkAAODLtMp_t2poD09Hz-0qg&u=%7CouQHdnFa5Kmf2p4Bss1sMgOH8sVBwyqn%2BiF0%2Bahdfb4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMFJuvFqbjSDMVND0YNpbXxw_g68WQBYp6weOwM57j-9gqQp1XQI8p1GzWVoJL-MYPH3XWkzenv5tUiwVrgfGWP8oCqnSa-uDWK7Am0l0x6-ooZO9aEmPM-LmJvTGNiOWjUEiMrXG5v6LCR_wUr4vBKoVnzJw5iRomwS_WqazraITJwrdaznTla_p_q9CCjN0dMdpo8cyL1qRUUbK2CpcPoAmULxFtvIb8PkVAHAhKpur_O8geRTjDnHA4pRh7r0NoC1zZarfAPSpY9klgZfcD45lW_80lVdKRNCiBqggAW3--_dgHPvJXkCcfUmvyHXpgRMAy0psZqYIFgiL0PPC-RL84VUze1wivglauOObXP0eXCF02Qxr6n9zly1M4A4NmjztEd1OoVvBH-RZ8QvZMdfMi4qxuRFmMz-DsI7wp1bK7t3Gie4Z0zO_6bJ8n2J9BunLe3m5qPkZgjDm7Wrdrpy91igJ5HQOY6GA5htN0tmr5Z47H1NsjIr0qAVuccaMquy__4Z8i73S7JJlZrxPIrE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgg18jZIKZbKkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_Q3h13zMhKVR_2VR6pDKSyJ8cpmeAwGXcAo5EfC7LSLx2k3CY7oa93tBTOCUlepQPwNuNWvZM706ttHSNnsbEH7pnon_oFajyWuRBAtJ_ha9lTABC1xnhU3yqkPwBptf8tYI9bRGDjQ4uZsM9rFgenV-RZpZNYBmyNBW1pVl8sLF4V2FMm7DDpQsptCFUbO44Iy__AZBvzYOhaJZ54uTCjEutn6BDB-VqiGQ5WUbPASV3HnsPcMUNvlA1d46bqRxZWrn8de6mDaIHGuP_0FJbyyUdpFYRxPhNbrPEu1EmRJvAm-yIFepvpFwdMSoSjGkg43ndpieUsTnm4O73eb57g8akm5AJHgw-jpGASS0RySRxZAuEs6vfU2dSdm4AGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eW35jhhplwIs8GhpqjfKJDoFWkA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Sep 2024 06:34:55 GMT
visit.js
tps.doubleverify.com/ Frame 5207
694 B
731 B
Script
General
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=260&ttfrms=55&brid=3&brver=117.0.5938.88&bridua=3&bds=1&tstype=128&sim=3&eparams=DC4FC%3Dl9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau2G%3AE%40%5D2G%3AE%40%5DD36C%5DD36C32%3F%3C%5DDA3%3BJg7%3FC74%405fA%5DHHH%5DA6CD%5C%60%5D3%40%40%3C%3EAb%5DCFTar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau25D%5DFD%5D4C%3AE6%40%5D4%40%3E&srcurlD=1&aUrlD=0&ssl=https:&dfs=536&ddur=325&uid=1695191695740109&jsCallback=dvCallback_1695191695740992&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.88%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=0&winw=0&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4705&tgjsver=4705&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fads.us.criteo.com%2Fdelivery%2Fr%2Fafr.php%3Fz%3DZQqSjQABkjMKwUgkAAODLtfuqiyibdXypa9hKg%26u%3D%257CouQHdnFa5KnkG6Bv5lBUSAyMN3q30ZfBr7A226mMTag%253D%257C%26c1%3Dm7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMIRPtA8mHpd_-JT7UN-K7LyBnpFyFibQgWNAweRv4OYXzsw4WE3JlyPWZJBB8-Lzgj0JaPVk-aQbNp-GKMDBYD1TXLVMb7qiyj4VnKKfJiiBsuefuZNsL4ONCL2xZURRfouiuEx4qRytmVLY3b0R_aAmDqxaaBBL3xxqUI0vi_z3UaOmE2TUHYVeanSA5k0s37eFDdnWQAGHYS55XWJsjgP6MDuhRqMp6zGKJXOn4JsS9I2D5QxO0yALfnoP5Uqil-4vd3YCDut-IqcuqODjzL8TWqVHAmkDKfzPzNmNx_OhMPoMquhfJvogtj69LH19framrHaEts-2i8SGupPZHdKU6Phtl5wxefB--p1xW39HHiKpmIYy_imHPp1uxUXU4qE9SFOeOFn9PwPhX2fAdMH9JFRd5ldWXzFuLvvEEM2yIOxsSpyZTAlwBe0xE2F2A58larT59RxotFXJqpsLYMIWTAn_6LYTNgEr_relg4b5mcTXW801ulqaQUiuOe3LOadEh2kgtL6M2PEmoR4pyi8%26ct0%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCxoxUjZIKZbOkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_QljaJmzFSWLzf3mM6nAdD6Xr_UE5A1gSYWNBK4RWl0BeftaRouryjXYhAm6VC9-snD6cPYqRbwWe5TtLl2UCHKFfamyQSzNhxnGeMyFq_N0D9B0xyA-2wU_VIe-VTIq26_amnTp2IfdprhO_aRpFiSvkrV1hyEYOxQdSqt3_hMCAo3ze9XVaJ0RkqNY4rl-lksPCBxxVK4pE58Hqz9M0hZKJCSSCg3qGMiayggF2tXcaAMIR6yoO6spGpkJIKuLsBSVWUDHeMiiPwvmIlCydj_m3yBC_DZm1mBliqJdqAJWmCYkbA_UEHKXXA3bTQ67av4ID2nM3N1iikg63HgKcnXrpdW2Xvbkv7g6IfK9NFgq0Z4SfxPJ4cTfw1dIAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3bC8y1qNe_Ow3SY0S8gLKGbfj6nA%2526client%253Dca-pub-1618592205083780%2526adurl%253D&fcifrms=7&brh=2&dvp_epl=332&noc=4&nav_pltfrm=Win32&ctx=13846930&cmp=30251533&sid=1340728&plc=372411465&adsrv=1&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=5006335.326505467&dvp_tukv=5631347611.20355&dvp_strhd=0.5&dvpx_strhd=0.5&dvp_tuid=881042215801&jurtd=2870700356
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4705.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
fd4a94af5705411d98e2f6785b9f0ef5478e8a4496b3e5c69234a508bbfd8d7c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Sep 2023 06:34:55 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
09/19/2023 06:34:55
visit.js
tps.doubleverify.com/ Frame EBF2
694 B
732 B
Script
General
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=372&ttfrms=13&brid=3&brver=117.0.5938.88&bridua=3&bds=1&tstype=128&sim=3&eparams=DC4FC%3Dl9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau2G%3AE%40%5D2G%3AE%40%5DD36C%5DD36C32%3F%3C%5DDA3%3BJg7%3FC74%405fA%5DHHH%5DA6CD%5C%60%5D3%40%40%3C%3EAb%5DCFTar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau25D%5DFD%5D4C%3AE6%40%5D4%40%3E&srcurlD=1&aUrlD=0&ssl=https:&dfs=639&ddur=272&uid=1695191695766410&jsCallback=dvCallback_1695191695766834&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.88%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=0&winw=0&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4705&tgjsver=4705&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fads.us.criteo.com%2Fdelivery%2Fr%2Fafr.php%3Fz%3DZQqSjQABkjIKwUgkAAODLtMp_t2poD09Hz-0qg%26u%3D%257CouQHdnFa5Kmf2p4Bss1sMgOH8sVBwyqn%252BiF0%252Bahdfb4%253D%257C%26c1%3Dm7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMFJuvFqbjSDMVND0YNpbXxw_g68WQBYp6weOwM57j-9gqQp1XQI8p1GzWVoJL-MYPH3XWkzenv5tUiwVrgfGWP8oCqnSa-uDWK7Am0l0x6-ooZO9aEmPM-LmJvTGNiOWjUEiMrXG5v6LCR_wUr4vBKoVnzJw5iRomwS_WqazraITJwrdaznTla_p_q9CCjN0dMdpo8cyL1qRUUbK2CpcPoAmULxFtvIb8PkVAHAhKpur_O8geRTjDnHA4pRh7r0NoC1zZarfAPSpY9klgZfcD45lW_80lVdKRNCiBqggAW3--_dgHPvJXkCcfUmvyHXpgRMAy0psZqYIFgiL0PPC-RL84VUze1wivglauOObXP0eXCF02Qxr6n9zly1M4A4NmjztEd1OoVvBH-RZ8QvZMdfMi4qxuRFmMz-DsI7wp1bK7t3Gie4Z0zO_6bJ8n2J9BunLe3m5qPkZgjDm7Wrdrpy91igJ5HQOY6GA5htN0tmr5Z47H1NsjIr0qAVuccaMquy__4Z8i73S7JJlZrxPIrE%26ct0%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCgg18jZIKZbKkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_Q3h13zMhKVR_2VR6pDKSyJ8cpmeAwGXcAo5EfC7LSLx2k3CY7oa93tBTOCUlepQPwNuNWvZM706ttHSNnsbEH7pnon_oFajyWuRBAtJ_ha9lTABC1xnhU3yqkPwBptf8tYI9bRGDjQ4uZsM9rFgenV-RZpZNYBmyNBW1pVl8sLF4V2FMm7DDpQsptCFUbO44Iy__AZBvzYOhaJZ54uTCjEutn6BDB-VqiGQ5WUbPASV3HnsPcMUNvlA1d46bqRxZWrn8de6mDaIHGuP_0FJbyyUdpFYRxPhNbrPEu1EmRJvAm-yIFepvpFwdMSoSjGkg43ndpieUsTnm4O73eb57g8akm5AJHgw-jpGASS0RySRxZAuEs6vfU2dSdm4AGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1eW35jhhplwIs8GhpqjfKJDoFWkA%2526client%253Dca-pub-1618592205083780%2526adurl%253D&fcifrms=7&brh=2&dvp_epl=332&noc=4&nav_pltfrm=Win32&ctx=13846930&cmp=30251533&sid=1340728&plc=372411465&adsrv=1&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=31890102245.43073&dvp_tukv=117345676498.74763&dvp_strhd=0.40000152587890625&dvpx_strhd=0.40000152587890625&dvp_tuid=1478204574782&jurtd=103379583
