URL: http://petiofi.narod.ru/detski.html
Submission Tags: falconsandbox
Submission: On February 20 via api from US — Scanned from DE

Summary

This website contacted 31 IPs in 6 countries across 24 domains to perform 142 HTTP transactions. The main IP is 193.109.247.223, located in Moscow, Russian Federation and belongs to COMPUBYTE-AS, CY. The main domain is petiofi.narod.ru.
This is the only time petiofi.narod.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 193.109.247.223 204343 (COMPUBYTE-AS)
1 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
1 6 95.163.52.67 47764 (VK-AS)
1 185.31.121.155 199364 (RAX-AS)
1 2a02:6b8::90 208398 (TELETECH)
2 3 88.212.201.204 39134 (UNITEDNET)
4 81.19.89.18 24638 (RAMBLER-T...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 149.56.240.27 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 38.242.215.86 51167 (CONTABO)
5 9 2a02:6b8::1:119 208398 (TELETECH)
1 10 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 7 2a00:1450:400... 15169 (GOOGLE)
28 2a03:2880:f08... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
2 172.217.18.102 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::12 44788 (ASN-CRITE...)
1 2a02:2638:d::c 44788 (ASN-CRITE...)
2 142.250.186.163 15169 (GOOGLE)
7 2a02:2638:3::3 44788 (ASN-CRITE...)
1 178.250.1.6 44788 (ASN-CRITE...)
2 2a02:2638:3::10 44788 (ASN-CRITE...)
2 2a02:2638:3::1a 44788 (ASN-CRITE...)
2 142.250.185.226 15169 (GOOGLE)
142 31
Apex Domain
Subdomains
Transfer
32 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120
tpc.googlesyndication.com — Cisco Umbrella Rank: 158
553 KB
28 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 1042
scontent.xx.fbcdn.net — Cisco Umbrella Rank: 410
external.xx.fbcdn.net — Cisco Umbrella Rank: 10746
1 MB
15 narod.ru
petiofi.narod.ru
257 KB
12 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
ad.doubleclick.net — Cisco Umbrella Rank: 149
101 KB
11 criteo.net
static.criteo.net — Cisco Umbrella Rank: 689
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 8417
csm.eu.criteo.net — Cisco Umbrella Rank: 7991
23 KB
10 google.com
cse.google.com — Cisco Umbrella Rank: 3353
www.google.com — Cisco Umbrella Rank: 2
clients1.google.com — Cisco Umbrella Rank: 480
175 KB
6 mail.ru
top-fwz1.mail.ru — Cisco Umbrella Rank: 8695
27 KB
5 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 7848
3 KB
5 yandex.ru
bs.yandex.ru — Cisco Umbrella Rank: 10449
mc.yandex.ru — Cisco Umbrella Rank: 3423
58 KB
3 criteo.com
ads.eu.criteo.com — Cisco Umbrella Rank: 7905
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 13595
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 9712
47 KB
3 histats.com
s10.histats.com — Cisco Umbrella Rank: 12731
s4.histats.com — Cisco Umbrella Rank: 12280
9 KB
3 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 10450
3 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 141
2 gstatic.com
p4-bkbq6em2tcn72-ritkppebb6c25w4o-if-v6exp3-v4.metric.gstatic.com
3 KB
2 rambler.ru
kraken.rambler.ru — Cisco Umbrella Rank: 32324
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
36 KB
2 top100.ru
st.top100.ru — Cisco Umbrella Rank: 41110
42 KB
2 ucoz.net
s201.ucoz.net
748 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 328
256 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2000
254 B
1 search.bg
counter.search.bg
500 B
1 stranabg.com
www.stranabg.com
945 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 52
82 KB
0 hotlog.ru Failed
js.hotlog.ru Failed
142 24
Domain Requested by
20 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
18 pagead2.googlesyndication.com petiofi.narod.ru
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
15 petiofi.narod.ru petiofi.narod.ru
14 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
10 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
7 static.criteo.net ads.eu.criteo.com
7 www.google.com 1 redirects cse.google.com
www.google.com
petiofi.narod.ru
tpc.googlesyndication.com
6 top-fwz1.mail.ru 1 redirects petiofi.narod.ru
top-fwz1.mail.ru
5 mc.yandex.com 3 redirects petiofi.narod.ru
5 external.xx.fbcdn.net www.facebook.com
4 mc.yandex.ru 2 redirects petiofi.narod.ru
3 scontent.xx.fbcdn.net www.facebook.com
3 counter.yadro.ru 2 redirects petiofi.narod.ru
2 www.googleadservices.com googleads.g.doubleclick.net
2 csm.eu.criteo.net ads.eu.criteo.com
2 imageproxy.eu.criteo.net ads.eu.criteo.com
2 p4-bkbq6em2tcn72-ritkppebb6c25w4o-if-v6exp3-v4.metric.gstatic.com googleads.g.doubleclick.net
p4-bkbq6em2tcn72-ritkppebb6c25w4o-if-v6exp3-v4.metric.gstatic.com
2 ad.doubleclick.net googleads.g.doubleclick.net
2 kraken.rambler.ru st.top100.ru
petiofi.narod.ru
2 www.facebook.com petiofi.narod.ru
static.xx.fbcdn.net
2 cse.google.com petiofi.narod.ru
www.google.com
2 s10.histats.com petiofi.narod.ru
s10.histats.com
2 st.top100.ru petiofi.narod.ru
st.top100.ru
2 s201.ucoz.net petiofi.narod.ru
1 cat.nl3.eu.criteo.com ads.eu.criteo.com
1 rtb.fr3.eu.criteo.com googleads.g.doubleclick.net
1 ads.eu.criteo.com googleads.g.doubleclick.net
1 s0.2mdn.net googleads.g.doubleclick.net
1 clients1.google.com petiofi.narod.ru
1 region1.google-analytics.com www.googletagmanager.com
1 counter.search.bg petiofi.narod.ru
1 s4.histats.com s10.histats.com
1 bs.yandex.ru petiofi.narod.ru
1 www.stranabg.com petiofi.narod.ru
1 www.googletagmanager.com petiofi.narod.ru
0 js.hotlog.ru Failed petiofi.narod.ru
142 36
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh
*.mail.ru
GlobalSign ECC OV SSL CA 2018
2023-10-06 -
2024-11-06
a year crt.sh
histats.com
R3
2024-02-16 -
2024-05-16
3 months crt.sh
*.google.com
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-11-30 -
2024-02-28
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh
*.rambler.ru
GlobalSign GCC R3 DV TLS CA 2020
2023-04-17 -
2024-05-18
a year crt.sh
*.top100.ru
GlobalSign GCC R3 DV TLS CA 2020
2023-02-08 -
2024-03-11
a year crt.sh
www.google.com
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-13 -
2024-05-11
a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018
2023-12-26 -
2024-06-05
5 months crt.sh
*.doubleclick.net
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-08 -
2024-05-06
3 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-10 -
2024-05-05
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-17 -
2024-05-17
3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-06 -
2024-05-03
3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-27 -
2024-03-21
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh

This page contains 15 frames:

Primary Page: http://petiofi.narod.ru/detski.html
Frame ID: 3DCD4A9327D573C51788168570D58ED5
Requests: 54 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%259A%25D1%2580%25D1%258A%25D1%2581%25D1%2582%25D0%25BE%25D1%2581%25D0%25BB%25D0%25BE%25D0%25B2%25D0%25B8%25D1%2586%25D0%25B8%2F219374801463722&width=520&colorscheme=light&show_faces=true&border_color&stream=true&header=true&height=590
Frame ID: 12E45AAEAFA9B3D2FDC1663F13171A91
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: 6D0A296219764C405AF2A35C1E07CC38
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=60&slotname=4954790851&adk=3850891032&adf=3353141943&pi=t.ma~as.4954790851&w=468&lmt=1708425282&format=468x60&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281763&bpp=2&bdt=445&idt=431&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&correlator=3351915128569&frm=20&pv=2&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=827&ady=42&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=442
Frame ID: 112B920432C99FD6E90941DD72CAF7A5
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=600&slotname=4584916924&adk=2319987244&adf=218696053&pi=t.ma~as.4584916924&w=160&lmt=1708425282&format=160x600&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281765&bpp=1&bdt=448&idt=447&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60&correlator=3351915128569&frm=20&pv=1&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1133&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=449
Frame ID: 76412547FD57594D7E5FA23D38864AFB
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=600&slotname=6986726970&adk=1929241932&adf=2561622201&pi=t.ma~as.6986726970&w=160&lmt=1708425282&format=160x600&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281766&bpp=1&bdt=449&idt=452&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60%2C160x600&correlator=3351915128569&frm=20&pv=1&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1133&ady=790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=453
Frame ID: D15FE6509E519E6430A108D2F580C196
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&adk=1812271804&adf=3025194257&lmt=1708425282&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~8~16&dt=1708425281780&bpp=1&bdt=463&idt=459&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60%2C160x600%2C160x600&nras=1&correlator=3351915128569&frm=20&pv=1&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=463
Frame ID: 5587718875EC3CEA500DD1719848923C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMihxfQDEJ2chqQFGMnN0v0BMAE&v=APEucNW3qKNLeIwqOKdQ3i5TrZM5o3Ath8aFTu7xDyyAQd0HlSQo8Iqs8PTZ8pwKujCBH9ZlLoZ-nf3HPsPhiuVOHNyffvAJ4A
Frame ID: 94E536FD125F47DA300EC8250676122B
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdSAQgAE4r4Ef4fMAA7rLwIBlc5IEVudBxj3kA&u=%7Cht7ur9evmbz0TMT6Z7h7wVX27fLNS43jIGP0CTFLXk4%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at-ue5TMI33i_SG1_RVDuuRTlvaTShOdPDW7I8DD_nv-KTeF-CvJ_g770izczOyeXx19ySXGxyQ6CqU1myjJKyWWGY5rzaKsczaGdiCG8nfPmxfTLZX-u_GQLlF2BwQG53gGQ1y12pDXUb6Stv39n3iaS7WQ245Uf7RKAJ3YZeza8o6v8sJBzI9FSFfh9msiwFqR1eAgQ1eo0HiajYoulqvDJnm6XXWR3LWab2hMYZbRGFIzmS2Cy2VslbtcVWUq7ZWTUq0sEkfEj889CQ1pitKUQkINkxHAmLPg9-J29E6aHyrLVsMID5xqoulsHKpZuoCGzLHgjGIlOc2jybGvgc1-ZHBkip98z6cvydM3R-iqNrSohl6RwY5TevxBkO16zheUC_bSzsM2PIQGSATz5RSpjn4pLxSxx7UYoQF-kED9--txtk3uOD8Co2bGw8Yd3__mZXPTMUXdM6FtbBfhCNCjtx6-6wy_qO1JFi5W5ktM-pT-sn64m4HA7F3q7JJO443-k3sruRSG3I8LLvN8BKvAIFEgVgXhWjBx5CsuJ_sY8CYaG5P5SWFRyHKgWfdrVgAV6TdgSWe2ZUEzxqtC8pqWMeit-pdzsa3sQk1hi2T2CQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZLDPQoDUZb7FE8yP_tMPr9a7yAPJntKxXNWdkfdwwI23ARABIABgleKagqwHggEXY2EtcHViLTc4MDAxMDEzNjc3NDkyNjjIAQmpAq2f90L1ELI-qAMByAMCqgTRAU_Q-xjpQY8CM_rRfmZIdXPHc1QiaArvhs_W9YfxvTTroeE8Fdcrzwn79ee7u9pqiqmz1LgaGD_eEgwRF4EfCsxx7CUvW4FxZaCo8TREwvQWmTVShc1cNInbaX0wbH27R5ofFVdi-6u5Xdy3I2MCDJsuRNvSQZU_CmhqP5IYENOzMFcaDKvNdlc9RyvBPz9_cQQsn7_Ey3E9j_NMKWrSNC2_y2DGlxIrWM4Ex47QynaZM1kGpfJzV4RN1ZEKFfstUvhbSwEjwZnPM_Ouk5KBDzzPgAbSzKHfg4737-oBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJAiA4YBwEAEyAusCOgmAQICAhICAhAhIvf3BOljkhMuQ3LmEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Azkwe2UJkeikQjZGBpMOEsupr5A%26client%3Dca-pub-7800101367749268%26adurl%3D
Frame ID: FE19DF25D29E3E57A26B6F5277F6221E
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F7CF7CA183F3B0F6928DB7B0EA105923
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2B0A1041110A16E2A60B6D8A652C3D38
Requests: 2 HTTP requests in this frame

Frame: https://p4-bkbq6em2tcn72-ritkppebb6c25w4o-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: A1831BA2068E2672FFF6222AFE8CAC17
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-nfEL6nT6hMAPyjdoOzOb1jP1Zjk2lcitOv7Rt98uqU.js
Frame ID: FB8CEF9E5CAAAD849C117A04FDCB2493
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 867332E3CE9FBF576793DD3DE1F966B8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0237445E3CD6F3F022679B80DA9554BD
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Детски кръстословициsuchen

Detected technologies

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • <script[^<>]*>[^]{0,128}?src\s*=\s*['"]//counter\.yadro\.ru/hit(?:;\S+)?\?(?:t\d+\.\d+;)?r
  • <!--LiveInternet counter-->
  • <!--/LiveInternet-->

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

142
Requests

77 %
HTTPS

63 %
IPv6

24
Domains

36
Subdomains

31
IPs

6
Countries

3020 kB
Transfer

5872 kB
Size

45
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://top-fwz1.mail.ru/counter?id=1046193;t=464;l=1 HTTP 302
  • https://top-fwz1.mail.ru/counter2?id=1046193;t=464;l=1
Request Chain 21
  • http://counter.yadro.ru/hit?t21.3;r;s1600*1200*24;uhttp%3A//petiofi.narod.ru/detski.html;h%u0414%u0435%u0442%u0441%u043A%u0438%20%u043A%u0440%u044A%u0441%u0442%u043E%u0441%u043B%u043E%u0432%u0438%u0446%u0438;0.03457744007182817 HTTP 302
  • https://counter.yadro.ru/hit?t21.3;r;s1600*1200*24;uhttp%3A//petiofi.narod.ru/detski.html;h%u0414%u0435%u0442%u0441%u043A%u0438%20%u043A%u0440%u044A%u0441%u0442%u043E%u0441%u043B%u043E%u0432%u0438%u0446%u0438;0.03457744007182817 HTTP 302
  • https://counter.yadro.ru/hit?q;t21.3;r;s1600*1200*24;uhttp%3A//petiofi.narod.ru/detski.html;h%u0414%u0435%u0442%u0441%u043A%u0438%20%u043A%u0440%u044A%u0441%u0442%u043E%u0441%u043B%u043E%u0432%u0438%u0446%u0438;0.03457744007182817
Request Chain 28
  • http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%259A%25D1%2580%25D1%258A%25D1%2581%25D1%2582%25D0%25BE%25D1%2581%25D0%25BB%25D0%25BE%25D0%25B2%25D0%25B8%25D1%2586%25D0%25B8%2F219374801463722&width=520&colorscheme=light&show_faces=true&border_color&stream=true&header=true&height=590 HTTP 307
  • https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%259A%25D1%2580%25D1%258A%25D1%2581%25D1%2582%25D0%25BE%25D1%2581%25D0%25BB%25D0%25BE%25D0%25B2%25D0%25B8%25D1%2586%25D0%25B8%2F219374801463722&width=520&colorscheme=light&show_faces=true&border_color&stream=true&header=true&height=590
Request Chain 30
  • http://mc.yandex.ru/metrika/watch.js HTTP 302
  • https://mc.yandex.ru/metrika/watch.js
Request Chain 78
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10285.LAwR9IAA1RzVJrLvlxOPy9yRt0jXltlBg2SnXqDNR88Mhxb-BwQNcxuLpCOxvmeF.jDYRUPN8SyeKtaEMeAAV-PwG8RA%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10285.r5qfwC3wJ_3sXULE3CTxktpjWAsE6IxUfhUcey53YKvVvOFbJW83dbBZZ0XsPCn6yeIFhpFtYis3uE-S2TsctNRs1a6P4o1FVwszg0kGGIphUmLNMqfqzIPGuEFSBPbmHPTjWzEnIcEUBgDIyhVO-5xeQ7JRl_ir8QA1SIZm36IIn8OXEHhJVnbA4721Dt3Bgwrw5kTH--jVA-WBq6LKQqF9xpL0s0tGjtlQFkHw4tM%2C.F7QRf4LdYps_A5gfzhNxzCSkVBs%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10285._pok3MSqYJeLABJ_SmOq6fEX-XNVC1r21t6qS5cVS8YO5Ld2VB1MNsi_cyLxrQ5UxpRwPNYGnZFDCaEe4Y4Av6jCTyG8s3lzevkGTpC40uXkL-2bg6F9ygQa6lX3BObHOFLHT9rjE1U1Ggk0FerQfLjPGPR5FCVGo_SpPwtFde03FmgVjGish7sjNe83ZHY-VX0Flx-g9zsu7AdBypJDFw%2C%2C.xuoGXB-pIsFUkDW9FKxf-rs-nYQ%2C
Request Chain 96
  • https://mc.yandex.com/watch/22079125?wmode=7&page-url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Arrsvvwew1t7vq6pawluowr6j%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1251%3Acn%3A1%3Adp%3A0%3Als%3A708513623361%3Ahid%3A156186067%3Az%3A60%3Ai%3A20240220113442%3Aet%3A1708425283%3Ac%3A1%3Arn%3A136598922%3Arqn%3A1%3Au%3A1708425283554236722%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A285%2C82%2C133%2C2%2C%2C0%2C%2C363%2C0%2C%2C%2C%2C866%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1708425280816%3Agi%3AR0ExLjEuODM0NzA0OTIxLjE3MDg0MjUyODI%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1708425283%3At%3A%D0%94%D0%B5%D1%82%D1%81%D0%BA%D0%B8%20%D0%BA%D1%80%D1%8A%D1%81%D1%82%D0%BE%D1%81%D0%BB%D0%BE%D0%B2%D0%B8%D1%86%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(0)ti(1) HTTP 302
  • https://mc.yandex.com/watch/22079125/1?wmode=7&page-url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Arrsvvwew1t7vq6pawluowr6j%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1251%3Acn%3A1%3Adp%3A0%3Als%3A708513623361%3Ahid%3A156186067%3Az%3A60%3Ai%3A20240220113442%3Aet%3A1708425283%3Ac%3A1%3Arn%3A136598922%3Arqn%3A1%3Au%3A1708425283554236722%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A285%2C82%2C133%2C2%2C%2C0%2C%2C363%2C0%2C%2C%2C%2C866%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1708425280816%3Agi%3AR0ExLjEuODM0NzA0OTIxLjE3MDg0MjUyODI%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1708425283%3At%3A%D0%94%D0%B5%D1%82%D1%81%D0%BA%D0%B8%20%D0%BA%D1%80%D1%8A%D1%81%D1%82%D0%BE%D1%81%D0%BB%D0%BE%D0%B2%D0%B8%D1%86%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%280%29ti%281%29
Request Chain 111
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 126
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cra4IQoDUZfTXE5X__tMPgq-UqA7_1a7odOihpP3hEWQQASDv_tAIYJXimoKsB6AByIyk_APIAQKpAq2f90L1ELI-qAMByAPJBKoE3AFP0KLhhiCQaMQ-VXIIx8wgAWONiln4F8OATyKYykN1sr6wGvSKiwiy5HNcB5pF-P-Q_6kXfMIgen_RXAaNkx-8dSbVPu5oOjpezjY8l8YMZowFjIP0A8QXCZmjYKe9CDmK3cAIu4oiXQwQDeHS36B6kvCaV5GKb6g9rhjIrGxZgKQBhqkMsiL2kEhkTQjZgxrDUQOLSXT0ipl1wwRjQ4N5I42b7rFhji2XXAiyTopeY8J5vsyh7mwy6MojeIgAS1qGEA3NV69S1w9cZpPNdKq56Za0SiZFWSarwijrwATjprDNqwSIBbqDkvJKkgUECAQYAZIFBAgFGASgBgKAB6Dz2wOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G9gHAfIHBBDZ9wTSCCYIgOGAcBABGB8yAusCOgmAQICAhICAhAhIvf3BOlismMuQ3LmEA5oJE2h0dHA6Ly93d3cubWFya3QuZGWACgHICwHYEw7QFQGYFgGAFwGyFxwKGggAEhRwdWItNzgwMDEwMTM2Nzc0OTI2OBgA&sigh=-0Rewxge2sI&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgAvHhf_xjF84xc3RYgLpgQ2eByiPC7Kb0Ddzjj_2Gn30Ce5Sj1H9zA8chMhOABKdrWSCVhNIVGqP0WIMnFsBnoC7NDBTlMwRWE4XNMjtBgB&cbvp=2&vis=1&nis=5 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228458337620954152151%22,%22debug_reporting%22:true,%22destination%22:%22https://markt.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221065944648%22],%2222%22:[%22true%22],%224%22:[%2202-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215754483759404611985%22}&andc=true

142 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request detski.html
petiofi.narod.ru/
24 KB
6 KB
Document
General
Full URL
http://petiofi.narod.ru/detski.html
Protocol
HTTP/1.1
Server
193.109.247.223 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
14c247620583453a2a766489a414c962236da30c84a8538b29fe554b3f6dbc24
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 20 Feb 2024 10:34:46 GMT
Keep-Alive
timeout=15
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
uutils.fcg
s201.ucoz.net/cgi/
0
205 B
Script
General
Full URL
http://s201.ucoz.net/cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=1&r=0.895164816051732
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
HTTP/1.1
Server
193.109.247.223 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 10:34:46 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=15
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
stili.css
petiofi.narod.ru/
6 KB
2 KB
Stylesheet
General
Full URL
http://petiofi.narod.ru/stili.css
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
HTTP/1.1
Server
193.109.247.223 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
28bcb7aa03a254ceca911c82d006bc4cb3f324a0533a059ccfb98fba6344f997
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/detski.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 10:34:46 GMT
Content-Encoding
gzip
Last-Modified
Sat, 06 Apr 2019 19:34:21 GMT
Server
nginx
ETag
W/"5ca8ff3d-160f"
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Keep-Alive
timeout=15
js
www.googletagmanager.com/gtag/
231 KB
82 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BL7TKSZ9XP
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
03fd719fb1d3162e4d29b4871bc4de412340d214f21bbee273ebf3e18dfddd63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83444
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 20 Feb 2024 10:34:41 GMT
logo6.jpg
petiofi.narod.ru/
25 KB
25 KB
Image
General
Full URL
http://petiofi.narod.ru/logo6.jpg
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
HTTP/1.1
Server
193.109.247.223 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
8cd78aaf8f41700a44b999160164fdcfacf4c250fcea1f9e1aab5090693cfdad
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/detski.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 10:34:46 GMT
Last-Modified
Tue, 09 Apr 2013 08:28:00 GMT
Server
nginx
ETag
"5163d110-633b"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
25403
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
150 KB
54 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
352d8dae3843bf41dd986436e05a49d762fb30768f1758cc06f5cfdb820cc6f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 10:34:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
54580
X-XSS-Protection
0
Server
cafe
ETag
8831330474024894516
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600, stale-while-revalidate=3600
Timing-Allow-Origin
*
Link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
Expires
Tue, 20 Feb 2024 10:34:41 GMT
counter2
top-fwz1.mail.ru/
Redirect Chain
  • https://top-fwz1.mail.ru/counter?id=1046193;t=464;l=1
  • https://top-fwz1.mail.ru/counter2?id=1046193;t=464;l=1
2 KB
3 KB
Image
General
Full URL
https://top-fwz1.mail.ru/counter2?id=1046193;t=464;l=1
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
H2
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
c67e17babf8fdbaf9e20429db2ad65646899704ab710617f786774afdf30a05f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:41 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
2349
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*