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4705.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
a4186380e9ae3792fc165282b6508c3b8d3d9693f3dd9a816126ee8c35303af7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Sep 2023 06:34:55 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
09/19/2023 06:34:55
all
csm.us.criteo.net/ Frame C2B2
0
128 B
Ping
General
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=yz3s7zqsedvcrcC2ZH1UMQbt9wpQxlMPFKcQfC3cFwNPSWrE4jCDmv0hpvLmkJdhWbhGSfL07gxBRenZ5FupXyo-66jt9Wd6JmdABIpm4HQiK81RtCaXMgHnI1AmdILysg4BL3JVa3dRK5bPzkGrdJC3-kaWUEUfh-lDsRsbvo1-7bo1rWDgw20-xG_jF_b3qrDee0FmSslZXYwSKKx0KVxVmbVHpsaDo_iod7SjAFWZjvAWhi_EPl9ud7I1FcQCEMlX3g&sds=2&rev=88524&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjMKwUgkAAODLtfuqiyibdXypa9hKg&u=%7CouQHdnFa5KnkG6Bv5lBUSAyMN3q30ZfBr7A226mMTag%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMIRPtA8mHpd_-JT7UN-K7LyBnpFyFibQgWNAweRv4OYXzsw4WE3JlyPWZJBB8-Lzgj0JaPVk-aQbNp-GKMDBYD1TXLVMb7qiyj4VnKKfJiiBsuefuZNsL4ONCL2xZURRfouiuEx4qRytmVLY3b0R_aAmDqxaaBBL3xxqUI0vi_z3UaOmE2TUHYVeanSA5k0s37eFDdnWQAGHYS55XWJsjgP6MDuhRqMp6zGKJXOn4JsS9I2D5QxO0yALfnoP5Uqil-4vd3YCDut-IqcuqODjzL8TWqVHAmkDKfzPzNmNx_OhMPoMquhfJvogtj69LH19framrHaEts-2i8SGupPZHdKU6Phtl5wxefB--p1xW39HHiKpmIYy_imHPp1uxUXU4qE9SFOeOFn9PwPhX2fAdMH9JFRd5ldWXzFuLvvEEM2yIOxsSpyZTAlwBe0xE2F2A58larT59RxotFXJqpsLYMIWTAn_6LYTNgEr_relg4b5mcTXW801ulqaQUiuOe3LOadEh2kgtL6M2PEmoR4pyi8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxoxUjZIKZbOkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_QljaJmzFSWLzf3mM6nAdD6Xr_UE5A1gSYWNBK4RWl0BeftaRouryjXYhAm6VC9-snD6cPYqRbwWe5TtLl2UCHKFfamyQSzNhxnGeMyFq_N0D9B0xyA-2wU_VIe-VTIq26_amnTp2IfdprhO_aRpFiSvkrV1hyEYOxQdSqt3_hMCAo3ze9XVaJ0RkqNY4rl-lksPCBxxVK4pE58Hqz9M0hZKJCSSCg3qGMiayggF2tXcaAMIR6yoO6spGpkJIKuLsBSVWUDHeMiiPwvmIlCydj_m3yBC_DZm1mBliqJdqAJWmCYkbA_UEHKXXA3bTQ67av4ID2nM3N1iikg63HgKcnXrpdW2Xvbkv7g6IfK9NFgq0Z4SfxPJ4cTfw1dIAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3bC8y1qNe_Ow3SY0S8gLKGbfj6nA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 20 Sep 2023 06:34:55 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C2B2
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjMKwUgkAAODLtfuqiyibdXypa9hKg&u=%7CouQHdnFa5KnkG6Bv5lBUSAyMN3q30ZfBr7A226mMTag%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMIRPtA8mHpd_-JT7UN-K7LyBnpFyFibQgWNAweRv4OYXzsw4WE3JlyPWZJBB8-Lzgj0JaPVk-aQbNp-GKMDBYD1TXLVMb7qiyj4VnKKfJiiBsuefuZNsL4ONCL2xZURRfouiuEx4qRytmVLY3b0R_aAmDqxaaBBL3xxqUI0vi_z3UaOmE2TUHYVeanSA5k0s37eFDdnWQAGHYS55XWJsjgP6MDuhRqMp6zGKJXOn4JsS9I2D5QxO0yALfnoP5Uqil-4vd3YCDut-IqcuqODjzL8TWqVHAmkDKfzPzNmNx_OhMPoMquhfJvogtj69LH19framrHaEts-2i8SGupPZHdKU6Phtl5wxefB--p1xW39HHiKpmIYy_imHPp1uxUXU4qE9SFOeOFn9PwPhX2fAdMH9JFRd5ldWXzFuLvvEEM2yIOxsSpyZTAlwBe0xE2F2A58larT59RxotFXJqpsLYMIWTAn_6LYTNgEr_relg4b5mcTXW801ulqaQUiuOe3LOadEh2kgtL6M2PEmoR4pyi8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxoxUjZIKZbOkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_QljaJmzFSWLzf3mM6nAdD6Xr_UE5A1gSYWNBK4RWl0BeftaRouryjXYhAm6VC9-snD6cPYqRbwWe5TtLl2UCHKFfamyQSzNhxnGeMyFq_N0D9B0xyA-2wU_VIe-VTIq26_amnTp2IfdprhO_aRpFiSvkrV1hyEYOxQdSqt3_hMCAo3ze9XVaJ0RkqNY4rl-lksPCBxxVK4pE58Hqz9M0hZKJCSSCg3qGMiayggF2tXcaAMIR6yoO6spGpkJIKuLsBSVWUDHeMiiPwvmIlCydj_m3yBC_DZm1mBliqJdqAJWmCYkbA_UEHKXXA3bTQ67av4ID2nM3N1iikg63HgKcnXrpdW2Xvbkv7g6IfK9NFgq0Z4SfxPJ4cTfw1dIAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3bC8y1qNe_Ow3SY0S8gLKGbfj6nA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Sep 2024 06:34:55 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame C2B2
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjMKwUgkAAODLtfuqiyibdXypa9hKg&u=%7CouQHdnFa5KnkG6Bv5lBUSAyMN3q30ZfBr7A226mMTag%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMIRPtA8mHpd_-JT7UN-K7LyBnpFyFibQgWNAweRv4OYXzsw4WE3JlyPWZJBB8-Lzgj0JaPVk-aQbNp-GKMDBYD1TXLVMb7qiyj4VnKKfJiiBsuefuZNsL4ONCL2xZURRfouiuEx4qRytmVLY3b0R_aAmDqxaaBBL3xxqUI0vi_z3UaOmE2TUHYVeanSA5k0s37eFDdnWQAGHYS55XWJsjgP6MDuhRqMp6zGKJXOn4JsS9I2D5QxO0yALfnoP5Uqil-4vd3YCDut-IqcuqODjzL8TWqVHAmkDKfzPzNmNx_OhMPoMquhfJvogtj69LH19framrHaEts-2i8SGupPZHdKU6Phtl5wxefB--p1xW39HHiKpmIYy_imHPp1uxUXU4qE9SFOeOFn9PwPhX2fAdMH9JFRd5ldWXzFuLvvEEM2yIOxsSpyZTAlwBe0xE2F2A58larT59RxotFXJqpsLYMIWTAn_6LYTNgEr_relg4b5mcTXW801ulqaQUiuOe3LOadEh2kgtL6M2PEmoR4pyi8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxoxUjZIKZbOkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_QljaJmzFSWLzf3mM6nAdD6Xr_UE5A1gSYWNBK4RWl0BeftaRouryjXYhAm6VC9-snD6cPYqRbwWe5TtLl2UCHKFfamyQSzNhxnGeMyFq_N0D9B0xyA-2wU_VIe-VTIq26_amnTp2IfdprhO_aRpFiSvkrV1hyEYOxQdSqt3_hMCAo3ze9XVaJ0RkqNY4rl-lksPCBxxVK4pE58Hqz9M0hZKJCSSCg3qGMiayggF2tXcaAMIR6yoO6spGpkJIKuLsBSVWUDHeMiiPwvmIlCydj_m3yBC_DZm1mBliqJdqAJWmCYkbA_UEHKXXA3bTQ67av4ID2nM3N1iikg63HgKcnXrpdW2Xvbkv7g6IfK9NFgq0Z4SfxPJ4cTfw1dIAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3bC8y1qNe_Ow3SY0S8gLKGbfj6nA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Sep 2024 06:34:55 GMT
roboto-400.css
static.criteo.net/design/googlefont/roboto/ Frame C2B2
2 KB
842 B
Stylesheet
General
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:19 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13b-807"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Sep 2024 06:34:56 GMT
roboto-700.css
static.criteo.net/design/googlefont/roboto/ Frame C2B2
2 KB
841 B
Stylesheet
General
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13d-807"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Sep 2024 06:34:56 GMT
roboto-400.css
static.criteo.net/design/googlefont/roboto/ Frame 6C66
2 KB
842 B
Stylesheet
General
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:19 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13b-807"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Sep 2024 06:34:56 GMT
roboto-700.css
static.criteo.net/design/googlefont/roboto/ Frame 6C66
2 KB
841 B
Stylesheet
General
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13d-807"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Sep 2024 06:34:56 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 031E
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssyPivDN4kINrg4RRerM3La-c0Ah--m_7ZlqEN1G9ODhUjfpQTc3BfUpRmhpaMpmq-rnnlAosvjptVUBZuGj8ayKsviLItq7hyTP-hQiFGjHnuI1NFDa98hVQWa4sdBteh5T6G5Rq704Q&sai=AMfl-YRaUx3z8GQ5cJOb_Sj-uWcl_mMmzy4EhXL-YLjgDBWH9Dn9LIflwY8sxu97z2ahbQQm6INzx2KtHkFN6f6uIIx6Mihm826lj5N0OZg4qWndwp_PExRbVEkizNPeucwwF12_Ny2XihYZHP6Hfw&sig=Cg0ArKJSzK7UT_NRYpK1EAE&cid=CAQSTABpAlJWfejW16XLpoDe9FUkY5kT4jgAaHc6RET2eb2bYExP6ebkIPB1I7m3qcXLZm9aF9lj24I7pd2GEdqKyNXqbeEfNZV-c-lzFWYYAQ&id=lidar2&mcvt=1270&p=0,0,600,300&mtos=1270,1270,1270,1270,1270&tos=1270,0,0,0,0&v=20230913&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=992306218&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695191693053&rpt=1959&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 06:34:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 3231
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
46a8f4fc6e756ab8be5859f61e035df31c676df6cdf7528a0bc7e5e393e04785

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/png
roboto-400-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame 6C66
15 KB
16 KB
Font
General
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Origin
https://ads.us.criteo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:19 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13b-3d80"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Sep 2024 06:34:56 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 3231
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CmMIyjZIKZbKkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSaAk_Q3h13zMhKVR_2VR6pDKSyJ8cpmeAwGXcAo5EfC7LSLx2k3CY7oa93tBTOCUlepQPwNuNWvZM706ttHSNnsbEH7pnon_oFajyWuRBAtJ_ha9lTABC1xnhU3yqkPwBptf8tYI9bRGDjQ4uZsM9rFgenV-RZpZNYBmyNBW1pVl8sLF4V2FMm7DDpQsptCFUbO44Iy__AZBvzYOhaJZ54uTCjEutn6BDB-VqiGQ5WUbPASV3HnsPcMUNvlA1d46bqRxZWrn8de6mDaIHGuP_0FJbyyUdpFYRxPhNbrPEu1EmRJvAm-yIFepvpFwdMSoSjGkg43ndpy-cM3L8F0MdXhKE0fZDBQLNIqwaNvKSJuD77gKJHLvmtLmPtPoAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0xNjE4NTkyMjA1MDgzNzgwGAA&sigh=2tU9EKmDjJU&uach_m=[UACH]&cid=CAQSTABpAlJWXLtmR2jRT9SnKY1wN1uNOBOUG27eYWjDMiqblkSfImUJorMKhCL7rZjUGtHpakNNNmjzNoQ6q8l6HM6DRlLhCbrQrHI4w3sYAQ&cbvp=2&vis=1
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 20 Sep 2023 06:34:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.va.us.criteo.com/google/auction/ Frame 3231
0
126 B
Image
General
Full URL
https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kK_oEs36RMgB2ATiIp0XAgAAAO4XoloobBbnEIySCmXCoMDtOYmDekOCAAASAAAKCkFRVUJDZ0VCQ2c&wp=ZQqSjQABkjIKwUgkAAODLtMp_t2poD09Hz-0qg&cbvp=2
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:55 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
299807
server
Kestrel
content-length
0
truncated
/ Frame 386D
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6cfd149a51da917c4c5cc99f110d9f60985b9bad9ef0f9b959a4cb86339f839

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/png
roboto-400-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame C2B2
15 KB
16 KB
Font
General
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Origin
https://ads.us.criteo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:19 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13b-3d80"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Sep 2024 06:34:56 GMT
roboto-700-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame 6C66
15 KB
16 KB
Font
General
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-700-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ba9f43fbd9c0782c72ff6eddd221abdcfd9642cd4625227ad693347e4d6989db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Origin
https://ads.us.criteo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13d-3df4"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Sep 2024 06:34:56 GMT
img
imageproxy.us.criteo.net/img/ Frame 6C66
12 KB
12 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?h=116&m=0&partner=5535&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F5535%2F190813%2F858ac6901f0540e895151555affc80e1_logo_dark_horizontal.png&v=3&w=396&s=-1iQ5cQepMVLs8GDdhjMj6J_
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8ee0f5c8df5c85116ace0bdffc44f7b56ffc5ddae3d7c8dfb7effc6bf8d0e2df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
12059
expires
Sat, 31 Aug 2024 02:51:52 GMT
img
imageproxy.us.criteo.net/img/ Frame 6C66
10 KB
10 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F8%2Foptimized%2F25410348_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=WPa51mbj5PtjceTwe55QxVr1&b=400
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
7a1afb85c56fc424d183e54ceea31c8d615a743eadfee25c838f5298e9a95dc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:55 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
9814
expires
Wed, 11 Oct 2023 16:15:23 GMT
img
imageproxy.us.criteo.net/img/ Frame 6C66
3 KB
4 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F4%2Foptimized%2F9353807_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=Z_kwBcUhstgNurMn0L0lp5g8&b=400
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
149e0987f7f3c1c592872844353f5b5b5a32995d10d674fcc61b23184350d8f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
3468
expires
Sat, 07 Oct 2023 22:35:45 GMT
img
imageproxy.us.criteo.net/img/ Frame 6C66
5 KB
5 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F6%2Foptimized%2F25434036_fpx.tif&v=3&w=400&s=uRq9CdwuQfKbJ5yTqRrbOBRj&b=400
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
11c960f0266e9ce28b9ec6de4210e2d5042473ba3c86927134a21f3405a9aed5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
4984
expires
Fri, 22 Sep 2023 22:37:40 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 386D
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CALd1jZIKZbOkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSaAk_QljaJmzFSWLzf3mM6nAdD6Xr_UE5A1gSYWNBK4RWl0BeftaRouryjXYhAm6VC9-snD6cPYqRbwWe5TtLl2UCHKFfamyQSzNhxnGeMyFq_N0D9B0xyA-2wU_VIe-VTIq26_amnTp2IfdprhO_aRpFiSvkrV1hyEYOxQdSqt3_hMCAo3ze9XVaJ0RkqNY4rl-lksPCBxxVK4pE58Hqz9M0hZKJCSSCg3qGMiayggF2tXcaAMIR6yoO6spGpkJIKuLsBSVWUDHeMiiPwvmIlCydj_m3yBC_DZm1mBliqJdqAJWmCYkbA_UEHKXXA3bTQ67av4ID23s_tRO4ZaNdOa5jz0oO6_9TgRkLVm2aE2KnMSxMHzT9w-AolqoAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0xNjE4NTkyMjA1MDgzNzgwGAA&sigh=fEW6pW6tLTQ&uach_m=[UACH]&cid=CAQSTABpAlJWXLtmR2jRT9SnKY1wN1uNOBOUG27eYWjDMiqblkSfImUJorMKhCL7rZjUGtHpakNNNmjzNoQ6q8l6HM6DRlLhCbrQrHI4w3sYAQ&cbvp=2&vis=1
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 20 Sep 2023 06:34:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.va.us.criteo.com/google/auction/ Frame 386D
0
127 B
Image
General
Full URL
https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kK_oEs36RMgB2ATiIp0XAgAAAO4XoloobBbnEIySCmV1sSOv2vIAM8-7AAASAAAKCkFRVUJDZ0VCQ2c&wp=ZQqSjQABkjMKwUgkAAODLtfuqiyibdXypa9hKg&cbvp=2
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:56 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
57150054
server
Kestrel
content-length
0
roboto-700-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame C2B2
15 KB
16 KB