Redirect headers

date
Tue, 20 Feb 2024 10:34:41 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
0
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
accept-ch-lifetime
86400
location
https://top-fwz1.mail.ru/counter2?id=1046193;t=464;l=1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
detsko_s_kartinki_160.jpg
petiofi.narod.ru/detski/
6 KB
7 KB
Image
General
Full URL
http://petiofi.narod.ru/detski/detsko_s_kartinki_160.jpg
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
HTTP/1.1
Server
193.109.247.223 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
a947d600ce9a02e3318f52f21e6508b18b55abd5379473084173d98001288761
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/detski.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 10:34:46 GMT
Last-Modified
Mon, 01 Jun 2020 19:19:21 GMT
Server
nginx
ETag
"5ed554b9-18e7"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
6375
ksngvl.jpg
petiofi.narod.ru/detski/img/
6 KB
6 KB
Image
General
Full URL
http://petiofi.narod.ru/detski/img/ksngvl.jpg
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
HTTP/1.1
Server
193.109.247.223 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
a3e41cbbeb22fef368b26b45c7480252acb8ceced4bfaa50b7da454366c03db5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/detski.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 10:34:46 GMT
Last-Modified
Mon, 16 Mar 2020 20:18:03 GMT
Server
nginx
ETag
"5e6fdefb-1811"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
6161
sHrB_160x72.png
petiofi.narod.ru/detski/img/
19 KB
19 KB
Image
General
Full URL
http://petiofi.narod.ru/detski/img/sHrB_160x72.png
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
HTTP/1.1
Server
193.109.247.223 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
4289e1ca8561e9cf6fc42f4b6e6daa691897891629c899ab51e4c0aecea87ac4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/detski.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 10:34:46 GMT
Last-Modified
Fri, 01 Jun 2018 11:49:32 GMT
Server
nginx
ETag
"5b1132cc-4b07"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
19207
vrabcheta160_72.png
petiofi.narod.ru/detski/img/
23 KB
23 KB
Image
General
Full URL
http://petiofi.narod.ru/detski/img/vrabcheta160_72.png
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
HTTP/1.1
Server
193.109.247.223 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
1e42939e089a78bf0f6771d2e53485a87d78f51e38a465131a4fed67e54b4e8e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/detski.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 10:34:46 GMT
Last-Modified
Thu, 10 May 2018 19:26:05 GMT
Server
nginx
ETag
"5af49ccd-5af7"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
23287
andreevden_160x72.jpg
petiofi.narod.ru/detski/
18 KB
18 KB
Image
General
Full URL
http://petiofi.narod.ru/detski/andreevden_160x72.jpg
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
HTTP/1.1
Server
193.109.247.223 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
ddf10a74a047e304b5cd38ad0152ebaf321f799ec2493cdafc55f6bfb305567d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/detski.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 10:34:46 GMT
Last-Modified
Fri, 08 Dec 2017 22:16:12 GMT
Server
nginx
ETag
"5a2b0f2c-488e"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
18574
detska_krastoslovica_160x72.png
petiofi.narod.ru/detski/
18 KB
19 KB
Image
General
Full URL
http://petiofi.narod.ru/detski/detska_krastoslovica_160x72.png
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
HTTP/1.1
Server
193.109.247.223 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
ea9349f79e725746c2ed4eec37bd306e6699572e989c46ab72b9c8ea525877c9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/detski.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 10:34:46 GMT
Last-Modified
Thu, 01 Jun 2017 15:37:24 GMT
Server
nginx
ETag
"593034b4-4958"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
18776
rebusi_i_gatanki_160x72.jpg
petiofi.narod.ru/detski/
29 KB
30 KB
Image
General
Full URL
http://petiofi.narod.ru/detski/rebusi_i_gatanki_160x72.jpg
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
HTTP/1.1
Server
193.109.247.223 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
e88a0d2d82a022d4a52e98513e379aa7f4b10b2c04c4f4d936202a2b69f5bf27
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/detski.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 10:34:46 GMT
Last-Modified
Fri, 08 Dec 2017 22:16:12 GMT
Server
nginx
ETag
"5a2b0f2c-7577"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
30071
koledni_rebusi_160x72.jpg
petiofi.narod.ru/detski/
19 KB
19 KB
Image
General
Full URL
http://petiofi.narod.ru/detski/koledni_rebusi_160x72.jpg
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
HTTP/1.1
Server
193.109.247.223 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
9a21e1052492ac1866b8df081548fbf1809c48db1de0209cf4e953702ae3a851
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/detski.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 10:34:46 GMT
Last-Modified
Fri, 25 Dec 2015 00:57:07 GMT
Server
nginx
ETag
"567c9463-4aa8"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
19112
detska_stranica.jpg
petiofi.narod.ru/detski/
20 KB
21 KB
Image
General
Full URL
http://petiofi.narod.ru/detski/detska_stranica.jpg
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
HTTP/1.1
Server
193.109.247.223 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
f9b6b97a7c6bbffa300029a87aa473379d7b6dfd99310f99f959335c0f384025
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/detski.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 10:34:46 GMT
Last-Modified
Sun, 01 Jun 2014 19:02:53 GMT
Server
nginx
ETag
"538b78dd-515b"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
20827
detsko_skandi.jpg
petiofi.narod.ru/detski/
23 KB
24 KB
Image
General
Full URL
http://petiofi.narod.ru/detski/detsko_skandi.jpg
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
HTTP/1.1
Server
193.109.247.223 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
a6057df58ce97a61dbfa822110e2c72ba7855d2ed5689badb682eb079a021f7f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/detski.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 10:34:46 GMT
Last-Modified
Sat, 01 Jun 2013 04:54:08 GMT
Server
nginx
ETag
"51a97e70-5d13"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
23827
skandi_kartinki2.jpg
petiofi.narod.ru/imgskandi/
19 KB
19 KB
Image
General
Full URL
http://petiofi.narod.ru/imgskandi/skandi_kartinki2.jpg
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
HTTP/1.1
Server
193.109.247.223 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
473b69e6dda63c5507d9c28062e22fdf9d80dddf58287ed9479ed1a40080238e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/detski.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 10:34:46 GMT
Last-Modified
Tue, 09 Apr 2013 08:27:54 GMT
Server
nginx
ETag
"5163d10a-4b66"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
19302
skandi_kartinki1.jpg
petiofi.narod.ru/imgskandi/
20 KB
20 KB
Image
General
Full URL
http://petiofi.narod.ru/imgskandi/skandi_kartinki1.jpg
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
HTTP/1.1
Server
193.109.247.223 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
ac8169d1a4d78f8e94345352aeee13a070e366572e5e30cec01bed3f6e55f66a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/detski.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 10:34:46 GMT
Last-Modified
Tue, 09 Apr 2013 08:27:54 GMT
Server
nginx
ETag
"5163d10a-5010"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
20496
button.php
www.stranabg.com/top/
674 B
945 B
Image
General
Full URL
http://www.stranabg.com/top/button.php?u=petiofi
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
HTTP/1.1
Server
185.31.121.155 , Bulgaria, ASN199364 (RAX-AS, BG),
Reverse DNS
155.121.31.185.static.webnick.net
Software
Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips / PHP/5.3.29
Resource Hash
26725cebcf1de7b827ba027be93a980c6e48c0e1f1da85fa29a288870eadc580

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 10:36:07 GMT
Server
Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
X-Powered-By
PHP/5.3.29
Vary
User-Agent
Transfer-Encoding
chunked
Content-Type
image/png
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
5.gif
s201.ucoz.net/img/cp/
217 B
543 B
Image
General
Full URL
http://s201.ucoz.net/img/cp/5.gif
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
HTTP/1.1
Server
193.109.247.223 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
a63abd76bb348773b1071570a48c2262d860940e3151833dd9e6ea6cf1cae193

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 10:34:46 GMT
Last-Modified
Wed, 01 Nov 2023 11:45:13 GMT
Server
nginx
ETag
"65423a49-d9"
Content-Type
image/gif
Cache-Control
max-age=1728000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
217
Expires
Mon, 11 Mar 2024 10:34:46 GMT
1_0_595959FF_393939FF_1_uniques
bs.yandex.ru/informer/22079125/
10 B
1 KB
Image
General
Full URL
http://bs.yandex.ru/informer/22079125/1_0_595959FF_393939FF_1_uniques
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
HTTP/1.1
Server
2a02:6b8::90 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
Software
/
Resource Hash
7515bf959b73b956ceb967351c7e299cbb3668a53d35f9c770eb72e00d93ced6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 10:34:41 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000
Content-Security-Policy-Report-Only
default-src 'none'; base-uri 'none'; script-src 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech http://an.yandex.ru; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs-partner-ro&project=yabs&yandex_login=&platform=
Transfer-Encoding
chunked
P3P
CP="NOI DEVa TAIa OUR BUS UNI STA"
Content-Type
text/plain; charset=UTF-8
Timing-Allow-Origin
*
X-XSS-Protection
1; mode=block
hit
counter.yadro.ru/
Redirect Chain
  • http://counter.yadro.ru/hit?t21.3;r;s1600*1200*24;uhttp%3A//petiofi.narod.ru/detski.html;h%u0414%u0435%u0442%u0441%u043A%u0438%20%u043A%u0440%u044A%u0441%u0442%u043E%u0441%u043B%u043E%u0432%u0438%u...
  • https://counter.yadro.ru/hit?t21.3;r;s1600*1200*24;uhttp%3A//petiofi.narod.ru/detski.html;h%u0414%u0435%u0442%u0441%u043A%u0438%20%u043A%u0440%u044A%u0441%u0442%u043E%u0441%u043B%u043E%u0432%u0438%...
  • https://counter.yadro.ru/hit?q;t21.3;r;s1600*1200*24;uhttp%3A//petiofi.narod.ru/detski.html;h%u0414%u0435%u0442%u0441%u043A%u0438%20%u043A%u0440%u044A%u0441%u0442%u043E%u0441%u043B%u043E%u0432%u043...
2 KB
2 KB
Image
General
Full URL
https://counter.yadro.ru/hit?q;t21.3;r;s1600*1200*24;uhttp%3A//petiofi.narod.ru/detski.html;h%u0414%u0435%u0442%u0441%u043A%u0438%20%u043A%u0440%u044A%u0441%u0442%u043E%u0441%u043B%u043E%u0432%u0438%u0446%u0438;0.03457744007182817
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
HTTP/1.1
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
nginx/1.17.9 /
Resource Hash
f1c223c16210736b22436b8429ba6c0f19bb4b612293a70aad89decd7a57b0a2
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Feb 2024 10:34:42 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
1562
Expires
Sun, 19 Feb 2023 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 20 Feb 2024 10:34:42 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit?q;t21.3;r;s1600*1200*24;uhttp%3A//petiofi.narod.ru/detski.html;h%u0414%u0435%u0442%u0441%u043A%u0438%20%u043A%u0440%u044A%u0441%u0442%u043E%u0441%u043B%u043E%u0432%u0438%u0446%u0438;0.03457744007182817
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Sun, 19 Feb 2023 21:00:00 GMT
351951.js
js.hotlog.ru/dcounter/
0
0

code.js
top-fwz1.mail.ru/js/
44 KB
19 KB
Script
General
Full URL
https://top-fwz1.mail.ru/js/code.js
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
384d11b1b10a5836bf06f7b8f893cb49986aaa44d296510c250e72808af39874
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin
*
last-modified
Mon, 19 Feb 2024 10:38:19 GMT
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
etag
W/"65d32f9b-b0f2"
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
max-age=3600, private
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
expires
Tue, 20 Feb 2024 11:34:41 GMT
top100.js
st.top100.ru/top100/
122 KB
38 KB
Script
General
Full URL
http://st.top100.ru/top100/top100.js
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
HTTP/1.1
Server
81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx /
Resource Hash
9a7c4e57efaba2a8cc95f694d6b9578a4397dcde347f6cae567758441394a33a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 10:34:41 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Feb 2024 13:39:13 GMT
Server
nginx
x-amz-request-id
tx000000000000178d4db67-0065d47e00-783970ff-default
ETag
W/"e80e7b42a08af2f0b0b297702f4f2662"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
P3P
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
x-rgw-object-type
Normal
Cache-Control
max-age=3600
Connection
keep-alive
Expires
Tue, 20 Feb 2024 11:34:41 GMT
js15.js
s10.histats.com/
11 KB
5 KB
Script
General
Full URL
http://s10.histats.com/js15.js
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
HTTP/1.1
Server
2606:4700:10::6814:4273 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
429e7004f3f8fbe42cacb984c36a9cda33efdacc100a276b12e82c6ab78bf7ec

Request headers

Referer
http://petiofi.narod.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 20 Feb 2024 10:34:41 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Thu, 16 Apr 2020 10:44:16 GMT
Server
cloudflare
Age
82812
ETag
"980881274"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=28800
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
8586193a2a7c1b9f-FRA
Content-Length
4405
161182.php
s4.histats.com/stats/
59 B
193 B
Script
General
Full URL
https://s4.histats.com/stats/161182.php?161182&@f16&@g1&@h1&@i1&@j1708425281674&@k0&@l1&@m%D0%94%D0%B5%D1%82%D1%81%D0%BA%D0%B8%20%D0%BA%D1%80%D1%8A%D1%81%D1%82%D0%BE%D1%81%D0%BB%D0%BE%D0%B2%D0%B8%D1%86%D0%B8&@n0&@o1000&@q0&@r0&@s601&@ten-US&@u1600&@b1:175684790&@b3:1708425282&@b4:js15.js&@b5:60&@a-_0.2.1&@vhttp%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.27 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534106.ip-149-56-240.net
Software
/
Resource Hash
94ee7deed310cb3831ad7bcf23d6272dfa22a7a8faf18289508fa85210d8a8a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 10:34:42 GMT
Connection
close
Content-Length
59
Content-Type
text/html;charset=UTF-8
cse.js
cse.google.com/
6 KB
3 KB
Script
General
Full URL
https://cse.google.com/cse.js?cx=partner-pub-7800101367749268:9607452337
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
144c27c6db7dd3e69c5140068f95a5da84fc1507d0fcfe055037ad7ab2f579ff
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-3gCUWR_q_WCcq2XpfRUslw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-3gCUWR_q_WCcq2XpfRUslw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding
br
date
Tue, 20 Feb 2024 10:34:41 GMT
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2435
x-xss-protection
0
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
server
gws
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/javascript; charset=UTF-8
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
likebox.php
www.facebook.com/plugins/ Frame 12E4
Redirect Chain
  • http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%259A%25D1%2580%25D1%258A%25D1%2581%25D1%2582%25D0%25BE%25D1%2581%25D0%25BB%25D0%25BE%25D0%25B2%25D0%25...
  • https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%259A%25D1%2580%25D1%258A%25D1%2581%25D1%2582%25D0%25BE%25D1%2581%25D0%25BB%25D0%25BE%25D0%25B2%25D0%2...
120 KB
34 KB
Document
General
Full URL
https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%259A%25D1%2580%25D1%258A%25D1%2581%25D1%2582%25D0%25BE%25D1%2581%25D0%25BB%25D0%25BE%25D0%25B2%25D0%25B8%25D1%2586%25D0%25B8%2F219374801463722&width=520&colorscheme=light&show_faces=true&border_color&stream=true&header=true&height=590
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
303b14516d62d0d4e808f290466152cb4931673b9ac911f37f8fca59148c6909
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://petiofi.narod.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
unsafe-none;report-to="coop_report"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Feb 2024 10:34:42 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
permissions-policy-report-only
clipboard-read=(), clipboard-write=();report-to="permissions_policy"
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
rEKdJDBxFY0KrAiI0kirdN4nkvge3NmENU+pV9JrDlHhnTukuvDdKzpGm4SFus6tGvueuMNniesOampAgZDGxg==
x-xss-protection
0

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%259A%25D1%2580%25D1%258A%25D1%2581%25D1%2582%25D0%25BE%25D1%2581%25D0%25BB%25D0%25BE%25D0%25B2%25D0%25B8%25D1%2586%25D0%25B8%2F219374801463722&width=520&colorscheme=light&show_faces=true&border_color&stream=true&header=true&height=590
Non-Authoritative-Reason
HSTS
c
counter.search.bg/cgi-bin/
192 B
500 B
Image
General
Full URL
http://counter.search.bg/cgi-bin/c?_id=petraki&_z=0&_r=1600&_c=24&_j=N&_t=-60&_k=Y&_l=
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
HTTP/1.1
Server
38.242.215.86 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
ns2.w3open.com
Software
logger /
Resource Hash
168dcd9b03d59ab43b13bcccb78c5dcb6ed6f0f5dbd9b1e2c443cc4ae8191a05

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 10:34:41 GMT
Server
logger
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-cache, no-store, must-revalidate
Connection
close
Accept-Ranges
bytes
Content-Length
192
Expires
Thu, 01 Jan 1970 00:00:01 GMT
watch.js
mc.yandex.ru/metrika/
Redirect Chain
  • http://mc.yandex.ru/metrika/watch.js
  • https://mc.yandex.ru/metrika/watch.js
157 KB
56 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
H2
Server
2a02:6b8::1:119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
Software
/
Resource Hash
a4ac5325e4228b19f937d516b94aef0ff65adb7ca2baa4ce5d879b42a7c1bea5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Mon, 19 Feb 2024 14:24:04 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"65d36484-dd82"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
56706
expires
Tue, 20 Feb 2024 11:34:42 GMT

Redirect headers

Location
https://mc.yandex.ru/metrika/watch.js
Content-Length
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/
406 KB
138 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7800101367749268&plah=petiofi.narod.ru&aplac=true&bust=31081135
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50c8b64001f780d847ca44c0c961886bd259302cb14e0297d3b941f8d499e3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141087
x-xss-protection
0
server
cafe
etag
7755953307286983345
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 20 Feb 2024 10:34:41 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/ Frame 6D0A
9 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html?hello=world
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://petiofi.narod.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
54661
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 19 Feb 2024 19:23:40 GMT
etag
3890843268177463596
expires
Mon, 04 Mar 2024 19:23:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/
0
254 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-BL7TKSZ9XP&gtm=45je42e0v9132339338za200&_p=1708425281539&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=834704921.1708425282&ul=en-us&sr=1600x1200&pscdl=noapi&_s=1&sid=1708425281&sct=1&seg=0&dl=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&dt=%D0%94%D0%B5%D1%82%D1%81%D0%BA%D0%B8%20%D0%BA%D1%80%D1%8A%D1%81%D1%82%D0%BE%D1%81%D0%BB%D0%BE%D0%B2%D0%B8%D1%86%D0%B8&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=988
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BL7TKSZ9XP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 10:34:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://petiofi.narod.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
userip
kraken.rambler.ru/
12 B
463 B
XHR
General
Full URL
https://kraken.rambler.ru/userip
Requested by
Host: st.top100.ru
URL: http://st.top100.ru/top100/top100.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx /
Resource Hash
361013f14048242b449118364082c02135e5430ba7f3dba02d81d3dfee184367

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 10:34:42 GMT
server
nginx
x-srv
2kraken-prod0003.ad.rambler.tech
content-type
application/octet-stream, text/plain
access-control-allow-origin
http://petiofi.narod.ru
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control
no-store,no-cache,must-revalidate
content-length
12
usability.js
st.top100.ru/top100/3.15.8/
14 KB
4 KB
Script
General
Full URL
https://st.top100.ru/top100/3.15.8/usability.js
Requested by
Host: st.top100.ru
URL: http://st.top100.ru/top100/top100.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx /
Resource Hash
e15b6a5399b3a0165ce5553baeb68d5438f0eb9fcc94abd49a54ada8cf230724