Font
General
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-700-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ba9f43fbd9c0782c72ff6eddd221abdcfd9642cd4625227ad693347e4d6989db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Origin
https://ads.us.criteo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13d-3df4"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Sep 2024 06:34:56 GMT
img
imageproxy.us.criteo.net/img/ Frame C2B2
12 KB
12 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?h=116&m=0&partner=5535&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F5535%2F190813%2F858ac6901f0540e895151555affc80e1_logo_dark_horizontal.png&v=3&w=396&s=-1iQ5cQepMVLs8GDdhjMj6J_
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjMKwUgkAAODLtfuqiyibdXypa9hKg&u=%7CouQHdnFa5KnkG6Bv5lBUSAyMN3q30ZfBr7A226mMTag%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMIRPtA8mHpd_-JT7UN-K7LyBnpFyFibQgWNAweRv4OYXzsw4WE3JlyPWZJBB8-Lzgj0JaPVk-aQbNp-GKMDBYD1TXLVMb7qiyj4VnKKfJiiBsuefuZNsL4ONCL2xZURRfouiuEx4qRytmVLY3b0R_aAmDqxaaBBL3xxqUI0vi_z3UaOmE2TUHYVeanSA5k0s37eFDdnWQAGHYS55XWJsjgP6MDuhRqMp6zGKJXOn4JsS9I2D5QxO0yALfnoP5Uqil-4vd3YCDut-IqcuqODjzL8TWqVHAmkDKfzPzNmNx_OhMPoMquhfJvogtj69LH19framrHaEts-2i8SGupPZHdKU6Phtl5wxefB--p1xW39HHiKpmIYy_imHPp1uxUXU4qE9SFOeOFn9PwPhX2fAdMH9JFRd5ldWXzFuLvvEEM2yIOxsSpyZTAlwBe0xE2F2A58larT59RxotFXJqpsLYMIWTAn_6LYTNgEr_relg4b5mcTXW801ulqaQUiuOe3LOadEh2kgtL6M2PEmoR4pyi8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxoxUjZIKZbOkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_QljaJmzFSWLzf3mM6nAdD6Xr_UE5A1gSYWNBK4RWl0BeftaRouryjXYhAm6VC9-snD6cPYqRbwWe5TtLl2UCHKFfamyQSzNhxnGeMyFq_N0D9B0xyA-2wU_VIe-VTIq26_amnTp2IfdprhO_aRpFiSvkrV1hyEYOxQdSqt3_hMCAo3ze9XVaJ0RkqNY4rl-lksPCBxxVK4pE58Hqz9M0hZKJCSSCg3qGMiayggF2tXcaAMIR6yoO6spGpkJIKuLsBSVWUDHeMiiPwvmIlCydj_m3yBC_DZm1mBliqJdqAJWmCYkbA_UEHKXXA3bTQ67av4ID2nM3N1iikg63HgKcnXrpdW2Xvbkv7g6IfK9NFgq0Z4SfxPJ4cTfw1dIAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3bC8y1qNe_Ow3SY0S8gLKGbfj6nA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8ee0f5c8df5c85116ace0bdffc44f7b56ffc5ddae3d7c8dfb7effc6bf8d0e2df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
12059
expires
Sat, 31 Aug 2024 02:51:52 GMT
img
imageproxy.us.criteo.net/img/ Frame C2B2
13 KB
13 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F6%2Foptimized%2F24735111_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=bSuKDQm06fD7eylcZdBeuIj4&b=400
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b6a9a02b839938c26ab7f8929b63c55aee628cc2da19a9ba9ab075266ecdb1db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:55 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
13380
expires
Thu, 19 Oct 2023 22:26:46 GMT
img
imageproxy.us.criteo.net/img/ Frame C2B2
7 KB
7 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F3%2Foptimized%2F23682164_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=MAiYabucEJa0ES-z_6l9j90J&b=400
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
98374103b34b463f6a0b510e281d5166778c26bba5f4631f8f2e546123529a45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
7190
expires
Fri, 22 Sep 2023 22:56:59 GMT
img
imageproxy.us.criteo.net/img/ Frame C2B2
5 KB
5 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F2%2Foptimized%2F3964373_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=eJnmcDDnUQyJGAQBzqbpiFjO&b=400
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b36c8f7868d2562cd8f881c76f133178d6373f6e9d13f7fa4af396d3505f5ccf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
4994
expires
Thu, 12 Oct 2023 22:21:43 GMT
img
imageproxy.us.criteo.net/img/ Frame 6C66
12 KB
12 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?h=116&m=0&partner=5535&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F5535%2F190813%2F858ac6901f0540e895151555affc80e1_logo_dark_horizontal.png&v=3&w=396&s=-1iQ5cQepMVLs8GDdhjMj6J_
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8ee0f5c8df5c85116ace0bdffc44f7b56ffc5ddae3d7c8dfb7effc6bf8d0e2df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
12059
expires
Sat, 31 Aug 2024 02:51:52 GMT
img
imageproxy.us.criteo.net/img/ Frame 6C66
10 KB
10 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F8%2Foptimized%2F25410348_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=WPa51mbj5PtjceTwe55QxVr1&b=400
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
7a1afb85c56fc424d183e54ceea31c8d615a743eadfee25c838f5298e9a95dc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
9814
expires
Wed, 11 Oct 2023 16:15:23 GMT
img
imageproxy.us.criteo.net/img/ Frame 6C66
5 KB
5 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F6%2Foptimized%2F25434036_fpx.tif&v=3&w=400&s=uRq9CdwuQfKbJ5yTqRrbOBRj&b=400
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
11c960f0266e9ce28b9ec6de4210e2d5042473ba3c86927134a21f3405a9aed5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
4984
expires
Fri, 22 Sep 2023 22:37:40 GMT
img
imageproxy.us.criteo.net/img/ Frame 6C66
3 KB
4 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F4%2Foptimized%2F9353807_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=Z_kwBcUhstgNurMn0L0lp5g8&b=400
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
149e0987f7f3c1c592872844353f5b5b5a32995d10d674fcc61b23184350d8f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:55 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
3468
expires
Sat, 07 Oct 2023 22:35:45 GMT
img
imageproxy.us.criteo.net/img/ Frame C2B2
5 KB
5 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F2%2Foptimized%2F3964373_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=eJnmcDDnUQyJGAQBzqbpiFjO&b=400
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b36c8f7868d2562cd8f881c76f133178d6373f6e9d13f7fa4af396d3505f5ccf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
4994
expires
Thu, 12 Oct 2023 22:21:43 GMT
img
imageproxy.us.criteo.net/img/ Frame C2B2
13 KB
13 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F6%2Foptimized%2F24735111_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=bSuKDQm06fD7eylcZdBeuIj4&b=400
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b6a9a02b839938c26ab7f8929b63c55aee628cc2da19a9ba9ab075266ecdb1db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
13380
expires
Thu, 19 Oct 2023 22:26:46 GMT
img
imageproxy.us.criteo.net/img/ Frame C2B2
7 KB
7 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F3%2Foptimized%2F23682164_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=MAiYabucEJa0ES-z_6l9j90J&b=400
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
98374103b34b463f6a0b510e281d5166778c26bba5f4631f8f2e546123529a45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
7190
expires
Fri, 22 Sep 2023 22:56:59 GMT
img
imageproxy.us.criteo.net/img/ Frame C2B2
12 KB
12 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?h=116&m=0&partner=5535&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F5535%2F190813%2F858ac6901f0540e895151555affc80e1_logo_dark_horizontal.png&v=3&w=396&s=-1iQ5cQepMVLs8GDdhjMj6J_
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8ee0f5c8df5c85116ace0bdffc44f7b56ffc5ddae3d7c8dfb7effc6bf8d0e2df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 06:34:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
12059
expires
Sat, 31 Aug 2024 02:51:52 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3231
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu0Wn1WR0U4fRU0nyPdyhNRLSepuqL2OLLZJbjNjt09UR6IAvcWht0n3b-F67sTLiJ40FoCOQb0aL0d1mwxyDESyGZ9ZCtZCjb4DuM&sig=Cg0ArKJSzM75gBqzeWAiEAE&id=lidar2&mcvt=1004&p=0,0,600,200&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20230913&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695191693647&rpt=639&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 06:34:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.us.criteo.net/ Frame 6C66
0
127 B
Ping
General
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=Z378FzqsedvcrcC29qdIWWPlet3QT2ffi5MnOwRJKPXR4FDRRy5mXMVUJCa69x2k9DJby38K9RIvxw5MCDed1XsdRr9IXuw6UA_Twv6SA-qaIN0oD1HdY9HTUfieQWISpegmW4C8clJJB8RQdgYcMyk4nXrdImLDzvLRllYDHSzzEAHiuQnUAVQ7-hQS4IKVIvJXnNNerOc0Bzv7ULlyFNf4ZNVcxoD_TGtmX-j0wGErgRiKXQJBkAdjUaOSaZvEDj-fag&sds=2&rev=88356&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjIKwUgkAAODLtMp_t2poD09Hz-0qg&u=%7CouQHdnFa5Kmf2p4Bss1sMgOH8sVBwyqn%2BiF0%2Bahdfb4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMFJuvFqbjSDMVND0YNpbXxw_g68WQBYp6weOwM57j-9gqQp1XQI8p1GzWVoJL-MYPH3XWkzenv5tUiwVrgfGWP8oCqnSa-uDWK7Am0l0x6-ooZO9aEmPM-LmJvTGNiOWjUEiMrXG5v6LCR_wUr4vBKoVnzJw5iRomwS_WqazraITJwrdaznTla_p_q9CCjN0dMdpo8cyL1qRUUbK2CpcPoAmULxFtvIb8PkVAHAhKpur_O8geRTjDnHA4pRh7r0NoC1zZarfAPSpY9klgZfcD45lW_80lVdKRNCiBqggAW3--_dgHPvJXkCcfUmvyHXpgRMAy0psZqYIFgiL0PPC-RL84VUze1wivglauOObXP0eXCF02Qxr6n9zly1M4A4NmjztEd1OoVvBH-RZ8QvZMdfMi4qxuRFmMz-DsI7wp1bK7t3Gie4Z0zO_6bJ8n2J9BunLe3m5qPkZgjDm7Wrdrpy91igJ5HQOY6GA5htN0tmr5Z47H1NsjIr0qAVuccaMquy__4Z8i73S7JJlZrxPIrE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgg18jZIKZbKkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_Q3h13zMhKVR_2VR6pDKSyJ8cpmeAwGXcAo5EfC7LSLx2k3CY7oa93tBTOCUlepQPwNuNWvZM706ttHSNnsbEH7pnon_oFajyWuRBAtJ_ha9lTABC1xnhU3yqkPwBptf8tYI9bRGDjQ4uZsM9rFgenV-RZpZNYBmyNBW1pVl8sLF4V2FMm7DDpQsptCFUbO44Iy__AZBvzYOhaJZ54uTCjEutn6BDB-VqiGQ5WUbPASV3HnsPcMUNvlA1d46bqRxZWrn8de6mDaIHGuP_0FJbyyUdpFYRxPhNbrPEu1EmRJvAm-yIFepvpFwdMSoSjGkg43ndpieUsTnm4O73eb57g8akm5AJHgw-jpGASS0RySRxZAuEs6vfU2dSdm4AGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eW35jhhplwIs8GhpqjfKJDoFWkA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 20 Sep 2023 06:34:57 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 386D
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstqm2gKqxgfacgSLSR6-TjX-ehfmXOPg4sXHFWLHxyKvRCHqfCrWfcZa7MaZ9p5oc0Kb1zF3uX-8D-KN5BzVESeiELiwy5v-xscy0A&sig=Cg0ArKJSzMXoBUx_4ZMiEAE&id=lidar2&mcvt=1012&p=0,0,600,200&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20230913&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695191693653&rpt=715&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 06:34:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.us.criteo.net/ Frame C2B2
0
127 B
Ping
General
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=yz3s7zqsedvcrcC2ZH1UMQbt9wpQxlMPFKcQfC3cFwNPSWrE4jCDmv0hpvLmkJdhWbhGSfL07gxBRenZ5FupXyo-66jt9Wd6JmdABIpm4HQiK81RtCaXMgHnI1AmdILysg4BL3JVa3dRK5bPzkGrdJC3-kaWUEUfh-lDsRsbvo1-7bo1rWDgw20-xG_jF_b3qrDee0FmSslZXYwSKKx0KVxVmbVHpsaDo_iod7SjAFWZjvAWhi_EPl9ud7I1FcQCEMlX3g&sds=2&rev=88524&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjMKwUgkAAODLtfuqiyibdXypa9hKg&u=%7CouQHdnFa5KnkG6Bv5lBUSAyMN3q30ZfBr7A226mMTag%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMIRPtA8mHpd_-JT7UN-K7LyBnpFyFibQgWNAweRv4OYXzsw4WE3JlyPWZJBB8-Lzgj0JaPVk-aQbNp-GKMDBYD1TXLVMb7qiyj4VnKKfJiiBsuefuZNsL4ONCL2xZURRfouiuEx4qRytmVLY3b0R_aAmDqxaaBBL3xxqUI0vi_z3UaOmE2TUHYVeanSA5k0s37eFDdnWQAGHYS55XWJsjgP6MDuhRqMp6zGKJXOn4JsS9I2D5QxO0yALfnoP5Uqil-4vd3YCDut-IqcuqODjzL8TWqVHAmkDKfzPzNmNx_OhMPoMquhfJvogtj69LH19framrHaEts-2i8SGupPZHdKU6Phtl5wxefB--p1xW39HHiKpmIYy_imHPp1uxUXU4qE9SFOeOFn9PwPhX2fAdMH9JFRd5ldWXzFuLvvEEM2yIOxsSpyZTAlwBe0xE2F2A58larT59RxotFXJqpsLYMIWTAn_6LYTNgEr_relg4b5mcTXW801ulqaQUiuOe3LOadEh2kgtL6M2PEmoR4pyi8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxoxUjZIKZbOkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_QljaJmzFSWLzf3mM6nAdD6Xr_UE5A1gSYWNBK4RWl0BeftaRouryjXYhAm6VC9-snD6cPYqRbwWe5TtLl2UCHKFfamyQSzNhxnGeMyFq_N0D9B0xyA-2wU_VIe-VTIq26_amnTp2IfdprhO_aRpFiSvkrV1hyEYOxQdSqt3_hMCAo3ze9XVaJ0RkqNY4rl-lksPCBxxVK4pE58Hqz9M0hZKJCSSCg3qGMiayggF2tXcaAMIR6yoO6spGpkJIKuLsBSVWUDHeMiiPwvmIlCydj_m3yBC_DZm1mBliqJdqAJWmCYkbA_UEHKXXA3bTQ67av4ID2nM3N1iikg63HgKcnXrpdW2Xvbkv7g6IfK9NFgq0Z4SfxPJ4cTfw1dIAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3bC8y1qNe_Ow3SY0S8gLKGbfj6nA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 20 Sep 2023 06:34:56 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
gif.gif
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/ Frame 17F6
87 KB
87 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/gif.gif
Requested by
Host: avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0af43dc81829cc2805a34f638ee1f5ace0289938bdfd2e2488a393a1e6e1be42
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4158476712952566853/728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 18 Sep 2023 00:08:16 GMT
x-content-type-options
nosniff
age
196001
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89392
x-xss-protection
0
last-modified
Fri, 06 Jan 2023 01:11:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 17 Sep 2024 00:08:16 GMT
event.png
tpsc-ue1.doubleverify.com/ Frame 5207
0
298 B
Ping
General
Full URL
https://tpsc-ue1.doubleverify.com/event.png?impid=fa790d93b5b94a6e936068e3ddb4e2cf&flavor=0&gdpr=&gdpr_consent=&ee_dp_seltagmals=2&dvp_gdpr_Error=3&dvp_gdv2_Error=3&ee_dp_lngtks=1&ee_dp_lngtka=1&ee_dp_lngtkd=67&vdur=193&eoid=17&te_exec=0&msrjs=4705&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=325&tetms=22&msltms=157&vltms=193&sei=289&vetms=390&tuviims=316&tuviems=899&engms=1&engisel=1&dvp_dtcov=4&ee_dp_asmm=1&msrcanlm=264&msrcannum=2&ee_dp_tmads=2740&ismms=129&isumms=128&nvr=6&isgmmims=128&isgmv4mims=128&elmtp=4&isbxdms=2728&b0=688&b10=2153&adhgt=618&adwdth=200&vsos=6&dvp_vsosnmr=16&lftb=2841&sftb=2841&naral=256&vct=512&vphgt=1200&vpwdth=1600&chgt=600&cwdth=200&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1629&isuiabvms=1629&engalms=127&dvp_dpr=1&vstsz=737&ee_dp_cvcmeeid=1&metp=1&meeid=1&dvp_itg=HEAD%3A1%2CTITLE%3A1%2CMETA%3A4%2CLINK%3A2%2CSCRIPT%3A15%2CBODY%3A1%2CDIV%3A87%2CSTYLE%3A3%2CA%3A10%2CIMG%3A11%2CSPAN%3A7%2CBUTTON%3A4%2CIFRAME%3A15%2CBR%3A9%2Csvg%3A3%2Cpolygon%3A3%2CSTRIKE%3A1%2C&ttfurm=3637&cbust=1695191699326379