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:42 GMT
content-encoding
gzip
last-modified
Mon, 19 Feb 2024 13:39:13 GMT
server
nginx
x-amz-request-id
tx000000000000178d5d159-0065d47f7b-783970ff-default
etag
W/"1d932fc58e5bfcdf5e65e28466bdf992"
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
x-rgw-object-type
Normal
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
dyn-goal-config.js
top-fwz1.mail.ru/js/
3 KB
2 KB
Script
General
Full URL
https://top-fwz1.mail.ru/js/dyn-goal-config.js?ids=1046193
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
90d4798cfeacb30022d6f8efb927da957733d8302ed75b0691a9c4afc8d9f15d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
max-age=600, private
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
expires
Tue, 20 Feb 2024 10:44:42 GMT
counter
top-fwz1.mail.ru/
43 B
1 KB
Image
General
Full URL
https://top-fwz1.mail.ru/counter?_=0.28956149584750857;id=1046193;u=http%3A//petiofi.narod.ru/detski.html;st=1708425281682;title=%D0%94%D0%B5%D1%82%D1%81%D0%BA%D0%B8%20%D0%BA%D1%80%D1%8A%D1%81%D1%82%D0%BE%D1%81%D0%BB%D0%BE%D0%B2%D0%B8%D1%86%D0%B8;s=1600*1200;vp=1600*2272;touch=0;hds=1;sid=276b2fc8a61713c0;ver=60.4.0;tz=-60%2FEurope%2FBerlin;ct=1146/1149/1149/;gl=u;ni=10//4g/0/0/;lvid=1708425281965%3A1708425281971%3A1%3A3e334c694a839ea0fca133690ab53f03;opts=dl%2Cjst-gtag;visible=true;js=13
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:42 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
cse_element__de.js
www.google.com/cse/static/element/8435450f13508ca1/
318 KB
106 KB
Script
General
Full URL
https://www.google.com/cse/static/element/8435450f13508ca1/cse_element__de.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-7800101367749268:9607452337
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6f357810e9cd8f0aeca7b0cd526dc72d9230dce6958843f80bf104f940b5626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
108420
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 16:43:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
private, max-age=31536000
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Tue, 20 Feb 2024 10:34:42 GMT
default+de.css
www.google.com/cse/static/element/8435450f13508ca1/
41 KB
9 KB
Stylesheet
General
Full URL
https://www.google.com/cse/static/element/8435450f13508ca1/default+de.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-7800101367749268:9607452337
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9068
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 16:43:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
private, max-age=31536000
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Tue, 20 Feb 2024 10:34:42 GMT
default.css
www.google.com/cse/static/style/look/v4/
4 KB
2 KB
Stylesheet
General
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-7800101367749268:9607452337
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:03:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1345
x-xss-protection
0
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Tue, 20 Feb 2024 10:53:35 GMT
_u9v75tarnE.css
static.xx.fbcdn.net/rsrc.php/v3/y0/l/0,cross/ Frame 12E4
22 KB
5 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y0/l/0,cross/_u9v75tarnE.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%259A%25D1%2580%25D1%258A%25D1%2581%25D1%2582%25D0%25BE%25D1%2581%25D0%25BB%25D0%25BE%25D0%25B2%25D0%25B8%25D1%2586%25D0%25B8%2F219374801463722&width=520&colorscheme=light&show_faces=true&border_color&stream=true&header=true&height=590
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ec88ae1ecf5b870737f876cc1bb7252d45bccf4d5a7fb145e560739e781d2ea1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
date
Tue, 20 Feb 2024 10:34:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
nZ16N27vCVTVcsAGee5+qQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4990
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-debug
HEkvyOCKX0wQP8XQXFo3WZMSAuJyBExNkVugmqkAS/4zCmBU8r5WeK7yCkUE+LPrkKKCiE8IL2OkYWJKM8pFZg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Tue, 18 Feb 2025 16:54:13 GMT
_HwBCJENsRe.css
static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/ Frame 12E4
20 KB
6 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/_HwBCJENsRe.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%259A%25D1%2580%25D1%258A%25D1%2581%25D1%2582%25D0%25BE%25D1%2581%25D0%25BB%25D0%25BE%25D0%25B2%25D0%25B8%25D1%2586%25D0%25B8%2F219374801463722&width=520&colorscheme=light&show_faces=true&border_color&stream=true&header=true&height=590
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ce892acc4a9ec24adc13617e250eb3e2f7fb510c4160e02541a0446c1ca5307b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
date
Tue, 20 Feb 2024 10:34:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
GtlUS2Ibgwwe9uFxeII9kw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5238
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-debug
M2av0LRPZjnPYsSrB+HmeukEsAIF4goCBl59Ur0VpeAVNTHrDfJTi2S9qwh9hEYoYbB032mHFg07hq6HpzNiyA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Mon, 17 Feb 2025 16:57:32 GMT
cM5kcqrABxz.css
static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/ Frame 12E4
10 KB
3 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/cM5kcqrABxz.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%259A%25D1%2580%25D1%258A%25D1%2581%25D1%2582%25D0%25BE%25D1%2581%25D0%25BB%25D0%25BE%25D0%25B2%25D0%25B8%25D1%2586%25D0%25B8%2F219374801463722&width=520&colorscheme=light&show_faces=true&border_color&stream=true&header=true&height=590
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e98d376757ded7c70e51c0059a0ccb56da68d20637918d293ad34757675924fd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
date
Tue, 20 Feb 2024 10:34:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
pxBrYj2yTQXMr6RMq1jwbQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2432
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-debug
5nEm6RZe5gYkPzaOjKo9p+iQ+fdyEx9AbIxBqXhflCDiF6HQkQLFWYFixsrtpBbUruwmp/Nr8avgwqkTiZT04w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin
*
expires
Thu, 13 Feb 2025 10:00:52 GMT
J8jQxDMstoW.css
static.xx.fbcdn.net/rsrc.php/v3/yU/l/0,cross/ Frame 12E4
18 KB
4 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yU/l/0,cross/J8jQxDMstoW.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%259A%25D1%2580%25D1%258A%25D1%2581%25D1%2582%25D0%25BE%25D1%2581%25D0%25BB%25D0%25BE%25D0%25B2%25D0%25B8%25D1%2586%25D0%25B8%2F219374801463722&width=520&colorscheme=light&show_faces=true&border_color&stream=true&header=true&height=590
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d028f0dc446d5168becaf01cf3e8aa03dfd209755844e9d33e72ba808811dab7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
date
Tue, 20 Feb 2024 10:34:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
4IsQQ0yf0vRInXr2+j8mHg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4308
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-debug
/6XCaf9+LlmVfhNSoYTLJLS3/HABxE+5mZbLjE3HcogF1uAcP0/hbSR+iuU/62xDA1FhhpaPYn81CWxejmliVQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin
*
expires
Thu, 13 Feb 2025 12:37:06 GMT
E9jf6zahLHS.js
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 12E4
355 KB
92 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/E9jf6zahLHS.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%259A%25D1%2580%25D1%258A%25D1%2581%25D1%2582%25D0%25BE%25D1%2581%25D0%25BB%25D0%25BE%25D0%25B2%25D0%25B8%25D1%2586%25D0%25B8%2F219374801463722&width=520&colorscheme=light&show_faces=true&border_color&stream=true&header=true&height=590
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
96201bf7415ca1b0148d133e972c19e86cfc034d2c27ef839d13042f7af32c38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
date
Tue, 20 Feb 2024 10:34:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
U7/r16G/tGL+WsASosRcPg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
94007
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-debug
AVNN+UwW2KVhxGyGGsv4FFSPALic+vSVkzkBGWYRhHcecmFItCuBh80ewlvtstwG4QjAzzsTSL951Uq7TG7Rzg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 15 Feb 2025 06:01:35 GMT
8ZrPme2EwKH.js
static.xx.fbcdn.net/rsrc.php/v3/yc/r/ Frame 12E4
9 KB
3 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yc/r/8ZrPme2EwKH.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%259A%25D1%2580%25D1%258A%25D1%2581%25D1%2582%25D0%25BE%25D1%2581%25D0%25BB%25D0%25BE%25D0%25B2%25D0%25B8%25D1%2586%25D0%25B8%2F219374801463722&width=520&colorscheme=light&show_faces=true&border_color&stream=true&header=true&height=590
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2910a75fe798cbb18961bf9510620ee4edbc664b99037f2a9b0b0af70a8d9631
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
date
Tue, 20 Feb 2024 10:34:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
JieWsOvZ3RFDEjZePuauxg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2809
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-debug
/AcR2wwqYTBYCUiC4K+2T2arA6pZM1O1NcOpX3FxaDiHM4wVa+k/AQ8ln/Slr28l8Zjt+yaytDhShMoRrJKp9Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin
*
expires
Thu, 13 Feb 2025 13:14:54 GMT
C27gDiAQKjy.js
static.xx.fbcdn.net/rsrc.php/v3iAxA4/y6/l/de_DE/ Frame 12E4
108 KB
31 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/y6/l/de_DE/C27gDiAQKjy.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%259A%25D1%2580%25D1%258A%25D1%2581%25D1%2582%25D0%25BE%25D1%2581%25D0%25BB%25D0%25BE%25D0%25B2%25D0%25B8%25D1%2586%25D0%25B8%2F219374801463722&width=520&colorscheme=light&show_faces=true&border_color&stream=true&header=true&height=590
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ad3f780f0b37b67580c2b3045df0451c21fb970d0205c2edb6132389a307ee95
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
date
Tue, 20 Feb 2024 10:34:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
0IptewvNvOPnhFVFbt8T1g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
31509
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-debug
JDPNNuSUP7XVq26eDYKh/gwMnKeTgusnWWxWQ0Pva6bPQPTTU5fRHpuHd56C5sfF7PxvbG5Bnpmn8wP9e7BsKg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Fri, 14 Feb 2025 22:40:31 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 12E4
507 B
488 B
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%259A%25D1%2580%25D1%258A%25D1%2581%25D1%2582%25D0%25BE%25D1%2581%25D0%25BB%25D0%25BE%25D0%25B2%25D0%25B8%25D1%2586%25D0%25B8%2F219374801463722&width=520&colorscheme=light&show_faces=true&border_color&stream=true&header=true&height=590
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
date
Tue, 20 Feb 2024 10:34:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-debug
Qe0pOwsm7i28/PG4WOYqKtu+rhADN3bjkQDpuixScXHfyj2HTgRXtqLtxD0fG41HLPeUilqHn5IJFA2090+eHw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin
*
expires
Thu, 13 Feb 2025 09:32:27 GMT
leuT2ffoZQq.js
static.xx.fbcdn.net/rsrc.php/v3/yo/r/ Frame 12E4
45 KB
13 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/leuT2ffoZQq.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%259A%25D1%2580%25D1%258A%25D1%2581%25D1%2582%25D0%25BE%25D1%2581%25D0%25BB%25D0%25BE%25D0%25B2%25D0%25B8%25D1%2586%25D0%25B8%2F219374801463722&width=520&colorscheme=light&show_faces=true&border_color&stream=true&header=true&height=590
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
21de8fd21bd8dfa1f1778e7997e417901434ab1362e589422066e87bc05574c3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
date
Tue, 20 Feb 2024 10:34:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
6qScaftZSp4tROnfMZwMcg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12855
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-debug
LJZM00O/hnyx31OvN5daietdsgPBXH8zssWd/0WbQojHVeM20Ji3juvlQFLmTBZukxLxGnMIhQY7nF2j7Jiwwg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin
*
expires
Fri, 14 Feb 2025 22:38:28 GMT
U_vR6oxqRMZ.js
static.xx.fbcdn.net/rsrc.php/v3/ye/r/ Frame 12E4
216 KB
62 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ye/r/U_vR6oxqRMZ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%259A%25D1%2580%25D1%258A%25D1%2581%25D1%2582%25D0%25BE%25D1%2581%25D0%25BB%25D0%25BE%25D0%25B2%25D0%25B8%25D1%2586%25D0%25B8%2F219374801463722&width=520&colorscheme=light&show_faces=true&border_color&stream=true&header=true&height=590
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d4bc74974276640f22a3cb6ebc4c10982e01f57eeb4135ddb581f5704fbf0c8f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
date
Tue, 20 Feb 2024 10:34:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
VQ4qqlNucwZ6kA4mDLoAGQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
63286
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-debug
qY8lVOJwFrXG12eKSam7IhKTSk4sSsIC0kfqU52jdGZ0QNTFvOOTqmHqYbTQEHDkpbfzgSj76o432mh1YLeaXQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Fri, 14 Feb 2025 22:38:28 GMT
vz_2ZHsDSGe.js
static.xx.fbcdn.net/rsrc.php/v3imkU4/yd/l/de_DE/ Frame 12E4
6 KB
2 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3imkU4/yd/l/de_DE/vz_2ZHsDSGe.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%259A%25D1%2580%25D1%258A%25D1%2581%25D1%2582%25D0%25BE%25D1%2581%25D0%25BB%25D0%25BE%25D0%25B2%25D0%25B8%25D1%2586%25D0%25B8%2F219374801463722&width=520&colorscheme=light&show_faces=true&border_color&stream=true&header=true&height=590
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a07ce4900c10a7af4c7ef6bcbcc91ff21600f9df829dd410af768a619cafc0e5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
date
Tue, 20 Feb 2024 10:34:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
0L+LtLOye71rg7Pi1WXJwQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2171
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-debug
pZ1fISV7Ky6JAanXTesgqVDPmus8bHpovw6ZV7lFGoLKVcDoV4LEt+IN6O1L6fv3o0AmAW48mm2pMCU2oxR7yA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin
*
expires
Thu, 13 Feb 2025 18:47:58 GMT
6ydLaeSSU1k.js
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 12E4
94 KB
27 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/6ydLaeSSU1k.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%259A%25D1%2580%25D1%258A%25D1%2581%25D1%2582%25D0%25BE%25D1%2581%25D0%25BB%25D0%25BE%25D0%25B2%25D0%25B8%25D1%2586%25D0%25B8%2F219374801463722&width=520&colorscheme=light&show_faces=true&border_color&stream=true&header=true&height=590
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
226dcd2f9b9c7ce00c5526efd49c712ecbcfa2f959893db232b90ad01c27c8fa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
date
Tue, 20 Feb 2024 10:34:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
+LMaw+VGkGPpkT5zeY0PcQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27503
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-debug
rJXHNA+erWa9cwaG/cSE+gEg78mUasiyNfkw9jqTnGsCD7fz/K7mCSdLdJgctyzlc9g+gJlCdX7Ds2OS7x21Zw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Fri, 14 Feb 2025 22:29:21 GMT
-70PaI-1Xdh.js
static.xx.fbcdn.net/rsrc.php/v3/yA/r/ Frame 12E4
61 KB
16 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yA/r/-70PaI-1Xdh.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%259A%25D1%2580%25D1%258A%25D1%2581%25D1%2582%25D0%25BE%25D1%2581%25D0%25BB%25D0%25BE%25D0%25B2%25D0%25B8%25D1%2586%25D0%25B8%2F219374801463722&width=520&colorscheme=light&show_faces=true&border_color&stream=true&header=true&height=590
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
256b64494fe2573d5b7cad9ee59b22ad7d1e720ca452c348381c2f29ac2d089b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
date
Tue, 20 Feb 2024 10:34:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
2uXtZTmQDcpMHWI1flwizA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15969
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-debug
u2tB6eixWTAdr59zQ9MrxYrA2Gqh8KYxgH7EzfCzSqBPuyVNbdVYk/oH388AQXpegg2Bcc9Rx1rKhAsJqEC2vg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin
*
expires
Fri, 14 Feb 2025 22:39:25 GMT
2_UQu_HhTQu.js
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame 12E4
8 KB
3 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/2_UQu_HhTQu.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%259A%25D1%2580%25D1%258A%25D1%2581%25D1%2582%25D0%25BE%25D1%2581%25D0%25BB%25D0%25BE%25D0%25B2%25D0%25B8%25D1%2586%25D0%25B8%2F219374801463722&width=520&colorscheme=light&show_faces=true&border_color&stream=true&header=true&height=590
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa03eb68227b8878eaceea508be01259496077ec5ed9b375f84c77f577b843ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
date
Tue, 20 Feb 2024 10:34:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
9fmJr3THTP07qrIGN3DNCQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2755
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-debug
Dep1SpWn8vN1T04lB7HmulBb9gfFqtnYHqi6A0dKBml2VSH8q0rqb3UVo9bFw2B+HArVjthwMeY0r6+naDOuyg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin
*
expires
Thu, 13 Feb 2025 13:40:45 GMT
vxmGiegapsN.js
static.xx.fbcdn.net/rsrc.php/v3/yL/r/ Frame 12E4
20 KB
8 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yL/r/vxmGiegapsN.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%259A%25D1%2580%25D1%258A%25D1%2581%25D1%2582%25D0%25BE%25D1%2581%25D0%25BB%25D0%25BE%25D0%25B2%25D0%25B8%25D1%2586%25D0%25B8%2F219374801463722&width=520&colorscheme=light&show_faces=true&border_color&stream=true&header=true&height=590
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3c3ebbb47fa016b229638258faa24b610fe571648e1b7e9fc2836bb5eb813849
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
date
Tue, 20 Feb 2024 10:34:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
4ZPUJrr/1coOXB3qCQuDKQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7226
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-debug
8c9MKQJEMd9YvYjnLlXQE0Jiuqb0EvciPYiQhZ0AUI38zkS+L48mZB7/9tOqoC3BZf14xOJgXk1nUs4DKkuFGg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin
*
expires
Fri, 14 Feb 2025 22:38:28 GMT
mEfPb9OcYTS.js
static.xx.fbcdn.net/rsrc.php/v3iUY_4/yA/l/de_DE/ Frame 12E4
26 KB
8 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iUY_4/yA/l/de_DE/mEfPb9OcYTS.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%259A%25D1%2580%25D1%258A%25D1%2581%25D1%2582%25D0%25BE%25D1%2581%25D0%25BB%25D0%25BE%25D0%25B2%25D0%25B8%25D1%2586%25D0%25B8%2F219374801463722&width=520&colorscheme=light&show_faces=true&border_color&stream=true&header=true&height=590
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e300f40b91cd75faf039dd31510a1d963a02f707e12badcda882eb1e3428144d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
date
Tue, 20 Feb 2024 10:34:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
pZ4xqT4DUK/uY9YrwG8nXg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
8455
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-debug
jNfz5a4xE8qwXnckTa96lRiOHbe/7zAyU/sZoxR7uPRzi9/Zpshw0We9IthZQhwvSSdOOs8x19yPhfUUFZbyjg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Fri, 14 Feb 2025 22:53:13 GMT
V0bSjdVNvGA.js
static.xx.fbcdn.net/rsrc.php/v3/yM/r/ Frame 12E4
8 KB
2 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/V0bSjdVNvGA.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%259A%25D1%2580%25D1%258A%25D1%2581%25D1%2582%25D0%25BE%25D1%2581%25D0%25BB%25D0%25BE%25D0%25B2%25D0%25B8%25D1%2586%25D0%25B8%2F219374801463722&width=520&colorscheme=light&show_faces=true&border_color&stream=true&header=true&height=590
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
91b72d02901e410e08205dee625b3fccca589d27ec9cc20a997cfc213acd5146
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
date
Tue, 20 Feb 2024 10:34:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
PE7IkapvXcUpOpdYB6joGw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2175
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-debug
6r+RM9j8SImJ/PVCZMDAU2mAj+g/Bm1zwJGPHZdxsmdASmvHkbJO054XcnKz4wx6YfzNj0K513JIaq86nbQ8cg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Fri, 14 Feb 2025 22:38:29 GMT
truncated
/ Frame 12E4
2 KB
0
Stylesheet
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
cc_601.js
s10.histats.com/counters/
13 KB
5 KB
Script
General
Full URL
https://s10.histats.com/counters/cc_601.js
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:4273 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
085b24f403c6482cd06aeaa36b22029e3891e51a33729712eb7a98e750d54af9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:42 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:45:32 GMT
server
cloudflare
age
6532
etag
"-433514832"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
8586193e1b716925-FRA
content-length
4486
300831682_428164789295314_4155234537219762817_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame 12E4
41 KB
41 KB
Image
General
Full URL
https://scontent.xx.fbcdn.net/v/t39.30808-6/300831682_428164789295314_4155234537219762817_n.jpg?stp=dst-jpg_p403x403&_nc_cat=103&ccb=1-7&_nc_sid=081abc&_nc_ohc=uIiWVUZ-DecAX-TAvoQ&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AfDq3_i0C-BJ5muFAdIR4v-x_AvcVIaw0BxNQvGhaPMd8w&oe=65D8FFC6
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%259A%25D1%2580%25D1%258A%25D1%2581%25D1%2582%25D0%25BE%25D1%2581%25D0%25BB%25D0%25BE%25D0%25B2%25D0%25B8%25D1%2586%25D0%25B8%2F219374801463722&width=520&colorscheme=light&show_faces=true&border_color&stream=true&header=true&height=590
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f8d090b1103472c2f535d285c4cb081488700b3517148059b13373033467377b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:42 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Thu, 01 Sep 2022 15:33:41 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=3932101311
thrift_fmhk
GBDmyBzWdqLIHv3Htk5y/aKUFfDr4Z0EvFUAAAA=
cache-control
max-age=1209600, no-transform
x-fb-edge-debug
m8DJGu4lOAwj2LYYpM1lHsj1-3Bc9WoOhAxTisv1JmsplVjsTQGRtPm9-k_MmFoeYdk5sQ8jHwbjEpzUB96urczTj_-c98FLnFC9IPev_w2BQzBDMPSsgp69mKQQNrZE
cross-origin-resource-policy
cross-origin
x-needle-checksum
2366619060
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
41701
302895865_428164785961981_8510461843216491000_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-1/ Frame 12E4
2 KB
2 KB
Image
General
Full URL
https://scontent.xx.fbcdn.net/v/t39.30808-1/302895865_428164785961981_8510461843216491000_n.jpg?stp=c4.0.50.50a_cp0_dst-jpg_p50x50&_nc_cat=108&ccb=1-7&_nc_sid=4da83f&_nc_ohc=fEbbKTDtN6EAX_HBKbF&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AfD00d3lYuq_DJ-cujKlCQjlkaEhgdC-vnz56nhYRuFkXw&oe=65DA0590
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%259A%25D1%2580%25D1%258A%25D1%2581%25D1%2582%25D0%25BE%25D1%2581%25D0%25BB%25D0%25BE%25D0%25B2%25D0%25B8%25D1%2586%25D0%25B8%2F219374801463722&width=520&colorscheme=light&show_faces=true&border_color&stream=true&header=true&height=590
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2e8ad8dd2dedc88e1d2072675d5e2df6196d89c343c54390ad03e074a0bef180