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4705.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://ads.us.criteo.com
Pragma
no-cache
Date
Wed, 20 Sep 2023 06:34:59 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2023-09-19T06:34:59
event.png
tpsc-ue1.doubleverify.com/ Frame EBF2
0
298 B
Ping
General
Full URL
https://tpsc-ue1.doubleverify.com/event.png?impid=87a2428094694eadbef4c14a9967236e&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&ee_dp_lngtks=1&vdur=171&eoid=17&te_exec=0&msrjs=4705&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=272&tetms=20&msltms=158&vltms=171&sei=289&vetms=393&tuviims=386&tuviems=950&engms=1&engisel=1&dvp_dtcov=4&ee_dp_asmm=1&msrcanlm=264&msrcannum=2&ee_dp_tmads=2679&ismms=324&isumms=323&nvr=6&isgmmims=323&isgmv4mims=323&elmtp=4&isbxdms=2624&b0=339&b10=2112&adhgt=618&adwdth=200&vsos=6&dvp_vsosnmr=16&lftb=2451&sftb=2451&naral=256&vct=512&vphgt=1200&vpwdth=1600&chgt=600&cwdth=200&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1527&isuiabvms=1527&engalms=323&dvp_dpr=1&vstsz=738&ee_dp_cvcmeeid=1&metp=1&meeid=1&dvp_itg=HEAD%3A1%2CTITLE%3A1%2CMETA%3A4%2CLINK%3A2%2CSCRIPT%3A15%2CBODY%3A1%2CDIV%3A91%2CSTYLE%3A3%2CA%3A10%2CIMG%3A11%2CSPAN%3A7%2CBUTTON%3A4%2CIFRAME%3A15%2CBR%3A10%2CSTRIKE%3A2%2Csvg%3A3%2Cpolygon%3A3%2C&ttfurm=3578&cbust=1695191699333340
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4705.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://ads.us.criteo.com
Pragma
no-cache
Date
Wed, 20 Sep 2023 06:34:59 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2023-09-19T06:34:59
all
csm.us.criteo.net/ Frame 6C66
0
127 B
Ping
General
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=Z378FzqsedvcrcC29qdIWWPlet3QT2ffi5MnOwRJKPXR4FDRRy5mXMVUJCa69x2k9DJby38K9RIvxw5MCDed1XsdRr9IXuw6UA_Twv6SA-qaIN0oD1HdY9HTUfieQWISpegmW4C8clJJB8RQdgYcMyk4nXrdImLDzvLRllYDHSzzEAHiuQnUAVQ7-hQS4IKVIvJXnNNerOc0Bzv7ULlyFNf4ZNVcxoD_TGtmX-j0wGErgRiKXQJBkAdjUaOSaZvEDj-fag&sds=2&rev=88356&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjIKwUgkAAODLtMp_t2poD09Hz-0qg&u=%7CouQHdnFa5Kmf2p4Bss1sMgOH8sVBwyqn%2BiF0%2Bahdfb4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMFJuvFqbjSDMVND0YNpbXxw_g68WQBYp6weOwM57j-9gqQp1XQI8p1GzWVoJL-MYPH3XWkzenv5tUiwVrgfGWP8oCqnSa-uDWK7Am0l0x6-ooZO9aEmPM-LmJvTGNiOWjUEiMrXG5v6LCR_wUr4vBKoVnzJw5iRomwS_WqazraITJwrdaznTla_p_q9CCjN0dMdpo8cyL1qRUUbK2CpcPoAmULxFtvIb8PkVAHAhKpur_O8geRTjDnHA4pRh7r0NoC1zZarfAPSpY9klgZfcD45lW_80lVdKRNCiBqggAW3--_dgHPvJXkCcfUmvyHXpgRMAy0psZqYIFgiL0PPC-RL84VUze1wivglauOObXP0eXCF02Qxr6n9zly1M4A4NmjztEd1OoVvBH-RZ8QvZMdfMi4qxuRFmMz-DsI7wp1bK7t3Gie4Z0zO_6bJ8n2J9BunLe3m5qPkZgjDm7Wrdrpy91igJ5HQOY6GA5htN0tmr5Z47H1NsjIr0qAVuccaMquy__4Z8i73S7JJlZrxPIrE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgg18jZIKZbKkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_Q3h13zMhKVR_2VR6pDKSyJ8cpmeAwGXcAo5EfC7LSLx2k3CY7oa93tBTOCUlepQPwNuNWvZM706ttHSNnsbEH7pnon_oFajyWuRBAtJ_ha9lTABC1xnhU3yqkPwBptf8tYI9bRGDjQ4uZsM9rFgenV-RZpZNYBmyNBW1pVl8sLF4V2FMm7DDpQsptCFUbO44Iy__AZBvzYOhaJZ54uTCjEutn6BDB-VqiGQ5WUbPASV3HnsPcMUNvlA1d46bqRxZWrn8de6mDaIHGuP_0FJbyyUdpFYRxPhNbrPEu1EmRJvAm-yIFepvpFwdMSoSjGkg43ndpieUsTnm4O73eb57g8akm5AJHgw-jpGASS0RySRxZAuEs6vfU2dSdm4AGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eW35jhhplwIs8GhpqjfKJDoFWkA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 20 Sep 2023 06:35:02 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
all
csm.us.criteo.net/ Frame C2B2
0
127 B
Ping
General
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=yz3s7zqsedvcrcC2ZH1UMQbt9wpQxlMPFKcQfC3cFwNPSWrE4jCDmv0hpvLmkJdhWbhGSfL07gxBRenZ5FupXyo-66jt9Wd6JmdABIpm4HQiK81RtCaXMgHnI1AmdILysg4BL3JVa3dRK5bPzkGrdJC3-kaWUEUfh-lDsRsbvo1-7bo1rWDgw20-xG_jF_b3qrDee0FmSslZXYwSKKx0KVxVmbVHpsaDo_iod7SjAFWZjvAWhi_EPl9ud7I1FcQCEMlX3g&sds=2&rev=88524&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZQqSjQABkjMKwUgkAAODLtfuqiyibdXypa9hKg&u=%7CouQHdnFa5KnkG6Bv5lBUSAyMN3q30ZfBr7A226mMTag%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGFODWhy6DsD5VIXoF4Sn1GpJC36PzcQBMIRPtA8mHpd_-JT7UN-K7LyBnpFyFibQgWNAweRv4OYXzsw4WE3JlyPWZJBB8-Lzgj0JaPVk-aQbNp-GKMDBYD1TXLVMb7qiyj4VnKKfJiiBsuefuZNsL4ONCL2xZURRfouiuEx4qRytmVLY3b0R_aAmDqxaaBBL3xxqUI0vi_z3UaOmE2TUHYVeanSA5k0s37eFDdnWQAGHYS55XWJsjgP6MDuhRqMp6zGKJXOn4JsS9I2D5QxO0yALfnoP5Uqil-4vd3YCDut-IqcuqODjzL8TWqVHAmkDKfzPzNmNx_OhMPoMquhfJvogtj69LH19framrHaEts-2i8SGupPZHdKU6Phtl5wxefB--p1xW39HHiKpmIYy_imHPp1uxUXU4qE9SFOeOFn9PwPhX2fAdMH9JFRd5ldWXzFuLvvEEM2yIOxsSpyZTAlwBe0xE2F2A58larT59RxotFXJqpsLYMIWTAn_6LYTNgEr_relg4b5mcTXW801ulqaQUiuOe3LOadEh2kgtL6M2PEmoR4pyi8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxoxUjZIKZbOkBqSQhQauho74AZyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi0xNjE4NTkyMjA1MDgzNzgwyAEJqAMByAMCqgSdAk_QljaJmzFSWLzf3mM6nAdD6Xr_UE5A1gSYWNBK4RWl0BeftaRouryjXYhAm6VC9-snD6cPYqRbwWe5TtLl2UCHKFfamyQSzNhxnGeMyFq_N0D9B0xyA-2wU_VIe-VTIq26_amnTp2IfdprhO_aRpFiSvkrV1hyEYOxQdSqt3_hMCAo3ze9XVaJ0RkqNY4rl-lksPCBxxVK4pE58Hqz9M0hZKJCSSCg3qGMiayggF2tXcaAMIR6yoO6spGpkJIKuLsBSVWUDHeMiiPwvmIlCydj_m3yBC_DZm1mBliqJdqAJWmCYkbA_UEHKXXA3bTQ67av4ID2nM3N1iikg63HgKcnXrpdW2Xvbkv7g6IfK9NFgq0Z4SfxPJ4cTfw1dIAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3bC8y1qNe_Ow3SY0S8gLKGbfj6nA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 20 Sep 2023 06:35:02 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
46501593
mc.yandex.com/watch/
43 B
146 B
Ping
General
Full URL
https://mc.yandex.com/watch/46501593?page-url=https%3A%2F%2Favito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru%2F&charset=utf-8&hittoken=1695191694_4920ffe4669ff5b29e74b6f66d55c140b56e068ec8b6a33e4068acae098838d7&browser-info=nb%3A1%3Acl%3A2268%3Aar%3A1%3Avf%3A3wcjej5lmwx5238tghrt8yj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1111%3Acn%3A1%3Adp%3A1%3Als%3A170078542288%3Ahid%3A588255791%3Az%3A-600%3Ai%3A20230919203508%3Aet%3A1695191708%3Ac%3A1%3Arn%3A783434844%3Arqn%3A2%3Au%3A1695191693242285976%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A%2C%2C%2C%2C%2C%2C%2C2483%2C1%2C%2C%2C%2C4261%3Aco%3A0%3Acpf%3A1%3Aeu%3A2%3Ans%3A1695191689142%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1695191708&t=gdpr(14)clc(0-0-0)rqnt(2)lt(137700)aw(1)ti(0)&force-urlencoded=1