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:42 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Thu, 01 Sep 2022 15:33:40 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=3175036844
thrift_fmhk
GBDfR3YCdi+GDYZ4HxuwLw8CFfDr4Z0EvFUAAAA=
cache-control
max-age=1209600, no-transform
x-fb-edge-debug
mT-AVllppczowwldpEhQ7348_tczBb4xe1Nf3NBxKitnk1Uy8P1aOPAUtBICg653yaGHknkgnZ-nE7BBu8v3oYs9LRt3lNI_E2OIorLVK3yQxVnfYoe57-2OAEYwH8Zy
cross-origin-resource-policy
cross-origin
x-needle-checksum
1693103949
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1635
/
kraken.rambler.ru/cnt/v2/
43 B
696 B
Image
General
Full URL
https://kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=861941&session_id=269413884_1708425281956&session_number=1&session_event_number=1&version=3.15.8&counter_type=web&experiment=%5B%5B%22exp_ws%22%2C%22no%22%5D%5D&top100_id=t1.861941.1147338845.1708425281955&adtech_uid=22857d8d-418a-4ed8-981c-63ae8f654344&adtech_uid_scope=narod.ru&fingerprint=pA8AAENKs1cCoPNZAT7WYgA%3D&fingerprint_ip=pA8AAENKs1fAETUZAfRZzgA%3D&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&request_id=1708425281.954-630050421&event_id=482052821819482&meta=%7B%22title%22%3A%22%D0%94%D0%B5%D1%82%D1%81%D0%BA%D0%B8%20%D0%BA%D1%80%D1%8A%D1%81%D1%82%D0%BE%D1%81%D0%BB%D0%BE%D0%B2%D0%B8%D1%86%D0%B8%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221600x1200%22%2C%22browser_size%22%3A%221600x1200%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Win32%22%2C%22timezone%22%3A%22-60%22%7D&rn=447342760
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 10:34:42 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
x-srv
2kraken-prod0002.ad.rambler.tech
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif, image/gif
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
17869661587411840957
external.xx.fbcdn.net/emg1/v/t13/ Frame 12E4
243 KB
243 KB
Image
General
Full URL
https://external.xx.fbcdn.net/emg1/v/t13/17869661587411840957?url=http%3A%2F%2Fpetiofi.narod.ru%2Fimg%2Ftokio-2020.png&fb_obo=1&utld=narod.ru&stp=c0.5000x0.5000f_dst-emg0_p540x282_q75_u&ccb=13-1&oh=06_AbHAW1d5w2ctwGGdKPOivo3IKiut_Iua3qLB16MDqhe8Tw&oe=65D5E9DD&_nc_sid=e42f53
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%259A%25D1%2580%25D1%258A%25D1%2581%25D1%2582%25D0%25BE%25D1%2581%25D0%25BB%25D0%25BE%25D0%25B2%25D0%25B8%25D1%2586%25D0%25B8%2F219374801463722&width=520&colorscheme=light&show_faces=true&border_color&stream=true&header=true&height=590
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
497ac2734f8a41817bccc94283737cfc706544069ef4fcb1e5029e51c8b6450d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:42 GMT
last-modified
Tue, 20 Feb 2024 10:34:42 GMT
x-fb-original-response-code
200
content-type
image/png
access-control-allow-origin
*
content-digest
adler32=1892743089
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
x-fb-original-response-reason
OK
content-length
248931
alt-svc
h3=":443"; ma=86400
9452915333611235683
external.xx.fbcdn.net/emg1/v/t13/ Frame 12E4
249 KB
249 KB
Image
General
Full URL
https://external.xx.fbcdn.net/emg1/v/t13/9452915333611235683?url=http%3A%2F%2Fpetiofi.narod.ru%2Fimg%2Feuro2020_600x315.png&fb_obo=1&utld=narod.ru&stp=c0.5000x0.5000f_dst-emg0_p540x282_q75_u&ccb=13-1&oh=06_AbHUtE3W-XQwPpAsODQAdm3Mptt6rvfaSNTw9SYJPzswmA&oe=65D61A62&_nc_sid=e42f53
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%259A%25D1%2580%25D1%258A%25D1%2581%25D1%2582%25D0%25BE%25D1%2581%25D0%25BB%25D0%25BE%25D0%25B2%25D0%25B8%25D1%2586%25D0%25B8%2F219374801463722&width=520&colorscheme=light&show_faces=true&border_color&stream=true&header=true&height=590
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1c91f64a6b8b572618132ef5f98934db897d707322e2bc3db45b2788758d5c63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:43 GMT
last-modified
Tue, 20 Feb 2024 10:34:42 GMT
x-fb-original-response-code
200
content-type
image/png
access-control-allow-origin
*
content-digest
adler32=2324814155
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
x-fb-original-response-reason
OK
content-length
254898
alt-svc
h3=":443"; ma=86400
ads
googleads.g.doubleclick.net/pagead/ Frame 112B
35 KB
15 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=60&slotname=4954790851&adk=3850891032&adf=3353141943&pi=t.ma~as.4954790851&w=468&lmt=1708425282&format=468x60&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281763&bpp=2&bdt=445&idt=431&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&correlator=3351915128569&frm=20&pv=2&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=827&ady=42&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=442
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7800101367749268&plah=petiofi.narod.ru&aplac=true&bust=31081135
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d09709eb2d01cfb9088d7842266608c935e552d9963e174366497591f1d03cb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://petiofi.narod.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
14684
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Feb 2024 10:34:42 GMT
expires
Tue, 20 Feb 2024 10:34:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
1566725156839089626
external.xx.fbcdn.net/emg1/v/t13/ Frame 12E4
203 KB
203 KB
Image
General
Full URL
https://external.xx.fbcdn.net/emg1/v/t13/1566725156839089626?url=http%3A%2F%2Fpetiofi.narod.ru%2Fpraznichni%2Fimg%2Fte_ti_bulka_spasovden.png&fb_obo=1&utld=narod.ru&stp=c0.5000x0.5000f_dst-emg0_p540x282_q75_u&ccb=13-1&oh=06_AbH4KdIBxmtFntwwnPydqp0PaR6j3_NgZ-sLVrID8hvVFQ&oe=65D5F320&_nc_sid=e42f53
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%259A%25D1%2580%25D1%258A%25D1%2581%25D1%2582%25D0%25BE%25D1%2581%25D0%25BB%25D0%25BE%25D0%25B2%25D0%25B8%25D1%2586%25D0%25B8%2F219374801463722&width=520&colorscheme=light&show_faces=true&border_color&stream=true&header=true&height=590
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f2fe39fcff7eddfb9dbf882b9e2b40e2f1178c29edc9fe4b6f8d6a817d53a1ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:43 GMT
last-modified
Tue, 20 Feb 2024 10:34:42 GMT
x-fb-original-response-code
200
content-type
image/png
access-control-allow-origin
*
content-digest
adler32=3804033873
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
x-fb-original-response-reason
OK
content-length
207520
alt-svc
h3=":443"; ma=86400
7691099177750990548
external.xx.fbcdn.net/emg1/v/t13/ Frame 12E4
216 KB
216 KB
Image
General
Full URL
https://external.xx.fbcdn.net/emg1/v/t13/7691099177750990548?url=http%3A%2F%2Fpetiofi.narod.ru%2Fimagess%2Fskandi_s_lekar_600x315.png&fb_obo=1&utld=narod.ru&stp=c0.5000x0.5000f_dst-emg0_p540x282_q75_u&ccb=13-1&oh=06_AbHiZ4euLJGLHCXYmmNvQgWRnNOYC26yL1HJhVi2XzuDbQ&oe=65D64BD3&_nc_sid=e42f53
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%259A%25D1%2580%25D1%258A%25D1%2581%25D1%2582%25D0%25BE%25D1%2581%25D0%25BB%25D0%25BE%25D0%25B2%25D0%25B8%25D1%2586%25D0%25B8%2F219374801463722&width=520&colorscheme=light&show_faces=true&border_color&stream=true&header=true&height=590
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6e6130e333082504f6483ab92416010cfeb338355231e00fc8777790a2dd4d18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:43 GMT
last-modified
Tue, 20 Feb 2024 10:34:42 GMT
x-fb-original-response-code
200
content-type
image/png
access-control-allow-origin
*
content-digest
adler32=1444958662
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
x-fb-original-response-reason
OK
content-length
220722
alt-svc
h3=":443"; ma=86400
3032515542102775179
external.xx.fbcdn.net/emg1/v/t13/ Frame 12E4
90 KB
90 KB
Image
General
Full URL
https://external.xx.fbcdn.net/emg1/v/t13/3032515542102775179?url=http%3A%2F%2Fpetiofi.narod.ru%2Fimgklass%2FApostola_na_svobodata.png&fb_obo=1&utld=narod.ru&stp=c0.5000x0.5000f_dst-emg0_p540x282_q75_u&ccb=13-1&oh=06_AbHi9J2IlpaN1ls8DgdATzxrkjpw2pWAaWSJvQJ8c4l2cw&oe=65D5F550&_nc_sid=e42f53
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%259A%25D1%2580%25D1%258A%25D1%2581%25D1%2582%25D0%25BE%25D1%2581%25D0%25BB%25D0%25BE%25D0%25B2%25D0%25B8%25D1%2586%25D0%25B8%2F219374801463722&width=520&colorscheme=light&show_faces=true&border_color&stream=true&header=true&height=590
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b0913512a8e7316569fb4f11c41df7357eda219faa3d493eacb36cad6de9b5bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:42 GMT
last-modified
Tue, 20 Feb 2024 10:34:42 GMT
x-fb-original-response-code
200
content-type
image/png
access-control-allow-origin
*
content-digest
adler32=623515659
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
x-fb-original-response-reason
OK
content-length
92179
alt-svc
h3=":443"; ma=86400
ads
googleads.g.doubleclick.net/pagead/ Frame 7641
103 KB
39 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=600&slotname=4584916924&adk=2319987244&adf=218696053&pi=t.ma~as.4584916924&w=160&lmt=1708425282&format=160x600&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281765&bpp=1&bdt=448&idt=447&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60&correlator=3351915128569&frm=20&pv=1&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1133&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=449
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7800101367749268&plah=petiofi.narod.ru&aplac=true&bust=31081135
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b8fc6db55f2d42658968720864dfb143a3681a6f3dd4a4065dc5cf471c39e11e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://petiofi.narod.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
39872
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Feb 2024 10:34:42 GMT
expires
Tue, 20 Feb 2024 10:34:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D15F
90 KB
42 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=600&slotname=6986726970&adk=1929241932&adf=2561622201&pi=t.ma~as.6986726970&w=160&lmt=1708425282&format=160x600&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281766&bpp=1&bdt=449&idt=452&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60%2C160x600&correlator=3351915128569&frm=20&pv=1&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1133&ady=790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=453
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7800101367749268&plah=petiofi.narod.ru&aplac=true&bust=31081135
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8c912cae95c90fa3e67d4f21f0c3cabafc406c0f5139694452c3268fd6b33475
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://petiofi.narod.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
42629
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Feb 2024 10:34:42 GMT
expires
Tue, 20 Feb 2024 10:34:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
async-ads.js
cse.google.com/adsense/search/
138 KB
51 KB
Script
General
Full URL
http://cse.google.com/adsense/search/async-ads.js
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/8435450f13508ca1/cse_element__de.js?usqp=CAI%3D
Protocol
HTTP/1.1
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62f22fee354a99d20ad90bc9b0b36013c143efd5d439555f3b64e141c69dac30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 10:34:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="ads-afs-ui"
ETag
"5685923690981370208"
Vary
Accept-Encoding
Report-To
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type
text/javascript; charset=UTF-8
Cache-Control
private, max-age=3600
Accept-Ranges
bytes
Link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
Expires
Tue, 20 Feb 2024 10:34:42 GMT
clear.png
www.google.com/cse/static/css/v2/
1018 B
1 KB
Image
General
Full URL
https://www.google.com/cse/static/css/v2/clear.png
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/8435450f13508ca1/default+de.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/cse/static/element/8435450f13508ca1/default+de.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 07:00:19 GMT
x-content-type-options
nosniff
age
531263
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1018
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Thu, 13 Feb 2025 07:00:19 GMT
branding.png
www.google.com/cse/static/images/1x/de/
2 KB
2 KB
Image
General
Full URL
https://www.google.com/cse/static/images/1x/de/branding.png
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0b84c9c86ff8c6282031b41e5ca2526e45e5e9c1a3956579f5320c25fb40360
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 21:31:54 GMT
x-content-type-options
nosniff
age
46968
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1838
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 21:00:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Tue, 18 Feb 2025 21:31:54 GMT
generate_204
clients1.google.com/
0
127 B
Image
General
Full URL
http://clients1.google.com/generate_204
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 10:34:42 GMT
Content-Length
0
Cross-Origin-Resource-Policy
cross-origin
ads
googleads.g.doubleclick.net/pagead/ Frame 5587
8 KB
1011 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&adk=1812271804&adf=3025194257&lmt=1708425282&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~8~16&dt=1708425281780&bpp=1&bdt=463&idt=459&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60%2C160x600%2C160x600&nras=1&correlator=3351915128569&frm=20&pv=1&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=463
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7800101367749268&plah=petiofi.narod.ru&aplac=true&bust=31081135
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e4177ee651e7cbd6e3c2011e7711125ec7a67da754d5a148004d99db8c2a1d07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://petiofi.narod.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
812
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Feb 2024 10:34:42 GMT
expires
Tue, 20 Feb 2024 10:34:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 12E4
573 B
714 B
Image
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/_HwBCJENsRe.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/_HwBCJENsRe.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
date
Tue, 20 Feb 2024 10:34:42 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
573
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-debug
dbIgHRR0YBFrWEWmwmbhtAiDqkhgalN4hwV/FZn7lh1IC3Sli62lX9GpYf8Y8GWQzzcxvko6HCtw+sa46BIAzw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=1,i
expires
Thu, 13 Feb 2025 16:44:48 GMT
mUnDZSrH5OM.png
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame 12E4
3 KB
3 KB
Image
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/mUnDZSrH5OM.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y0/l/0,cross/_u9v75tarnE.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
882b207d5ed050e2f4c7f8e931d8f8a7b8dd4ed29a19d8ec364218df7c724edf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/y0/l/0,cross/_u9v75tarnE.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
date
Tue, 20 Feb 2024 10:34:42 GMT
x-content-type-options
nosniff
content-md5
KXNY2llN47XfKJ2O9s41CA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2701
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-debug
Cu15eoffwvM4KChMxoJtCNmOdV/4B6RIaD3SThoH7vBRiESrzPs0X/+h8bJbMxYBcx1MHXeUaETaHvRzA18o4A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=1,i
expires
Thu, 13 Feb 2025 10:00:54 GMT
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10285.LAwR9IAA1RzVJrLvlxOPy9yRt0jXltlBg2SnXqDNR88Mhxb-BwQNcxuLpCOxvmeF.jDYRUPN8SyeKtaEMeAAV-PwG8RA%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10285.r5qfwC3wJ_3sXULE3CTxktpjWAsE6IxUfhUcey53YKvVvOFbJW83dbBZZ0XsPCn6yeIFhpFtYis3uE-S2TsctNRs1a6P4o1FVwszg0kGGIphUmLNMqfqzIPGuEFSBPbmHPTjWzEnIc...
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10285._pok3MSqYJeLABJ_SmOq6fEX-XNVC1r21t6qS5cVS8YO5Ld2VB1MNsi_cyLxrQ5UxpRwPNYGnZFDCaEe4Y4Av6jCTyG8s3lzevkGTpC40uXkL...
43 B
585 B
Image
General
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10285._pok3MSqYJeLABJ_SmOq6fEX-XNVC1r21t6qS5cVS8YO5Ld2VB1MNsi_cyLxrQ5UxpRwPNYGnZFDCaEe4Y4Av6jCTyG8s3lzevkGTpC40uXkL-2bg6F9ygQa6lX3BObHOFLHT9rjE1U1Ggk0FerQfLjPGPR5FCVGo_SpPwtFde03FmgVjGish7sjNe83ZHY-VX0Flx-g9zsu7AdBypJDFw%2C%2C.xuoGXB-pIsFUkDW9FKxf-rs-nYQ%2C
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
H2
Server
2a02:6b8::1:119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:42 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10285._pok3MSqYJeLABJ_SmOq6fEX-XNVC1r21t6qS5cVS8YO5Ld2VB1MNsi_cyLxrQ5UxpRwPNYGnZFDCaEe4Y4Av6jCTyG8s3lzevkGTpC40uXkL-2bg6F9ygQa6lX3BObHOFLHT9rjE1U1Ggk0FerQfLjPGPR5FCVGo_SpPwtFde03FmgVjGish7sjNe83ZHY-VX0Flx-g9zsu7AdBypJDFw%2C%2C.xuoGXB-pIsFUkDW9FKxf-rs-nYQ%2C
date
Tue, 20 Feb 2024 10:34:42 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
ie38mp0O07P.js
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame 12E4
25 KB
10 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/E9jf6zahLHS.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
date
Tue, 20 Feb 2024 10:34:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
CEYVgZg04j7erS0ub7sNsg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10390
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-debug
dhihcxKTHr6oeF3isDU5sf18FG3AZ1/qIyaBQrNoXpqfPlFOmQOI9gqffTu8lRcut6uZusLueddA+X6SKH1dTg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin
*
expires
Thu, 13 Feb 2025 09:29:03 GMT
advert.gif
mc.yandex.com/metrika/
43 B
479 B
Image
General
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:42 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 19 Feb 2024 14:24:04 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"65d36484-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 20 Feb 2024 11:34:42 GMT
1487645_6012475414660_1439393861_n.png
scontent.xx.fbcdn.net/hads-ak-prn2/ Frame 12E4
79 B
121 B
Image
General
Full URL
https://scontent.xx.fbcdn.net/hads-ak-prn2/1487645_6012475414660_1439393861_n.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%259A%25D1%2580%25D1%258A%25D1%2581%25D1%2582%25D0%25BE%25D1%2581%25D0%25BB%25D0%25BE%25D0%25B2%25D0%25B8%25D1%2586%25D0%25B8%2F219374801463722&width=520&colorscheme=light&show_faces=true&border_color&stream=true&header=true&height=590
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
c8caed93847affc154cb3d424e34fc146e7340bb29abebd5eba7063e3dca0604

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:42 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/png
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
79
priority
u=3,i
expires
Tue, 20 Feb 2024 10:34:42 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 94E5
0
20 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMihxfQDEJ2chqQFGMnN0v0BMAE&v=APEucNW3qKNLeIwqOKdQ3i5TrZM5o3Ath8aFTu7xDyyAQd0HlSQo8Iqs8PTZ8pwKujCBH9ZlLoZ-nf3HPsPhiuVOHNyffvAJ4A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=600&slotname=6986726970&adk=1929241932&adf=2561622201&pi=t.ma~as.6986726970&w=160&lmt=1708425282&format=160x600&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281766&bpp=1&bdt=449&idt=452&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60%2C160x600&correlator=3351915128569&frm=20&pv=1&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1133&ady=790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=453
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=600&slotname=6986726970&adk=1929241932&adf=2561622201&pi=t.ma~as.6986726970&w=160&lmt=1708425282&format=160x600&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281766&bpp=1&bdt=449&idt=452&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60%2C160x600&correlator=3351915128569&frm=20&pv=1&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1133&ady=790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=453
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Feb 2024 10:34:42 GMT
expires
Tue, 20 Feb 2024 10:34:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame D15F
42 B
173 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BvWyoXbE0fLgoEeXCoRkyddy2xseJHvI5f-qQXt1IHTNX_BhomRHJtBmh0fER2435Vp_Po82JHRih7QPCp_O_97xL9lax2RusqB4XqggXsk7U1_m0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=600&slotname=6986726970&adk=1929241932&adf=2561622201&pi=t.ma~as.6986726970&w=160&lmt=1708425282&format=160x600&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281766&bpp=1&bdt=449&idt=452&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60%2C160x600&correlator=3351915128569&frm=20&pv=1&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1133&ady=790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=453
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 10:34:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame D15F
23 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=600&slotname=6986726970&adk=1929241932&adf=2561622201&pi=t.ma~as.6986726970&w=160&lmt=1708425282&format=160x600&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281766&bpp=1&bdt=449&idt=452&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60%2C160x600&correlator=3351915128569&frm=20&pv=1&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1133&ady=790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=453
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 09:30:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
3853
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8991
x-xss-protection
0
server
cafe
etag
11525033739721728465
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Mar 2024 09:30:29 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame D15F
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=600&slotname=6986726970&adk=1929241932&adf=2561622201&pi=t.ma~as.6986726970&w=160&lmt=1708425282&format=160x600&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281766&bpp=1&bdt=449&idt=452&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60%2C160x600&correlator=3351915128569&frm=20&pv=1&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1133&ady=790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=453
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 17:17:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
62221
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3206
x-xss-protection
0
server
cafe
etag
12640889860211258669
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Mar 2024 17:17:41 GMT
view
ad.doubleclick.net/pcs/ Frame D15F
0
0
Fetch
General
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvfcPQPfd29s46j9SLzKhUVpYYM93BfUL5MQ-xbq2GVTnkIFSxWiewIDYXtTN-_QNS-26Ixgo4k40xLDX4mIfJMdxhuYk7RypYJEy0-xktH3SlttGIDh40WKZ-2wSf7j2Ok83W1K-EsDGWBi_at2rUSWq_TAFhVUIS9yunlBo-gFhMthoBV89RlngC8ECA5eGCPFbSOWdOHzpLotHUhojF6Z-5QC0h8IgGDwCHFZJsv0-rnekqVePmU1Y0JILFsqFcOW2mYibzhYKawx3E6OjfgISnSyvg-yS2RADh7OdzXpRMUThT369cJW-utoXXqmePW9QZ5kqZw1L-yJ7Wbq4tw_vL7ZwPtebMYGq_2XcKBAJcYEOwng2Ce0EhSdGgm7QeBrrVgYT3b3LjwzwrqGF9xGpbgl-iRiV1Dh2Nk5C3l5QdHItPmr7Y9DpJDGAuBlVr7rBkVwDwipTouS9T1eydDn7tWGedwUJs4BPkOCmX73WqxlZJCi4Ckm-I4CCBIZq60zCcamvGMUwZCpxDuxgzKpoLcfAtI5RtGIZeGI2p2rVELAXNi1X1hWRWcGEh2srkw2M1FdaA7ZChnCqdTMo6HDBRs79ppVsCRe6Qe24jo8Vzn5nlSpIqH_thHwuYRDM5IYw3BFX42K7L5YUBOj6Dw_laaT9PzNh5meF_yLOwGLZBjblglDH8uWq9wP0ZUDfVpGjRlEoEpnmb5OXWyZWK-gk6VGDTk0gzFf3Fd-kgyfV2MwWTc-PCHRyTlNdgIEV6B1evockYYHBALfd3juqtzGPNpcGO63-FTLIfQFgZrliPg1R03q114apo4SVIvmxnAlD1aNHmBGRMHklxhy3_YEQ1VkMclyG1BTzwYrbOt27cwPaV9Y3gew2ro4hCUygDYooylPRrV7Fahb81RkJqFPlsh9INztBX_Cus1eCa1wv4_r0O0rE2CTl7KnBPZ5y2qmIv73RHQgKiEUS3h-mGF6DINKzWXDocfuQezInKMtsWGsfi86oDVOb7TEjMGouphF-KO4HGCBb05yaK7R7H4c1bQm9Lb3qDLpHs1tQhfazQzSfb_cbRXuRQ_SOnhCrqfJ6CCC2oS5DtJ6_TF0WpXdxHmrgJMW8smtVnxx7n1g6KSS27tUs-7EjKhnLsH_eSWIISmYlSmx4L09DQtuWd6KUyRc62eRXUkrssuYg8lDc2txBgxBbJTAE7QDme8kHJXN9lh_RKX0bYaxWbN8nARR19luNDNyCY3tDTUebkV26efyGUYmfNd5blYe7NO0tiMMQYrBsFvEgE3AtM4VamqB6wc7Eg0xPTqub1CNttlgMo2hgmAd2OdPa7IyMMiHoNGqCmx1CVSYF1koOVtM4b5LIuyhikQXftzX1wD&sai=AMfl-YQHovumhojLqt5vQ3fz_hXq_q8QBP3HBzpM6iIOShREE2NYW9D4so0_rfzAHB-xh126yoRwVmkr8hMQ5t-pwFPcx6YWXXgA9BavM2j2H5QHkNBsQQIZzwQuvVkGH0q8r4HqhN4XBN4-x4y5noV0JDRnNEIqbzCbKaH_0haunlee-SwXBTgwTYNAkvzLVkHg9vz2glPJVI1xfNPmhTUoY-C1H2Ho953ROESycOOZSiTR1ZzD8EJWihb72KFNKQRA73h81m-zxUHM287Q_9xqQ70HM7jiXQF8Q15PjSpmNn9e7bPK3OanojRAbDBEr28MRU9o_4tBODTmGt7DB9rV9vRveu7AioPdJkyLVUDVMqzIKMYpVqI6ebhqVgP7LynLkkkVQvnI1cp2pI5m3FQrLSn2Xoltkx057uovBOP2UOcG8_ksd3rzV7JjV8_VgrOE9K3Km_GQCHCKM-qyD-rGQfueocbQNj76N2qLePFvQrMkIaoJhHQDtxKHohgR2TfJaBZsbRs&sig=Cg0ArKJSzAUZo3sIawgGEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ldXJvY2lzLXRyYWRlZmFpci5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240215.04374&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=600&slotname=6986726970&adk=1929241932&adf=2561622201&pi=t.ma~as.6986726970&w=160&lmt=1708425282&format=160x600&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281766&bpp=1&bdt=449&idt=452&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60%2C160x600&correlator=3351915128569&frm=20&pv=1&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1133&ady=790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=453
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f102.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 20 Feb 2024 10:34:42 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Tue, 20 Feb 2024 10:34:42 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame D15F
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=600&slotname=6986726970&adk=1929241932&adf=2561622201&pi=t.ma~as.6986726970&w=160&lmt=1708425282&format=160x600&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281766&bpp=1&bdt=449&idt=452&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60%2C160x600&correlator=3351915128569&frm=20&pv=1&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1133&ady=790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=453
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 09:07:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
5218
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Feb 2025 09:07:44 GMT
5654967555940043683
s0.2mdn.net/simgad/ Frame D15F
255 KB
256 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/5654967555940043683
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=600&slotname=6986726970&adk=1929241932&adf=2561622201&pi=t.ma~as.6986726970&w=160&lmt=1708425282&format=160x600&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281766&bpp=1&bdt=449&idt=452&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60%2C160x600&correlator=3351915128569&frm=20&pv=1&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1133&ady=790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=453
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed304bae28f26be9d8c3544742a5ebd1586cacd16d557f9689762344383b2365
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires
Wed, 19 Feb 2025 05:58:24 GMT
date
Tue, 20 Feb 2024 05:58:24 GMT
x-content-type-options
nosniff
age
16578
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
261308
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 14:18:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame D15F
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=600&slotname=6986726970&adk=1929241932&adf=2561622201&pi=t.ma~as.6986726970&w=160&lmt=1708425282&format=160x600&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281766&bpp=1&bdt=449&idt=452&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60%2C160x600&correlator=3351915128569&frm=20&pv=1&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1133&ady=790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=453
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 09:40:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
3231
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Mar 2024 09:40:51 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame D15F
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=600&slotname=6986726970&adk=1929241932&adf=2561622201&pi=t.ma~as.6986726970&w=160&lmt=1708425282&format=160x600&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281766&bpp=1&bdt=449&idt=452&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60%2C160x600&correlator=3351915128569&frm=20&pv=1&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1133&ady=790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=453
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 16:59:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
63321
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8220
x-xss-protection
0
server
cafe
etag
16176141338659805634
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Mar 2024 16:59:21 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame D15F
204 KB
62 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=600&slotname=6986726970&adk=1929241932&adf=2561622201&pi=t.ma~as.6986726970&w=160&lmt=1708425282&format=160x600&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281766&bpp=1&bdt=449&idt=452&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60%2C160x600&correlator=3351915128569&frm=20&pv=1&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1133&ady=790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=453
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:30:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
250
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62824
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 20 Feb 2024 11:30:32 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame FE19
135 KB
47 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdSAQgAE4r4Ef4fMAA7rLwIBlc5IEVudBxj3kA&u=%7Cht7ur9evmbz0TMT6Z7h7wVX27fLNS43jIGP0CTFLXk4%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at-ue5TMI33i_SG1_RVDuuRTlvaTShOdPDW7I8DD_nv-KTeF-CvJ_g770izczOyeXx19ySXGxyQ6CqU1myjJKyWWGY5rzaKsczaGdiCG8nfPmxfTLZX-u_GQLlF2BwQG53gGQ1y12pDXUb6Stv39n3iaS7WQ245Uf7RKAJ3YZeza8o6v8sJBzI9FSFfh9msiwFqR1eAgQ1eo0HiajYoulqvDJnm6XXWR3LWab2hMYZbRGFIzmS2Cy2VslbtcVWUq7ZWTUq0sEkfEj889CQ1pitKUQkINkxHAmLPg9-J29E6aHyrLVsMID5xqoulsHKpZuoCGzLHgjGIlOc2jybGvgc1-ZHBkip98z6cvydM3R-iqNrSohl6RwY5TevxBkO16zheUC_bSzsM2PIQGSATz5RSpjn4pLxSxx7UYoQF-kED9--txtk3uOD8Co2bGw8Yd3__mZXPTMUXdM6FtbBfhCNCjtx6-6wy_qO1JFi5W5ktM-pT-sn64m4HA7F3q7JJO443-k3sruRSG3I8LLvN8BKvAIFEgVgXhWjBx5CsuJ_sY8CYaG5P5SWFRyHKgWfdrVgAV6TdgSWe2ZUEzxqtC8pqWMeit-pdzsa3sQk1hi2T2CQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZLDPQoDUZb7FE8yP_tMPr9a7yAPJntKxXNWdkfdwwI23ARABIABgleKagqwHggEXY2EtcHViLTc4MDAxMDEzNjc3NDkyNjjIAQmpAq2f90L1ELI-qAMByAMCqgTRAU_Q-xjpQY8CM_rRfmZIdXPHc1QiaArvhs_W9YfxvTTroeE8Fdcrzwn79ee7u9pqiqmz1LgaGD_eEgwRF4EfCsxx7CUvW4FxZaCo8TREwvQWmTVShc1cNInbaX0wbH27R5ofFVdi-6u5Xdy3I2MCDJsuRNvSQZU_CmhqP5IYENOzMFcaDKvNdlc9RyvBPz9_cQQsn7_Ey3E9j_NMKWrSNC2_y2DGlxIrWM4Ex47QynaZM1kGpfJzV4RN1ZEKFfstUvhbSwEjwZnPM_Ouk5KBDzzPgAbSzKHfg4737-oBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJAiA4YBwEAEyAusCOgmAQICAhICAhAhIvf3BOljkhMuQ3LmEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Azkwe2UJkeikQjZGBpMOEsupr5A%26client%3Dca-pub-7800101367749268%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=60&slotname=4954790851&adk=3850891032&adf=3353141943&pi=t.ma~as.4954790851&w=468&lmt=1708425282&format=468x60&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281763&bpp=2&bdt=445&idt=431&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&correlator=3351915128569&frm=20&pv=2&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=827&ady=42&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=442
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
522684fd2219ccca4ea4ded7d55d2b123aeeebf7feaba30cc50a5931b3d85433
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 20 Feb 2024 10:34:42 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=uCGlyw-saYeJ4oKCrTnQWBw9pggob-8nwWt-Kk2GnY-bKDRRDnSuL3JUhjxZp9t66wz1k9WKNBXWZYXLKTp8pLGWsG--tpASCu2c45YZkO2EFLdwbRwwMBc6cSDXhvBJDp2NcNc3inepsRa9CHvM31_GxTsAKwpGo52EKsEBH0h1YPcbDXM2QHlKUmbZg1MQoGLrarK-sJ6M1W5Qd8hCeuZd0Q5st1ooGIUs0R87kLjwYj9ydOLmHbul2Zaj1RfDB07oXg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
42491979
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 112B
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=60&slotname=4954790851&adk=3850891032&adf=3353141943&pi=t.ma~as.4954790851&w=468&lmt=1708425282&format=468x60&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281763&bpp=2&bdt=445&idt=431&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&correlator=3351915128569&frm=20&pv=2&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=827&ady=42&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=442
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 09:40:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
3231
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Mar 2024 09:40:51 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 112B
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=60&slotname=4954790851&adk=3850891032&adf=3353141943&pi=t.ma~as.4954790851&w=468&lmt=1708425282&format=468x60&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281763&bpp=2&bdt=445&idt=431&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&correlator=3351915128569&frm=20&pv=2&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=827&ady=42&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=442
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 16:59:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
63321
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8220
x-xss-protection
0
server
cafe
etag
16176141338659805634
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Mar 2024 16:59:21 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 112B
204 KB
61 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=60&slotname=4954790851&adk=3850891032&adf=3353141943&pi=t.ma~as.4954790851&w=468&lmt=1708425282&format=468x60&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281763&bpp=2&bdt=445&idt=431&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&correlator=3351915128569&frm=20&pv=2&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=827&ady=42&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=442
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:30:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
250
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62824
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 20 Feb 2024 11:30:32 GMT
1
mc.yandex.com/watch/22079125/
Redirect Chain
  • https://mc.yandex.com/watch/22079125?wmode=7&page-url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Arrsvvwew1t7vq6pawluowr6j%3Afu%3A0%3Aen%3Autf-8...
  • https://mc.yandex.com/watch/22079125/1?wmode=7&page-url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Arrsvvwew1t7vq6pawluowr6j%3Afu%3A0%3Aen%3Autf...
457 B
573 B
Fetch
General
Full URL
https://mc.yandex.com/watch/22079125/1?wmode=7&page-url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Arrsvvwew1t7vq6pawluowr6j%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1251%3Acn%3A1%3Adp%3A0%3Als%3A708513623361%3Ahid%3A156186067%3Az%3A60%3Ai%3A20240220113442%3Aet%3A1708425283%3Ac%3A1%3Arn%3A136598922%3Arqn%3A1%3Au%3A1708425283554236722%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A285%2C82%2C133%2C2%2C%2C0%2C%2C363%2C0%2C%2C%2C%2C866%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1708425280816%3Agi%3AR0ExLjEuODM0NzA0OTIxLjE3MDg0MjUyODI%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1708425283%3At%3A%D0%94%D0%B5%D1%82%D1%81%D0%BA%D0%B8%20%D0%BA%D1%80%D1%8A%D1%81%D1%82%D0%BE%D1%81%D0%BB%D0%BE%D0%B2%D0%B8%D1%86%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%280%29ti%281%29
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
H2
Server
2a02:6b8::1:119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
Software
/
Resource Hash
44e82c117b4194c5d79a0b555810cd2c86ca70c8abe69c46500ee6c03b77dff6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 10:34:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Tue, 20-Feb-2024 10:34:42 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
http://petiofi.narod.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
457
x-xss-protection
1; mode=block
expires
Tue, 20-Feb-2024 10:34:42 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Feb 2024 10:34:42 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 20-Feb-2024 10:34:42 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/22079125/1?wmode=7&page-url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Arrsvvwew1t7vq6pawluowr6j%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1251%3Acn%3A1%3Adp%3A0%3Als%3A708513623361%3Ahid%3A156186067%3Az%3A60%3Ai%3A20240220113442%3Aet%3A1708425283%3Ac%3A1%3Arn%3A136598922%3Arqn%3A1%3Au%3A1708425283554236722%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A285%2C82%2C133%2C2%2C%2C0%2C%2C363%2C0%2C%2C%2C%2C866%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1708425280816%3Agi%3AR0ExLjEuODM0NzA0OTIxLjE3MDg0MjUyODI%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1708425283%3At%3A%D0%94%D0%B5%D1%82%D1%81%D0%BA%D0%B8%20%D0%BA%D1%80%D1%8A%D1%81%D1%82%D0%BE%D1%81%D0%BB%D0%BE%D0%B2%D0%B8%D1%86%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%280%29ti%281%29
access-control-allow-origin
http://petiofi.narod.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 20-Feb-2024 10:34:42 GMT
truncated
/ Frame D15F
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e90a0e4058cfbade008fc6501afe9612f46ce73b2ec11cd576985f26f07b1eec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 112B
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4fff8586c267ebde60ad0b150f0d0008d3a8c0da965152a0b75b8404352efa10

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame F7CF
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
5043
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Feb 2024 09:10:39 GMT
expires
Wed, 19 Feb 2025 09:10:39 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 112B
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CisCfQoDUZb7FE8yP_tMPr9a7yAPJntKxXNWdkfdwwI23ARABIABgleKagqwHggEXY2EtcHViLTc4MDAxMDEzNjc3NDkyNjjIAQmpAq2f90L1ELI-qAMByAMCqgTOAU_Q-xjpQY8CM_rRfmZIdXPHc1QiaArvhs_W9YfxvTTroeE8Fdcrzwn79ee7u9pqiqmz1LgaGD_eEgwRF4EfCsxx7CUvW4FxZaCo8TREwvQWmTVShc1cNInbaX0wbH27R5ofFVdi-6u5Xdy3I2MCDJsuRNvSQZU_CmhqP5IYENOzMFcaDKvNdlc9RyvBPz9_cQQsn7_Ey3E9j_NMKWrSNC2_y2DGlxIrWIwG5hxQWaaklYkhf35TviBD8pu8H9U10EyTdqfRfofjK2tkB7JogAbSzKHfg4737-oBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJAiA4YBwEAEyAusCOgmAQICAhICAhAhIvf3BOljkhMuQ3LmEA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03ODAwMTAxMzY3NzQ5MjY4GAA&sigh=az5vEVjQFgM&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_KEzrJJqmPSSKA7WuP4pKGTF_aPRpPd9hS3AYtu-75_GGso1-IMS6hW3CHwZ18IPLGLdhb_G_PgQWhG9YjCp9YZc_soJfmRZVn04YAQ&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=60&slotname=4954790851&adk=3850891032&adf=3353141943&pi=t.ma~as.4954790851&w=468&lmt=1708425282&format=468x60&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281763&bpp=2&bdt=445&idt=431&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&correlator=3351915128569&frm=20&pv=2&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=827&ady=42&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=442
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=60&slotname=4954790851&adk=3850891032&adf=3353141943&pi=t.ma~as.4954790851&w=468&lmt=1708425282&format=468x60&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281763&bpp=2&bdt=445&idt=431&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&correlator=3351915128569&frm=20&pv=2&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=827&ady=42&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=442
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 20 Feb 2024 10:34:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 112B
0
126 B
Image
General
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kKzOGYmvMNQDPJ2DYgICAAAAAXdLnLjE42MQQYDUZYjkeQerd-UJ0iQAABIAAAoKQVFVQkR3RUJEdw&wp=ZdSAQgAE4r4Ef4fMAA7rLwIBlc5IEVudBxj3kA&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=60&slotname=4954790851&adk=3850891032&adf=3353141943&pi=t.ma~as.4954790851&w=468&lmt=1708425282&format=468x60&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281763&bpp=2&bdt=445&idt=431&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&correlator=3351915128569&frm=20&pv=2&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=827&ady=42&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=442
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:42 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
124473
server
Kestrel
content-length
0
13011678368261160401
tpc.googlesyndication.com/simgad/ Frame 7641
8 KB
8 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/13011678368261160401?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4ql_TDYutvhZrihoFp-aoo1WroIeEQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=600&slotname=4584916924&adk=2319987244&adf=218696053&pi=t.ma~as.4584916924&w=160&lmt=1708425282&format=160x600&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281765&bpp=1&bdt=448&idt=447&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60&correlator=3351915128569&frm=20&pv=1&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1133&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26d025f81d2c84157aa00aea3143846c478328ed7243f9dae12a8c3f9599e8f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:43 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8087
x-xss-protection
0
last-modified
Tue, 09 May 2023 11:04:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 19 Feb 2025 10:34:43 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 7641
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=600&slotname=4584916924&adk=2319987244&adf=218696053&pi=t.ma~as.4584916924&w=160&lmt=1708425282&format=160x600&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281765&bpp=1&bdt=448&idt=447&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60&correlator=3351915128569&frm=20&pv=1&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1133&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 09:40:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
3230
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8991
x-xss-protection
0
server
cafe
etag
11525033739721728465
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Mar 2024 09:40:52 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 2B0A
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=600&slotname=4584916924&adk=2319987244&adf=218696053&pi=t.ma~as.4584916924&w=160&lmt=1708425282&format=160x600&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281765&bpp=1&bdt=448&idt=447&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60&correlator=3351915128569&frm=20&pv=1&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1133&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=600&slotname=4584916924&adk=2319987244&adf=218696053&pi=t.ma~as.4584916924&w=160&lmt=1708425282&format=160x600&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281765&bpp=1&bdt=448&idt=447&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60&correlator=3351915128569&frm=20&pv=1&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1133&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=449
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3368
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Feb 2024 09:38:34 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
redir.html
p4-bkbq6em2tcn72-ritkppebb6c25w4o-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame A183
247 B
873 B
Document
General
Full URL
https://p4-bkbq6em2tcn72-ritkppebb6c25w4o-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=600&slotname=4584916924&adk=2319987244&adf=218696053&pi=t.ma~as.4584916924&w=160&lmt=1708425282&format=160x600&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281765&bpp=1&bdt=448&idt=447&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60&correlator=3351915128569&frm=20&pv=1&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1133&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
8d790e19534630152b8a7dfbf3cd76edd32f34f51f422cc21fbce06be216f41b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
209
content-security-policy-report-only
script-src 'nonce-lI8369c75xsbSuNHA1u4Jw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Feb 2024 10:34:43 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Tue, 14 Nov 2023 14:08:00 GMT
pragma
no-cache
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 7641
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=600&slotname=4584916924&adk=2319987244&adf=218696053&pi=t.ma~as.4584916924&w=160&lmt=1708425282&format=160x600&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281765&bpp=1&bdt=448&idt=447&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60&correlator=3351915128569&frm=20&pv=1&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1133&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 09:40:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
3231
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Mar 2024 09:40:51 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 7641
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=600&slotname=4584916924&adk=2319987244&adf=218696053&pi=t.ma~as.4584916924&w=160&lmt=1708425282&format=160x600&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281765&bpp=1&bdt=448&idt=447&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60&correlator=3351915128569&frm=20&pv=1&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1133&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 16:59:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
63321
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8220
x-xss-protection
0
server
cafe
etag
16176141338659805634
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Mar 2024 16:59:21 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7641
204 KB
61 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=600&slotname=4584916924&adk=2319987244&adf=218696053&pi=t.ma~as.4584916924&w=160&lmt=1708425282&format=160x600&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281765&bpp=1&bdt=448&idt=447&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60&correlator=3351915128569&frm=20&pv=1&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1133&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:30:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
250
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62824
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 20 Feb 2024 11:30:32 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 7641
36 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=600&slotname=4584916924&adk=2319987244&adf=218696053&pi=t.ma~as.4584916924&w=160&lmt=1708425282&format=160x600&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281765&bpp=1&bdt=448&idt=447&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60&correlator=3351915128569&frm=20&pv=1&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1133&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
473f98fc0967c2c122456fc402d7db00d57d3fe3b46a12d075d10eb26a55dd5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 17:20:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
62072
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14610
x-xss-protection
0
server
cafe
etag
17234995959194474601
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Mar 2024 17:20:10 GMT
-nfEL6nT6hMAPyjdoOzOb1jP1Zjk2lcitOv7Rt98uqU.js
pagead2.googlesyndication.com/bg/ Frame F7CF
50 KB
19 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/-nfEL6nT6hMAPyjdoOzOb1jP1Zjk2lcitOv7Rt98uqU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa77c42fa9d3ea13003f28dda0ecce6f58cfd598e4da5722b4ebfb46df7cbaa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:34:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
406789
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19793
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 14 Feb 2025 17:34:54 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2B0A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=600&slotname=4584916924&adk=2319987244&adf=218696053&pi=t.ma~as.4584916924&w=160&lmt=1708425282&format=160x600&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281765&bpp=1&bdt=448&idt=447&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60&correlator=3351915128569&frm=20&pv=1&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1133&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Feb 2024 10:34:43 GMT
expires
Tue, 20 Feb 2024 10:34:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Feb 2024 10:34:43 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame FE19
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdSAQgAE4r4Ef4fMAA7rLwIBlc5IEVudBxj3kA&u=%7Cht7ur9evmbz0TMT6Z7h7wVX27fLNS43jIGP0CTFLXk4%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at-ue5TMI33i_SG1_RVDuuRTlvaTShOdPDW7I8DD_nv-KTeF-CvJ_g770izczOyeXx19ySXGxyQ6CqU1myjJKyWWGY5rzaKsczaGdiCG8nfPmxfTLZX-u_GQLlF2BwQG53gGQ1y12pDXUb6Stv39n3iaS7WQ245Uf7RKAJ3YZeza8o6v8sJBzI9FSFfh9msiwFqR1eAgQ1eo0HiajYoulqvDJnm6XXWR3LWab2hMYZbRGFIzmS2Cy2VslbtcVWUq7ZWTUq0sEkfEj889CQ1pitKUQkINkxHAmLPg9-J29E6aHyrLVsMID5xqoulsHKpZuoCGzLHgjGIlOc2jybGvgc1-ZHBkip98z6cvydM3R-iqNrSohl6RwY5TevxBkO16zheUC_bSzsM2PIQGSATz5RSpjn4pLxSxx7UYoQF-kED9--txtk3uOD8Co2bGw8Yd3__mZXPTMUXdM6FtbBfhCNCjtx6-6wy_qO1JFi5W5ktM-pT-sn64m4HA7F3q7JJO443-k3sruRSG3I8LLvN8BKvAIFEgVgXhWjBx5CsuJ_sY8CYaG5P5SWFRyHKgWfdrVgAV6TdgSWe2ZUEzxqtC8pqWMeit-pdzsa3sQk1hi2T2CQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZLDPQoDUZb7FE8yP_tMPr9a7yAPJntKxXNWdkfdwwI23ARABIABgleKagqwHggEXY2EtcHViLTc4MDAxMDEzNjc3NDkyNjjIAQmpAq2f90L1ELI-qAMByAMCqgTRAU_Q-xjpQY8CM_rRfmZIdXPHc1QiaArvhs_W9YfxvTTroeE8Fdcrzwn79ee7u9pqiqmz1LgaGD_eEgwRF4EfCsxx7CUvW4FxZaCo8TREwvQWmTVShc1cNInbaX0wbH27R5ofFVdi-6u5Xdy3I2MCDJsuRNvSQZU_CmhqP5IYENOzMFcaDKvNdlc9RyvBPz9_cQQsn7_Ey3E9j_NMKWrSNC2_y2DGlxIrWM4Ex47QynaZM1kGpfJzV4RN1ZEKFfstUvhbSwEjwZnPM_Ouk5KBDzzPgAbSzKHfg4737-oBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJAiA4YBwEAEyAusCOgmAQICAhICAhAhIvf3BOljkhMuQ3LmEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Azkwe2UJkeikQjZGBpMOEsupr5A%26client%3Dca-pub-7800101367749268%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 14 Feb 2025 10:34:43 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame FE19
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdSAQgAE4r4Ef4fMAA7rLwIBlc5IEVudBxj3kA&u=%7Cht7ur9evmbz0TMT6Z7h7wVX27fLNS43jIGP0CTFLXk4%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at-ue5TMI33i_SG1_RVDuuRTlvaTShOdPDW7I8DD_nv-KTeF-CvJ_g770izczOyeXx19ySXGxyQ6CqU1myjJKyWWGY5rzaKsczaGdiCG8nfPmxfTLZX-u_GQLlF2BwQG53gGQ1y12pDXUb6Stv39n3iaS7WQ245Uf7RKAJ3YZeza8o6v8sJBzI9FSFfh9msiwFqR1eAgQ1eo0HiajYoulqvDJnm6XXWR3LWab2hMYZbRGFIzmS2Cy2VslbtcVWUq7ZWTUq0sEkfEj889CQ1pitKUQkINkxHAmLPg9-J29E6aHyrLVsMID5xqoulsHKpZuoCGzLHgjGIlOc2jybGvgc1-ZHBkip98z6cvydM3R-iqNrSohl6RwY5TevxBkO16zheUC_bSzsM2PIQGSATz5RSpjn4pLxSxx7UYoQF-kED9--txtk3uOD8Co2bGw8Yd3__mZXPTMUXdM6FtbBfhCNCjtx6-6wy_qO1JFi5W5ktM-pT-sn64m4HA7F3q7JJO443-k3sruRSG3I8LLvN8BKvAIFEgVgXhWjBx5CsuJ_sY8CYaG5P5SWFRyHKgWfdrVgAV6TdgSWe2ZUEzxqtC8pqWMeit-pdzsa3sQk1hi2T2CQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZLDPQoDUZb7FE8yP_tMPr9a7yAPJntKxXNWdkfdwwI23ARABIABgleKagqwHggEXY2EtcHViLTc4MDAxMDEzNjc3NDkyNjjIAQmpAq2f90L1ELI-qAMByAMCqgTRAU_Q-xjpQY8CM_rRfmZIdXPHc1QiaArvhs_W9YfxvTTroeE8Fdcrzwn79ee7u9pqiqmz1LgaGD_eEgwRF4EfCsxx7CUvW4FxZaCo8TREwvQWmTVShc1cNInbaX0wbH27R5ofFVdi-6u5Xdy3I2MCDJsuRNvSQZU_CmhqP5IYENOzMFcaDKvNdlc9RyvBPz9_cQQsn7_Ey3E9j_NMKWrSNC2_y2DGlxIrWM4Ex47QynaZM1kGpfJzV4RN1ZEKFfstUvhbSwEjwZnPM_Ouk5KBDzzPgAbSzKHfg4737-oBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJAiA4YBwEAEyAusCOgmAQICAhICAhAhIvf3BOljkhMuQ3LmEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Azkwe2UJkeikQjZGBpMOEsupr5A%26client%3Dca-pub-7800101367749268%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 14 Feb 2025 10:34:43 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame FE19
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdSAQgAE4r4Ef4fMAA7rLwIBlc5IEVudBxj3kA&u=%7Cht7ur9evmbz0TMT6Z7h7wVX27fLNS43jIGP0CTFLXk4%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at-ue5TMI33i_SG1_RVDuuRTlvaTShOdPDW7I8DD_nv-KTeF-CvJ_g770izczOyeXx19ySXGxyQ6CqU1myjJKyWWGY5rzaKsczaGdiCG8nfPmxfTLZX-u_GQLlF2BwQG53gGQ1y12pDXUb6Stv39n3iaS7WQ245Uf7RKAJ3YZeza8o6v8sJBzI9FSFfh9msiwFqR1eAgQ1eo0HiajYoulqvDJnm6XXWR3LWab2hMYZbRGFIzmS2Cy2VslbtcVWUq7ZWTUq0sEkfEj889CQ1pitKUQkINkxHAmLPg9-J29E6aHyrLVsMID5xqoulsHKpZuoCGzLHgjGIlOc2jybGvgc1-ZHBkip98z6cvydM3R-iqNrSohl6RwY5TevxBkO16zheUC_bSzsM2PIQGSATz5RSpjn4pLxSxx7UYoQF-kED9--txtk3uOD8Co2bGw8Yd3__mZXPTMUXdM6FtbBfhCNCjtx6-6wy_qO1JFi5W5ktM-pT-sn64m4HA7F3q7JJO443-k3sruRSG3I8LLvN8BKvAIFEgVgXhWjBx5CsuJ_sY8CYaG5P5SWFRyHKgWfdrVgAV6TdgSWe2ZUEzxqtC8pqWMeit-pdzsa3sQk1hi2T2CQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZLDPQoDUZb7FE8yP_tMPr9a7yAPJntKxXNWdkfdwwI23ARABIABgleKagqwHggEXY2EtcHViLTc4MDAxMDEzNjc3NDkyNjjIAQmpAq2f90L1ELI-qAMByAMCqgTRAU_Q-xjpQY8CM_rRfmZIdXPHc1QiaArvhs_W9YfxvTTroeE8Fdcrzwn79ee7u9pqiqmz1LgaGD_eEgwRF4EfCsxx7CUvW4FxZaCo8TREwvQWmTVShc1cNInbaX0wbH27R5ofFVdi-6u5Xdy3I2MCDJsuRNvSQZU_CmhqP5IYENOzMFcaDKvNdlc9RyvBPz9_cQQsn7_Ey3E9j_NMKWrSNC2_y2DGlxIrWM4Ex47QynaZM1kGpfJzV4RN1ZEKFfstUvhbSwEjwZnPM_Ouk5KBDzzPgAbSzKHfg4737-oBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJAiA4YBwEAEyAusCOgmAQICAhICAhAhIvf3BOljkhMuQ3LmEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Azkwe2UJkeikQjZGBpMOEsupr5A%26client%3Dca-pub-7800101367749268%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 14 Feb 2025 10:34:43 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame FE19
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdSAQgAE4r4Ef4fMAA7rLwIBlc5IEVudBxj3kA&u=%7Cht7ur9evmbz0TMT6Z7h7wVX27fLNS43jIGP0CTFLXk4%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at-ue5TMI33i_SG1_RVDuuRTlvaTShOdPDW7I8DD_nv-KTeF-CvJ_g770izczOyeXx19ySXGxyQ6CqU1myjJKyWWGY5rzaKsczaGdiCG8nfPmxfTLZX-u_GQLlF2BwQG53gGQ1y12pDXUb6Stv39n3iaS7WQ245Uf7RKAJ3YZeza8o6v8sJBzI9FSFfh9msiwFqR1eAgQ1eo0HiajYoulqvDJnm6XXWR3LWab2hMYZbRGFIzmS2Cy2VslbtcVWUq7ZWTUq0sEkfEj889CQ1pitKUQkINkxHAmLPg9-J29E6aHyrLVsMID5xqoulsHKpZuoCGzLHgjGIlOc2jybGvgc1-ZHBkip98z6cvydM3R-iqNrSohl6RwY5TevxBkO16zheUC_bSzsM2PIQGSATz5RSpjn4pLxSxx7UYoQF-kED9--txtk3uOD8Co2bGw8Yd3__mZXPTMUXdM6FtbBfhCNCjtx6-6wy_qO1JFi5W5ktM-pT-sn64m4HA7F3q7JJO443-k3sruRSG3I8LLvN8BKvAIFEgVgXhWjBx5CsuJ_sY8CYaG5P5SWFRyHKgWfdrVgAV6TdgSWe2ZUEzxqtC8pqWMeit-pdzsa3sQk1hi2T2CQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZLDPQoDUZb7FE8yP_tMPr9a7yAPJntKxXNWdkfdwwI23ARABIABgleKagqwHggEXY2EtcHViLTc4MDAxMDEzNjc3NDkyNjjIAQmpAq2f90L1ELI-qAMByAMCqgTRAU_Q-xjpQY8CM_rRfmZIdXPHc1QiaArvhs_W9YfxvTTroeE8Fdcrzwn79ee7u9pqiqmz1LgaGD_eEgwRF4EfCsxx7CUvW4FxZaCo8TREwvQWmTVShc1cNInbaX0wbH27R5ofFVdi-6u5Xdy3I2MCDJsuRNvSQZU_CmhqP5IYENOzMFcaDKvNdlc9RyvBPz9_cQQsn7_Ey3E9j_NMKWrSNC2_y2DGlxIrWM4Ex47QynaZM1kGpfJzV4RN1ZEKFfstUvhbSwEjwZnPM_Ouk5KBDzzPgAbSzKHfg4737-oBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJAiA4YBwEAEyAusCOgmAQICAhICAhAhIvf3BOljkhMuQ3LmEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Azkwe2UJkeikQjZGBpMOEsupr5A%26client%3Dca-pub-7800101367749268%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 14 Feb 2025 10:34:43 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame FE19
43 B
348 B
Image
General
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=mGh7EFrtxlTIYDf8WjjWIJEJl6PmpI-WiYPbugauDwPewrp8EAKGKaKopDmqbpS4yAeF-4TA4MA6qfx7YKkTAWw8wJ-a1ZF0aQOvUUlYfXh9JtD5gXHdhJ0Du7hbF9z5x-upZUnn0qvdg_iuhh3ROb8gGQh8CALOJWt_u2BNiF9ptMDSWoeG98_Z-5ZmUP3urgM6al5VgkqLpBFVbEsTYT5jcXGt7d-d--LK7rC1WYvxFhaHa0OPUE50Oz-zToUEWtQz6Jj_UZcLuFIalBLXPhwsB8uoC34EQLOxFjNKsKsu2eX8mZPrBVu7MVeGJECGkTAyBElvY1nVNWK6HNR86ZXNvpnyX7WNzV-2gLbmPU80EKkwWN8uZwn5mGrwsCCxITW5RicvN9JHFf6xfbCCGE_tASx-jb8iM0MiDmMJxhqLjett4V575Ag5bA4S1NXrOOZY7Q
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdSAQgAE4r4Ef4fMAA7rLwIBlc5IEVudBxj3kA&u=%7Cht7ur9evmbz0TMT6Z7h7wVX27fLNS43jIGP0CTFLXk4%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at-ue5TMI33i_SG1_RVDuuRTlvaTShOdPDW7I8DD_nv-KTeF-CvJ_g770izczOyeXx19ySXGxyQ6CqU1myjJKyWWGY5rzaKsczaGdiCG8nfPmxfTLZX-u_GQLlF2BwQG53gGQ1y12pDXUb6Stv39n3iaS7WQ245Uf7RKAJ3YZeza8o6v8sJBzI9FSFfh9msiwFqR1eAgQ1eo0HiajYoulqvDJnm6XXWR3LWab2hMYZbRGFIzmS2Cy2VslbtcVWUq7ZWTUq0sEkfEj889CQ1pitKUQkINkxHAmLPg9-J29E6aHyrLVsMID5xqoulsHKpZuoCGzLHgjGIlOc2jybGvgc1-ZHBkip98z6cvydM3R-iqNrSohl6RwY5TevxBkO16zheUC_bSzsM2PIQGSATz5RSpjn4pLxSxx7UYoQF-kED9--txtk3uOD8Co2bGw8Yd3__mZXPTMUXdM6FtbBfhCNCjtx6-6wy_qO1JFi5W5ktM-pT-sn64m4HA7F3q7JJO443-k3sruRSG3I8LLvN8BKvAIFEgVgXhWjBx5CsuJ_sY8CYaG5P5SWFRyHKgWfdrVgAV6TdgSWe2ZUEzxqtC8pqWMeit-pdzsa3sQk1hi2T2CQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZLDPQoDUZb7FE8yP_tMPr9a7yAPJntKxXNWdkfdwwI23ARABIABgleKagqwHggEXY2EtcHViLTc4MDAxMDEzNjc3NDkyNjjIAQmpAq2f90L1ELI-qAMByAMCqgTRAU_Q-xjpQY8CM_rRfmZIdXPHc1QiaArvhs_W9YfxvTTroeE8Fdcrzwn79ee7u9pqiqmz1LgaGD_eEgwRF4EfCsxx7CUvW4FxZaCo8TREwvQWmTVShc1cNInbaX0wbH27R5ofFVdi-6u5Xdy3I2MCDJsuRNvSQZU_CmhqP5IYENOzMFcaDKvNdlc9RyvBPz9_cQQsn7_Ey3E9j_NMKWrSNC2_y2DGlxIrWM4Ex47QynaZM1kGpfJzV4RN1ZEKFfstUvhbSwEjwZnPM_Ouk5KBDzzPgAbSzKHfg4737-oBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJAiA4YBwEAEyAusCOgmAQICAhICAhAhIvf3BOljkhMuQ3LmEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Azkwe2UJkeikQjZGBpMOEsupr5A%26client%3Dca-pub-7800101367749268%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 10:34:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1792115
expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame 7641
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e16f8b720113109bff9b1aa7e2b2d3c9b1fad14527a155a688d651f12a912b15