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 06:35:08 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 20-Sep-2023 06:35:08 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 20-Sep-2023 06:35:08 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
xp4stm90bvzr.frontroute.org
URL
https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/5/7/0/2/audiobook-znatok-zootekhnik.jpg
Domain
xp4stm90bvzr.frontroute.org
URL
https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/5/7/0/1/audiobook-ljubov-neljubov.jpg
Domain
xp4stm90bvzr.frontroute.org
URL
https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/5/7/0/0/audiobook-attrakcion-1.jpg
Domain
xp4stm90bvzr.frontroute.org
URL
https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/5/6/9/9/audiobook-chetyre-cveta-pamjati.jpg
Domain
xp4stm90bvzr.frontroute.org
URL
https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/5/6/9/8/audiobook-rasskazy-203.jpg
Domain
xp4stm90bvzr.frontroute.org
URL
https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/5/6/9/7/audiobook-my-tak-ljubim-glendu.jpg
Domain
xp4stm90bvzr.frontroute.org
URL
https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/5/6/9/6/audiobook-kogo-mne-bojatsja.jpg
Domain
xp4stm90bvzr.frontroute.org
URL
https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/5/6/9/5/audiobook-gorkie-zjorna-1.jpg
Domain
xp4stm90bvzr.frontroute.org
URL
https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/5/6/9/4/audiobook-est-li-zhizn-na-mks.jpg
Domain
xp4stm90bvzr.frontroute.org
URL
https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/5/6/9/3/audiobook-chetvertyjj.jpg
Domain
xp4stm90bvzr.frontroute.org
URL
https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/5/6/8/8/audiobook-kozhanyjj-meshok.jpg
Domain
xp4stm90bvzr.frontroute.org
URL
https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/5/6/8/7/audiobook-nedotepino-korolevstvo.jpg

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| documentPictureInPicture object| adsbygoogle object| Cd string| Cr string| Cp object| WebFont object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data boolean| google_plmetrics object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl boolean| _gfp_p_ object| google_image_requests number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| htmlEncode function| htmlDecode object| dzsap_list boolean| dzsap_ytapiloaded number| dzsap_globalidind object| dzsap_list_for_sync_players boolean| dzsap_list_for_sync_sw_built number| dzsap_list_for_sync_inter_build function| is_mobile function| is_ios function| is_android function| is_android_good function| is_ie function| is_firefox function| is_opera function| is_chrome function| is_safari function| version_ie function| version_firefox function| version_opera function| is_ie8 function| is_ie9 function| can_play_mp3 function| can_canvas function| onYouTubeIframeAPIReady undefined| MD5 function| formatTime function| clean_string function| get_query_arg function| add_query_arg function| can_history_api object| dzsap_player_interrupted_by_dzsvg object| dzsap_audio_ctx object| dzsap_self_options boolean| dzsap_generating_pcm number| dzsap_player_index string| GoogleAnalyticsObject function| ga object| Ya object| yaCounter46501593 object| google_llp object| gaplugins object| gaData object| dataLayer object| googletag object| google_tag_manager

31 Cookies

Domain/Path Name / Value
.bookmp3.ru/ Name: __ddg1_
Value: 0vOP4F1nyI17UTiarlX2
avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/ Name: _csrf-frontend
Value: 2b99035eaea99b62baaa0ed30ea98680cdb9e2b2dba6eff0bfb2719753fa893ea%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22%0F%0E%1F%DAN%1F%9E%CB%F4%5C%90%28%93%21g%CEE%9CL%3DJ%F9%8F%B0%09%0C%1F%BFW%40%C81%22%3B%7D
avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/ Name: b
Value: b
.hit.ua/ Name: uid
Value: 2155209444.1695191692.3858869287
.bookmp3.ru/ Name: __gads
Value: ID=c0f82586452d5a62:T=1695191693:RT=1695191693:S=ALNI_MY4qk6bZrAAS0rQGpl8iiAOks1Q5A
.bookmp3.ru/ Name: __gpi
Value: UID=00000d9406b8fdec:T=1695191693:RT=1695191693:S=ALNI_MY9cQpadpVWmomad5YQHgIDluM31Q
.bookmp3.ru/ Name: _ym_uid
Value: 1695191693242285976
.bookmp3.ru/ Name: _ym_d
Value: 1695191693
.yadro.ru/ Name: FTID
Value: 1b2fAD0BxXue1b2fAD003SGX
.bookmp3.ru/ Name: _ym_isad
Value: 2
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2040366591fake
.bookmp3.ru/ Name: _ga
Value: GA1.2.1915655829.1695191693
.bookmp3.ru/ Name: _gid
Value: GA1.2.668133251.1695191694
.bookmp3.ru/ Name: _gat
Value: 1
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 4137102330fake
.yadro.ru/ Name: VID
Value: 2OsMzG2_vTOe1b2fAD00386R
mc.yandex.com/ Name: yabs-sid
Value: 617772081695191694
.yandex.com/ Name: i
Value: oztta7wCPkk5DMqNArrlYKAWi9H/lcP3U+WkanGXdGccPPtXWo5obezUADmI2gY+0rHauWavqTNqaMxzqKmQxLjU/Lc=
.yandex.com/ Name: yandexuid
Value: 4027896481695191694
.yandex.com/ Name: yuidss
Value: 4027896481695191694
.yandex.com/ Name: ymex
Value: 1726727694.yrts.1695191694#1726727694.yrtsi.1695191694
.yandex.com/ Name: bh
Value: KgI/MA==
.bookmp3.ru/ Name: _ga_XR25G8TDFM
Value: GS1.2.1695191694.1.0.1695191694.0.0.0
.samplicio.us/ Name: _ftv
Value: 37c358b9-df5b-47f3-b986-a94ea161105d
.agkn.com/ Name: u
Value: C|0AAAsnU8OLJ1PDgAAAAAA
.agkn.com/ Name: ab
Value: 0001%3ATBZsN6gixD%2FTS42iqGT3reRtv3jJLODm
.doubleclick.net/ Name: APC
Value: AfxxVi6xRwPE_-HbVBRt3HvKPl9geiXRlWa9w_f0BJS3AvoJcZOKvA
.doubleclick.net/ Name: IDE
Value: AHWqTUlPqVHwKKI6ouW9Ps1oPhLObfcSrqPhJnOKAJtBRvoMnOeoXcsQ45Px7la6Yq4
.doubleclick.net/ Name: DSID
Value: NO_DATA
.googleadservices.com/ Name: ar_debug
Value: 1
.bookmp3.ru/ Name: _ym_visorc
Value: w

2 Console Messages

Source Level URL
Text
network error URL: https://avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru/js/jquery.js
Message:
Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
other warning URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1(Line 20)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ads.us.criteo.com
ajax.googleapis.com
avito.avito.sber.sberbank.spbjy8fnrfcod7p.www.pers-1.bookmp3.ru
c.hit.ua
cat.va.us.criteo.com
cdn.doubleverify.com
cdnjs.cloudflare.com
counter.yadro.ru
csm.us.criteo.net
d.agkn.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imageproxy.us.criteo.net
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
rtb.va.us.criteo.com
rtb0.doubleverify.com
rtbc-ue1.doubleverify.com
s0.2mdn.net
static.criteo.net