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/png
animejs.js
static.criteo.net/animejs/ Frame FE19
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdSAQgAE4r4Ef4fMAA7rLwIBlc5IEVudBxj3kA&u=%7Cht7ur9evmbz0TMT6Z7h7wVX27fLNS43jIGP0CTFLXk4%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at-ue5TMI33i_SG1_RVDuuRTlvaTShOdPDW7I8DD_nv-KTeF-CvJ_g770izczOyeXx19ySXGxyQ6CqU1myjJKyWWGY5rzaKsczaGdiCG8nfPmxfTLZX-u_GQLlF2BwQG53gGQ1y12pDXUb6Stv39n3iaS7WQ245Uf7RKAJ3YZeza8o6v8sJBzI9FSFfh9msiwFqR1eAgQ1eo0HiajYoulqvDJnm6XXWR3LWab2hMYZbRGFIzmS2Cy2VslbtcVWUq7ZWTUq0sEkfEj889CQ1pitKUQkINkxHAmLPg9-J29E6aHyrLVsMID5xqoulsHKpZuoCGzLHgjGIlOc2jybGvgc1-ZHBkip98z6cvydM3R-iqNrSohl6RwY5TevxBkO16zheUC_bSzsM2PIQGSATz5RSpjn4pLxSxx7UYoQF-kED9--txtk3uOD8Co2bGw8Yd3__mZXPTMUXdM6FtbBfhCNCjtx6-6wy_qO1JFi5W5ktM-pT-sn64m4HA7F3q7JJO443-k3sruRSG3I8LLvN8BKvAIFEgVgXhWjBx5CsuJ_sY8CYaG5P5SWFRyHKgWfdrVgAV6TdgSWe2ZUEzxqtC8pqWMeit-pdzsa3sQk1hi2T2CQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZLDPQoDUZb7FE8yP_tMPr9a7yAPJntKxXNWdkfdwwI23ARABIABgleKagqwHggEXY2EtcHViLTc4MDAxMDEzNjc3NDkyNjjIAQmpAq2f90L1ELI-qAMByAMCqgTRAU_Q-xjpQY8CM_rRfmZIdXPHc1QiaArvhs_W9YfxvTTroeE8Fdcrzwn79ee7u9pqiqmz1LgaGD_eEgwRF4EfCsxx7CUvW4FxZaCo8TREwvQWmTVShc1cNInbaX0wbH27R5ofFVdi-6u5Xdy3I2MCDJsuRNvSQZU_CmhqP5IYENOzMFcaDKvNdlc9RyvBPz9_cQQsn7_Ey3E9j_NMKWrSNC2_y2DGlxIrWM4Ex47QynaZM1kGpfJzV4RN1ZEKFfstUvhbSwEjwZnPM_Ouk5KBDzzPgAbSzKHfg4737-oBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJAiA4YBwEAEyAusCOgmAQICAhICAhAhIvf3BOljkhMuQ3LmEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Azkwe2UJkeikQjZGBpMOEsupr5A%26client%3Dca-pub-7800101367749268%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 14 Feb 2025 10:34:43 GMT
img
imageproxy.eu.criteo.net/img/ Frame FE19
4 KB
5 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?h=116&m=0&partner=100829&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F100829%2F5246204%2Fd41b321e3c2248279187df4498c87552_1985ec09-77ec-4f9a-bfa1-9b5ed79d696f.png&v=3&w=236&rid=4&s=Bkahyf61dPLuA2gWvtHkEttS
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdSAQgAE4r4Ef4fMAA7rLwIBlc5IEVudBxj3kA&u=%7Cht7ur9evmbz0TMT6Z7h7wVX27fLNS43jIGP0CTFLXk4%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at-ue5TMI33i_SG1_RVDuuRTlvaTShOdPDW7I8DD_nv-KTeF-CvJ_g770izczOyeXx19ySXGxyQ6CqU1myjJKyWWGY5rzaKsczaGdiCG8nfPmxfTLZX-u_GQLlF2BwQG53gGQ1y12pDXUb6Stv39n3iaS7WQ245Uf7RKAJ3YZeza8o6v8sJBzI9FSFfh9msiwFqR1eAgQ1eo0HiajYoulqvDJnm6XXWR3LWab2hMYZbRGFIzmS2Cy2VslbtcVWUq7ZWTUq0sEkfEj889CQ1pitKUQkINkxHAmLPg9-J29E6aHyrLVsMID5xqoulsHKpZuoCGzLHgjGIlOc2jybGvgc1-ZHBkip98z6cvydM3R-iqNrSohl6RwY5TevxBkO16zheUC_bSzsM2PIQGSATz5RSpjn4pLxSxx7UYoQF-kED9--txtk3uOD8Co2bGw8Yd3__mZXPTMUXdM6FtbBfhCNCjtx6-6wy_qO1JFi5W5ktM-pT-sn64m4HA7F3q7JJO443-k3sruRSG3I8LLvN8BKvAIFEgVgXhWjBx5CsuJ_sY8CYaG5P5SWFRyHKgWfdrVgAV6TdgSWe2ZUEzxqtC8pqWMeit-pdzsa3sQk1hi2T2CQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZLDPQoDUZb7FE8yP_tMPr9a7yAPJntKxXNWdkfdwwI23ARABIABgleKagqwHggEXY2EtcHViLTc4MDAxMDEzNjc3NDkyNjjIAQmpAq2f90L1ELI-qAMByAMCqgTRAU_Q-xjpQY8CM_rRfmZIdXPHc1QiaArvhs_W9YfxvTTroeE8Fdcrzwn79ee7u9pqiqmz1LgaGD_eEgwRF4EfCsxx7CUvW4FxZaCo8TREwvQWmTVShc1cNInbaX0wbH27R5ofFVdi-6u5Xdy3I2MCDJsuRNvSQZU_CmhqP5IYENOzMFcaDKvNdlc9RyvBPz9_cQQsn7_Ey3E9j_NMKWrSNC2_y2DGlxIrWM4Ex47QynaZM1kGpfJzV4RN1ZEKFfstUvhbSwEjwZnPM_Ouk5KBDzzPgAbSzKHfg4737-oBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJAiA4YBwEAEyAusCOgmAQICAhICAhAhIvf3BOljkhMuQ3LmEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Azkwe2UJkeikQjZGBpMOEsupr5A%26client%3Dca-pub-7800101367749268%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
22965e772d52a2044625993d4b8139c96a5aa2962c02f155ae7785702e1519fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
4568
expires
Thu, 16 Jan 2025 09:07:07 GMT
img
imageproxy.eu.criteo.net/img/ Frame FE19
6 KB
6 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100829&q=80&r=0&u=https%3A%2F%2Fwww.geekom.de%2Fwp-content%2Fuploads%2F2023%2F04%2F10-IN-1-USB-HUB-GEEKOM.webp&v=3&w=400&rid=4&s=iqnk1mlYPbjcg1UkqiwUdzc9&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdSAQgAE4r4Ef4fMAA7rLwIBlc5IEVudBxj3kA&u=%7Cht7ur9evmbz0TMT6Z7h7wVX27fLNS43jIGP0CTFLXk4%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at-ue5TMI33i_SG1_RVDuuRTlvaTShOdPDW7I8DD_nv-KTeF-CvJ_g770izczOyeXx19ySXGxyQ6CqU1myjJKyWWGY5rzaKsczaGdiCG8nfPmxfTLZX-u_GQLlF2BwQG53gGQ1y12pDXUb6Stv39n3iaS7WQ245Uf7RKAJ3YZeza8o6v8sJBzI9FSFfh9msiwFqR1eAgQ1eo0HiajYoulqvDJnm6XXWR3LWab2hMYZbRGFIzmS2Cy2VslbtcVWUq7ZWTUq0sEkfEj889CQ1pitKUQkINkxHAmLPg9-J29E6aHyrLVsMID5xqoulsHKpZuoCGzLHgjGIlOc2jybGvgc1-ZHBkip98z6cvydM3R-iqNrSohl6RwY5TevxBkO16zheUC_bSzsM2PIQGSATz5RSpjn4pLxSxx7UYoQF-kED9--txtk3uOD8Co2bGw8Yd3__mZXPTMUXdM6FtbBfhCNCjtx6-6wy_qO1JFi5W5ktM-pT-sn64m4HA7F3q7JJO443-k3sruRSG3I8LLvN8BKvAIFEgVgXhWjBx5CsuJ_sY8CYaG5P5SWFRyHKgWfdrVgAV6TdgSWe2ZUEzxqtC8pqWMeit-pdzsa3sQk1hi2T2CQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZLDPQoDUZb7FE8yP_tMPr9a7yAPJntKxXNWdkfdwwI23ARABIABgleKagqwHggEXY2EtcHViLTc4MDAxMDEzNjc3NDkyNjjIAQmpAq2f90L1ELI-qAMByAMCqgTRAU_Q-xjpQY8CM_rRfmZIdXPHc1QiaArvhs_W9YfxvTTroeE8Fdcrzwn79ee7u9pqiqmz1LgaGD_eEgwRF4EfCsxx7CUvW4FxZaCo8TREwvQWmTVShc1cNInbaX0wbH27R5ofFVdi-6u5Xdy3I2MCDJsuRNvSQZU_CmhqP5IYENOzMFcaDKvNdlc9RyvBPz9_cQQsn7_Ey3E9j_NMKWrSNC2_y2DGlxIrWM4Ex47QynaZM1kGpfJzV4RN1ZEKFfstUvhbSwEjwZnPM_Ouk5KBDzzPgAbSzKHfg4737-oBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJAiA4YBwEAEyAusCOgmAQICAhICAhAhIvf3BOljkhMuQ3LmEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Azkwe2UJkeikQjZGBpMOEsupr5A%26client%3Dca-pub-7800101367749268%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08b9636b6775125253e8c852c70e1e86af7d3f18472e95ebcbd5213cf5da7a13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=10368000
timing-allow-origin
*
content-length
6114
expires
Tue, 04 Jun 2024 12:30:59 GMT
all
csm.eu.criteo.net/ Frame FE19
0
128 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=uCGlyw-saYeJ4oKCrTnQWBw9pggob-8nwWt-Kk2GnY-bKDRRDnSuL3JUhjxZp9t66wz1k9WKNBXWZYXLKTp8pLGWsG--tpASCu2c45YZkO2EFLdwbRwwMBc6cSDXhvBJDp2NcNc3inepsRa9CHvM31_GxTsAKwpGo52EKsEBH0h1YPcbDXM2QHlKUmbZg1MQoGLrarK-sJ6M1W5Qd8hCeuZd0Q5st1ooGIUs0R87kLjwYj9ydOLmHbul2Zaj1RfDB07oXg&sds=2&rev=90712&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdSAQgAE4r4Ef4fMAA7rLwIBlc5IEVudBxj3kA&u=%7Cht7ur9evmbz0TMT6Z7h7wVX27fLNS43jIGP0CTFLXk4%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at-ue5TMI33i_SG1_RVDuuRTlvaTShOdPDW7I8DD_nv-KTeF-CvJ_g770izczOyeXx19ySXGxyQ6CqU1myjJKyWWGY5rzaKsczaGdiCG8nfPmxfTLZX-u_GQLlF2BwQG53gGQ1y12pDXUb6Stv39n3iaS7WQ245Uf7RKAJ3YZeza8o6v8sJBzI9FSFfh9msiwFqR1eAgQ1eo0HiajYoulqvDJnm6XXWR3LWab2hMYZbRGFIzmS2Cy2VslbtcVWUq7ZWTUq0sEkfEj889CQ1pitKUQkINkxHAmLPg9-J29E6aHyrLVsMID5xqoulsHKpZuoCGzLHgjGIlOc2jybGvgc1-ZHBkip98z6cvydM3R-iqNrSohl6RwY5TevxBkO16zheUC_bSzsM2PIQGSATz5RSpjn4pLxSxx7UYoQF-kED9--txtk3uOD8Co2bGw8Yd3__mZXPTMUXdM6FtbBfhCNCjtx6-6wy_qO1JFi5W5ktM-pT-sn64m4HA7F3q7JJO443-k3sruRSG3I8LLvN8BKvAIFEgVgXhWjBx5CsuJ_sY8CYaG5P5SWFRyHKgWfdrVgAV6TdgSWe2ZUEzxqtC8pqWMeit-pdzsa3sQk1hi2T2CQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZLDPQoDUZb7FE8yP_tMPr9a7yAPJntKxXNWdkfdwwI23ARABIABgleKagqwHggEXY2EtcHViLTc4MDAxMDEzNjc3NDkyNjjIAQmpAq2f90L1ELI-qAMByAMCqgTRAU_Q-xjpQY8CM_rRfmZIdXPHc1QiaArvhs_W9YfxvTTroeE8Fdcrzwn79ee7u9pqiqmz1LgaGD_eEgwRF4EfCsxx7CUvW4FxZaCo8TREwvQWmTVShc1cNInbaX0wbH27R5ofFVdi-6u5Xdy3I2MCDJsuRNvSQZU_CmhqP5IYENOzMFcaDKvNdlc9RyvBPz9_cQQsn7_Ey3E9j_NMKWrSNC2_y2DGlxIrWM4Ex47QynaZM1kGpfJzV4RN1ZEKFfstUvhbSwEjwZnPM_Ouk5KBDzzPgAbSzKHfg4737-oBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJAiA4YBwEAEyAusCOgmAQICAhICAhAhIvf3BOljkhMuQ3LmEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Azkwe2UJkeikQjZGBpMOEsupr5A%26client%3Dca-pub-7800101367749268%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 20 Feb 2024 10:34:42 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame FE19
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdSAQgAE4r4Ef4fMAA7rLwIBlc5IEVudBxj3kA&u=%7Cht7ur9evmbz0TMT6Z7h7wVX27fLNS43jIGP0CTFLXk4%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at-ue5TMI33i_SG1_RVDuuRTlvaTShOdPDW7I8DD_nv-KTeF-CvJ_g770izczOyeXx19ySXGxyQ6CqU1myjJKyWWGY5rzaKsczaGdiCG8nfPmxfTLZX-u_GQLlF2BwQG53gGQ1y12pDXUb6Stv39n3iaS7WQ245Uf7RKAJ3YZeza8o6v8sJBzI9FSFfh9msiwFqR1eAgQ1eo0HiajYoulqvDJnm6XXWR3LWab2hMYZbRGFIzmS2Cy2VslbtcVWUq7ZWTUq0sEkfEj889CQ1pitKUQkINkxHAmLPg9-J29E6aHyrLVsMID5xqoulsHKpZuoCGzLHgjGIlOc2jybGvgc1-ZHBkip98z6cvydM3R-iqNrSohl6RwY5TevxBkO16zheUC_bSzsM2PIQGSATz5RSpjn4pLxSxx7UYoQF-kED9--txtk3uOD8Co2bGw8Yd3__mZXPTMUXdM6FtbBfhCNCjtx6-6wy_qO1JFi5W5ktM-pT-sn64m4HA7F3q7JJO443-k3sruRSG3I8LLvN8BKvAIFEgVgXhWjBx5CsuJ_sY8CYaG5P5SWFRyHKgWfdrVgAV6TdgSWe2ZUEzxqtC8pqWMeit-pdzsa3sQk1hi2T2CQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZLDPQoDUZb7FE8yP_tMPr9a7yAPJntKxXNWdkfdwwI23ARABIABgleKagqwHggEXY2EtcHViLTc4MDAxMDEzNjc3NDkyNjjIAQmpAq2f90L1ELI-qAMByAMCqgTRAU_Q-xjpQY8CM_rRfmZIdXPHc1QiaArvhs_W9YfxvTTroeE8Fdcrzwn79ee7u9pqiqmz1LgaGD_eEgwRF4EfCsxx7CUvW4FxZaCo8TREwvQWmTVShc1cNInbaX0wbH27R5ofFVdi-6u5Xdy3I2MCDJsuRNvSQZU_CmhqP5IYENOzMFcaDKvNdlc9RyvBPz9_cQQsn7_Ey3E9j_NMKWrSNC2_y2DGlxIrWM4Ex47QynaZM1kGpfJzV4RN1ZEKFfstUvhbSwEjwZnPM_Ouk5KBDzzPgAbSzKHfg4737-oBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJAiA4YBwEAEyAusCOgmAQICAhICAhAhIvf3BOljkhMuQ3LmEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Azkwe2UJkeikQjZGBpMOEsupr5A%26client%3Dca-pub-7800101367749268%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 14 Feb 2025 10:34:43 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame FE19
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdSAQgAE4r4Ef4fMAA7rLwIBlc5IEVudBxj3kA&u=%7Cht7ur9evmbz0TMT6Z7h7wVX27fLNS43jIGP0CTFLXk4%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at-ue5TMI33i_SG1_RVDuuRTlvaTShOdPDW7I8DD_nv-KTeF-CvJ_g770izczOyeXx19ySXGxyQ6CqU1myjJKyWWGY5rzaKsczaGdiCG8nfPmxfTLZX-u_GQLlF2BwQG53gGQ1y12pDXUb6Stv39n3iaS7WQ245Uf7RKAJ3YZeza8o6v8sJBzI9FSFfh9msiwFqR1eAgQ1eo0HiajYoulqvDJnm6XXWR3LWab2hMYZbRGFIzmS2Cy2VslbtcVWUq7ZWTUq0sEkfEj889CQ1pitKUQkINkxHAmLPg9-J29E6aHyrLVsMID5xqoulsHKpZuoCGzLHgjGIlOc2jybGvgc1-ZHBkip98z6cvydM3R-iqNrSohl6RwY5TevxBkO16zheUC_bSzsM2PIQGSATz5RSpjn4pLxSxx7UYoQF-kED9--txtk3uOD8Co2bGw8Yd3__mZXPTMUXdM6FtbBfhCNCjtx6-6wy_qO1JFi5W5ktM-pT-sn64m4HA7F3q7JJO443-k3sruRSG3I8LLvN8BKvAIFEgVgXhWjBx5CsuJ_sY8CYaG5P5SWFRyHKgWfdrVgAV6TdgSWe2ZUEzxqtC8pqWMeit-pdzsa3sQk1hi2T2CQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZLDPQoDUZb7FE8yP_tMPr9a7yAPJntKxXNWdkfdwwI23ARABIABgleKagqwHggEXY2EtcHViLTc4MDAxMDEzNjc3NDkyNjjIAQmpAq2f90L1ELI-qAMByAMCqgTRAU_Q-xjpQY8CM_rRfmZIdXPHc1QiaArvhs_W9YfxvTTroeE8Fdcrzwn79ee7u9pqiqmz1LgaGD_eEgwRF4EfCsxx7CUvW4FxZaCo8TREwvQWmTVShc1cNInbaX0wbH27R5ofFVdi-6u5Xdy3I2MCDJsuRNvSQZU_CmhqP5IYENOzMFcaDKvNdlc9RyvBPz9_cQQsn7_Ey3E9j_NMKWrSNC2_y2DGlxIrWM4Ex47QynaZM1kGpfJzV4RN1ZEKFfstUvhbSwEjwZnPM_Ouk5KBDzzPgAbSzKHfg4737-oBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJAiA4YBwEAEyAusCOgmAQICAhICAhAhIvf3BOljkhMuQ3LmEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Azkwe2UJkeikQjZGBpMOEsupr5A%26client%3Dca-pub-7800101367749268%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 14 Feb 2025 10:34:43 GMT
view
ad.doubleclick.net/pcs/ Frame D15F
0
0
Fetch
General
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvfcPQPfd29s46j9SLzKhUVpYYM93BfUL5MQ-xbq2GVTnkIFSxWiewIDYXtTN-_QNS-26Ixgo4k40xLDX4mIfJMdxhuYk7RypYJEy0-xktH3SlttGIDh40WKZ-2wSf7j2Ok83W1K-EsDGWBi_at2rUSWq_TAFhVUIS9yunlBo-gFhMthoBV89RlngC8ECA5eGCPFbSOWdOHzpLotHUhojF6Z-5QC0h8IgGDwCHFZJsv0-rnekqVePmU1Y0JILFsqFcOW2mYibzhYKawx3E6OjfgISnSyvg-yS2RADh7OdzXpRMUThT369cJW-utoXXqmePW9QZ5kqZw1L-yJ7Wbq4tw_vL7ZwPtebMYGq_2XcKBAJcYEOwng2Ce0EhSdGgm7QeBrrVgYT3b3LjwzwrqGF9xGpbgl-iRiV1Dh2Nk5C3l5QdHItPmr7Y9DpJDGAuBlVr7rBkVwDwipTouS9T1eydDn7tWGedwUJs4BPkOCmX73WqxlZJCi4Ckm-I4CCBIZq60zCcamvGMUwZCpxDuxgzKpoLcfAtI5RtGIZeGI2p2rVELAXNi1X1hWRWcGEh2srkw2M1FdaA7ZChnCqdTMo6HDBRs79ppVsCRe6Qe24jo8Vzn5nlSpIqH_thHwuYRDM5IYw3BFX42K7L5YUBOj6Dw_laaT9PzNh5meF_yLOwGLZBjblglDH8uWq9wP0ZUDfVpGjRlEoEpnmb5OXWyZWK-gk6VGDTk0gzFf3Fd-kgyfV2MwWTc-PCHRyTlNdgIEV6B1evockYYHBALfd3juqtzGPNpcGO63-FTLIfQFgZrliPg1R03q114apo4SVIvmxnAlD1aNHmBGRMHklxhy3_YEQ1VkMclyG1BTzwYrbOt27cwPaV9Y3gew2ro4hCUygDYooylPRrV7Fahb81RkJqFPlsh9INztBX_Cus1eCa1wv4_r0O0rE2CTl7KnBPZ5y2qmIv73RHQgKiEUS3h-mGF6DINKzWXDocfuQezInKMtsWGsfi86oDVOb7TEjMGouphF-KO4HGCBb05yaK7R7H4c1bQm9Lb3qDLpHs1tQhfazQzSfb_cbRXuRQ_SOnhCrqfJ6CCC2oS5DtJ6_TF0WpXdxHmrgJMW8smtVnxx7n1g6KSS27tUs-7EjKhnLsH_eSWIISmYlSmx4L09DQtuWd6KUyRc62eRXUkrssuYg8lDc2txBgxBbJTAE7QDme8kHJXN9lh_RKX0bYaxWbN8nARR19luNDNyCY3tDTUebkV26efyGUYmfNd5blYe7NO0tiMMQYrBsFvEgE3AtM4VamqB6wc7Eg0xPTqub1CNttlgMo2hgmAd2OdPa7IyMMiHoNGqCmx1CVSYF1koOVtM4b5LIuyhikQXftzX1wD&sai=AMfl-YQHovumhojLqt5vQ3fz_hXq_q8QBP3HBzpM6iIOShREE2NYW9D4so0_rfzAHB-xh126yoRwVmkr8hMQ5t-pwFPcx6YWXXgA9BavM2j2H5QHkNBsQQIZzwQuvVkGH0q8r4HqhN4XBN4-x4y5noV0JDRnNEIqbzCbKaH_0haunlee-SwXBTgwTYNAkvzLVkHg9vz2glPJVI1xfNPmhTUoY-C1H2Ho953ROESycOOZSiTR1ZzD8EJWihb72KFNKQRA73h81m-zxUHM287Q_9xqQ70HM7jiXQF8Q15PjSpmNn9e7bPK3OanojRAbDBEr28MRU9o_4tBODTmGt7DB9rV9vRveu7AioPdJkyLVUDVMqzIKMYpVqI6ebhqVgP7LynLkkkVQvnI1cp2pI5m3FQrLSn2Xoltkx057uovBOP2UOcG8_ksd3rzV7JjV8_VgrOE9K3Km_GQCHCKM-qyD-rGQfueocbQNj76N2qLePFvQrMkIaoJhHQDtxKHohgR2TfJaBZsbRs&sig=Cg0ArKJSzAUZo3sIawgGEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ldXJvY2lzLXRyYWRlZmFpci5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=359&vt=11&dtpt=358&dett=2&cstd=0&cisv=r20240215.04374&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=600&slotname=6986726970&adk=1929241932&adf=2561622201&pi=t.ma~as.6986726970&w=160&lmt=1708425282&format=160x600&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281766&bpp=1&bdt=449&idt=452&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60%2C160x600&correlator=3351915128569&frm=20&pv=1&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1133&ady=790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=453
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f102.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 20 Feb 2024 10:34:43 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F7CF
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B8KrfQoDUZeTLFPXy_tMPl52O6AcAAAAAOAHgBAI&bg=!AwClAE_NAAYBC1i-IQs7ADQBe5WfOK1duYEpLJbI1JHB3RR_SNZcVA8pB4PbE35iaTMuEzHMrR7SmkpMQ3QgaxPJswleAgAAADxSAAAAAmgBB5kC7nyZ-qNM1s8r3I3DW3_P9mA30Z3luvwdfEya6hSqDBmp4apsJCuyn110JrxmUvJ8-0-6HQd5Toz3Zs8PKCuEEZMjQIP6hrWP2hACKlefC-eTxbyt52M0MvnBytjl628IXe2BoRxi7dtVRjh9XCu-8WECYrRfprE96yDgP0Q6Q7UAs3rCge57YMMt2jAX4bDioQxwTgSOrHrca3oN7JEFYJmDYtrkDWIpzwFSZKu66gxTCmbHB7Na5PJI-zmd7PJcMelsRj49l00-yZgK3GzMlAoWrjrsgbip6wS0hLzwH16ey7RJ1BGR7Vhhiv3p0YwQImF5zl0KJ-iHxah9mrW4v9lUTFT69AiGj0DrVhU_3bPPtC0P87fgHHN--oSEIi9lY6kpTwH1ik2T5wWAYE50RSwmhKeWw4aPDZGX_dSJo8Grwj1lUaOgEib-MGehft5sYHGX7Q0eL17IDvHoBfEDhPDob7Dk7nrbbf2WGot3BwxKTp9E77S6AnriPsKJpRP3E26RENqdEM9i1GKlIIT6_7hM-ADKMQcefoMX2ZFYqiruZpCRn-6gcLWOdXY_7TBG_kvmgO_JmkWtbWUrnKM0iIcaXB5jqNOzKbePmQ7MMhk1O7hJOx41JuhKZ-hxsOaI_GKK1XVg5mAnoDg1Vo_WcHFW5HMtDcWj6PH3wKuU2Uy23DRSCEOwe4Z8EIbCw3tuWd6ezFPUP7XIgqJZSjXxcIAqYYBuxI_3H28DFKgiE7Las09G3_yCf4SNLiCm-X1yiGn-bECbE5ZI_Xp7-alOUnMXfTtLa9aQPwxP7IG62Z4uc2bXgLu_PfGgNSd6oTOhQj__MQ5EPogQv0RLMzks0MvYXJRmfhlY0Z5tWZAtyCpSP-2A9vftczhxlTFfuLSows3a1YjH01mmh5gxUJhjz32bce-vxodejt3i3tyUasrITVblTMFzIvh-f6zjUBG4uARp-TUYBDEilBSsBMAlM7fgJqM3iwyUn-w6x5kQyw
Requested by
Host: petiofi.narod.ru
URL: http://petiofi.narod.ru/detski.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 10:34:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 7641
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cra4IQoDUZfTXE5X__tMPgq-UqA7_1a7odOihpP3hEWQQASDv_tAIYJXimoKsB6AByIyk_APIAQKpAq2f90L1ELI-qAMByAPJBKoE3AFP0KLhhiCQaMQ-VXIIx8wgAWONiln4F8OATyKYykN...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228458337620954152151%22,%22debug_reporting%22:true,%22destination%22:%22https://markt.de%22,%22event_report_window%22:%2225...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228458337620954152151%22,%22debug_reporting%22:true,%22destination%22:%22https://markt.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221065944648%22],%2222%22:[%22true%22],%224%22:[%2202-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215754483759404611985%22}&andc=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=600&slotname=4584916924&adk=2319987244&adf=218696053&pi=t.ma~as.4584916924&w=160&lmt=1708425282&format=160x600&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281765&bpp=1&bdt=448&idt=447&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60&correlator=3351915128569&frm=20&pv=1&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1133&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=449
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:43 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"8458337620954152151","debug_reporting":true,"destination":"https://markt.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1065944648"],"22":["true"],"4":["02-20"],"6":["true"]},"priority":"500","source_event_id":"15754483759404611985"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 20 Feb 2024 10:34:43 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 20 Feb 2024 10:34:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"8458337620954152151","debug_reporting":true,"destination":"https://markt.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1065944648"],"22":["true"],"4":["02-20"],"6":["true"]},"priority":"500","source_event_id":"15754483759404611985"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
iframe.html
p4-bkbq6em2tcn72-ritkppebb6c25w4o-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame A183
5 KB
2 KB
Document
General
Full URL
https://p4-bkbq6em2tcn72-ritkppebb6c25w4o-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Requested by
Host: p4-bkbq6em2tcn72-ritkppebb6c25w4o-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-bkbq6em2tcn72-ritkppebb6c25w4o-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
f10ef330c9dcc4ea54b003dbc6e32441c145569efe67972414216b6e8bc09608
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://p4-bkbq6em2tcn72-ritkppebb6c25w4o-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
1986
content-security-policy-report-only
script-src 'nonce-9zopCZg2cOMTxGozOZDiHg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Feb 2024 10:34:43 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Tue, 14 Nov 2023 14:08:00 GMT
pragma
no-cache
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228458337620954152151%22,%22debug_reporting%22:true,%22destination%22:%22https://markt.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221065944648%22],%2222%22:[%22true%22],%224%22:[%2202-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215754483759404611985%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 20 Feb 2024 10:34:43 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
-nfEL6nT6hMAPyjdoOzOb1jP1Zjk2lcitOv7Rt98uqU.js
pagead2.googlesyndication.com/bg/ Frame FB8C
50 KB
19 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/-nfEL6nT6hMAPyjdoOzOb1jP1Zjk2lcitOv7Rt98uqU.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=600&slotname=4584916924&adk=2319987244&adf=218696053&pi=t.ma~as.4584916924&w=160&lmt=1708425282&format=160x600&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281765&bpp=1&bdt=448&idt=447&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60&correlator=3351915128569&frm=20&pv=1&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1133&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa77c42fa9d3ea13003f28dda0ecce6f58cfd598e4da5722b4ebfb46df7cbaa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:34:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
406789
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19793
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 14 Feb 2025 17:34:54 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240215&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7800101367749268&plah=petiofi.narod.ru&aplac=true&bust=31081135
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f335cd50f6a4e5c8ce851217dc7885c142ee3a293bd1a23d333c4d6b8ca682ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12194
x-xss-protection
0
tracker
top-fwz1.mail.ru/
43 B
1 KB
Image
General
Full URL
https://top-fwz1.mail.ru/tracker?_=0.7394471009486683;id=1046193;u=http%3A//petiofi.narod.ru/detski.html;st=1708425281682;title=%D0%94%D0%B5%D1%82%D1%81%D0%BA%D0%B8%20%D0%BA%D1%80%D1%8A%D1%81%D1%82%D0%BE%D1%81%D0%BB%D0%BE%D0%B2%D0%B8%D1%86%D0%B8;s=1600*1200;vp=1600*2272;touch=0;hds=1;sid=276b2fc8a61713c0;ver=60.4.0;tz=-60%2FEurope%2FBerlin;nt=0/0/1708425280816/////0/0/285/285/368//368/500/502/502/866/866/866/2440/2440/2441;ct=1146/1149/1149/1156;gl=u;ni=10//4g/0/0/;lvid=1708425281965%3A1708425283257%3A2%3A3e334c694a839ea0fca133690ab53f03;opts=dl%2Cjst-gtag;visible=true;js=13;e=RT/load;et=1708425283257
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:43 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7800101367749268&plah=petiofi.narod.ru&aplac=true&bust=31081135
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 20 Feb 2024 10:34:43 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8673
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://petiofi.narod.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
287
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Feb 2024 10:29:56 GMT
expires
Wed, 19 Feb 2025 10:29:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0237
829 B
560 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a95854e9c597f1673e3f603d03551640b6f3af3c66521e24bff839a581f8dccd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6nM5euopxvOaVkfpjMP1GQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://petiofi.narod.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-6nM5euopxvOaVkfpjMP1GQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 20 Feb 2024 10:34:43 GMT
expires
Tue, 20 Feb 2024 10:34:43 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bz
www.facebook.com/ajax/ Frame 12E4
0
1 KB
XHR
General
Full URL
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xe6HzE4e685KbwKBAgdEd85C5U4e0yoW3q320-E7W0TUhwem0nCq3q5U3awbG782Cw8G0um4o5-0km7o1O81u83mwaS0zE5W0PU1AE17U2ZwrU2pw5jw5Kwt8&__hs=19773.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7337630715873023736&__req=1&__rev=1011517466&__s=%3A%3A8pq06y&__sp=1&__user=0&dpr=1&jazoest=21833&lsd=UvFSrs9MGcVlMa8VMCO72j
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/6ydLaeSSU1k.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%259A%25D1%2580%25D1%258A%25D1%2581%25D1%2582%25D0%25BE%25D1%2581%25D0%25BB%25D0%25BE%25D0%25B2%25D0%25B8%25D1%2586%25D0%25B8%2F219374801463722&width=520&colorscheme=light&show_faces=true&border_color&stream=true&header=true&height=590
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary2DpSabCNr6peGiBW

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=();report-to="permissions_policy"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
date
Tue, 20 Feb 2024 10:34:43 GMT
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
no-cache
x-fb-debug
BfyU7Kfi7/uDaWSbnUD0BHMAQmH/riaur6bwAKoTHL+ztGb8OE8t3Y2qqTEOUAyxRdLH3B07c5XcFE9XT8xMYA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-frame-options
DENY
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
access-control-allow-methods
OPTIONS
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
vary
Origin
content-type
text/html; charset="utf-8"
expires
Sat, 01 Jan 2000 00:00:00 GMT
Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
pagead2.googlesyndication.com/bg/ Frame 8673
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 10:13:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
87659
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15261
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 18 Feb 2025 10:13:44 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0237
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240215&jk=1307573059339331&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 8673
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?xQaa5w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:34:43 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 112B
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1oziv2HiWFMwqLdyZYoE1gE_77GLunaiGg7oD3lATVNTdOnLgzitY7lAiLDT5QMJV6r-yYtQaP3_mhqTv0mYWow0nf0yXlY30gyhqtwC81sjDmLUoUbJWM_pCa5eHFjnG2FDAMg&sig=Cg0ArKJSzFgGyJyxzh4aEAE&id=lidar2&mcvt=1000&p=0,0,60,468&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3850891032&rs=2&la=0&cr=0&vs=4&r=v&co=435808200&rst=1708425282207&rpt=729&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 10:34:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame FE19
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=uCGlyw-saYeJ4oKCrTnQWBw9pggob-8nwWt-Kk2GnY-bKDRRDnSuL3JUhjxZp9t66wz1k9WKNBXWZYXLKTp8pLGWsG--tpASCu2c45YZkO2EFLdwbRwwMBc6cSDXhvBJDp2NcNc3inepsRa9CHvM31_GxTsAKwpGo52EKsEBH0h1YPcbDXM2QHlKUmbZg1MQoGLrarK-sJ6M1W5Qd8hCeuZd0Q5st1ooGIUs0R87kLjwYj9ydOLmHbul2Zaj1RfDB07oXg&sds=2&rev=90712&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdSAQgAE4r4Ef4fMAA7rLwIBlc5IEVudBxj3kA&u=%7Cht7ur9evmbz0TMT6Z7h7wVX27fLNS43jIGP0CTFLXk4%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at-ue5TMI33i_SG1_RVDuuRTlvaTShOdPDW7I8DD_nv-KTeF-CvJ_g770izczOyeXx19ySXGxyQ6CqU1myjJKyWWGY5rzaKsczaGdiCG8nfPmxfTLZX-u_GQLlF2BwQG53gGQ1y12pDXUb6Stv39n3iaS7WQ245Uf7RKAJ3YZeza8o6v8sJBzI9FSFfh9msiwFqR1eAgQ1eo0HiajYoulqvDJnm6XXWR3LWab2hMYZbRGFIzmS2Cy2VslbtcVWUq7ZWTUq0sEkfEj889CQ1pitKUQkINkxHAmLPg9-J29E6aHyrLVsMID5xqoulsHKpZuoCGzLHgjGIlOc2jybGvgc1-ZHBkip98z6cvydM3R-iqNrSohl6RwY5TevxBkO16zheUC_bSzsM2PIQGSATz5RSpjn4pLxSxx7UYoQF-kED9--txtk3uOD8Co2bGw8Yd3__mZXPTMUXdM6FtbBfhCNCjtx6-6wy_qO1JFi5W5ktM-pT-sn64m4HA7F3q7JJO443-k3sruRSG3I8LLvN8BKvAIFEgVgXhWjBx5CsuJ_sY8CYaG5P5SWFRyHKgWfdrVgAV6TdgSWe2ZUEzxqtC8pqWMeit-pdzsa3sQk1hi2T2CQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZLDPQoDUZb7FE8yP_tMPr9a7yAPJntKxXNWdkfdwwI23ARABIABgleKagqwHggEXY2EtcHViLTc4MDAxMDEzNjc3NDkyNjjIAQmpAq2f90L1ELI-qAMByAMCqgTRAU_Q-xjpQY8CM_rRfmZIdXPHc1QiaArvhs_W9YfxvTTroeE8Fdcrzwn79ee7u9pqiqmz1LgaGD_eEgwRF4EfCsxx7CUvW4FxZaCo8TREwvQWmTVShc1cNInbaX0wbH27R5ofFVdi-6u5Xdy3I2MCDJsuRNvSQZU_CmhqP5IYENOzMFcaDKvNdlc9RyvBPz9_cQQsn7_Ey3E9j_NMKWrSNC2_y2DGlxIrWM4Ex47QynaZM1kGpfJzV4RN1ZEKFfstUvhbSwEjwZnPM_Ouk5KBDzzPgAbSzKHfg4737-oBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJAiA4YBwEAEyAusCOgmAQICAhICAhAhIvf3BOljkhMuQ3LmEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Azkwe2UJkeikQjZGBpMOEsupr5A%26client%3Dca-pub-7800101367749268%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 20 Feb 2024 10:34:43 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame D15F
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsustdqrX1C3nxx28seRRn01LAJXBMzEqv2NEsfyeHtJcWoOtyRSw0nUKbVgUPaZFGXoTyDS7hQtJazA84I_k_-U7G1Jp7D5nkBvgIQDmplfAxmfJBAnwiUKXcFEUNrDhl30mgj_yi5gpBPTk2frjvZQ99FVpods7r9J3w&sai=AMfl-YRvH0NCNcI-oUh1yNsqjMoXOo_uzeaSPEiAqPw-tJcHCsuYgkzfs0_u_uA7IIYCgFRGX0LNThrCOmFq2PePEFGkhMRoQk1fiY8eLTTgRYGLVX_NsrYGoUNvGReEacwdNtJxebXTDIVPBqAIHuHU&sig=Cg0ArKJSzLVhJTE1oD5DEAE&cid=CAQSTgAvHhf_-1VslmEYrwKykTJ-lBcNuWgH3ISrPg8AiKXSP3F5nHvfODKXQIsUUWsQW9sQKAL-DTA99hZRe4ef0Ij9k-a43DRgILWqdFVJTxgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=0.61&if=1&vu=1&app=0&itpl=20&adk=1929241932&rs=2&la=0&cr=0&vs=4&r=v&co=435808200&rst=1708425282219&rpt=877&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 10:34:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7641
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVs8EYT40yaR8UEoYZKJOSrWeLmtpAfbDwGw1gaJ5E6kefW98hZz-4fKF5Lxt2Am1B8G-jyedtiiBOidCkS9jSHtJ-8_iE-eLSHIyqvYx499_8Ffk1LhAq1luXBOewZmJAOvt6b5iVAZRdEV8Jd0X-lWJ7VxsnEWMp9Q&sai=AMfl-YQc0sBMddiMcYhCziKU3rHO3s_qfgY6s5C3zwSabj0y-IRR3Oc5QTnOdsS8KhChWgh1783mHXP25ioKc-6nAmagFHR9AGER4esik2LZUerssowQy4k3nXmrAGUoqIQEJW1qTCllpiue4B8FOftI&sig=Cg0ArKJSzPI5LyHV-z7HEAE&cid=CAQSTgAvHhf_xjF84xc3RYgLpgQ2eByiPC7Kb0Ddzjj_2Gn30Ce5Sj1H9zA8chMhOABKdrWSCVhNIVGqP0WIMnFsBnoC7NDBTlMwRWE4XNMjtBgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=2319987244&rs=2&la=0&cr=0&vs=4&r=v&co=435808300&rst=1708425282214&rpt=919&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 10:34:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240215&jk=1307573059339331&bg=!7u2l7aLNAAZN4L4YbeA7ADQBe5WfOOYF3_RTx3GN0LMzBM8XkuDFFBsFOF1UVLnWedWFq28tLfIWlRswHQ4UFpfLwCUIAgAAADhSAAAAAmgBB5kCxxJREZ6i1MY2leYJJds60wnUk27UBNyiBhQpIac4x9PXctIihfy9OWIpvqYff8-lx1m2MmMwq3jTuyOZNnraVjbWKy4CJ3xwQGqWHijtkhSfJJYsxNARWGWsbE2FbP62uqFbPzcMKx0gqmIXkOCcurFMQTsUsmt1uA_FVp0H3asBi7shev28oaWlU7KIAaxb53alLf5soP1YphYfJ3ikWACWOdjWHBD9rPbqPvNq9nUQQU2wjTFrdVKxM1_RwulvqCzWRYUvT_zGdzEIXP7SimuXXBeclpGYxXKN-7Zn4q4OaNQ5SzTS4QpplLfb5L1BZMjs6Swgw-sREvZUhlWhgrKWfbyDZLUFk0HKB2GN1SvLFY7RWFv177BrUiOG6Jdk04Amui9s6Oa3rpA-iEnCb88lmXTojXQxT_U2NG9AEzj967dIBjz6qpUQTEHqzwmW2jQq7Lvken5rbTFhawWND0tdG2T6cfKdu2IiRiJpTqTJb-MeIFoH8_0hzNjpZxdH6My_ranE6PKa7jzcwXU96VyoNZLZFE0QDcxxkxCaaj_rcdD5eu-GDbvG4wLQF4z173D0zDlmbjOhcxfeUjJawPXc6m9W5Q69QjHpPmAt76DEhq4mvAHuAVdDQgwie4w-yg-0SEfrKFkJHqUG6MgMnXK4HcpyLsH7Rw-SkL4fnstcaEnZhzfUtTCuv6JUOQE8yw0yIOcr1Dlgxr1jNOpIpiGmmunx8uLQ33sTN5jkODVCotyA7oydcSutG3l1a9xmxDhNOU3d5FijDNJX4STjKtAcPNtplNatYgu5srutNIzyFl8izw8ZrvPJYEJFtu6Ds1uCGgdYz6po0_uvRyjatIi1n8_Q4_dPCBPmZsD9_tbVqXiGt1xuO2zA2svZQpEtF35A0zNF7SvHo64TPBnT1CmGFMjCAyOSgyJT6yApEV8hvZEdyz7png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://petiofi.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