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ue1.doubleverify.com
tracker.samplicio.us
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
xp4stm90bvzr.frontroute.org
xp4stm90bvzr.frontroute.org
142.250.65.198
142.251.35.162
2600:141b:13::17d7:8290
2600:9000:26fa:da00:19:fc2c:a140:93a1
2606:4700::6811:180e
2607:f8b0:4004:c09::69
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80f::200e
2607:f8b0:4006:816::2002
2607:f8b0:4006:817::2001
2607:f8b0:4006:81c::200a
2607:f8b0:4006:820::2003
2607:f8b0:4006:821::2008
2607:f8b0:4006:823::2002
2607:f8b0:4006:824::2002
2607:f8b0:4006:824::2006
2620:100:a001::16
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:100:a001::9
2a02:6b8::1:119
3.208.227.70
34.117.228.201
45.147.197.153
74.119.119.147
88.212.202.52
89.184.81.35
01a35e949b55eb92431872d6a0ac846d69ccf0093596c894eb22f62f30ea6eeb
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0af43dc81829cc2805a34f638ee1f5ace0289938bdfd2e2488a393a1e6e1be42
113ce895d8c94e3b12a56e489b3462d2374017498288bd2620a7934d0fa3eac8
11c960f0266e9ce28b9ec6de4210e2d5042473ba3c86927134a21f3405a9aed5
12d8aae0cf51d039bfbef1c8f7ec828851423f05c8f9e5d290b2c2e15cd9a8a6
143defa52b166183926838badf1a67040d8ed3f3c35a3b1ad9e11a67b62888b0
149e0987f7f3c1c592872844353f5b5b5a32995d10d674fcc61b23184350d8f1
1732fc03c90f236c26cf3a629bb9f54c0d663b276a4b672bc6896fdf662e53ab
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a8e019f68a05b5ec99a299b452f722894d2ea939199f043d4c0f49a322aad98
1cec5fe8de68ed7b34777df244655ae569d956cb8f641cb6aea261e510bc2356
1e2346ebe24fd0a6b2839a6f62c2fd86e6a03133676d723bdc478b7480477cf6
220ebcdddfdee4799bb0e64d42463c1dd5a729ad01fe79b2c64ee9da97b658eb
270a417e9a2b117114800ac22b69416886a829edc0b3c616cc5ddf81eed7b7e3
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b31ea37efec8b62b7e0f61908f2436720602d45ed8942849663a957e417128c
3021e724356800d3904e2dc7fb81f3f024bcec57f2033ed716be7ba49ade00cd
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33647c72f414271b8381ea3b5b306083cc816de283c007f9ab5435c53aeafd14
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3be3f024c46ff93eb55bb00f599911ef69c7957b19c8c3df9aca743259f35ae3
3c7b14300fc29298190b7cf3de2769e9d73df61bd2ea58b83982b2f3d5f64774
467efe85f19395240c89559ed17661f02b1b662a54af39992bb8d58158b39a04
46a8f4fc6e756ab8be5859f61e035df31c676df6cdf7528a0bc7e5e393e04785
47a37cabd33f930dd28119e3ba60cca269770f1b2a774a52bad0a75d8076cd8a
49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950
4c5cc784997b0788eb27b6f73c923edb2f2c11a1206f34513d47fdc398079fe1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50f36c6941b3a0b755df6e1c1ba6919dc8eeab051a52504ff431c3564d4d791a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54f8eee1848043fc26275989f47aed52e5e348d0ecd2c8692b252c3aa2fb849c
551cff4b9a266c395d307a18b099ac2cd87269b22b6cb83e0f4b581fe6633375
60880733ef704adbb0e85783c8e9d1f88b2f74c220dd0535318b146535922e9a
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
66a96c67f9b57d873920227284dae154cd664510a1dc3a90940b265109c262f9
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a1afb85c56fc424d183e54ceea31c8d615a743eadfee25c838f5298e9a95dc4
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
818e46d52c7bdaf6d2afb411fb2be26db570b68738968520134ba2f3c91949f3
8be221978ab1beee5467f7a31e8771046489b44c7741b1245db0d11e6d36c0cf
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ee0f5c8df5c85116ace0bdffc44f7b56ffc5ddae3d7c8dfb7effc6bf8d0e2df
8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339
9370e7158d331d5ad9758cd98ff674ffcb4ca1308b9f2a8f43a900d41ea5492e
9693ec40f86e36b0af6dac9d253c9a5fb7862996352562ec52d3dafb33635611
98374103b34b463f6a0b510e281d5166778c26bba5f4631f8f2e546123529a45
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
9a026628b5e49092d8db4bfb5afcbed4211479fa313b3b9605ba0cbfda54754c
9db5086b55769640f409c37deb5be301986d682f25a704ce17ebe51e358bbe91
9f27fcc92f8d2924b2a09f4c906e238202445e6b61c00ddc0fd1898c267df568
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a4186380e9ae3792fc165282b6508c3b8d3d9693f3dd9a816126ee8c35303af7
a4e80fbdbd2fe979c79ea4356e6f1b957acceb1be77df17ee70134ba728ce05f
a61735542ef93f832ab8321f9670a83ff11f58b5e122b2fb014199e32de05312
a6a235eb3be8edd6595e0d3a955057057947ecb9240263e146077afcc2e595a4
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a94755ecd90a113ceb5ffbb9a9834639bbf215711895074c4181eb309929ca25
a95c8500edd31478a3745ec45409ef9b5738c9f3c4da7d1a9bb2c7f7fd4e44c0
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b2136198a96109ea6a4f977e5bf73ee59c411f9b977b393b414e167c5bf0d074
b24a7bea97a9c0ac82a595c06916c4ccb6acbe46c45c45a065388fa0728680ce
b36c8f7868d2562cd8f881c76f133178d6373f6e9d13f7fa4af396d3505f5ccf
b6a9a02b839938c26ab7f8929b63c55aee628cc2da19a9ba9ab075266ecdb1db
ba722e6fd08736b51db61f9d3e72ca2349a4bc4e970db6c752d754f11825f30e
ba9f43fbd9c0782c72ff6eddd221abdcfd9642cd4625227ad693347e4d6989db
bc4540a14193a6537e0c03127bbf19848e6226bd437f2550d18f1f385c55eccb
c6329dfe33180cce86d7c4f395d190707092ce38c7ed9a9d93f75e2632713ba1
c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404
c8f16b88d1787f960e55dc9a0976f51e63cdd143e000ca0f32e8a10e8103aa07
cd529a35ec3b1559781ca5736dd0777f8838e2cc6c1b2258ef38282da7abcf80
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0c95e145b8f28a0e8a62eb2017b95248f618344fd490af692098d82ff2d8757
d419258d9150c0861265190d931abcc73a7ee347f605f0f8bd87bacf0846e88f
d6cfd149a51da917c4c5cc99f110d9f60985b9bad9ef0f9b959a4cb86339f839
da7b2c56c933d973088e491aa967753f0143d8cca8e4e047bd23f64d9d5858ec
db0d17ee9c24794dc313d2588c0c19bccccb2f7439a0dcb6be8cc985df84baf3
ddf0ccefce3d5a4cfde5d72e16d6e8ac3d386d739d61195afa43655409ec8a92
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e11ef1edfc4a540f832a7a022ee7b6376d2d729ad6cf15ff693077d35be1a6fd
e163d198caaf2faafe39d30b94e62c24e1b8fd54109e1842008a9ccec6b28d3c
e17583e288739105a037b7ca88b6be92a2e98ba4f3092f3a79a3c0599f482626
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5466b61c87530258690008a33c891eef8815d90f7f30f286e0de7453ef13a9d
e6dcbbfd3b2b395e8440193551d30cf590736083dfed83bb67f976badca15699
ea7c8fe15199460e6a9910bfd1e5bf8a0111ddee538511abc9b5f6ab268a65bc
eaaef360f1450bfc123aca7bca508e538adbfe851dd6a3a9dc63fe579c12005c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f2fc153daf5d3ef66c6e26f9b8d244212b12c27e725e237b5d2afc2bd35afe
f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5
f919c02713441d1502a5297ec6201783ecf8070a47d5df866a78ca2fb83bc865
fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717
fd4a94af5705411d98e2f6785b9f0ef5478e8a4496b3e5c69234a508bbfd8d7c
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48