/
kraken.rambler.ru/cnt/v2/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
js.hotlog.ru
URL
http://js.hotlog.ru/dcounter/351951.js
Domain
kraken.rambler.ru
URL
https://kraken.rambler.ru/cnt/v2/?event_type=tech&event_name=ping&project_id=861941&session_id=269413884_1708425281956&session_number=1&session_event_number=2&version=3.15.8&counter_type=web&experiment=%5B%5B%22exp_ws%22%2C%22no%22%5D%5D&top100_id=t1.861941.1147338845.1708425281955&adtech_uid=22857d8d-418a-4ed8-981c-63ae8f654344&adtech_uid_scope=narod.ru&fingerprint=pA8AAENKs1cCoPNZAT7WYgA%3D&fingerprint_ip=pA8AAENKs1fAETUZAfRZzgA%3D&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&request_id=1708425281.954-630050421&event_id=629852869588394&meta=%7B%22activity%22%3A%7B%7D%2C%22scroll%22%3A%7B%22min%22%3A0%2C%22max%22%3A1200%2C%22current%22%3A0%7D%2C%22doscroll%22%3A%7B%22min%22%3A0%2C%22max%22%3A53%2C%22current%22%3A0%7D%2C%22num%22%3A1%2C%22duration%22%3A5%7D&rn=1948667820

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 function| gtag object| dataLayer object| adsbygoogle object| hot_s object| hot_d object| _tmr object| _top100q function| chfh function| chfh2 string| _HST_cntval object| Histats function| t object| _d object| _n object| _t number| _c number| _r string| _j string| _k object| _b object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map object| google_ama_state number| google_rum_task_id_counter object| google_tag_manager object| google_tag_data object| googletag object| gaGlobal function| Kraken function| top100 object| top100Counter object| _top100 object| __gcse object| _HistatsCounterGraphics_601_setValues function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol function| _googCsa number| nextSearchboxId boolean| _value_RETURN_BUILDER function| _HistatsCounterGraphics_601 function| histats_canvascounters_base.js number| googleNDT_ number| googleAltLoader object| Ya object| yaCounter22079125 object| GoogleGcLKhOms object| google_image_requests

45 Cookies

Domain/Path Name / Value
petiofi.narod.ru/ Name: HstCfa161182
Value: 1708425281674
petiofi.narod.ru/ Name: HstCla161182
Value: 1708425281674
petiofi.narod.ru/ Name: HstCmu161182
Value: 1708425281674
petiofi.narod.ru/ Name: HstPn161182
Value: 1
petiofi.narod.ru/ Name: HstPt161182
Value: 1
petiofi.narod.ru/ Name: HstCnv161182
Value: 1
petiofi.narod.ru/ Name: HstCns161182
Value: 1
petiofi.narod.ru/ Name: _c
Value: y
.narod.ru/ Name: _ga
Value: GA1.1.834704921.1708425282
.narod.ru/ Name: adtech_uid
Value: 22857d8d-418a-4ed8-981c-63ae8f654344%3Anarod.ru
.narod.ru/ Name: top100_id
Value: t1.861941.1147338845.1708425281955
.narod.ru/ Name: last_visit
Value: 1708421681959%3A%3A1708425281959
.narod.ru/ Name: tmr_lvid
Value: 3e334c694a839ea0fca133690ab53f03
.narod.ru/ Name: tmr_lvidTS
Value: 1708425281965
.yadro.ru/ Name: FTID
Value: 1br8122LCDuk1br812002SvE
.yadro.ru/ Name: VID
Value: 2b-29h3DLU8k1br812002D3K
.narod.ru/ Name: t3_sid_861941
Value: s1.269413884.1708425281956.1708425282181.1.2
.rambler.ru/ Name: ruid
Value: 1CIAAEKA1GWNf26RAecRDQB=
.narod.ru/ Name: _ym_uid
Value: 1708425283554236722
.narod.ru/ Name: _ym_d
Value: 1708425283
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2771605932fake
.yandex.com/ Name: i
Value: X+OBncpXkLz1iXR+RmeBE2+qUbN7+Y1hrutngqm0FDdyuZV1knkj2RIEkO83N06yppjuvV7t1fPLWtXlqyYtQzp7r7U=
.yandex.com/ Name: yandexuid
Value: 5987766681708425282
.narod.ru/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1664189926fake
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.ru/ Name: yandexuid
Value: 5987766681708425282
.yandex.ru/ Name: yuidss
Value: 5987766681708425282
.yandex.ru/ Name: i
Value: X+OBncpXkLz1iXR+RmeBE2+qUbN7+Y1hrutngqm0FDdyuZV1knkj2RIEkO83N06yppjuvV7t1fPLWtXlqyYtQzp7r7U=
.yandex.ru/ Name: yp
Value: 1708511682.yu.7921875251708425282
.yandex.ru/ Name: ymex
Value: 1711017282.oyu.7921875251708425282
.narod.ru/ Name: __gads
Value: ID=3ad48f193ee3d3ac:T=1708425282:RT=1708425282:S=ALNI_MYNsZUifuXqiaPWAptTe-2UziZ1mQ
.narod.ru/ Name: __gpi
Value: UID=00000d5cdc20e45f:T=1708425282:RT=1708425282:S=ALNI_MZsNM0LTm4u6Ks0XA7sS2o23QQFmQ
.narod.ru/ Name: __eoi
Value: ID=769416d5c63ca0d9:T=1708425282:RT=1708425282:S=AA-AfjbZKJgJdVbEGnLM78F_r8Au
mc.yandex.com/ Name: yabs-sid
Value: 2210158661708425282
.yandex.com/ Name: yuidss
Value: 5987766681708425282
.yandex.com/ Name: ymex
Value: 1739961282.yrts.1708425282
.doubleclick.net/ Name: IDE
Value: AHWqTUlE-XI4gJ9BH66EL0zDL6peBSmBWr1bQEBqDCTkdYgtcMWtwzFXA_hlMfh46oU
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.narod.ru/ Name: _ga_BL7TKSZ9XP
Value: GS1.1.1708425281.1.0.1708425283.0.0.0
.doubleclick.net/ Name: DSID
Value: NO_DATA
top-fwz1.mail.ru/ Name: PVID
Value: 3wpsFm3diVYN00001L2gfCYN:::0-0-0-aeed901-0-aeed903:CAASECBR15s9Af0cXmipAPAB68oaYHJHiOIse0KeJS73vr1oo_cHdX8R2SWcnUQZ1r6IvlrxF_RFmeq94sfj9pSJ0n55sMlwY3JR_eoDaLsJpptbTHfOQhjB8CLRJuadF8jXHHC5alwid8ADQzZbSWh0oTfVHQ
.mail.ru/ Name: VID
Value: 3wpsFm3diVYN00001L2gfCYN:::0-0-0-aeed901-0-aeed903:CAASECBR15s9Af0cXmipAPAB68oaYHJHiOIse0KeJS73vr1oo_cHdX8R2SWcnUQZ1r6IvlrxF_RFmeq94sfj9pSJ0n55sMlwY3JR_eoDaLsJpptbTHfOQhjB8CLRJuadF8jXHHC5alwid8ADQzZbSWh0oTfVHQ
.googleadservices.com/ Name: ar_debug
Value: 1
petiofi.narod.ru/ Name: tmr_detect
Value: 0%7C1708425284258

77 Console Messages

Source Level URL
Text
javascript warning URL: http://petiofi.narod.ru/detski.html(Line 184)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://s10.histats.com/js15.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://petiofi.narod.ru/detski.html(Line 184)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://s10.histats.com/js15.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: http://js.hotlog.ru/dcounter/351951.js
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
network error URL: http://bs.yandex.ru/informer/22079125/1_0_595959FF_393939FF_1_uniques
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
deprecation warning URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/E9jf6zahLHS.js?_nc_x=Ij3Wp8lg5Kz(Line 282)
Message:
Listener added for a synchronous 'DOMSubtreeModified' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7800101367749268&output=html&h=60&slotname=4954790851&adk=3850891032&adf=3353141943&pi=t.ma~as.4954790851&w=468&lmt=1708425282&format=468x60&url=http%3A%2F%2Fpetiofi.narod.ru%2Fdetski.html&wgl=1&dt=1708425281763&bpp=2&bdt=445&idt=431&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&correlator=3351915128569&frm=20&pv=2&ga_vid=834704921.1708425282&ga_sid=1708425282&ga_hid=1357432180&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=827&ady=42&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081187%2C42532524%2C44809003%2C95322433%2C95324580%2C95325066%2C31081135%2C95320376%2C95320868%2C95324154%2C95324160%2C95325080&oid=2&pvsid=1307573059339331&tmod=1508136627&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=442
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://petiofi.narod.ru/detski.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ads.eu.criteo.com
bs.yandex.ru
cat.nl3.eu.criteo.com
clients1.google.com
counter.search.bg
counter.yadro.ru
cse.google.com
csm.eu.criteo.net
external.xx.fbcdn.net
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
js.hotlog.ru
kraken.rambler.ru
mc.yandex.com
mc.yandex.ru
p4-bkbq6em2tcn72-ritkppebb6c25w4o-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
petiofi.narod.ru
region1.google-analytics.com
rtb.fr3.eu.criteo.com
s0.2mdn.net
s10.histats.com
s201.ucoz.net
s4.histats.com
scontent.xx.fbcdn.net
st.top100.ru
static.criteo.net
static.xx.fbcdn.net
top-fwz1.mail.ru
tpc.googlesyndication.com
www.facebook.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.stranabg.com
js.hotlog.ru
kraken.rambler.ru
142.250.185.226
142.250.186.163
149.56.240.27
172.217.18.102
178.250.1.6
185.31.121.155
193.109.247.223
2001:4860:4802:34::36
2606:4700:10::6814:4273
2a00:1450:4001:808::2006
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2008
2a00:1450:4001:828::2001
2a00:1450:4001:829::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::200e
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::c
2a02:6b8::1:119
2a02:6b8::90
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
38.242.215.86
81.19.89.18
88.212.201.204
95.163.52.67
03fd719fb1d3162e4d29b4871bc4de412340d214f21bbee273ebf3e18dfddd63
085b24f403c6482cd06aeaa36b22029e3891e51a33729712eb7a98e750d54af9
08b9636b6775125253e8c852c70e1e86af7d3f18472e95ebcbd5213cf5da7a13
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
144c27c6db7dd3e69c5140068f95a5da84fc1507d0fcfe055037ad7ab2f579ff
14c247620583453a2a766489a414c962236da30c84a8538b29fe554b3f6dbc24
168dcd9b03d59ab43b13bcccb78c5dcb6ed6f0f5dbd9b1e2c443cc4ae8191a05
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c91f64a6b8b572618132ef5f98934db897d707322e2bc3db45b2788758d5c63
1e42939e089a78bf0f6771d2e53485a87d78f51e38a465131a4fed67e54b4e8e
21de8fd21bd8dfa1f1778e7997e417901434ab1362e589422066e87bc05574c3
226dcd2f9b9c7ce00c5526efd49c712ecbcfa2f959893db232b90ad01c27c8fa
22965e772d52a2044625993d4b8139c96a5aa2962c02f155ae7785702e1519fb
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
256b64494fe2573d5b7cad9ee59b22ad7d1e720ca452c348381c2f29ac2d089b
26725cebcf1de7b827ba027be93a980c6e48c0e1f1da85fa29a288870eadc580
26d025f81d2c84157aa00aea3143846c478328ed7243f9dae12a8c3f9599e8f9
28bcb7aa03a254ceca911c82d006bc4cb3f324a0533a059ccfb98fba6344f997
2910a75fe798cbb18961bf9510620ee4edbc664b99037f2a9b0b0af70a8d9631
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
2e8ad8dd2dedc88e1d2072675d5e2df6196d89c343c54390ad03e074a0bef180
303b14516d62d0d4e808f290466152cb4931673b9ac911f37f8fca59148c6909
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
352d8dae3843bf41dd986436e05a49d762fb30768f1758cc06f5cfdb820cc6f1
361013f14048242b449118364082c02135e5430ba7f3dba02d81d3dfee184367
384d11b1b10a5836bf06f7b8f893cb49986aaa44d296510c250e72808af39874
3c3ebbb47fa016b229638258faa24b610fe571648e1b7e9fc2836bb5eb813849
4289e1ca8561e9cf6fc42f4b6e6daa691897891629c899ab51e4c0aecea87ac4
429e7004f3f8fbe42cacb984c36a9cda33efdacc100a276b12e82c6ab78bf7ec
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44e82c117b4194c5d79a0b555810cd2c86ca70c8abe69c46500ee6c03b77dff6
473b69e6dda63c5507d9c28062e22fdf9d80dddf58287ed9479ed1a40080238e
473f98fc0967c2c122456fc402d7db00d57d3fe3b46a12d075d10eb26a55dd5b
497ac2734f8a41817bccc94283737cfc706544069ef4fcb1e5029e51c8b6450d
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fff8586c267ebde60ad0b150f0d0008d3a8c0da965152a0b75b8404352efa10
522684fd2219ccca4ea4ded7d55d2b123aeeebf7feaba30cc50a5931b3d85433
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f22fee354a99d20ad90bc9b0b36013c143efd5d439555f3b64e141c69dac30
6e6130e333082504f6483ab92416010cfeb338355231e00fc8777790a2dd4d18
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7515bf959b73b956ceb967351c7e299cbb3668a53d35f9c770eb72e00d93ced6
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
882b207d5ed050e2f4c7f8e931d8f8a7b8dd4ed29a19d8ec364218df7c724edf
8c912cae95c90fa3e67d4f21f0c3cabafc406c0f5139694452c3268fd6b33475
8cd78aaf8f41700a44b999160164fdcfacf4c250fcea1f9e1aab5090693cfdad
8d790e19534630152b8a7dfbf3cd76edd32f34f51f422cc21fbce06be216f41b
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90d4798cfeacb30022d6f8efb927da957733d8302ed75b0691a9c4afc8d9f15d
91b72d02901e410e08205dee625b3fccca589d27ec9cc20a997cfc213acd5146
94ee7deed310cb3831ad7bcf23d6272dfa22a7a8faf18289508fa85210d8a8a9
96201bf7415ca1b0148d133e972c19e86cfc034d2c27ef839d13042f7af32c38
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
9a21e1052492ac1866b8df081548fbf1809c48db1de0209cf4e953702ae3a851
9a7c4e57efaba2a8cc95f694d6b9578a4397dcde347f6cae567758441394a33a
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
a07ce4900c10a7af4c7ef6bcbcc91ff21600f9df829dd410af768a619cafc0e5
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3e41cbbeb22fef368b26b45c7480252acb8ceced4bfaa50b7da454366c03db5
a4ac5325e4228b19f937d516b94aef0ff65adb7ca2baa4ce5d879b42a7c1bea5
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
a6057df58ce97a61dbfa822110e2c72ba7855d2ed5689badb682eb079a021f7f
a63abd76bb348773b1071570a48c2262d860940e3151833dd9e6ea6cf1cae193
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8
a947d600ce9a02e3318f52f21e6508b18b55abd5379473084173d98001288761
a95854e9c597f1673e3f603d03551640b6f3af3c66521e24bff839a581f8dccd
aa03eb68227b8878eaceea508be01259496077ec5ed9b375f84c77f577b843ed
ac8169d1a4d78f8e94345352aeee13a070e366572e5e30cec01bed3f6e55f66a
ad3f780f0b37b67580c2b3045df0451c21fb970d0205c2edb6132389a307ee95
b0913512a8e7316569fb4f11c41df7357eda219faa3d493eacb36cad6de9b5bd
b6f357810e9cd8f0aeca7b0cd526dc72d9230dce6958843f80bf104f940b5626
b8fc6db55f2d42658968720864dfb143a3681a6f3dd4a4065dc5cf471c39e11e
c67e17babf8fdbaf9e20429db2ad65646899704ab710617f786774afdf30a05f
c8caed93847affc154cb3d424e34fc146e7340bb29abebd5eba7063e3dca0604
ce892acc4a9ec24adc13617e250eb3e2f7fb510c4160e02541a0446c1ca5307b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d028f0dc446d5168becaf01cf3e8aa03dfd209755844e9d33e72ba808811dab7
d09709eb2d01cfb9088d7842266608c935e552d9963e174366497591f1d03cb6
d4bc74974276640f22a3cb6ebc4c10982e01f57eeb4135ddb581f5704fbf0c8f
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
ddf10a74a047e304b5cd38ad0152ebaf321f799ec2493cdafc55f6bfb305567d
e0b84c9c86ff8c6282031b41e5ca2526e45e5e9c1a3956579f5320c25fb40360
e15b6a5399b3a0165ce5553baeb68d5438f0eb9fcc94abd49a54ada8cf230724
e16f8b720113109bff9b1aa7e2b2d3c9b1fad14527a155a688d651f12a912b15
e300f40b91cd75faf039dd31510a1d963a02f707e12badcda882eb1e3428144d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4177ee651e7cbd6e3c2011e7711125ec7a67da754d5a148004d99db8c2a1d07
e88a0d2d82a022d4a52e98513e379aa7f4b10b2c04c4f4d936202a2b69f5bf27
e90a0e4058cfbade008fc6501afe9612f46ce73b2ec11cd576985f26f07b1eec
e98d376757ded7c70e51c0059a0ccb56da68d20637918d293ad34757675924fd
ea9349f79e725746c2ed4eec37bd306e6699572e989c46ab72b9c8ea525877c9
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec88ae1ecf5b870737f876cc1bb7252d45bccf4d5a7fb145e560739e781d2ea1
ed304bae28f26be9d8c3544742a5ebd1586cacd16d557f9689762344383b2365
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f10ef330c9dcc4ea54b003dbc6e32441c145569efe67972414216b6e8bc09608
f1c223c16210736b22436b8429ba6c0f19bb4b612293a70aad89decd7a57b0a2
f2fe39fcff7eddfb9dbf882b9e2b40e2f1178c29edc9fe4b6f8d6a817d53a1ab
f335cd50f6a4e5c8ce851217dc7885c142ee3a293bd1a23d333c4d6b8ca682ee
f50c8b64001f780d847ca44c0c961886bd259302cb14e0297d3b941f8d499e3e
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f8d090b1103472c2f535d285c4cb081488700b3517148059b13373033467377b
f9b6b97a7c6bbffa300029a87aa473379d7b6dfd99310f99f959335c0f384025
fa77c42fa9d3ea13003f28dda0ecce6f58cfd598e4da5722b4ebfb46df7cbaa5
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe