urlscan.io logo urlscan.io
SecurityTrails logo

4tololo.ru Open in urlscan Pro
89.248.192.249  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://4tololo.ru/
Effective URL: https://4tololo.ru/
Submission: On October 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 32 IPs in 5 countries across 20 domains to perform 142 HTTP transactions. The main IP is 89.248.192.249, located in Moscow, Russian Federation and belongs to SELECTEL, RU. The main domain is 4tololo.ru.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 7th 2023. Valid for: a year.
This is the only time 4tololo.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 39 89.248.192.249 49505 (SELECTEL)
1 5 95.163.52.67 47764 (VK-AS)
2 2a02:6b8::90 208722 (GLOBAL_DC)
1 2a00:1450:400... 15169 (GOOGLE)
4 8 2a02:6b8::1:119 208722 (GLOBAL_DC)
2 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
1 8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a02:6b8:20::215 208722 (GLOBAL_DC)
1 15 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::12 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
2 216.58.206.34 15169 (GOOGLE)
2 142.250.184.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::9 44788 (ASN-CRITE...)
9 2a02:2638:3::3 44788 (ASN-CRITE...)
1 178.250.1.6 44788 (ASN-CRITE...)
3 4 216.58.212.162 15169 (GOOGLE)
2 4 104.18.26.193 13335 (CLOUDFLAR...)
2 3 185.89.210.20 29990 (ASN-APPNEX)
1 2606:4700::68... 13335 (CLOUDFLAR...)
13 2a02:2638:3::10 44788 (ASN-CRITE...)
1 2a02:2638:3::1a 44788 (ASN-CRITE...)
142 32
39    89.248.192.249 (Moscow, Russian Federation)

ASN49505 (SELECTEL, RU)
4tololo.ru
5    95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru
top-fwz1.mail.ru
2    2a02:6b8::90 (Ulyanovsk, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
bs.yandex.ru
an.yandex.ru
1    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2a02:6b8::1:119 (Ulyanovsk, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
2    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
14    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
8    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
7    2a02:6b8:20::215 (Russian Federation)

ASN208722 (GLOBAL_DC, FI)
yastatic.net
15    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn2.gstatic.com
3    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com
1    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net
www.googleadservices.com
2    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl3.eu.criteo.com
9    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
4    216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net
cm.g.doubleclick.net
4    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
3    185.89.210.20 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
13    2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
1    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
Apex Domain
Subdomains		 Transfer
39 4tololo.ru
4tololo.ru
3 MB
29 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
401 KB
23 criteo.net
static.criteo.net — Cisco Umbrella Rank: 728
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9717
csm.eu.criteo.net — Cisco Umbrella Rank: 9249
328 KB
14 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
103 KB
7 gstatic.com
www.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn0.gstatic.com
fonts.gstatic.com
131 KB
7 yastatic.net
yastatic.net — Cisco Umbrella Rank: 5718
208 KB
5 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 7957
3 KB
5 yandex.ru
bs.yandex.ru — Cisco Umbrella Rank: 13295
mc.yandex.ru — Cisco Umbrella Rank: 3539
an.yandex.ru — Cisco Umbrella Rank: 5362
146 KB
5 mail.ru
top-fwz1.mail.ru — Cisco Umbrella Rank: 9006
23 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716
3 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 261
2 KB
3 criteo.com
ads.eu.criteo.com — Cisco Umbrella Rank: 9209
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 15502
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10275
56 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
177 KB
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1200
www.googleadservices.com — Cisco Umbrella Rank: 153
601 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
21 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 250
5 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 344
42 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
975 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
64 KB
142 20
Domain Requested by
39 4tololo.ru 1 redirects 4tololo.ru
15 tpc.googlesyndication.com 1 redirects pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
4tololo.ru
14 pagead2.googlesyndication.com 4tololo.ru
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
13 imageproxy.eu.criteo.net ads.eu.criteo.com
9 static.criteo.net ads.eu.criteo.com
8 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
7 yastatic.net an.yandex.ru
5 mc.yandex.com 3 redirects 4tololo.ru
5 top-fwz1.mail.ru 1 redirects 4tololo.ru
top-fwz1.mail.ru
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 encrypted-tbn0.gstatic.com googleads.g.doubleclick.net
3 www.googletagservices.com googleads.g.doubleclick.net
3 mc.yandex.ru 1 redirects 4tololo.ru
2 googleads4.g.doubleclick.net 4tololo.ru
2 www.googleadservices.com
2 encrypted-tbn2.gstatic.com googleads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 csm.eu.criteo.net ads.eu.criteo.com
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 cat.nl3.eu.criteo.com ads.eu.criteo.com
1 rtb.nl3.eu.criteo.com googleads.g.doubleclick.net
1 s0.2mdn.net googleads.g.doubleclick.net
1 fonts.gstatic.com fonts.googleapis.com
1 ads.eu.criteo.com googleads.g.doubleclick.net
1 www.gstatic.com googleads.g.doubleclick.net
1 fonts.googleapis.com googleads.g.doubleclick.net
1 www.google.com tpc.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 an.yandex.ru 4tololo.ru
1 www.googletagmanager.com 4tololo.ru
1 bs.yandex.ru 4tololo.ru
142 33

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
ok.ru
vk.com
www.ok.ru
top.mail.ru
metrika.yandex.ru
Subject Issuer Validity Valid
4tololo.ru
AlphaSSL CA - SHA256 - G4		 2023-05-07 -
2024-06-07		 a year crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-09-24 -
2024-03-24		 6 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.mail.ru
GlobalSign ECC OV SSL CA 2018		 2023-10-06 -
2024-11-06		 a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-08-14 -
2024-01-24		 5 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.yastatic-net.ru
GlobalSign ECC OV SSL CA 2018		 2023-07-10 -
2024-01-07		 6 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2023-12-23		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-30 -
2023-12-25		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-17 -
2024-01-18		 3 months crt.sh

This page contains 13 frames:

Primary Page: https://4tololo.ru/
Frame ID: 30AC5B71841BAF018A7CD1393D7C74CD
Requests: 64 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Frame ID: DA733B5B0F96196E0FD00A54E50BB313
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&h=380&slotname=1654143314&adk=2108178227&adf=734059082&pi=t.ma~as.1654143314&w=282&lmt=1697725531&rafmt=12&format=282x380&url=https%3A%2F%2F4tololo.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150238&bpp=3&bdt=1494&idt=93&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=8540510458808&frm=20&pv=2&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=259&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=50tbEraktt&p=https%3A//4tololo.ru&dtd=108
Frame ID: 6710571EE906FE4036CD7479ACC2B8F6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&h=280&slotname=5535879205&adk=1225749&adf=284215673&pi=t.ma~as.5535879205&w=1170&fwrn=4&fwrnh=100&lmt=1697725531&rafmt=1&format=1170x280&url=https%3A%2F%2F4tololo.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150241&bpp=1&bdt=1498&idt=111&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=282x380&correlator=8540510458808&frm=20&pv=1&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1047&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NmsOMMM6Xp&p=https%3A//4tololo.ru&dtd=113
Frame ID: 5E130FEF4E7E9463A2EA51E85B8191D7
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&h=380&slotname=1654143314&adk=2108178227&adf=2953393628&pi=t.ma~as.1654143314&w=282&lmt=1697725531&rafmt=12&format=282x380&url=https%3A%2F%2F4tololo.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150242&bpp=1&bdt=1498&idt=117&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=282x380%2C1170x280&correlator=8540510458808&frm=20&pv=1&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=807&ady=1735&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JjVH5NzWaW&p=https%3A//4tololo.ru&dtd=121
Frame ID: 991ED3100823469E73940BB4C831528F
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&adk=1812271804&adf=3025194257&lmt=1697725531&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l%7C188x810_r&format=0x0&url=https%3A%2F%2F4tololo.ru%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150255&bpp=1&bdt=1512&idt=110&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=282x380%2C1170x280%2C282x380&nras=1&correlator=8540510458808&frm=20&pv=1&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=118
Frame ID: 65D82C1B19DD2F97A3C115471134E0CC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BC6F8FF893581EF926A686C592C81B0E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BD4B21CE788BB79F5370321EE18321F8
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTGkVgAG4zwGrSSeAAon0EFhl-wBpp-v3aQoRA&u=%7Ch2Cr%2FRrnfqNA397T7ueW1ti45ADfZGZ%2BPsQWKJQORXs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zsDj_AdT_XRm-gw4ApAJ6bK5jLqYF-isHLmauRz-AfeYAK_8pRbphREHTY4N3DEDJmtaikHttQPZi_p3lVS3vPIlJGHTPT0PjcF2GNcq29WriY4t2wz4mBG0-oYxi2e8ywjOkhVKHButq94n5bUADZy7vX6xj9-6jDLvVRoUnX2bAebGhtrq_sRj-n3vH8CpUisw0J4Qc9qtX4zHdzhUvuZuW6rQhGRiqp6fViKjGsaBORnyoOutOY_JrEp0ZzWjhMhVTz7KuzkCFVPUYF6WLLvaG9f68LpMv74pWS7JAu7Si9W79EdrVU09tKBewBhZa9O73lc9On7_g8oIeqFl2t7nW6y1AGjCDs2vDnObD0Z73Cq9wpCz6rzs8TsWCBXXTOMy1Mi51koFls5ZNYWrs0dYcriNGtlVu_9TeeX8mkV5SlSq6_CzQKpnQSLbJlRJQDfWn7P4eELT_PD7djmH5LuPKyMOgq_dki1J02csUIBGO_m7r6UeQeE4x18h0s1vDdEfs03pva9KZW3JJ1CNZMiXVZ69nKo2GzrVkf-e20eS08BZlBF16ZgB1CtcEaEDGw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4KKCVqQxZbzGG57JtOUP0M-o0AbJntKxXM3x4t2IAcCNtwEQASAAYJWSroK0B4IBF2NhLXB1Yi03NDI0NjYyMDU0NzY3ODQ4yAEJqQJFXLiirsexPqgDAcgDAqoE1wFP0MM1OX8w9Px117MR15fA2y54Y7Nes4wDzZLn3Qu7CjkKa39-Ej6tOoIfIDdiVX16hX6uHnTe2yF89odTbARN8ZbqqFLfN7Lk3_OKfe-h_avxOwf9TWt6G3Bq2VdGTqQCFTR_j3YcdlxQ9mRzr4JqQwnm_mjs142iC5SVNV8xHYwpsqONjM1KcIccSHVA_REvjdYw3McV0Nlq7nIGmu_YrsoZ9QsQYiXvzZlPrjdLUCeGaWzFiYnF2th5s8ypPRmtvZvGEf8AzcdaSowUNNsyXr1OH0gfYoAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1L--r92rsDJWl0F2E2C2-skrz5Eg%26client%3Dca-pub-7424662054767848%26adurl%3D
Frame ID: 9BAD66B176A1D255EAC895C56CA431F8
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMihxfQDEOGQ6cYEGNqdjewBMAE&v=APEucNVVfITd6AS5MKwbISWBZKCkjXo3agjdYJIGeGo3fZnxUt4Gblk_2UeZaIEqON1NlcA81jzr78hs4qsLGqu3v5Wd3KM3YjzDQJ12MmX4HUa4qLOEIkcu3c1SL-ulbxRBci0SjtHxZx3RZ89wnjD9ul5tUHsRC36avx6j1GqqicrAgATo7Tw
Frame ID: 6FC6AFE7FE48AE94A9C6E2F871B4CAAD
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js
Frame ID: 45A80F96D58D54B19C537B7B78B1D585
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js
Frame ID: 7C3640A3BB261AE29A11E8B69A492B75
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CFB58E4DCC745F1A750952F6AB9FE643
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Умкра

Page URL History Show full URLs

  1. http://4tololo.ru/ HTTP 301
    https://4tololo.ru/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

142
Requests

94 %
HTTPS

74 %
IPv6

20
Domains

33
Subdomains

32
IPs

5
Countries

4337 kB
Transfer

6826 kB
Size

34
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://4tololo.ru/ HTTP 301
    https://4tololo.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://top-fwz1.mail.ru/counter?id=2470745;t=284;l=1 HTTP 302
  • https://top-fwz1.mail.ru/counter2?id=2470745;t=284;l=1
Request Chain 43
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10161.aYWZ7q0YPGgfSoluLUsZpyHvv4Thq1dTp1GTELOqeR5MixCTCb4B67RaQoYzsZQ7.N5eFOPdTM0RCA5HYSqP_npg5ZaA%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10161.BRMow8E0Jkx149iDlP5shvIvpb2keI-Ydh2hUWvOolDnUusAf9xSmAp8FqCGNa434LCw6kCb3BlQ3bt9oD7jaoWXf_eVg8W_rOEdquhIjaw-_grFaqmtKN4gEXachbfP20wQ16y1hcm-9LFDK49zs7mBwczB3xPjIDBKSrg5G8fcHNccBLDczESmlLK110LfyWg4w14tfiAsfUPBsmURjW8Cmwo_76nXnGXu1zBtXQk%2C.Npk9oLVru97C_krO3kjBCkS9Zm8%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10161.V4k893v2UIg6FBLN6Xvc1K8jnNP69O1oOi_7DUY__QHokstFbiKDNz73RnYtQHfzN8HdrUXgY7LnQTd6rJXSr8tpkOyS5ij0oBzmE4eXgQcPc_LgBIl6t7W4lrb5E-bvEEVwKwLtvRXaoEqFlp7Zkr1Trfhp44gddwumH5M1Nv5xESrrFiIIhLJmjttU03DWGlexCDn92RU6h3sKAUKfDw%2C%2C.x7ocfK3vWfot6hsKhoZJLgsbvkY%2C
Request Chain 48
  • https://mc.yandex.com/watch/12884488?wmode=7&page-url=https%3A%2F%2F4tololo.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afl86jx5xzg2bypmh9uy7rmj%3Afp%3A645%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1140%3Acn%3A1%3Adp%3A0%3Als%3A1168869389100%3Ahid%3A694670399%3Az%3A120%3Ai%3A20231019234909%3Aet%3A1697752149%3Ac%3A1%3Arn%3A664374470%3Arqn%3A1%3Au%3A1697752149228820523%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C75%2C72%2C20%2C310%2C0%2C%2C380%2C16%2C%2C%2C%2C858%3Aco%3A0%3Acpf%3A1%3Ans%3A1697752148281%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697752149%3At%3A%D0%A3%D0%BC%D0%BA%D1%80%D0%B0&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/12884488/1?wmode=7&page-url=https%3A%2F%2F4tololo.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afl86jx5xzg2bypmh9uy7rmj%3Afp%3A645%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1140%3Acn%3A1%3Adp%3A0%3Als%3A1168869389100%3Ahid%3A694670399%3Az%3A120%3Ai%3A20231019234909%3Aet%3A1697752149%3Ac%3A1%3Arn%3A664374470%3Arqn%3A1%3Au%3A1697752149228820523%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C75%2C72%2C20%2C310%2C0%2C%2C380%2C16%2C%2C%2C%2C858%3Aco%3A0%3Acpf%3A1%3Ans%3A1697752148281%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697752149%3At%3A%D0%A3%D0%BC%D0%BA%D1%80%D0%B0&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Request Chain 84
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCat6zDHxCwCRiwCTIIZ7MB4_P2Swc HTTP 301
  • https://tpc.googlesyndication.com/simgad/3995853839924061625
Request Chain 92
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C0CatVqQxZdbfFqLa7_UPj4WPsA2804vJc8D1sb3aEfiulODLRRABIIymniFglZKugrQHoAGhwJjxKMgBCagDAcgDywSqBO0BT9BGZclcknB8_9I5QwyhTEgVSuqgwojOEC9VZ4w43hSOovvVxM2slDwxmWAxtGsNVGnmo1SeBaI9ZhISkhKIwLhVgQllF5jpoMkpTa3QzRkAb8ETttGb7OIUqZgisHcSX54Fd20MNbaLTe58v7d0_AfgkHiFF5p847NSbKHNfkqjZmxGPq_x4vZYCq6jYYzmPywJwHtFRN-3AxsMeaRx18KXN6dsVWNg8rwxYm7hIoOfRfsYjYGGdvK6w0iCFVpA0aJ7wQpwXxE5dOKL7ufhg22yenbVwR2-D_YhLlwASeP8EqZWskVvCccBZxk6wATY2u61vQSIBbyikY1MkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB538pKMEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEENrIM9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCYACaHR0cHM6Ly93d3cudGVtdS5jb20vZGUva3VpcGVyL3VuMS5odG1sP3N1Ymo9ZmVlZC11biZfYmdfZnM9MSZfcF9tYXQxX3R5cGU9MSZfcF9qdW1wX2lkPTcyNSZfeF92c3Rfc2NlbmU9YWRnJmxvY2FsZV9vdmVycmlkZT03Nn5kZX5FVVImZ29vZHNfaWQ9NjAxMDk5NTE4MTc2Nzk0Jl9wX3Jmcz0xJl94X2Fkc19zdWJfY2hhbm5lbD1vdGhlciZfeF9hZHNfY2hhbm5lbD1nb29nbGUmX3hfYmdfYWRpZD1nZDg4OTA1Ny0xJnRvcGljX2NsYXNzaWZ5PTEyNoAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi03NDI0NjYyMDU0NzY3ODQ4GAA&sigh=dB_7uhzfqCE&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNiStMQNKjwSEmlmbQOaOs8jYTQfPu8h3S7e8HH4de_ULQqSuGpKU8VD4OwIPK4ASqnmGEASqHNltmw_EKV--1kABXQx7F18MYAQ&template_id=494&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221107617684845621327%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2210-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215080402996012907905%22}&andc=true
Request Chain 111
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECEzEzXgOP-WjQottUW72fQ&google_cver=1
Request Chain 112
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTGkVtspgs0ybRcmn9XX0QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE2RuG8ukdcmMJX6nT1crmU&google_cver=1
Request Chain 113
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPFRKC5_-L2pq4ugV0JqM5A&google_cver=1
Request Chain 114
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQ1MTY4MzEwMTUxMjExODg3Mw%3D%3D

142 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
4tololo.ru/
Redirect Chain
  • http://4tololo.ru/
  • https://4tololo.ru/
69 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4tololo.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
f8dc10c73db676e263f15ff8bd2ae9d992bd76126e6a7241442b14a262b124b1
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN ALLOW
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=3600, public
content-encoding
gzip
content-language
ru
content-type
text/html; charset=UTF-8
date
Thu, 19 Oct 2023 16:25:32 GMT
etag
W/"1697732731"
expires
Sun, 19 Nov 1978 05:00:00 GMT
last-modified
Thu, 19 Oct 2023 16:25:31 GMT
permissions-policy
interest-cohort=()
server
nginx
strict-transport-security
max-age=7200
vary
Cookie
x-content-options
nosniff
x-content-type-options
nosniff
x-drupal-cache-contexts
cookies:big_pipe_nojs languages:language_content languages:language_interface route session.exists theme timezone url user
x-drupal-cache-max-age
-1 (Permanent)
x-drupal-cache-tags
block_content:1 block_content:13 block_content:14 block_content:15 block_content:17 block_content:19 block_content:2 block_content:3 block_content:4 block_content:5 block_content:6 block_content:8 block_content:9 block_content_view block_view config:block.block.flippyblock config:block.block.footerlink config:block.block.googleanalitics config:block.block.ham config:block.block.kommentariimnogo config:block.block.kopirayt config:block.block.posledniekommentarii config:block.block.raskrytayaformasearchpage_1 config:block.block.reklamnyybanner config:block.block.reklamnyybanner_2 config:block.block.reklamnyybanner_3 config:block.block.reklamnyybannersmall config:block.block.reklamnyybannersmall2 config:block.block.searchtrigger config:block.block.swithcerhtml config:block.block.tololo_branding config:block.block.tololo_breadcrumbs config:block.block.tololo_content config:block.block.tololo_help config:block.block.tololo_local_actions config:block.block.tololo_local_tasks config:block.block.tololo_main_menu config:block.block.tololo_messages config:block.block.tololo_page_title config:block.block.tololo_views_block__content_recent_block_1 config:block.block.vidzhetpulse config:block.block.views_block__content_recent_block_2 config:block.block.views_block__content_recent_block_3 config:block.block.views_block__content_recent_block_4 config:block.block.yandexshare config:block.block.yandexshare_2 config:block_list config:color.theme.tololo config:extlink.settings config:filter.format.html config:image.style.article config:lazy.settings config:search_api_autocomplete.search.search_1 config:system.menu.main config:system.site config:user.role.anonymous config:views.view.content_recent file:120583 file:120601 file:120636 file:120660 file:120680 file:120699 file:120714 file:120733 file:120750 file:120769 file:120787 file:120807 file:120808 http_response local_task node:19552 node:26595 node:26596 node:26597 node:26598 node:26599 node:26600 node:26601 node:26602 node:26603 node:26604 node:26605 node:26606 node:26607 node_list node_view rendered search_api_autocomplete_search_list:views:search taxonomy_term:115 taxonomy_term:1518 taxonomy_term:1637 taxonomy_term:2191 taxonomy_term:245 taxonomy_term:2494 taxonomy_term:287 taxonomy_term:356 taxonomy_term:432 user:0 user:1 user:22 user_list
x-drupal-dynamic-cache
MISS
x-frame-options
SAMEORIGIN ALLOW
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Thu, 19 Oct 2023 21:49:08 GMT
Location
https://4tololo.ru:443/
Server
nginx
%D0%B0%D0%B5%D0%BD%D0%B3.jpg
4tololo.ru/sites/default/files/field_image/2023-10/ 		161 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4tololo.ru/sites/default/files/field_image/2023-10/%D0%B0%D0%B5%D0%BD%D0%B3.jpg
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
ac205741324af58a4c727305a428a3481b7d83448dc423f0485f7dfad4fca2c8
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:08 GMT
strict-transport-security
max-age=7200
last-modified
Thu, 19 Oct 2023 11:57:55 GMT
server
nginx
x-content-options
nosniff
etag
"653119c3-2836e"
x-frame-options
ALLOW
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
164718
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 21:49:08 GMT
css_Tn-UXHb0NHB9AhL_lVZwgTH1HR_XSTrb_wYRXppZ_II.css
4tololo.ru/sites/default/files/css/ 		27 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://4tololo.ru/sites/default/files/css/css_Tn-UXHb0NHB9AhL_lVZwgTH1HR_XSTrb_wYRXppZ_II.css
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
4e7f945c76f434707d0212ff9556708131f51d1fd7493adbff06115e9a59fc82
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:08 GMT
strict-transport-security
max-age=7200
last-modified
Fri, 09 Sep 2022 11:07:07 GMT
server
nginx
x-content-options
nosniff
etag
"631b1e5b-6d0c"
x-frame-options
ALLOW
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
content-length
27916
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 21:49:08 GMT
css_X2LLRTVRNhLYHh4iithq2K9NEmVYTfDQOq7wgh4A3fU.css
4tololo.ru/sites/default/files/css/ 		96 KB
96 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://4tololo.ru/sites/default/files/css/css_X2LLRTVRNhLYHh4iithq2K9NEmVYTfDQOq7wgh4A3fU.css
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
5f62cb4535513612d81e1e228ad86ad8af4d1265584df0d03aaef0821e00ddf5
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:08 GMT
strict-transport-security
max-age=7200
last-modified
Fri, 09 Sep 2022 11:07:07 GMT
server
nginx
x-content-options
nosniff
etag
"631b1e5b-17ec0"
x-frame-options
ALLOW
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
content-length
97984
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 21:49:08 GMT
logo_0.jpg
4tololo.ru/sites/default/files/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4tololo.ru/sites/default/files/logo_0.jpg
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
c52d57bb84c6b9a6d59e8a45add531f3524940e5cddf2251055ed2bf12935e92
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:08 GMT
strict-transport-security
max-age=7200
last-modified
Thu, 19 Jan 2023 22:14:53 GMT
server
nginx
x-content-options
nosniff
etag
"63c9c0dd-1789"
x-frame-options
ALLOW
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
6025
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 21:49:08 GMT
counter2
top-fwz1.mail.ru/
Redirect Chain
  • https://top-fwz1.mail.ru/counter?id=2470745;t=284;l=1
  • https://top-fwz1.mail.ru/counter2?id=2470745;t=284;l=1
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://top-fwz1.mail.ru/counter2?id=2470745;t=284;l=1
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
0e436af44842c7ba8fbdd49705376e0993ec53ab9cdf8607752b79803f379033
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:08 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
1436
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*

Redirect headers

date
Thu, 19 Oct 2023 21:49:08 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
0
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
accept-ch-lifetime
86400
location
https://top-fwz1.mail.ru/counter2?id=2470745;t=284;l=1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
3_1_FFFFFFFF_EFEFEFFF_0_pageviews
bs.yandex.ru/informer/12884488/ 		10 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bs.yandex.ru/informer/12884488/3_1_FFFFFFFF_EFEFEFFF_0_pageviews
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
7515bf959b73b956ceb967351c7e299cbb3668a53d35f9c770eb72e00d93ced6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
text/plain; charset=UTF-8
date
Thu, 19 Oct 2023 21:49:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
timing-allow-origin
*
x-xss-protection
1; mode=block
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
logo.jpg
4tololo.ru/themes/custom/tololo/dist/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4tololo.ru/themes/custom/tololo/dist/img/logo.jpg
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
c52d57bb84c6b9a6d59e8a45add531f3524940e5cddf2251055ed2bf12935e92
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:08 GMT
strict-transport-security
max-age=7200
last-modified
Fri, 24 Jan 2020 15:17:13 GMT
server
nginx
x-content-options
nosniff
etag
"5e2b0a79-1789"
x-frame-options
ALLOW
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
6025
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 21:49:08 GMT
js
www.googletagmanager.com/gtag/ 		174 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-29554680-1
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f01f4fb3a8f91924b332671acf08a07f2db047848cbb5a219d7f9aadddcc39cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65228
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 21:18:44 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 19 Oct 2023 21:49:08 GMT
code.js
top-fwz1.mail.ru/js/ 		42 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/js/code.js
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
e8784cf600efa5162eecb46132810cb58c14dab82fd4bfdfcfca7d0c7d7feea9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin
*
last-modified
Tue, 17 Oct 2023 07:17:39 GMT
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
etag
W/"652e3513-a922"
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
max-age=3600, private
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
expires
Thu, 19 Oct 2023 22:49:08 GMT
footer-1.jpg
4tololo.ru/themes/custom/tololo/dist/img/ 		121 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4tololo.ru/themes/custom/tololo/dist/img/footer-1.jpg
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/sites/default/files/css/css_X2LLRTVRNhLYHh4iithq2K9NEmVYTfDQOq7wgh4A3fU.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
c19512985ab2852f2e78c8d1b59a136d2e68df855c4acb2ef97e32aef33b5b27
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/sites/default/files/css/css_X2LLRTVRNhLYHh4iithq2K9NEmVYTfDQOq7wgh4A3fU.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:08 GMT
strict-transport-security
max-age=7200
last-modified
Fri, 24 Jan 2020 15:17:13 GMT
server
nginx
x-content-options
nosniff
etag
"5e2b0a79-1e41d"
x-frame-options
ALLOW
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
123933
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 21:49:08 GMT
Lato-Bold.woff2
4tololo.ru/themes/custom/tololo/dist/fonts/lato3/ 		181 KB
181 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://4tololo.ru/themes/custom/tololo/dist/fonts/lato3/Lato-Bold.woff2
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/sites/default/files/css/css_X2LLRTVRNhLYHh4iithq2K9NEmVYTfDQOq7wgh4A3fU.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
ae88fc0d7a961832f809527d30bd3983a6866d42f66a56ade23f543681594db6
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

Referer
https://4tololo.ru/sites/default/files/css/css_X2LLRTVRNhLYHh4iithq2K9NEmVYTfDQOq7wgh4A3fU.css
Origin
https://4tololo.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:08 GMT
strict-transport-security
max-age=7200
last-modified
Fri, 24 Jan 2020 15:17:13 GMT
server
nginx
x-content-options
nosniff
etag
"5e2b0a79-2d250"
x-frame-options
ALLOW
content-type
application/octet-stream
cache-control
max-age=2592000
accept-ranges
bytes
content-length
184912
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 21:49:08 GMT
Lato-Heavy.woff2
4tololo.ru/themes/custom/tololo/dist/fonts/lato3/ 		180 KB
181 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://4tololo.ru/themes/custom/tololo/dist/fonts/lato3/Lato-Heavy.woff2
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/sites/default/files/css/css_X2LLRTVRNhLYHh4iithq2K9NEmVYTfDQOq7wgh4A3fU.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
ceec41468f0cc73c37dcb60899bc324965bd9bedb9bab20685507c21b6262d67
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

Referer
https://4tololo.ru/sites/default/files/css/css_X2LLRTVRNhLYHh4iithq2K9NEmVYTfDQOq7wgh4A3fU.css
Origin
https://4tololo.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:08 GMT
strict-transport-security
max-age=7200
last-modified
Fri, 24 Jan 2020 15:17:13 GMT
server
nginx
x-content-options
nosniff
etag
"5e2b0a79-2d0c8"
x-frame-options
ALLOW
content-type
application/octet-stream
cache-control
max-age=2592000
accept-ranges
bytes
content-length
184520
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 21:49:08 GMT
Lato-Semibold.woff2
4tololo.ru/themes/custom/tololo/dist/fonts/lato3/ 		180 KB
180 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://4tololo.ru/themes/custom/tololo/dist/fonts/lato3/Lato-Semibold.woff2
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/sites/default/files/css/css_X2LLRTVRNhLYHh4iithq2K9NEmVYTfDQOq7wgh4A3fU.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
30f77a5ff0bcba46d4e760b0c939a5ff112da0d3ddd13a261834134e00cc21c7
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

Referer
https://4tololo.ru/sites/default/files/css/css_X2LLRTVRNhLYHh4iithq2K9NEmVYTfDQOq7wgh4A3fU.css
Origin
https://4tololo.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:08 GMT
strict-transport-security
max-age=7200
last-modified
Fri, 24 Jan 2020 15:17:13 GMT
server
nginx
x-content-options
nosniff
etag
"5e2b0a79-2cf0c"
x-frame-options
ALLOW
content-type
application/octet-stream
cache-control
max-age=2592000
accept-ranges
bytes
content-length
184076
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 21:49:08 GMT
Lato-Regular.woff2
4tololo.ru/themes/custom/tololo/dist/fonts/lato3/ 		178 KB
179 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://4tololo.ru/themes/custom/tololo/dist/fonts/lato3/Lato-Regular.woff2
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/sites/default/files/css/css_X2LLRTVRNhLYHh4iithq2K9NEmVYTfDQOq7wgh4A3fU.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

Referer
https://4tololo.ru/sites/default/files/css/css_X2LLRTVRNhLYHh4iithq2K9NEmVYTfDQOq7wgh4A3fU.css
Origin
https://4tololo.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:08 GMT
strict-transport-security
max-age=7200
last-modified
Fri, 24 Jan 2020 15:17:13 GMT
server
nginx
x-content-options
nosniff
etag
"5e2b0a79-2c9b4"
x-frame-options
ALLOW
content-type
application/octet-stream
cache-control
max-age=2592000
accept-ranges
bytes
content-length
182708
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 21:49:08 GMT
Lato-Black.woff2
4tololo.ru/themes/custom/tololo/dist/fonts/lato3/ 		173 KB
173 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://4tololo.ru/themes/custom/tololo/dist/fonts/lato3/Lato-Black.woff2
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/sites/default/files/css/css_X2LLRTVRNhLYHh4iithq2K9NEmVYTfDQOq7wgh4A3fU.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
34bb46634d07ac579411823eb39fac1376b012257460066a98b95075d086ccdd
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

Referer
https://4tololo.ru/sites/default/files/css/css_X2LLRTVRNhLYHh4iithq2K9NEmVYTfDQOq7wgh4A3fU.css
Origin
https://4tololo.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:08 GMT
strict-transport-security
max-age=7200
last-modified
Fri, 24 Jan 2020 15:17:13 GMT
server
nginx
x-content-options
nosniff
etag
"5e2b0a79-2b26c"
x-frame-options
ALLOW
content-type
application/octet-stream
cache-control
max-age=2592000
accept-ranges
bytes
content-length
176748
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 21:49:08 GMT
%D0%B0%D0%B5%D0%BD%D0%B3.jpg
4tololo.ru/sites/default/files/styles/front_big/public/field_image/2023-10/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4tololo.ru/sites/default/files/styles/front_big/public/field_image/2023-10/%D0%B0%D0%B5%D0%BD%D0%B3.jpg?itok=u6ucYuZD
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
c75548a34018774de06a82fc11628242bf0abb2ca3f350f7220bf4c0b82faef0
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:08 GMT
strict-transport-security
max-age=7200
last-modified
Thu, 19 Oct 2023 13:48:13 GMT
server
nginx
x-content-options
nosniff
etag
"6531339d-9af6"
x-frame-options
ALLOW
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
39670
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 21:49:08 GMT
%D0%B5%D0%BD%D0%BA%D0%B3.jpg
4tololo.ru/sites/default/files/styles/article/public/field_image/2023-10/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4tololo.ru/sites/default/files/styles/article/public/field_image/2023-10/%D0%B5%D0%BD%D0%BA%D0%B3.jpg?itok=cYi-9LeR
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
71a0d18d95b49ffe6ceca17fc64859a9c94358f7d81659e0b3b5bf237cdbfc96
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:08 GMT
strict-transport-security
max-age=7200
last-modified
Thu, 19 Oct 2023 13:48:13 GMT
server
nginx
x-content-options
nosniff
etag
"6531339d-939c"
x-frame-options
ALLOW
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
37788
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 21:49:08 GMT
stestyyu.jpg
4tololo.ru/sites/default/files/styles/article/public/field_image/2023-10/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4tololo.ru/sites/default/files/styles/article/public/field_image/2023-10/stestyyu.jpg?itok=vRC2MyB9
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
6a52978302611c8fcf9de986db6a414213c23d998b80b62ffa3b3768cfe6a20a
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:08 GMT
strict-transport-security
max-age=7200
last-modified
Thu, 19 Oct 2023 09:54:59 GMT
server
nginx
x-content-options
nosniff
etag
"6530fcf3-a2fc"
x-frame-options
ALLOW
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
41724
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 21:49:08 GMT
fugj.jpg
4tololo.ru/sites/default/files/styles/article/public/field_image/2023-10/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4tololo.ru/sites/default/files/styles/article/public/field_image/2023-10/fugj.jpg?itok=u9RKLSeO
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
1a95a608ba33508a860440a08c70c6c4065ce79f0199c3c07ff218004ea4cf03
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:08 GMT
strict-transport-security
max-age=7200
last-modified
Wed, 18 Oct 2023 16:45:42 GMT
server
nginx
x-content-options
nosniff
etag
"65300bb6-909f"
x-frame-options
ALLOW
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
37023
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 21:49:08 GMT
%D0%B5%D0%BD%D0%B5%D0%B3.jpg
4tololo.ru/sites/default/files/styles/article/public/field_image/2023-10/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4tololo.ru/sites/default/files/styles/article/public/field_image/2023-10/%D0%B5%D0%BD%D0%B5%D0%B3.jpg?itok=irafOc_-
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
b89d9ae9b3168e0f275ae93a9e6ba9eaae0c4a106a88246f6fcd10844a99824c
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:08 GMT
strict-transport-security
max-age=7200
last-modified
Wed, 18 Oct 2023 14:32:54 GMT
server
nginx
x-content-options
nosniff
etag
"652fec96-d35a"
x-frame-options
ALLOW
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
54106
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 21:49:08 GMT
%D0%B2%D0%B2%D0%B5%D0%BD%D0%BA%D0%B5.jpg
4tololo.ru/sites/default/files/styles/article/public/field_image/2023-10/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4tololo.ru/sites/default/files/styles/article/public/field_image/2023-10/%D0%B2%D0%B2%D0%B5%D0%BD%D0%BA%D0%B5.jpg?itok=Cq0-XAdX
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
8872bcc5eb4d39eebe08dbe05647363b8bb3519789e2eeac5990a53fb97c605f
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:08 GMT
strict-transport-security
max-age=7200
last-modified
Wed, 18 Oct 2023 13:29:09 GMT
server
nginx
x-content-options
nosniff
etag
"652fdda5-7931"
x-frame-options
ALLOW
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
31025
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 21:49:08 GMT
stresy.jpg
4tololo.ru/sites/default/files/styles/article/public/field_image/2023-10/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4tololo.ru/sites/default/files/styles/article/public/field_image/2023-10/stresy.jpg?itok=yDEAaSUq
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
11ecb3cae0694606919341ed14d1d1532fd4e76febb0c68b1208de6b31be218b
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:08 GMT
strict-transport-security
max-age=7200
last-modified
Wed, 18 Oct 2023 12:10:06 GMT
server
nginx
x-content-options
nosniff
etag
"652fcb1e-b90e"
x-frame-options
ALLOW
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
47374
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 21:49:08 GMT
gyu.jpg
4tololo.ru/sites/default/files/styles/article/public/field_image/2023-10/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4tololo.ru/sites/default/files/styles/article/public/field_image/2023-10/gyu.jpg?itok=Lkwgn--L
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
805ca6df446fc74390ed22fe6b14a8ea44b2472c72d41e6c7bd499eeaced42c5
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:08 GMT
strict-transport-security
max-age=7200
last-modified
Wed, 18 Oct 2023 12:10:06 GMT
server
nginx
x-content-options
nosniff
etag
"652fcb1e-88b4"
x-frame-options
ALLOW
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
34996
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 21:49:08 GMT
19-10-2023-6894654164.jpg
4tololo.ru/sites/default/files/styles/article/public/field_image/2023-10/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4tololo.ru/sites/default/files/styles/article/public/field_image/2023-10/19-10-2023-6894654164.jpg?itok=jyJse2Gi
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
d59614b4f04a4a8ad293aab74677751e8c80bfa8b0c2c31db485975fcf09f7ff
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:08 GMT
strict-transport-security
max-age=7200
last-modified
Thu, 19 Oct 2023 12:02:15 GMT
server
nginx
x-content-options
nosniff
etag
"65311ac7-bb77"
x-frame-options
ALLOW
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
47991
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 21:49:08 GMT
dtdudryuf.jpg
4tololo.ru/sites/default/files/styles/article/public/field_image/2023-10/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4tololo.ru/sites/default/files/styles/article/public/field_image/2023-10/dtdudryuf.jpg?itok=NLLW4LwT
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
fc88593dfd65838e75a1ff2ce09649f34e8b5f0d6182fb1cf7d38422e53c5886
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:08 GMT
strict-transport-security
max-age=7200
last-modified
Tue, 17 Oct 2023 13:37:18 GMT
server
nginx
x-content-options
nosniff
etag
"652e8e0e-8e7d"
x-frame-options
ALLOW
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
36477
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 21:49:08 GMT
18-10-2023-84964616651.jpg
4tololo.ru/sites/default/files/styles/article/public/field_image/2023-10/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4tololo.ru/sites/default/files/styles/article/public/field_image/2023-10/18-10-2023-84964616651.jpg?itok=xq5JE3UF
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
d0ff679aa9afa786356beec82df6b4ce3c643eb4eabe8c5b2bbd39d68e08c9d8
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:08 GMT
strict-transport-security
max-age=7200
last-modified
Wed, 18 Oct 2023 02:03:23 GMT
server
nginx
x-content-options
nosniff
etag
"652f3ceb-df51"
x-frame-options
ALLOW
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
57169
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 21:49:08 GMT
%D0%B0%D0%BD%D0%B2%D0%B5%D0%B3.jpg
4tololo.ru/sites/default/files/styles/article/public/field_image/2023-10/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4tololo.ru/sites/default/files/styles/article/public/field_image/2023-10/%D0%B0%D0%BD%D0%B2%D0%B5%D0%B3.jpg?itok=XQTTVDMB
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
c00572e5b8ab0753b737003123d461a5491da326c68b44fc503a86efe6711149
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:08 GMT
strict-transport-security
max-age=7200
last-modified
Tue, 17 Oct 2023 11:23:36 GMT
server
nginx
x-content-options
nosniff
etag
"652e6eb8-b684"
x-frame-options
ALLOW
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
46724
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 21:49:08 GMT
%D0%B2%D0%B0%D0%BA%D0%BD%D0%BA%D1%83%D0%B3%D0%BD%D0%BA%D0%B2.jpg
4tololo.ru/sites/default/files/styles/article/public/field_image/2023-10/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4tololo.ru/sites/default/files/styles/article/public/field_image/2023-10/%D0%B2%D0%B0%D0%BA%D0%BD%D0%BA%D1%83%D0%B3%D0%BD%D0%BA%D0%B2.jpg?itok=zyGsLaqx
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
12b436c4c168ad503c940012629f3e086d46cd6e133c008ab225d8b4106573fa
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:08 GMT
strict-transport-security
max-age=7200
last-modified
Tue, 17 Oct 2023 10:02:20 GMT
server
nginx
x-content-options
nosniff
etag
"652e5bac-8858"
x-frame-options
ALLOW
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
34904
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 21:49:08 GMT
watch.js
mc.yandex.ru/metrika/ 		153 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
0e1c16d3cae2100df54387b68b7b46631255e3cdcf29a4ac1deaa3a20fa292cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Oct 2023 14:14:23 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"652fe83f-d892"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
55442
expires
Thu, 19 Oct 2023 22:49:09 GMT
js_hmTtH5pLKQBjSBQImXKpIlG4dxPfN5bbWtc85bRdk8U.js
4tololo.ru/sites/default/files/js/ 		383 KB
383 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://4tololo.ru/sites/default/files/js/js_hmTtH5pLKQBjSBQImXKpIlG4dxPfN5bbWtc85bRdk8U.js
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
8664ed1f9a4b2900634814089972a92251b87713df3796db5ad73ce5b45d93c5
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:08 GMT
strict-transport-security
max-age=7200
last-modified
Wed, 14 Sep 2022 11:13:58 GMT
server
nginx
x-content-options
nosniff
etag
"6321b776-5fad5"
x-frame-options
ALLOW
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
391893
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 21:49:08 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-29554680-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 19 Oct 2023 19:51:33 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
7055
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 19 Oct 2023 21:51:33 GMT
collect
www.google-analytics.com/j/ 		1 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=30019862&t=pageview&_s=1&dl=https%3A%2F%2F4tololo.ru%2F&ul=en-us&de=UTF-8&dt=%D0%A3%D0%BC%D0%BA%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1350422320&gjid=1346074882&cid=1201430437.1697752149&tid=UA-29554680-1&_gid=1299665407.1697752149&_r=1&gtm=457e3ai0&jsscut=1&z=1340604097
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://4tololo.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 21:49:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://4tololo.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
counter
top-fwz1.mail.ru/ 		43 B
910 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/counter?js=13;id=2470745;u=https%3A//4tololo.ru/;title=%D0%A3%D0%BC%D0%BA%D1%80%D0%B0;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=ca50d1abbda8b125;ver=60.3.0;tz=-120%2FEurope%2FBerlin;ni=10//4g/0/0/;lvid=1697752149109%3A1697752149124%3A1%3Aaef5ca2c964b4688020a2f95ef862e71;opts=dl%2Cjst-gtag-ga;visible=true;_=0.5380452416644259
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://4tololo.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 19 Oct 2023 21:49:09 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
https://4tololo.ru
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://4tololo.ru
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
https://4tololo.ru
access-control-allow-headers
*
lazysizes.min.js
4tololo.ru/libraries/lazysizes/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://4tololo.ru/libraries/lazysizes/lazysizes.min.js
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/sites/default/files/js/js_hmTtH5pLKQBjSBQImXKpIlG4dxPfN5bbWtc85bRdk8U.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
6e61be2f374a0122510025578940baf7ef8dbbcaf3ecc5f5535cfc81bd1cfd39
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:09 GMT
strict-transport-security
max-age=7200
last-modified
Mon, 24 May 2021 09:08:37 GMT
server
nginx
x-content-options
nosniff
etag
"60ab6d15-1ed1"
x-frame-options
ALLOW
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7889
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 21:49:09 GMT
statistics.php
4tololo.ru/core/modules/statistics/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4tololo.ru/core/modules/statistics/statistics.php
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/sites/default/files/js/js_hmTtH5pLKQBjSBQImXKpIlG4dxPfN5bbWtc85bRdk8U.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://4tololo.ru/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 19 Oct 2023 21:49:09 GMT
strict-transport-security
max-age=7200
content-encoding
gzip
x-content-options
nosniff
server
nginx
x-frame-options
ALLOW
content-type
text/html; charset=UTF-8
x-xss-protection
1; mode=block
1.svg
4tololo.ru/themes/custom/tololo/dist/img/header-images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4tololo.ru/themes/custom/tololo/dist/img/header-images/1.svg
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/sites/default/files/css/css_X2LLRTVRNhLYHh4iithq2K9NEmVYTfDQOq7wgh4A3fU.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
323e97a21aadcf01347deb4b73abb6ad9adc23ec3f9306555d804ff8b5a65c55
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/sites/default/files/css/css_X2LLRTVRNhLYHh4iithq2K9NEmVYTfDQOq7wgh4A3fU.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:09 GMT
strict-transport-security
max-age=7200
last-modified
Sat, 07 Nov 2020 20:10:32 GMT
server
nginx
x-content-options
nosniff
etag
"5fa6ff38-e77"
x-frame-options
ALLOW
content-type
image/svg+xml
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3703
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 21:49:09 GMT
%D0%B5%D0%BD%D0%BA%D0%B3.jpg
4tololo.ru/sites/default/files/styles/front_small/public/field_image/2023-10/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4tololo.ru/sites/default/files/styles/front_small/public/field_image/2023-10/%D0%B5%D0%BD%D0%BA%D0%B3.jpg?itok=LphRkb_G
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
71a0d18d95b49ffe6ceca17fc64859a9c94358f7d81659e0b3b5bf237cdbfc96
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:09 GMT
strict-transport-security
max-age=7200
last-modified
Thu, 19 Oct 2023 13:48:14 GMT
server
nginx
x-content-options
nosniff
etag
"6531339e-939c"
x-frame-options
ALLOW
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
37788
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 21:49:09 GMT
stestyyu.jpg
4tololo.ru/sites/default/files/styles/front_small/public/field_image/2023-10/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4tololo.ru/sites/default/files/styles/front_small/public/field_image/2023-10/stestyyu.jpg?itok=6squm93h
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
6a52978302611c8fcf9de986db6a414213c23d998b80b62ffa3b3768cfe6a20a
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:09 GMT
strict-transport-security
max-age=7200
last-modified
Thu, 19 Oct 2023 13:48:14 GMT
server
nginx
x-content-options
nosniff
etag
"6531339e-a2fc"
x-frame-options
ALLOW
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
41724
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 21:49:09 GMT
fugj.jpg
4tololo.ru/sites/default/files/styles/front_small/public/field_image/2023-10/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4tololo.ru/sites/default/files/styles/front_small/public/field_image/2023-10/fugj.jpg?itok=4Q4spHTw
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
1a95a608ba33508a860440a08c70c6c4065ce79f0199c3c07ff218004ea4cf03
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:09 GMT
strict-transport-security
max-age=7200
last-modified
Wed, 18 Oct 2023 16:45:42 GMT
server
nginx
x-content-options
nosniff
etag
"65300bb6-909f"
x-frame-options
ALLOW
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
37023
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 21:49:09 GMT
%D0%B5%D0%BD%D0%B5%D0%B3.jpg
4tololo.ru/sites/default/files/styles/inpaeg_small/public/field_image/2023-10/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4tololo.ru/sites/default/files/styles/inpaeg_small/public/field_image/2023-10/%D0%B5%D0%BD%D0%B5%D0%B3.jpg?itok=agaAhYNH
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
b89d9ae9b3168e0f275ae93a9e6ba9eaae0c4a106a88246f6fcd10844a99824c
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:09 GMT
strict-transport-security
max-age=7200
last-modified
Wed, 18 Oct 2023 22:26:27 GMT
server
nginx
x-content-options
nosniff
etag
"65305b93-d35a"
x-frame-options
ALLOW
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
54106
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 21:49:09 GMT
%D0%B2%D0%B2%D0%B5%D0%BD%D0%BA%D0%B5.jpg
4tololo.ru/sites/default/files/styles/front_small/public/field_image/2023-10/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4tololo.ru/sites/default/files/styles/front_small/public/field_image/2023-10/%D0%B2%D0%B2%D0%B5%D0%BD%D0%BA%D0%B5.jpg?itok=WC78Gjbg
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
8872bcc5eb4d39eebe08dbe05647363b8bb3519789e2eeac5990a53fb97c605f
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:09 GMT
strict-transport-security
max-age=7200
last-modified
Wed, 18 Oct 2023 13:29:11 GMT
server
nginx
x-content-options
nosniff
etag
"652fdda7-7931"
x-frame-options
ALLOW
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
31025
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 21:49:09 GMT
stresy.jpg
4tololo.ru/sites/default/files/styles/front_big/public/field_image/2023-10/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4tololo.ru/sites/default/files/styles/front_big/public/field_image/2023-10/stresy.jpg?itok=XXoy2qWr
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
11ecb3cae0694606919341ed14d1d1532fd4e76febb0c68b1208de6b31be218b
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:09 GMT
strict-transport-security
max-age=7200
last-modified
Wed, 18 Oct 2023 11:14:39 GMT
server
nginx
x-content-options
nosniff
etag
"652fbe1f-b90e"
x-frame-options
ALLOW
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
47374
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 21:49:09 GMT
gyu.jpg
4tololo.ru/sites/default/files/styles/front_small/public/field_image/2023-10/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4tololo.ru/sites/default/files/styles/front_small/public/field_image/2023-10/gyu.jpg?itok=aFgDugd_
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
805ca6df446fc74390ed22fe6b14a8ea44b2472c72d41e6c7bd499eeaced42c5
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:09 GMT
strict-transport-security
max-age=7200
last-modified
Wed, 18 Oct 2023 12:10:08 GMT
server
nginx
x-content-options
nosniff
etag
"652fcb20-88b4"
x-frame-options
ALLOW
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
34996
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 21:49:09 GMT
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10161.aYWZ7q0YPGgfSoluLUsZpyHvv4Thq1dTp1GTELOqeR5MixCTCb4B67RaQoYzsZQ7.N5eFOPdTM0RCA5HYSqP_npg5ZaA%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10161.BRMow8E0Jkx149iDlP5shvIvpb2keI-Ydh2hUWvOolDnUusAf9xSmAp8FqCGNa434LCw6kCb3BlQ3bt9oD7jaoWXf_eVg8W_rOEdquhIjaw-_grFaqmtKN4gEXachbfP20wQ16y1hc...
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10161.V4k893v2UIg6FBLN6Xvc1K8jnNP69O1oOi_7DUY__QHokstFbiKDNz73RnYtQHfzN8HdrUXgY7LnQTd6rJXSr8tpkOyS5ij0oBzmE4eXgQcPc...
43 B
585 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10161.V4k893v2UIg6FBLN6Xvc1K8jnNP69O1oOi_7DUY__QHokstFbiKDNz73RnYtQHfzN8HdrUXgY7LnQTd6rJXSr8tpkOyS5ij0oBzmE4eXgQcPc_LgBIl6t7W4lrb5E-bvEEVwKwLtvRXaoEqFlp7Zkr1Trfhp44gddwumH5M1Nv5xESrrFiIIhLJmjttU03DWGlexCDn92RU6h3sKAUKfDw%2C%2C.x7ocfK3vWfot6hsKhoZJLgsbvkY%2C
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Server
2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:09 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10161.V4k893v2UIg6FBLN6Xvc1K8jnNP69O1oOi_7DUY__QHokstFbiKDNz73RnYtQHfzN8HdrUXgY7LnQTd6rJXSr8tpkOyS5ij0oBzmE4eXgQcPc_LgBIl6t7W4lrb5E-bvEEVwKwLtvRXaoEqFlp7Zkr1Trfhp44gddwumH5M1Nv5xESrrFiIIhLJmjttU03DWGlexCDn92RU6h3sKAUKfDw%2C%2C.x7ocfK3vWfot6hsKhoZJLgsbvkY%2C
date
Thu, 19 Oct 2023 21:49:09 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:09 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Oct 2023 14:14:23 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"652fe83f-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 19 Oct 2023 22:49:09 GMT
dtdudryuf.jpg
4tololo.ru/sites/default/files/styles/front_small/public/field_image/2023-10/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4tololo.ru/sites/default/files/styles/front_small/public/field_image/2023-10/dtdudryuf.jpg?itok=6wlOlVuu
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
fc88593dfd65838e75a1ff2ce09649f34e8b5f0d6182fb1cf7d38422e53c5886
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:09 GMT
strict-transport-security
max-age=7200
last-modified
Tue, 17 Oct 2023 14:06:23 GMT
server
nginx
x-content-options
nosniff
etag
"652e94df-8e7d"
x-frame-options
ALLOW
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
36477
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 21:49:09 GMT
19-10-2023-6894654164.jpg
4tololo.ru/sites/default/files/styles/front_big/public/field_image/2023-10/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4tololo.ru/sites/default/files/styles/front_big/public/field_image/2023-10/19-10-2023-6894654164.jpg?itok=VOeVKnD3
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.192.249 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
d59614b4f04a4a8ad293aab74677751e8c80bfa8b0c2c31db485975fcf09f7ff
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:09 GMT
strict-transport-security
max-age=7200
last-modified
Thu, 19 Oct 2023 12:02:18 GMT
server
nginx
x-content-options
nosniff
etag
"65311aca-bb77"
x-frame-options
ALLOW
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
47991
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 21:49:09 GMT
tracker
top-fwz1.mail.ru/ 		43 B
911 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/tracker?js=13;id=2470745;u=https%3A//4tololo.ru/;st=1697752149139;title=%D0%A3%D0%BC%D0%BA%D1%80%D0%B0;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=ca50d1abbda8b125;ver=60.3.0;tz=-120%2FEurope%2FBerlin;nt=0/0/1697752148281/////310/311/311/311/387/347/387/459/479/462/858/858/874/1168/1168/1168;ni=10//4g/0/0/;lvid=1697752149109%3A1697752149450%3A2%3Aaef5ca2c964b4688020a2f95ef862e71;opts=dl%2Cjst-gtag-ga;visible=true;_=0.2892978205158343;e=RT/load;et=1697752149449
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://4tololo.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 19 Oct 2023 21:49:09 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
https://4tololo.ru
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://4tololo.ru
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
https://4tololo.ru
access-control-allow-headers
*
1
mc.yandex.com/watch/12884488/
Redirect Chain
  • https://mc.yandex.com/watch/12884488?wmode=7&page-url=https%3A%2F%2F4tololo.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afl86jx5xzg2bypmh9uy7rmj%3Afp%3A645%3Afu%3A0%3Aen%3Autf-8%3A...
  • https://mc.yandex.com/watch/12884488/1?wmode=7&page-url=https%3A%2F%2F4tololo.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afl86jx5xzg2bypmh9uy7rmj%3Afp%3A645%3Afu%3A0%3Aen%3Autf-8%...
455 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/12884488/1?wmode=7&page-url=https%3A%2F%2F4tololo.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afl86jx5xzg2bypmh9uy7rmj%3Afp%3A645%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1140%3Acn%3A1%3Adp%3A0%3Als%3A1168869389100%3Ahid%3A694670399%3Az%3A120%3Ai%3A20231019234909%3Aet%3A1697752149%3Ac%3A1%3Arn%3A664374470%3Arqn%3A1%3Au%3A1697752149228820523%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C75%2C72%2C20%2C310%2C0%2C%2C380%2C16%2C%2C%2C%2C858%3Aco%3A0%3Acpf%3A1%3Ans%3A1697752148281%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697752149%3At%3A%D0%A3%D0%BC%D0%BA%D1%80%D0%B0&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Protocol
H2
Server
2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
436d27a5169c77439197b79ba02c8a727d1d43a9b30e222a9aa4afab80575502
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 21:49:09 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 19-Oct-2023 21:49:09 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://4tololo.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
455
x-xss-protection
1; mode=block
expires
Thu, 19-Oct-2023 21:49:09 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 21:49:09 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 19-Oct-2023 21:49:09 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/12884488/1?wmode=7&page-url=https%3A%2F%2F4tololo.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afl86jx5xzg2bypmh9uy7rmj%3Afp%3A645%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1140%3Acn%3A1%3Adp%3A0%3Als%3A1168869389100%3Ahid%3A694670399%3Az%3A120%3Ai%3A20231019234909%3Aet%3A1697752149%3Ac%3A1%3Arn%3A664374470%3Arqn%3A1%3Au%3A1697752149228820523%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C75%2C72%2C20%2C310%2C0%2C%2C380%2C16%2C%2C%2C%2C858%3Aco%3A0%3Acpf%3A1%3Ans%3A1697752148281%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697752149%3At%3A%D0%A3%D0%BC%D0%BA%D1%80%D0%B0&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
https://4tololo.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 19-Oct-2023 21:49:09 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/sites/default/files/js/js_hmTtH5pLKQBjSBQImXKpIlG4dxPfN5bbWtc85bRdk8U.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e222284f01efb7647313f19306b06298d1822a1e71d3ae581e28a02c8723b90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51063
x-xss-protection
0
server
cafe
etag
1985050699233470835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 21:49:10 GMT
context.js
an.yandex.ru/system/ 		317 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/system/context.js
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/sites/default/files/js/js_hmTtH5pLKQBjSBQImXKpIlG4dxPfN5bbWtc85bRdk8U.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
35ee55d2cf2beec9327c27b2077694f8733157e8689b7ae6b4fdafc002a0099c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
x-yandex-req-id
1697752150180110-298496284740244826000187-production-app-host-vla-pcode-171
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Thu, 19 Oct 2023 22:49:10 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/ 		394 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7424662054767848&plah=4tololo.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f5a18e2a7f0e1e9f1d6107e4c6b16b319a0460a9ae37579749d91044436dedd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137107
x-xss-protection
0
server
cafe
etag
9013182936323813853
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 21:49:10 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/ Frame DA73 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4tololo.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
13554
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 18:03:16 GMT
etag
2603938475786422795
expires
Thu, 02 Nov 2023 18:03:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		387 B
601 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=4tololo.ru&callback=_gfp_s_&client=ca-pub-7424662054767848
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7424662054767848&plah=4tololo.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3028c6d05b5c57845302147d5ca4711cf60a30007e1aeaf298e860898a15fd2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6710 		96 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&h=380&slotname=1654143314&adk=2108178227&adf=734059082&pi=t.ma~as.1654143314&w=282&lmt=1697725531&rafmt=12&format=282x380&url=https%3A%2F%2F4tololo.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150238&bpp=3&bdt=1494&idt=93&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=8540510458808&frm=20&pv=2&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=259&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=50tbEraktt&p=https%3A//4tololo.ru&dtd=108
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7424662054767848&plah=4tololo.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19c7f2d67ca62d27bde1b4233524e1dd5949774be7a5af671de8b556b1944da5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4tololo.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
39875
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 21:49:10 GMT
expires
Thu, 19 Oct 2023 21:49:10 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231011&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7424662054767848&plah=4tololo.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a27d3d374379be8a16b7f67de1a1029c675a4af71dab1ce5b1a6f07eefc6d1fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12243
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5E13 		156 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&h=280&slotname=5535879205&adk=1225749&adf=284215673&pi=t.ma~as.5535879205&w=1170&fwrn=4&fwrnh=100&lmt=1697725531&rafmt=1&format=1170x280&url=https%3A%2F%2F4tololo.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150241&bpp=1&bdt=1498&idt=111&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=282x380&correlator=8540510458808&frm=20&pv=1&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1047&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NmsOMMM6Xp&p=https%3A//4tololo.ru&dtd=113
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7424662054767848&plah=4tololo.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
588de651d2498f6a5b694293426a4a3c9ee3ccecae5a1cb58dfa4db2c333eae1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4tololo.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
44933
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 21:49:10 GMT
expires
Thu, 19 Oct 2023 21:49:10 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 991E 		35 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&h=380&slotname=1654143314&adk=2108178227&adf=2953393628&pi=t.ma~as.1654143314&w=282&lmt=1697725531&rafmt=12&format=282x380&url=https%3A%2F%2F4tololo.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150242&bpp=1&bdt=1498&idt=117&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=282x380%2C1170x280&correlator=8540510458808&frm=20&pv=1&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=807&ady=1735&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JjVH5NzWaW&p=https%3A//4tololo.ru&dtd=121
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7424662054767848&plah=4tololo.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2314aefe8cadb9bce4f1c7f72f3c7c1751ad09796e1208e90be216cc3ca3219f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4tololo.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
14534
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 21:49:10 GMT
expires
Thu, 19 Oct 2023 21:49:10 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 65D8 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&adk=1812271804&adf=3025194257&lmt=1697725531&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l%7C188x810_r&format=0x0&url=https%3A%2F%2F4tololo.ru%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150255&bpp=1&bdt=1512&idt=110&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=282x380%2C1170x280%2C282x380&nras=1&correlator=8540510458808&frm=20&pv=1&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=118
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7424662054767848&plah=4tololo.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4tololo.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 21:49:10 GMT
expires
Thu, 19 Oct 2023 21:49:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
8a46ccea8ce2bc14c8e9.js
yastatic.net/partner-code-bundles/892191/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/892191/8a46ccea8ce2bc14c8e9.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
ee9ee08d78a0c74c94ecca87475dfeafe7ca418a17e01a36e98736d2868b80fe
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://4tololo.ru/
Origin
https://4tololo.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:10 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4772
last-modified
Wed, 18 Oct 2023 15:48:56 GMT
server
nginx/1.17.9
etag
"d78e387b2636c4808f5bc4d5dc9b70b1"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sun, 19 Oct 2053 04:25:10 GMT
cd28c5a5ae3f93579493.js
yastatic.net/partner-code-bundles/892191/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/892191/cd28c5a5ae3f93579493.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
019c6fe6538b30be914f190a9c5b376e4cc530d6ab0617ed3a65c0fb2d25adf1
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://4tololo.ru/
Origin
https://4tololo.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:10 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
7948
last-modified
Wed, 18 Oct 2023 15:48:57 GMT
server
nginx/1.17.9
etag
"8c5fa8491e645a37f20393663e58a54e"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sun, 19 Oct 2053 04:25:10 GMT
f0c0cdbf9fe31054cbe7.js
yastatic.net/partner-code-bundles/892191/ 		122 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/892191/f0c0cdbf9fe31054cbe7.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
134646d03c6f0a7a2f36e62430dfe285608ec209c43890bbeddfecb9e2c3f6c0
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://4tololo.ru/
Origin
https://4tololo.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:10 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
26595
last-modified
Wed, 18 Oct 2023 15:48:57 GMT
server
nginx/1.17.9
etag
"844307a1eca2cc1a3251ee8624f12415"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sun, 19 Oct 2053 04:25:10 GMT
host.js
yastatic.net/safeframe-bundles/0.83/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://4tololo.ru/
Origin
https://4tololo.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:10 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8878
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
server
nginx/1.17.9
etag
"f80882bf67cf261aa08d636da095149a"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sun, 19 Oct 2053 04:21:27 GMT
text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://4tololo.ru/
Origin
https://4tololo.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:10 GMT
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
26004
x-amz-meta-owner
{"role":"admin","login":"4eb0da"}
last-modified
Mon, 25 Apr 2022 14:02:39 GMT
server
nginx/1.17.9
etag
"7f0cdaf91230f9789ca4162aedff612e"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31556952
x-nginx-request-id
a8c8a58ff46b40dd
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Oct 2024 03:34:39 GMT
3466776af939677d6f22.js
yastatic.net/partner-code-bundles/892191/ 		59 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/892191/3466776af939677d6f22.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
d9496355ec345a1d220893aede0340e4ff1b21bf49212dbb25e2f5e258481d48
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://4tololo.ru/
Origin
https://4tololo.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:10 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
14820
last-modified
Wed, 18 Oct 2023 15:48:56 GMT
server
nginx/1.17.9
etag
"5c1f82d2fa194e576341041df2fbbcea"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sun, 19 Oct 2053 04:25:10 GMT
3187e87a054a8ccc8b64.js
yastatic.net/partner-code-bundles/892191/ 		606 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/892191/3187e87a054a8ccc8b64.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
36fcff274a1eb1736e5091e8b63be085d92fb6afcef9ce842dc19f10a7a34b27
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://4tololo.ru/
Origin
https://4tololo.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:10 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
119343
last-modified
Wed, 18 Oct 2023 15:48:56 GMT
server
nginx/1.17.9
etag
"5d8dc8a26270ad08e796a677e329f803"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sun, 19 Oct 2053 04:25:10 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7424662054767848&plah=4tololo.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 21:49:10 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BC6F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4tololo.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4776
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 20:29:34 GMT
expires
Fri, 18 Oct 2024 20:29:34 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BD4B 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1d155a02467f118cf934a79fd22f70794ad15c49fefa23dfefe1f00e2a0648a2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rkCNmYaWeqR_OAdmVlR75g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://4tololo.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-rkCNmYaWeqR_OAdmVlR75g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 21:49:10 GMT
expires
Thu, 19 Oct 2023 21:49:10 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
pagead2.googlesyndication.com/bg/ Frame BC6F 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 09:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
44950
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14648
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Oct 2024 09:20:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame BD4B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231011&jk=2042773842920898&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame BC6F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?4M_ZMQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:10 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
css
fonts.googleapis.com/ Frame 5E13 		2 KB
975 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&h=280&slotname=5535879205&adk=1225749&adf=284215673&pi=t.ma~as.5535879205&w=1170&fwrn=4&fwrnh=100&lmt=1697725531&rafmt=1&format=1170x280&url=https%3A%2F%2F4tololo.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150241&bpp=1&bdt=1498&idt=111&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=282x380&correlator=8540510458808&frm=20&pv=1&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1047&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NmsOMMM6Xp&p=https%3A//4tololo.ru&dtd=113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 19 Oct 2023 21:49:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 20:40:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 19 Oct 2023 21:49:10 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 5E13 		2 KB
825 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&h=280&slotname=5535879205&adk=1225749&adf=284215673&pi=t.ma~as.5535879205&w=1170&fwrn=4&fwrnh=100&lmt=1697725531&rafmt=1&format=1170x280&url=https%3A%2F%2F4tololo.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150241&bpp=1&bdt=1498&idt=111&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=282x380&correlator=8540510458808&frm=20&pv=1&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1047&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NmsOMMM6Xp&p=https%3A//4tololo.ru&dtd=113
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:00:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
13703
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
798
x-xss-protection
0
server
cafe
etag
15713038447858168282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:00:47 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame 5E13 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&h=280&slotname=5535879205&adk=1225749&adf=284215673&pi=t.ma~as.5535879205&w=1170&fwrn=4&fwrnh=100&lmt=1697725531&rafmt=1&format=1170x280&url=https%3A%2F%2F4tololo.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150241&bpp=1&bdt=1498&idt=111&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=282x380&correlator=8540510458808&frm=20&pv=1&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1047&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NmsOMMM6Xp&p=https%3A//4tololo.ru&dtd=113
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:00:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
13703
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9137
x-xss-protection
0
server
cafe
etag
5200559654007170660
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:00:47 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 5E13 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&h=280&slotname=5535879205&adk=1225749&adf=284215673&pi=t.ma~as.5535879205&w=1170&fwrn=4&fwrnh=100&lmt=1697725531&rafmt=1&format=1170x280&url=https%3A%2F%2F4tololo.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150241&bpp=1&bdt=1498&idt=111&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=282x380&correlator=8540510458808&frm=20&pv=1&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1047&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NmsOMMM6Xp&p=https%3A//4tololo.ru&dtd=113
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 20:16:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
5558
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 20:16:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 5E13 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&h=280&slotname=5535879205&adk=1225749&adf=284215673&pi=t.ma~as.5535879205&w=1170&fwrn=4&fwrnh=100&lmt=1697725531&rafmt=1&format=1170x280&url=https%3A%2F%2F4tololo.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150241&bpp=1&bdt=1498&idt=111&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=282x380&correlator=8540510458808&frm=20&pv=1&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1047&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NmsOMMM6Xp&p=https%3A//4tololo.ru&dtd=113
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:00:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
13703
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8427
x-xss-protection
0
server
cafe
etag
8504628880869859743
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:00:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5E13 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&h=280&slotname=5535879205&adk=1225749&adf=284215673&pi=t.ma~as.5535879205&w=1170&fwrn=4&fwrnh=100&lmt=1697725531&rafmt=1&format=1170x280&url=https%3A%2F%2F4tololo.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150241&bpp=1&bdt=1498&idt=111&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=282x380&correlator=8540510458808&frm=20&pv=1&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1047&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NmsOMMM6Xp&p=https%3A//4tololo.ru&dtd=113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 21:49:10 GMT
ccbada329de78be299cbea1a52c9a584.js
www.gstatic.com/mysidia/ Frame 5E13 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&h=280&slotname=5535879205&adk=1225749&adf=284215673&pi=t.ma~as.5535879205&w=1170&fwrn=4&fwrnh=100&lmt=1697725531&rafmt=1&format=1170x280&url=https%3A%2F%2F4tololo.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150241&bpp=1&bdt=1498&idt=111&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=282x380&correlator=8540510458808&frm=20&pv=1&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1047&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NmsOMMM6Xp&p=https%3A//4tololo.ru&dtd=113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 09:30:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
389945
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14787
x-xss-protection
0
last-modified
Thu, 12 Oct 2023 21:09:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 13 Jan 2024 09:30:05 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 5E13 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTDkk4fBmPuu0J95bCBXL6XvE_IYmms7lhqmGQjssL6KGUPoN6ze2jNiY02ipQ&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&h=280&slotname=5535879205&adk=1225749&adf=284215673&pi=t.ma~as.5535879205&w=1170&fwrn=4&fwrnh=100&lmt=1697725531&rafmt=1&format=1170x280&url=https%3A%2F%2F4tololo.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150241&bpp=1&bdt=1498&idt=111&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=282x380&correlator=8540510458808&frm=20&pv=1&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1047&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NmsOMMM6Xp&p=https%3A//4tololo.ru&dtd=113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
412d897fb78ee670014a69bcd21786ba7aef0ab99fdfb4c57ca481111bddff6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 06:36:23 GMT
x-content-type-options
nosniff
age
54767
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15080
x-xss-protection
0
last-modified
Tue, 06 Feb 2024 03:30:51 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 18 Oct 2024 06:36:23 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 5E13 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcScjXNwC4PL5o-_U1os3fhNYlGTTf0EhHaGp5WmpfHVwbNbwBSTLqyRScDB1tY&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&h=280&slotname=5535879205&adk=1225749&adf=284215673&pi=t.ma~as.5535879205&w=1170&fwrn=4&fwrnh=100&lmt=1697725531&rafmt=1&format=1170x280&url=https%3A%2F%2F4tololo.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150241&bpp=1&bdt=1498&idt=111&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=282x380&correlator=8540510458808&frm=20&pv=1&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1047&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NmsOMMM6Xp&p=https%3A//4tololo.ru&dtd=113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e5be4246d8ea296e833f91202baf97ed113e87d4a055f907e6c4019db2a1778
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 06:47:43 GMT
x-content-type-options
nosniff
age
54087
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18674
x-xss-protection
0
last-modified
Thu, 04 Apr 2024 13:12:28 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 18 Oct 2024 06:47:43 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 5E13 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcS9yswxKodmn7klWRSnnqCmimgMwLEplWK_9LyqmeQAniDVPwQH_q3Wz1TL-ME&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&h=280&slotname=5535879205&adk=1225749&adf=284215673&pi=t.ma~as.5535879205&w=1170&fwrn=4&fwrnh=100&lmt=1697725531&rafmt=1&format=1170x280&url=https%3A%2F%2F4tololo.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150241&bpp=1&bdt=1498&idt=111&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=282x380&correlator=8540510458808&frm=20&pv=1&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1047&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NmsOMMM6Xp&p=https%3A//4tololo.ru&dtd=113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c856015b720b5a9ae6a6c9cd3ec4fce3811dbda6f2a94040e0be40f0d86794be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 04:47:37 GMT
x-content-type-options
nosniff
age
61293
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28847
x-xss-protection
0
last-modified
Sun, 16 Apr 2023 09:02:17 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 18 Oct 2024 04:47:37 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 5E13 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRrlyjwIv-jfE50pmJj_c9MgPUH9KxV25J9QcWHxgDoBaAVIRlLdGTehGUgnA&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&h=280&slotname=5535879205&adk=1225749&adf=284215673&pi=t.ma~as.5535879205&w=1170&fwrn=4&fwrnh=100&lmt=1697725531&rafmt=1&format=1170x280&url=https%3A%2F%2F4tololo.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150241&bpp=1&bdt=1498&idt=111&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=282x380&correlator=8540510458808&frm=20&pv=1&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1047&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NmsOMMM6Xp&p=https%3A//4tololo.ru&dtd=113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
018db845ee4d3f511188dd6d06020e112a456d43372fa838eb95493f431e95fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 06:34:37 GMT
x-content-type-options
nosniff
age
54873
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18823
x-xss-protection
0
last-modified
Thu, 18 Apr 2024 07:05:36 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 18 Oct 2024 06:34:37 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 5E13 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQSnjCRAh3_Yq4jSnv3tMYjQObK2v2LpnurtLkId3YZADrzI3GTgThe5Z5dSg&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&h=280&slotname=5535879205&adk=1225749&adf=284215673&pi=t.ma~as.5535879205&w=1170&fwrn=4&fwrnh=100&lmt=1697725531&rafmt=1&format=1170x280&url=https%3A%2F%2F4tololo.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150241&bpp=1&bdt=1498&idt=111&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=282x380&correlator=8540510458808&frm=20&pv=1&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1047&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NmsOMMM6Xp&p=https%3A//4tololo.ru&dtd=113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b9e97b7b496481f27c9ba78ff383bd8d6d8c5aa1e6cef318712a3df179a4808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 06:21:48 GMT
x-content-type-options
nosniff
age
55642
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14680
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 22:05:02 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 18 Oct 2024 06:21:48 GMT
3995853839924061625
tpc.googlesyndication.com/simgad/ Frame 5E13
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCat6zDHxCwCRiwCTIIZ7MB4_P2Swc
  • https://tpc.googlesyndication.com/simgad/3995853839924061625
77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3995853839924061625
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&h=280&slotname=5535879205&adk=1225749&adf=284215673&pi=t.ma~as.5535879205&w=1170&fwrn=4&fwrnh=100&lmt=1697725531&rafmt=1&format=1170x280&url=https%3A%2F%2F4tololo.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150241&bpp=1&bdt=1498&idt=111&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=282x380&correlator=8540510458808&frm=20&pv=1&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1047&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NmsOMMM6Xp&p=https%3A//4tololo.ru&dtd=113
Protocol
H3
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 07:44:21 GMT
x-content-type-options
nosniff
age
482689
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79088
x-xss-protection
0
last-modified
Mon, 24 Apr 2023 17:15:20 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 13 Oct 2024 07:44:21 GMT

Redirect headers

date
Thu, 19 Oct 2023 20:25:22 GMT
x-content-type-options
nosniff
server
cafe
age
5028
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/3995853839924061625
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 18 Nov 2023 20:25:22 GMT
truncated
/ Frame 5E13 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f5700c81c700b92dcb54d32a8dcd13de7ed6297bb7af15824c9e38b59122950

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 991E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&h=380&slotname=1654143314&adk=2108178227&adf=2953393628&pi=t.ma~as.1654143314&w=282&lmt=1697725531&rafmt=12&format=282x380&url=https%3A%2F%2F4tololo.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150242&bpp=1&bdt=1498&idt=117&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=282x380%2C1170x280&correlator=8540510458808&frm=20&pv=1&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=807&ady=1735&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JjVH5NzWaW&p=https%3A//4tololo.ru&dtd=121
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 20:16:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
5558
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 20:16:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 991E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&h=380&slotname=1654143314&adk=2108178227&adf=2953393628&pi=t.ma~as.1654143314&w=282&lmt=1697725531&rafmt=12&format=282x380&url=https%3A%2F%2F4tololo.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150242&bpp=1&bdt=1498&idt=117&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=282x380%2C1170x280&correlator=8540510458808&frm=20&pv=1&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=807&ady=1735&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JjVH5NzWaW&p=https%3A//4tololo.ru&dtd=121
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:00:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
13703
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8427
x-xss-protection
0
server
cafe
etag
8504628880869859743
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:00:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 991E 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&h=380&slotname=1654143314&adk=2108178227&adf=2953393628&pi=t.ma~as.1654143314&w=282&lmt=1697725531&rafmt=12&format=282x380&url=https%3A%2F%2F4tololo.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150242&bpp=1&bdt=1498&idt=117&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=282x380%2C1170x280&correlator=8540510458808&frm=20&pv=1&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=807&ady=1735&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JjVH5NzWaW&p=https%3A//4tololo.ru&dtd=121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 21:49:10 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 9BAD 		179 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTGkVgAG4zwGrSSeAAon0EFhl-wBpp-v3aQoRA&u=%7Ch2Cr%2FRrnfqNA397T7ueW1ti45ADfZGZ%2BPsQWKJQORXs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zsDj_AdT_XRm-gw4ApAJ6bK5jLqYF-isHLmauRz-AfeYAK_8pRbphREHTY4N3DEDJmtaikHttQPZi_p3lVS3vPIlJGHTPT0PjcF2GNcq29WriY4t2wz4mBG0-oYxi2e8ywjOkhVKHButq94n5bUADZy7vX6xj9-6jDLvVRoUnX2bAebGhtrq_sRj-n3vH8CpUisw0J4Qc9qtX4zHdzhUvuZuW6rQhGRiqp6fViKjGsaBORnyoOutOY_JrEp0ZzWjhMhVTz7KuzkCFVPUYF6WLLvaG9f68LpMv74pWS7JAu7Si9W79EdrVU09tKBewBhZa9O73lc9On7_g8oIeqFl2t7nW6y1AGjCDs2vDnObD0Z73Cq9wpCz6rzs8TsWCBXXTOMy1Mi51koFls5ZNYWrs0dYcriNGtlVu_9TeeX8mkV5SlSq6_CzQKpnQSLbJlRJQDfWn7P4eELT_PD7djmH5LuPKyMOgq_dki1J02csUIBGO_m7r6UeQeE4x18h0s1vDdEfs03pva9KZW3JJ1CNZMiXVZ69nKo2GzrVkf-e20eS08BZlBF16ZgB1CtcEaEDGw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4KKCVqQxZbzGG57JtOUP0M-o0AbJntKxXM3x4t2IAcCNtwEQASAAYJWSroK0B4IBF2NhLXB1Yi03NDI0NjYyMDU0NzY3ODQ4yAEJqQJFXLiirsexPqgDAcgDAqoE1wFP0MM1OX8w9Px117MR15fA2y54Y7Nes4wDzZLn3Qu7CjkKa39-Ej6tOoIfIDdiVX16hX6uHnTe2yF89odTbARN8ZbqqFLfN7Lk3_OKfe-h_avxOwf9TWt6G3Bq2VdGTqQCFTR_j3YcdlxQ9mRzr4JqQwnm_mjs142iC5SVNV8xHYwpsqONjM1KcIccSHVA_REvjdYw3McV0Nlq7nIGmu_YrsoZ9QsQYiXvzZlPrjdLUCeGaWzFiYnF2th5s8ypPRmtvZvGEf8AzcdaSowUNNsyXr1OH0gfYoAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1L--r92rsDJWl0F2E2C2-skrz5Eg%26client%3Dca-pub-7424662054767848%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&h=380&slotname=1654143314&adk=2108178227&adf=2953393628&pi=t.ma~as.1654143314&w=282&lmt=1697725531&rafmt=12&format=282x380&url=https%3A%2F%2F4tololo.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150242&bpp=1&bdt=1498&idt=117&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=282x380%2C1170x280&correlator=8540510458808&frm=20&pv=1&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=807&ady=1735&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JjVH5NzWaW&p=https%3A//4tololo.ru&dtd=121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
95211153599c70da791ef1bdc5c946c6c8cec2dbd9994e3ae8520d6cd1ee158a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 21:49:10 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=gWKdZk4A_2_RT2MV4c5yegupmRARuiusI_ta40X0BQXvatr3uh9xA9ZZmbTt26sPBad5v3M-vAtXQF_uYRCpD4MVsMxCP1DDiweNllJuoMo1exJmU2RV2ZYWJeDhafQF1ncdY-2s_eBou9KNAGvQmUiQzfbhqq5FFntoHzS_vkDh42Lsso8z51U8Xc-2jlS9GgpOw4lc2jCOSxqwexf7PamZdaSPjGDNWRTjA7VjdKo9xaS4BsmhiwgK_OU"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
57402795
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
truncated
/ Frame 991E 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
722c1e8d4bf851ae06a1447bd4cdec3deb3a52a0b7beda3a3d76f4330c921840

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 5E13 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:55:59 GMT
x-content-type-options
nosniff
age
10391
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Oct 2024 18:55:59 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 5E13
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C0CatVqQxZdbfFqLa7_UPj4WPsA2804vJc8D1sb3aEfiulODLRRABIIymniFglZKugrQHoAGhwJjxKMgBCagDAcgDywSqBO0BT9BGZclcknB8_9I5QwyhTEgVSuqgwojOEC9VZ4w43hSOovv...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221107617684845621327%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%2225...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221107617684845621327%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2210-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215080402996012907905%22}&andc=true
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:11 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"1107617684845621327","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"4":["10-19"],"6":["true"]},"priority":"500","source_event_id":"15080402996012907905"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 19 Oct 2023 21:49:11 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 19 Oct 2023 21:49:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"1107617684845621327","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"4":["10-19"],"6":["true"]},"priority":"500","source_event_id":"15080402996012907905"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6FC6 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMihxfQDEOGQ6cYEGNqdjewBMAE&v=APEucNVVfITd6AS5MKwbISWBZKCkjXo3agjdYJIGeGo3fZnxUt4Gblk_2UeZaIEqON1NlcA81jzr78hs4qsLGqu3v5Wd3KM3YjzDQJ12MmX4HUa4qLOEIkcu3c1SL-ulbxRBci0SjtHxZx3RZ89wnjD9ul5tUHsRC36avx6j1GqqicrAgATo7Tw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&h=380&slotname=1654143314&adk=2108178227&adf=734059082&pi=t.ma~as.1654143314&w=282&lmt=1697725531&rafmt=12&format=282x380&url=https%3A%2F%2F4tololo.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150238&bpp=3&bdt=1494&idt=93&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=8540510458808&frm=20&pv=2&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=259&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=50tbEraktt&p=https%3A//4tololo.ru&dtd=108
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&h=380&slotname=1654143314&adk=2108178227&adf=734059082&pi=t.ma~as.1654143314&w=282&lmt=1697725531&rafmt=12&format=282x380&url=https%3A%2F%2F4tololo.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150238&bpp=3&bdt=1494&idt=93&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=8540510458808&frm=20&pv=2&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=259&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=50tbEraktt&p=https%3A//4tololo.ru&dtd=108
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 21:49:10 GMT
expires
Thu, 19 Oct 2023 21:49:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame 45A8 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:04:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
13469
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9137
x-xss-protection
0
server
cafe
etag
5200559654007170660
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:04:41 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/ Frame 45A8 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:04:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
13469
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:04:41 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 45A8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvCZ9un_TgtzODD42OQ-elDvuaRwFYC_IVHG7ONsSznb10jvr0IP9tHcdAf91ouNo9R7hXFZYQDU4BV2w_etGDPu3a1ehcg1F7z2EwdrnnSEUUfu41Rdv1bQstCiqGing0sP6TBo-92M4RX9v_q64NL7sFC6z8VAYusVgTu0cs5aer9lh2X3sGNg1B9llMSnd8TObgL1_TS3H4sxt7KW1NTsIdxsRNdkvSIDKKXLVuUaDsVZo-d9FXVIUZO__JnmRb4pUOjZXfyYuYdHyFTAMbBKbmJeJf73oehsdL1SS_QXa1bAQNxCyrhC8W7KS6MkQ0spmNEv0esYwIVIiXEOYFMixgagGvL3aD34P-l-ftsZu6IWUDvT1IpUGfa6Qavs1YBjOPdTPAiNYPDlAUSJcerHor-o8SVf0DwDD9R3GD1Z0PNQVgmu7MV7lFQtrk8PxAs6ZuLVyZoNSV0y3KnclkXIHNKNdPnv22y_79-mCpBbWei44gDMZyQDf2v-T35oY7lkFg2VGHjncybVnI49vYaTvqFBXaCdjby2mpChfEVeCMuzSvXnaihCZnaoeC8fbsvpLYsyQoBE5WzTD61CQcTERfa3seJw8OJJPfxIJ9x9iwDAVbf5ahN0poTtb734BhNAHAws3ZuBvv7LMl0KpPd1ODufr6NDx3hlp-RqBtj0CfvoXyA2EsJO9mU1RgFGBPsUe7bY1Gr2spTZOm5mHF2w-1cFSQCCOEHGfZASpZvT4VwzL3-l2z3BvNU9L4NYiaZO9WyMy_Q-Br0TKltq_02SucniBudfBXzLuZHlM_glB66Y8z3ulWJ_VY9klcd2COEXtIJNfM2xuZkMCTDM-fgryO6LnZlepldBSp6DEC6Ht-6zVmYquCrEcAwVO13xQebczpnojf1Ix7_Ah0xsd-HKPcwC8MYX5wkMp18cuvASKQxc9nPwQyxjKI_8LZPLnI_RIQbUCqVMAZZTWjpGh8ubThIk4pa-MqfhVd0EY1tjZqQ9Tf3TybGf13wsIETBG4q3E5wD93rBJmlTI4ZGfms1zgKCOQL0MH_8uOWg97Uq__BVu1K4qYx88ZYcURS5Qwla2lY-Mtsl1U7_vFiHkDAoB8EzKpn4bxggWtdVDrxzbx-cV6UxUnZNzipk30cg2FXHj6Za38hBR0-iVzyCdKSiCuIAGpU6IhdquK254cU5AvVG_ESpaQyOzCe4O6d7ZRpiauqeOBNTEEEBdwm_Qn5GBtvCkCg-LzXkpdopDnJeDcMMOo-orU7-5GrN-xkiGjmBNTN7QYcESzvbP_03U0I0MTYeBiKnUaf4N4bcns&sai=AMfl-YTlPa15bWGeDYkdgSC7jbHOp6r9eJox14f49Xk8nlYj8NUIaYMwnipm37A6OiFxuiMoZBxii4U9KOf0IB9pP5KdXZJL0jonyEOzT-Z3DGPbWDaJzZJIaTUYL-GU3943mkFsAp6YLym-bLGQPzneeRlo46WYysxw2lCA161mEqsUgbbsgAoRnvQypOgrr8EWQ6nfBPqWFie7jBc8KfgMyMf1oPwdtMSdkZrysNYLKuvDVB6ODjyrC6s2cZ1OZD0jpON3uPhSGnK1KTSuqF1Jnl9RDzrnug4ZOOq31iChlgkkDMmlf9_309G3u44v2yBQ-dbyg-C8xwg952eonlzmH048HrnjyOtpN1Tu7RpkuFFTJCyZX0hqUr4fY7hCvsGpNxcreqHQuZ8RNQyoQjFag9-d6zlVmdfACf1MOX2tdOWQDX7TAkLlu0FJAnqEvrFelCKlXyKKxqMMYeq4Ipm-GSB1AyTRDNYw6_WQBja_&sig=Cg0ArKJSzM-IugQNaM2qEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231017.12718&arae=0&ftch=1&adurl=
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 19 Oct 2023 21:49:10 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 19 Oct 2023 21:49:10 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 45A8 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 18:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
99987
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 18:02:43 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 45A8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&h=380&slotname=1654143314&adk=2108178227&adf=734059082&pi=t.ma~as.1654143314&w=282&lmt=1697725531&rafmt=12&format=282x380&url=https%3A%2F%2F4tololo.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150238&bpp=3&bdt=1494&idt=93&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=8540510458808&frm=20&pv=2&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=259&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=50tbEraktt&p=https%3A//4tololo.ru&dtd=108
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 20:16:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
5558
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 20:16:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 45A8 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&h=380&slotname=1654143314&adk=2108178227&adf=734059082&pi=t.ma~as.1654143314&w=282&lmt=1697725531&rafmt=12&format=282x380&url=https%3A%2F%2F4tololo.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150238&bpp=3&bdt=1494&idt=93&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=8540510458808&frm=20&pv=2&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=259&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=50tbEraktt&p=https%3A//4tololo.ru&dtd=108
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:00:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
13703
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8427
x-xss-protection
0
server
cafe
etag
8504628880869859743
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:00:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 45A8 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&h=380&slotname=1654143314&adk=2108178227&adf=734059082&pi=t.ma~as.1654143314&w=282&lmt=1697725531&rafmt=12&format=282x380&url=https%3A%2F%2F4tololo.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150238&bpp=3&bdt=1494&idt=93&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=8540510458808&frm=20&pv=2&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=259&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=50tbEraktt&p=https%3A//4tololo.ru&dtd=108
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 21:49:10 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 45A8 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AGvHwisn7LMJ2TBt7aCQcqPCa0OlKoEgjZAzg8YeNRIVBBKUyAn8Nvg__vboJsTJZ6b_tFeY48TJXjzuVVNZBRKqUxF9AtOEow6YIBmlhg9u379qU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&h=380&slotname=1654143314&adk=2108178227&adf=734059082&pi=t.ma~as.1654143314&w=282&lmt=1697725531&rafmt=12&format=282x380&url=https%3A%2F%2F4tololo.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150238&bpp=3&bdt=1494&idt=93&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=8540510458808&frm=20&pv=2&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=259&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=50tbEraktt&p=https%3A//4tololo.ru&dtd=108
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 21:49:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
8859571141892352099
s0.2mdn.net/simgad/ Frame 45A8 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/8859571141892352099
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&h=380&slotname=1654143314&adk=2108178227&adf=734059082&pi=t.ma~as.1654143314&w=282&lmt=1697725531&rafmt=12&format=282x380&url=https%3A%2F%2F4tololo.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150238&bpp=3&bdt=1494&idt=93&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=8540510458808&frm=20&pv=2&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=259&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=50tbEraktt&p=https%3A//4tololo.ru&dtd=108
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127309f8ddb62d43fb00072df114a3a8d571dc696837cf0a497b530bc46af50d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 07:17:56 GMT
x-content-type-options
nosniff
age
484274
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42102
x-xss-protection
0
last-modified
Tue, 30 May 2023 12:26:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 13 Oct 2024 07:17:56 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 991E 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CxkzlVqQxZbzGG57JtOUP0M-o0AbJntKxXM3x4t2IAcCNtwEQASAAYJWSroK0B4IBF2NhLXB1Yi03NDI0NjYyMDU0NzY3ODQ4yAEJqQJFXLiirsexPqgDAcgDAqoE1AFP0MM1OX8w9Px117MR15fA2y54Y7Nes4wDzZLn3Qu7CjkKa39-Ej6tOoIfIDdiVX16hX6uHnTe2yF89odTbARN8ZbqqFLfN7Lk3_OKfe-h_avxOwf9TWt6G3Bq2VdGTqQCFTR_j3YcdlxQ9mRzr4JqQwnm_mjs142iC5SVNV8xHYwpsqONjM1KcIccSHVA_REvjdYw3McV0Nlq7nIGmu_YrsoZ9QsQYiXvzZlPrjcJUgYU6f8VtC8V_QL1kyUNMz6nC5HoCX20Bfr8uDMKGMOqlClu9oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03NDI0NjYyMDU0NzY3ODQ4GAA&sigh=_gYez6DxjIc&uach_m=[UACH]&cid=CAQSSwDICaaNkIKvoc2itOQOXdZNq1OYs8UqAa2Q4T3E5QEE54kIx7gU5H1Lkp1dvxSWFowbT7iU9mjs8wQTwCcdYHzLDxDHiY3040jDxBgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&h=380&slotname=1654143314&adk=2108178227&adf=2953393628&pi=t.ma~as.1654143314&w=282&lmt=1697725531&rafmt=12&format=282x380&url=https%3A%2F%2F4tololo.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150242&bpp=1&bdt=1498&idt=117&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=282x380%2C1170x280&correlator=8540510458808&frm=20&pv=1&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=807&ady=1735&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JjVH5NzWaW&p=https%3A//4tololo.ru&dtd=121
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&h=380&slotname=1654143314&adk=2108178227&adf=2953393628&pi=t.ma~as.1654143314&w=282&lmt=1697725531&rafmt=12&format=282x380&url=https%3A%2F%2F4tololo.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150242&bpp=1&bdt=1498&idt=117&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=282x380%2C1170x280&correlator=8540510458808&frm=20&pv=1&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=807&ady=1735&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JjVH5NzWaW&p=https%3A//4tololo.ru&dtd=121
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 19 Oct 2023 21:49:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 19 Oct 2023 21:49:10 GMT
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 991E 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EMz6RJoC_AKdg2ICAgAAALW8C3sSyLSYEFakMWWcNTOHN4WFiUBMAAASAAAKCkFRVUJBUUVCQVE&wp=ZTGkVgAG4zwGrSSeAAon0EFhl-wBpp-v3aQoRA&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&h=380&slotname=1654143314&adk=2108178227&adf=2953393628&pi=t.ma~as.1654143314&w=282&lmt=1697725531&rafmt=12&format=282x380&url=https%3A%2F%2F4tololo.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150242&bpp=1&bdt=1498&idt=117&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=282x380%2C1170x280&correlator=8540510458808&frm=20&pv=1&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=807&ady=1735&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JjVH5NzWaW&p=https%3A//4tololo.ru&dtd=121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:10 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
157134
server
Kestrel
content-length
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame 9BAD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTGkVgAG4zwGrSSeAAon0EFhl-wBpp-v3aQoRA&u=%7Ch2Cr%2FRrnfqNA397T7ueW1ti45ADfZGZ%2BPsQWKJQORXs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zsDj_AdT_XRm-gw4ApAJ6bK5jLqYF-isHLmauRz-AfeYAK_8pRbphREHTY4N3DEDJmtaikHttQPZi_p3lVS3vPIlJGHTPT0PjcF2GNcq29WriY4t2wz4mBG0-oYxi2e8ywjOkhVKHButq94n5bUADZy7vX6xj9-6jDLvVRoUnX2bAebGhtrq_sRj-n3vH8CpUisw0J4Qc9qtX4zHdzhUvuZuW6rQhGRiqp6fViKjGsaBORnyoOutOY_JrEp0ZzWjhMhVTz7KuzkCFVPUYF6WLLvaG9f68LpMv74pWS7JAu7Si9W79EdrVU09tKBewBhZa9O73lc9On7_g8oIeqFl2t7nW6y1AGjCDs2vDnObD0Z73Cq9wpCz6rzs8TsWCBXXTOMy1Mi51koFls5ZNYWrs0dYcriNGtlVu_9TeeX8mkV5SlSq6_CzQKpnQSLbJlRJQDfWn7P4eELT_PD7djmH5LuPKyMOgq_dki1J02csUIBGO_m7r6UeQeE4x18h0s1vDdEfs03pva9KZW3JJ1CNZMiXVZ69nKo2GzrVkf-e20eS08BZlBF16ZgB1CtcEaEDGw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4KKCVqQxZbzGG57JtOUP0M-o0AbJntKxXM3x4t2IAcCNtwEQASAAYJWSroK0B4IBF2NhLXB1Yi03NDI0NjYyMDU0NzY3ODQ4yAEJqQJFXLiirsexPqgDAcgDAqoE1wFP0MM1OX8w9Px117MR15fA2y54Y7Nes4wDzZLn3Qu7CjkKa39-Ej6tOoIfIDdiVX16hX6uHnTe2yF89odTbARN8ZbqqFLfN7Lk3_OKfe-h_avxOwf9TWt6G3Bq2VdGTqQCFTR_j3YcdlxQ9mRzr4JqQwnm_mjs142iC5SVNV8xHYwpsqONjM1KcIccSHVA_REvjdYw3McV0Nlq7nIGmu_YrsoZ9QsQYiXvzZlPrjdLUCeGaWzFiYnF2th5s8ypPRmtvZvGEf8AzcdaSowUNNsyXr1OH0gfYoAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1L--r92rsDJWl0F2E2C2-skrz5Eg%26client%3Dca-pub-7424662054767848%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 13 Oct 2024 21:49:10 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 9BAD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTGkVgAG4zwGrSSeAAon0EFhl-wBpp-v3aQoRA&u=%7Ch2Cr%2FRrnfqNA397T7ueW1ti45ADfZGZ%2BPsQWKJQORXs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zsDj_AdT_XRm-gw4ApAJ6bK5jLqYF-isHLmauRz-AfeYAK_8pRbphREHTY4N3DEDJmtaikHttQPZi_p3lVS3vPIlJGHTPT0PjcF2GNcq29WriY4t2wz4mBG0-oYxi2e8ywjOkhVKHButq94n5bUADZy7vX6xj9-6jDLvVRoUnX2bAebGhtrq_sRj-n3vH8CpUisw0J4Qc9qtX4zHdzhUvuZuW6rQhGRiqp6fViKjGsaBORnyoOutOY_JrEp0ZzWjhMhVTz7KuzkCFVPUYF6WLLvaG9f68LpMv74pWS7JAu7Si9W79EdrVU09tKBewBhZa9O73lc9On7_g8oIeqFl2t7nW6y1AGjCDs2vDnObD0Z73Cq9wpCz6rzs8TsWCBXXTOMy1Mi51koFls5ZNYWrs0dYcriNGtlVu_9TeeX8mkV5SlSq6_CzQKpnQSLbJlRJQDfWn7P4eELT_PD7djmH5LuPKyMOgq_dki1J02csUIBGO_m7r6UeQeE4x18h0s1vDdEfs03pva9KZW3JJ1CNZMiXVZ69nKo2GzrVkf-e20eS08BZlBF16ZgB1CtcEaEDGw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4KKCVqQxZbzGG57JtOUP0M-o0AbJntKxXM3x4t2IAcCNtwEQASAAYJWSroK0B4IBF2NhLXB1Yi03NDI0NjYyMDU0NzY3ODQ4yAEJqQJFXLiirsexPqgDAcgDAqoE1wFP0MM1OX8w9Px117MR15fA2y54Y7Nes4wDzZLn3Qu7CjkKa39-Ej6tOoIfIDdiVX16hX6uHnTe2yF89odTbARN8ZbqqFLfN7Lk3_OKfe-h_avxOwf9TWt6G3Bq2VdGTqQCFTR_j3YcdlxQ9mRzr4JqQwnm_mjs142iC5SVNV8xHYwpsqONjM1KcIccSHVA_REvjdYw3McV0Nlq7nIGmu_YrsoZ9QsQYiXvzZlPrjdLUCeGaWzFiYnF2th5s8ypPRmtvZvGEf8AzcdaSowUNNsyXr1OH0gfYoAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1L--r92rsDJWl0F2E2C2-skrz5Eg%26client%3Dca-pub-7424662054767848%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 13 Oct 2024 21:49:10 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 9BAD 		308 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTGkVgAG4zwGrSSeAAon0EFhl-wBpp-v3aQoRA&u=%7Ch2Cr%2FRrnfqNA397T7ueW1ti45ADfZGZ%2BPsQWKJQORXs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zsDj_AdT_XRm-gw4ApAJ6bK5jLqYF-isHLmauRz-AfeYAK_8pRbphREHTY4N3DEDJmtaikHttQPZi_p3lVS3vPIlJGHTPT0PjcF2GNcq29WriY4t2wz4mBG0-oYxi2e8ywjOkhVKHButq94n5bUADZy7vX6xj9-6jDLvVRoUnX2bAebGhtrq_sRj-n3vH8CpUisw0J4Qc9qtX4zHdzhUvuZuW6rQhGRiqp6fViKjGsaBORnyoOutOY_JrEp0ZzWjhMhVTz7KuzkCFVPUYF6WLLvaG9f68LpMv74pWS7JAu7Si9W79EdrVU09tKBewBhZa9O73lc9On7_g8oIeqFl2t7nW6y1AGjCDs2vDnObD0Z73Cq9wpCz6rzs8TsWCBXXTOMy1Mi51koFls5ZNYWrs0dYcriNGtlVu_9TeeX8mkV5SlSq6_CzQKpnQSLbJlRJQDfWn7P4eELT_PD7djmH5LuPKyMOgq_dki1J02csUIBGO_m7r6UeQeE4x18h0s1vDdEfs03pva9KZW3JJ1CNZMiXVZ69nKo2GzrVkf-e20eS08BZlBF16ZgB1CtcEaEDGw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4KKCVqQxZbzGG57JtOUP0M-o0AbJntKxXM3x4t2IAcCNtwEQASAAYJWSroK0B4IBF2NhLXB1Yi03NDI0NjYyMDU0NzY3ODQ4yAEJqQJFXLiirsexPqgDAcgDAqoE1wFP0MM1OX8w9Px117MR15fA2y54Y7Nes4wDzZLn3Qu7CjkKa39-Ej6tOoIfIDdiVX16hX6uHnTe2yF89odTbARN8ZbqqFLfN7Lk3_OKfe-h_avxOwf9TWt6G3Bq2VdGTqQCFTR_j3YcdlxQ9mRzr4JqQwnm_mjs142iC5SVNV8xHYwpsqONjM1KcIccSHVA_REvjdYw3McV0Nlq7nIGmu_YrsoZ9QsQYiXvzZlPrjdLUCeGaWzFiYnF2th5s8ypPRmtvZvGEf8AzcdaSowUNNsyXr1OH0gfYoAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1L--r92rsDJWl0F2E2C2-skrz5Eg%26client%3Dca-pub-7424662054767848%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 13 Oct 2024 21:49:10 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 9BAD 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTGkVgAG4zwGrSSeAAon0EFhl-wBpp-v3aQoRA&u=%7Ch2Cr%2FRrnfqNA397T7ueW1ti45ADfZGZ%2BPsQWKJQORXs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zsDj_AdT_XRm-gw4ApAJ6bK5jLqYF-isHLmauRz-AfeYAK_8pRbphREHTY4N3DEDJmtaikHttQPZi_p3lVS3vPIlJGHTPT0PjcF2GNcq29WriY4t2wz4mBG0-oYxi2e8ywjOkhVKHButq94n5bUADZy7vX6xj9-6jDLvVRoUnX2bAebGhtrq_sRj-n3vH8CpUisw0J4Qc9qtX4zHdzhUvuZuW6rQhGRiqp6fViKjGsaBORnyoOutOY_JrEp0ZzWjhMhVTz7KuzkCFVPUYF6WLLvaG9f68LpMv74pWS7JAu7Si9W79EdrVU09tKBewBhZa9O73lc9On7_g8oIeqFl2t7nW6y1AGjCDs2vDnObD0Z73Cq9wpCz6rzs8TsWCBXXTOMy1Mi51koFls5ZNYWrs0dYcriNGtlVu_9TeeX8mkV5SlSq6_CzQKpnQSLbJlRJQDfWn7P4eELT_PD7djmH5LuPKyMOgq_dki1J02csUIBGO_m7r6UeQeE4x18h0s1vDdEfs03pva9KZW3JJ1CNZMiXVZ69nKo2GzrVkf-e20eS08BZlBF16ZgB1CtcEaEDGw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4KKCVqQxZbzGG57JtOUP0M-o0AbJntKxXM3x4t2IAcCNtwEQASAAYJWSroK0B4IBF2NhLXB1Yi03NDI0NjYyMDU0NzY3ODQ4yAEJqQJFXLiirsexPqgDAcgDAqoE1wFP0MM1OX8w9Px117MR15fA2y54Y7Nes4wDzZLn3Qu7CjkKa39-Ej6tOoIfIDdiVX16hX6uHnTe2yF89odTbARN8ZbqqFLfN7Lk3_OKfe-h_avxOwf9TWt6G3Bq2VdGTqQCFTR_j3YcdlxQ9mRzr4JqQwnm_mjs142iC5SVNV8xHYwpsqONjM1KcIccSHVA_REvjdYw3McV0Nlq7nIGmu_YrsoZ9QsQYiXvzZlPrjdLUCeGaWzFiYnF2th5s8ypPRmtvZvGEf8AzcdaSowUNNsyXr1OH0gfYoAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1L--r92rsDJWl0F2E2C2-skrz5Eg%26client%3Dca-pub-7424662054767848%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 13 Oct 2024 21:49:10 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 9BAD 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=1NOZL1pK7UNOzZVT8RZfYtdX4rC4O3Q6eTvsGb2DfX8P-il9o_mDYefhT5iz6NZKQTqMUzvxnOH5ZRsP1H8BEFvBe_kyk6S7kwSkRTPXIzOeOwIjJ6QJqUQEmeMsUJlFmivi_no_s7wZMtqbkPn8_WmDk1PvD8KTmx472YFyfFaZQzI7AsMRYTe8aa83Vo1u81cDiVM0eyo7Qt18wW1ITDktUkDNBAsPGqygmS0jhudxCsADBJkcr-GvbjVW26zHlvPdKSvQO3iu2pWTpxnEVz_dswifQfKwkvahAZZW2MXRu1PVOm4lyneigX4JOP60adkBu8juFO737TYZNt9NKajNvadMGslWnJuCwqOWMb6pKrODw_kVdeBDZVpPnWcfG1g5bfOiWDgnYFGNrIxcoa41TTK2WSYMRsFYG_E1-OXoBqex
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTGkVgAG4zwGrSSeAAon0EFhl-wBpp-v3aQoRA&u=%7Ch2Cr%2FRrnfqNA397T7ueW1ti45ADfZGZ%2BPsQWKJQORXs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zsDj_AdT_XRm-gw4ApAJ6bK5jLqYF-isHLmauRz-AfeYAK_8pRbphREHTY4N3DEDJmtaikHttQPZi_p3lVS3vPIlJGHTPT0PjcF2GNcq29WriY4t2wz4mBG0-oYxi2e8ywjOkhVKHButq94n5bUADZy7vX6xj9-6jDLvVRoUnX2bAebGhtrq_sRj-n3vH8CpUisw0J4Qc9qtX4zHdzhUvuZuW6rQhGRiqp6fViKjGsaBORnyoOutOY_JrEp0ZzWjhMhVTz7KuzkCFVPUYF6WLLvaG9f68LpMv74pWS7JAu7Si9W79EdrVU09tKBewBhZa9O73lc9On7_g8oIeqFl2t7nW6y1AGjCDs2vDnObD0Z73Cq9wpCz6rzs8TsWCBXXTOMy1Mi51koFls5ZNYWrs0dYcriNGtlVu_9TeeX8mkV5SlSq6_CzQKpnQSLbJlRJQDfWn7P4eELT_PD7djmH5LuPKyMOgq_dki1J02csUIBGO_m7r6UeQeE4x18h0s1vDdEfs03pva9KZW3JJ1CNZMiXVZ69nKo2GzrVkf-e20eS08BZlBF16ZgB1CtcEaEDGw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4KKCVqQxZbzGG57JtOUP0M-o0AbJntKxXM3x4t2IAcCNtwEQASAAYJWSroK0B4IBF2NhLXB1Yi03NDI0NjYyMDU0NzY3ODQ4yAEJqQJFXLiirsexPqgDAcgDAqoE1wFP0MM1OX8w9Px117MR15fA2y54Y7Nes4wDzZLn3Qu7CjkKa39-Ej6tOoIfIDdiVX16hX6uHnTe2yF89odTbARN8ZbqqFLfN7Lk3_OKfe-h_avxOwf9TWt6G3Bq2VdGTqQCFTR_j3YcdlxQ9mRzr4JqQwnm_mjs142iC5SVNV8xHYwpsqONjM1KcIccSHVA_REvjdYw3McV0Nlq7nIGmu_YrsoZ9QsQYiXvzZlPrjdLUCeGaWzFiYnF2th5s8ypPRmtvZvGEf8AzcdaSowUNNsyXr1OH0gfYoAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1L--r92rsDJWl0F2E2C2-skrz5Eg%26client%3Dca-pub-7424662054767848%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 21:49:10 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1862821
expires
Mon, 26 Jul 1997 05:00:00 GMT
zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js
pagead2.googlesyndication.com/bg/ Frame 7C36 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&h=280&slotname=5535879205&adk=1225749&adf=284215673&pi=t.ma~as.5535879205&w=1170&fwrn=4&fwrnh=100&lmt=1697725531&rafmt=1&format=1170x280&url=https%3A%2F%2F4tololo.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150241&bpp=1&bdt=1498&idt=111&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=282x380&correlator=8540510458808&frm=20&pv=1&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1047&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NmsOMMM6Xp&p=https%3A//4tololo.ru&dtd=113
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cefb4359419828caa397712613224f4fd3d9f67a9a44b81b8c87296ba5ba81ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:21:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
106032
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14821
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 16:21:58 GMT
rum
dsum-sec.casalemedia.com/ Frame 6FC6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECEzEzXgOP-WjQottUW72fQ&google_cver=1
43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECEzEzXgOP-WjQottUW72fQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMihxfQDEOGQ6cYEGNqdjewBMAE&v=APEucNVVfITd6AS5MKwbISWBZKCkjXo3agjdYJIGeGo3fZnxUt4Gblk_2UeZaIEqON1NlcA81jzr78hs4qsLGqu3v5Wd3KM3YjzDQJ12MmX4HUa4qLOEIkcu3c1SL-ulbxRBci0SjtHxZx3RZ89wnjD9ul5tUHsRC36avx6j1GqqicrAgATo7Tw
Protocol
H2
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 21:49:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HHgCt08AUnyqgWER0DZbbUL4liJ09CdfPcAxSQjFOSOecIZkkdpFLFnF5GG8vbE7oH2wm%2F3CHnixtu0Fl04BPM9lUQOlEI%2BEnEZLiN%2B9SbCLpJOv0tuT3RDwm2k7K%2B3hwneqNdcXqtYhtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
818c3abfff131c44-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 21:49:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECEzEzXgOP-WjQottUW72fQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6FC6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTGkVtspgs0ybRcmn9XX0QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE2RuG8ukdcmMJX6nT1crmU&google_cver=1
43 B
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE2RuG8ukdcmMJX6nT1crmU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMihxfQDEOGQ6cYEGNqdjewBMAE&v=APEucNVVfITd6AS5MKwbISWBZKCkjXo3agjdYJIGeGo3fZnxUt4Gblk_2UeZaIEqON1NlcA81jzr78hs4qsLGqu3v5Wd3KM3YjzDQJ12MmX4HUa4qLOEIkcu3c1SL-ulbxRBci0SjtHxZx3RZ89wnjD9ul5tUHsRC36avx6j1GqqicrAgATo7Tw
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 21:49:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MlvykHAHpu3QlqR5vPjuoHgIWxTcccw9oyAv%2F6BSGz1GvS7gGYRadBk7o%2B4Nulxly2w4D1VSAZZ9t%2FqH1s7rrREgdsVeVDtd74M6PLbu1Su%2F%2BY%2BprikbIgD9AO5CABnZPsOv4X%2FY6t6MCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
818c3ac07b41048f-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 21:49:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE2RuG8ukdcmMJX6nT1crmU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 6FC6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPFRKC5_-L2pq4ugV0JqM5A&google_cver=1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPFRKC5_-L2pq4ugV0JqM5A&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMihxfQDEOGQ6cYEGNqdjewBMAE&v=APEucNVVfITd6AS5MKwbISWBZKCkjXo3agjdYJIGeGo3fZnxUt4Gblk_2UeZaIEqON1NlcA81jzr78hs4qsLGqu3v5Wd3KM3YjzDQJ12MmX4HUa4qLOEIkcu3c1SL-ulbxRBci0SjtHxZx3RZ89wnjD9ul5tUHsRC36avx6j1GqqicrAgATo7Tw
Protocol
H2
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 21:49:11 GMT
an-x-request-uuid
cc242fa2-556c-4ca2-bf48-ba14d110b567
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
138.199.38.132; 138.199.38.132; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 21:49:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPFRKC5_-L2pq4ugV0JqM5A&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6FC6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQ1MTY4MzEwMTUxMjExODg3Mw%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQ1MTY4MzEwMTUxMjExODg3Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMihxfQDEOGQ6cYEGNqdjewBMAE&v=APEucNVVfITd6AS5MKwbISWBZKCkjXo3agjdYJIGeGo3fZnxUt4Gblk_2UeZaIEqON1NlcA81jzr78hs4qsLGqu3v5Wd3KM3YjzDQJ12MmX4HUa4qLOEIkcu3c1SL-ulbxRBci0SjtHxZx3RZ89wnjD9ul5tUHsRC36avx6j1GqqicrAgATo7Tw
Protocol
H2
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 21:49:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 21:49:11 GMT
an-x-request-uuid
91d34579-ffce-479a-8347-7bc364fed68d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQ1MTY4MzEwMTUxMjExODg3Mw%3D%3D
x-proxy-origin
138.199.38.132; 138.199.38.132; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 9BAD 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTGkVgAG4zwGrSSeAAon0EFhl-wBpp-v3aQoRA&u=%7Ch2Cr%2FRrnfqNA397T7ueW1ti45ADfZGZ%2BPsQWKJQORXs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zsDj_AdT_XRm-gw4ApAJ6bK5jLqYF-isHLmauRz-AfeYAK_8pRbphREHTY4N3DEDJmtaikHttQPZi_p3lVS3vPIlJGHTPT0PjcF2GNcq29WriY4t2wz4mBG0-oYxi2e8ywjOkhVKHButq94n5bUADZy7vX6xj9-6jDLvVRoUnX2bAebGhtrq_sRj-n3vH8CpUisw0J4Qc9qtX4zHdzhUvuZuW6rQhGRiqp6fViKjGsaBORnyoOutOY_JrEp0ZzWjhMhVTz7KuzkCFVPUYF6WLLvaG9f68LpMv74pWS7JAu7Si9W79EdrVU09tKBewBhZa9O73lc9On7_g8oIeqFl2t7nW6y1AGjCDs2vDnObD0Z73Cq9wpCz6rzs8TsWCBXXTOMy1Mi51koFls5ZNYWrs0dYcriNGtlVu_9TeeX8mkV5SlSq6_CzQKpnQSLbJlRJQDfWn7P4eELT_PD7djmH5LuPKyMOgq_dki1J02csUIBGO_m7r6UeQeE4x18h0s1vDdEfs03pva9KZW3JJ1CNZMiXVZ69nKo2GzrVkf-e20eS08BZlBF16ZgB1CtcEaEDGw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4KKCVqQxZbzGG57JtOUP0M-o0AbJntKxXM3x4t2IAcCNtwEQASAAYJWSroK0B4IBF2NhLXB1Yi03NDI0NjYyMDU0NzY3ODQ4yAEJqQJFXLiirsexPqgDAcgDAqoE1wFP0MM1OX8w9Px117MR15fA2y54Y7Nes4wDzZLn3Qu7CjkKa39-Ej6tOoIfIDdiVX16hX6uHnTe2yF89odTbARN8ZbqqFLfN7Lk3_OKfe-h_avxOwf9TWt6G3Bq2VdGTqQCFTR_j3YcdlxQ9mRzr4JqQwnm_mjs142iC5SVNV8xHYwpsqONjM1KcIccSHVA_REvjdYw3McV0Nlq7nIGmu_YrsoZ9QsQYiXvzZlPrjdLUCeGaWzFiYnF2th5s8ypPRmtvZvGEf8AzcdaSowUNNsyXr1OH0gfYoAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1L--r92rsDJWl0F2E2C2-skrz5Eg%26client%3Dca-pub-7424662054767848%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
272005
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gg7VFZPEM%2FOuGhTAQIU1Z8s5x%2BVGaPk5cO213v3Dy4SaZrPvSEd7L4ltiGi7dMrHXbZ1eD3OalGVdIduk1ihlvFCXoUD%2BIrrtWQczvvIyoOnmDHYxmuO095JggNwnH4TFWJvBE4gpv7hbI0dlZJ%2FhkiK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
818c3abf9f18365d-FRA
expires
Tue, 08 Oct 2024 21:49:10 GMT
animejs.js
static.criteo.net/animejs/ Frame 9BAD 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTGkVgAG4zwGrSSeAAon0EFhl-wBpp-v3aQoRA&u=%7Ch2Cr%2FRrnfqNA397T7ueW1ti45ADfZGZ%2BPsQWKJQORXs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zsDj_AdT_XRm-gw4ApAJ6bK5jLqYF-isHLmauRz-AfeYAK_8pRbphREHTY4N3DEDJmtaikHttQPZi_p3lVS3vPIlJGHTPT0PjcF2GNcq29WriY4t2wz4mBG0-oYxi2e8ywjOkhVKHButq94n5bUADZy7vX6xj9-6jDLvVRoUnX2bAebGhtrq_sRj-n3vH8CpUisw0J4Qc9qtX4zHdzhUvuZuW6rQhGRiqp6fViKjGsaBORnyoOutOY_JrEp0ZzWjhMhVTz7KuzkCFVPUYF6WLLvaG9f68LpMv74pWS7JAu7Si9W79EdrVU09tKBewBhZa9O73lc9On7_g8oIeqFl2t7nW6y1AGjCDs2vDnObD0Z73Cq9wpCz6rzs8TsWCBXXTOMy1Mi51koFls5ZNYWrs0dYcriNGtlVu_9TeeX8mkV5SlSq6_CzQKpnQSLbJlRJQDfWn7P4eELT_PD7djmH5LuPKyMOgq_dki1J02csUIBGO_m7r6UeQeE4x18h0s1vDdEfs03pva9KZW3JJ1CNZMiXVZ69nKo2GzrVkf-e20eS08BZlBF16ZgB1CtcEaEDGw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4KKCVqQxZbzGG57JtOUP0M-o0AbJntKxXM3x4t2IAcCNtwEQASAAYJWSroK0B4IBF2NhLXB1Yi03NDI0NjYyMDU0NzY3ODQ4yAEJqQJFXLiirsexPqgDAcgDAqoE1wFP0MM1OX8w9Px117MR15fA2y54Y7Nes4wDzZLn3Qu7CjkKa39-Ej6tOoIfIDdiVX16hX6uHnTe2yF89odTbARN8ZbqqFLfN7Lk3_OKfe-h_avxOwf9TWt6G3Bq2VdGTqQCFTR_j3YcdlxQ9mRzr4JqQwnm_mjs142iC5SVNV8xHYwpsqONjM1KcIccSHVA_REvjdYw3McV0Nlq7nIGmu_YrsoZ9QsQYiXvzZlPrjdLUCeGaWzFiYnF2th5s8ypPRmtvZvGEf8AzcdaSowUNNsyXr1OH0gfYoAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1L--r92rsDJWl0F2E2C2-skrz5Eg%26client%3Dca-pub-7424662054767848%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 13 Oct 2024 21:49:10 GMT
0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 9BAD 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTGkVgAG4zwGrSSeAAon0EFhl-wBpp-v3aQoRA&u=%7Ch2Cr%2FRrnfqNA397T7ueW1ti45ADfZGZ%2BPsQWKJQORXs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zsDj_AdT_XRm-gw4ApAJ6bK5jLqYF-isHLmauRz-AfeYAK_8pRbphREHTY4N3DEDJmtaikHttQPZi_p3lVS3vPIlJGHTPT0PjcF2GNcq29WriY4t2wz4mBG0-oYxi2e8ywjOkhVKHButq94n5bUADZy7vX6xj9-6jDLvVRoUnX2bAebGhtrq_sRj-n3vH8CpUisw0J4Qc9qtX4zHdzhUvuZuW6rQhGRiqp6fViKjGsaBORnyoOutOY_JrEp0ZzWjhMhVTz7KuzkCFVPUYF6WLLvaG9f68LpMv74pWS7JAu7Si9W79EdrVU09tKBewBhZa9O73lc9On7_g8oIeqFl2t7nW6y1AGjCDs2vDnObD0Z73Cq9wpCz6rzs8TsWCBXXTOMy1Mi51koFls5ZNYWrs0dYcriNGtlVu_9TeeX8mkV5SlSq6_CzQKpnQSLbJlRJQDfWn7P4eELT_PD7djmH5LuPKyMOgq_dki1J02csUIBGO_m7r6UeQeE4x18h0s1vDdEfs03pva9KZW3JJ1CNZMiXVZ69nKo2GzrVkf-e20eS08BZlBF16ZgB1CtcEaEDGw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4KKCVqQxZbzGG57JtOUP0M-o0AbJntKxXM3x4t2IAcCNtwEQASAAYJWSroK0B4IBF2NhLXB1Yi03NDI0NjYyMDU0NzY3ODQ4yAEJqQJFXLiirsexPqgDAcgDAqoE1wFP0MM1OX8w9Px117MR15fA2y54Y7Nes4wDzZLn3Qu7CjkKa39-Ej6tOoIfIDdiVX16hX6uHnTe2yF89odTbARN8ZbqqFLfN7Lk3_OKfe-h_avxOwf9TWt6G3Bq2VdGTqQCFTR_j3YcdlxQ9mRzr4JqQwnm_mjs142iC5SVNV8xHYwpsqONjM1KcIccSHVA_REvjdYw3McV0Nlq7nIGmu_YrsoZ9QsQYiXvzZlPrjdLUCeGaWzFiYnF2th5s8ypPRmtvZvGEf8AzcdaSowUNNsyXr1OH0gfYoAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1L--r92rsDJWl0F2E2C2-skrz5Eg%26client%3Dca-pub-7424662054767848%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 02 Oct 2018 14:57:25 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5bb38755-97a8"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 13 Oct 2024 21:49:10 GMT
ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 9BAD 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTGkVgAG4zwGrSSeAAon0EFhl-wBpp-v3aQoRA&u=%7Ch2Cr%2FRrnfqNA397T7ueW1ti45ADfZGZ%2BPsQWKJQORXs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zsDj_AdT_XRm-gw4ApAJ6bK5jLqYF-isHLmauRz-AfeYAK_8pRbphREHTY4N3DEDJmtaikHttQPZi_p3lVS3vPIlJGHTPT0PjcF2GNcq29WriY4t2wz4mBG0-oYxi2e8ywjOkhVKHButq94n5bUADZy7vX6xj9-6jDLvVRoUnX2bAebGhtrq_sRj-n3vH8CpUisw0J4Qc9qtX4zHdzhUvuZuW6rQhGRiqp6fViKjGsaBORnyoOutOY_JrEp0ZzWjhMhVTz7KuzkCFVPUYF6WLLvaG9f68LpMv74pWS7JAu7Si9W79EdrVU09tKBewBhZa9O73lc9On7_g8oIeqFl2t7nW6y1AGjCDs2vDnObD0Z73Cq9wpCz6rzs8TsWCBXXTOMy1Mi51koFls5ZNYWrs0dYcriNGtlVu_9TeeX8mkV5SlSq6_CzQKpnQSLbJlRJQDfWn7P4eELT_PD7djmH5LuPKyMOgq_dki1J02csUIBGO_m7r6UeQeE4x18h0s1vDdEfs03pva9KZW3JJ1CNZMiXVZ69nKo2GzrVkf-e20eS08BZlBF16ZgB1CtcEaEDGw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4KKCVqQxZbzGG57JtOUP0M-o0AbJntKxXM3x4t2IAcCNtwEQASAAYJWSroK0B4IBF2NhLXB1Yi03NDI0NjYyMDU0NzY3ODQ4yAEJqQJFXLiirsexPqgDAcgDAqoE1wFP0MM1OX8w9Px117MR15fA2y54Y7Nes4wDzZLn3Qu7CjkKa39-Ej6tOoIfIDdiVX16hX6uHnTe2yF89odTbARN8ZbqqFLfN7Lk3_OKfe-h_avxOwf9TWt6G3Bq2VdGTqQCFTR_j3YcdlxQ9mRzr4JqQwnm_mjs142iC5SVNV8xHYwpsqONjM1KcIccSHVA_REvjdYw3McV0Nlq7nIGmu_YrsoZ9QsQYiXvzZlPrjdLUCeGaWzFiYnF2th5s8ypPRmtvZvGEf8AzcdaSowUNNsyXr1OH0gfYoAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1L--r92rsDJWl0F2E2C2-skrz5Eg%26client%3Dca-pub-7424662054767848%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 02 Oct 2018 14:57:25 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5bb38755-b778"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 13 Oct 2024 21:49:10 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221107617684845621327%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2210-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215080402996012907905%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 19 Oct 2023 21:49:11 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
img
imageproxy.eu.criteo.net/img/ Frame 9BAD 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=116&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F1344%2F230413%2Fc53e5f9a71444a36ae4d74a664fc7269_logo_n_horizontal_4.png&v=3&w=560&rid=4&s=rnlk1uHm69uNU4IQjX3yumhL
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTGkVgAG4zwGrSSeAAon0EFhl-wBpp-v3aQoRA&u=%7Ch2Cr%2FRrnfqNA397T7ueW1ti45ADfZGZ%2BPsQWKJQORXs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zsDj_AdT_XRm-gw4ApAJ6bK5jLqYF-isHLmauRz-AfeYAK_8pRbphREHTY4N3DEDJmtaikHttQPZi_p3lVS3vPIlJGHTPT0PjcF2GNcq29WriY4t2wz4mBG0-oYxi2e8ywjOkhVKHButq94n5bUADZy7vX6xj9-6jDLvVRoUnX2bAebGhtrq_sRj-n3vH8CpUisw0J4Qc9qtX4zHdzhUvuZuW6rQhGRiqp6fViKjGsaBORnyoOutOY_JrEp0ZzWjhMhVTz7KuzkCFVPUYF6WLLvaG9f68LpMv74pWS7JAu7Si9W79EdrVU09tKBewBhZa9O73lc9On7_g8oIeqFl2t7nW6y1AGjCDs2vDnObD0Z73Cq9wpCz6rzs8TsWCBXXTOMy1Mi51koFls5ZNYWrs0dYcriNGtlVu_9TeeX8mkV5SlSq6_CzQKpnQSLbJlRJQDfWn7P4eELT_PD7djmH5LuPKyMOgq_dki1J02csUIBGO_m7r6UeQeE4x18h0s1vDdEfs03pva9KZW3JJ1CNZMiXVZ69nKo2GzrVkf-e20eS08BZlBF16ZgB1CtcEaEDGw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4KKCVqQxZbzGG57JtOUP0M-o0AbJntKxXM3x4t2IAcCNtwEQASAAYJWSroK0B4IBF2NhLXB1Yi03NDI0NjYyMDU0NzY3ODQ4yAEJqQJFXLiirsexPqgDAcgDAqoE1wFP0MM1OX8w9Px117MR15fA2y54Y7Nes4wDzZLn3Qu7CjkKa39-Ej6tOoIfIDdiVX16hX6uHnTe2yF89odTbARN8ZbqqFLfN7Lk3_OKfe-h_avxOwf9TWt6G3Bq2VdGTqQCFTR_j3YcdlxQ9mRzr4JqQwnm_mjs142iC5SVNV8xHYwpsqONjM1KcIccSHVA_REvjdYw3McV0Nlq7nIGmu_YrsoZ9QsQYiXvzZlPrjdLUCeGaWzFiYnF2th5s8ypPRmtvZvGEf8AzcdaSowUNNsyXr1OH0gfYoAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1L--r92rsDJWl0F2E2C2-skrz5Eg%26client%3Dca-pub-7424662054767848%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c2369c162a49b53d572cf8f0edc988850f85f899b4da27489465dac8fb5108bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
6100
expires
Thu, 12 Sep 2024 03:34:08 GMT
img
imageproxy.eu.criteo.net/img/ Frame 9BAD 		117 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fimages%2Fstarrating%2Fstars_empty.png&v=3&w=400&rid=4&s=pwKdqrXJZuMFGhT4AO95MAQn
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTGkVgAG4zwGrSSeAAon0EFhl-wBpp-v3aQoRA&u=%7Ch2Cr%2FRrnfqNA397T7ueW1ti45ADfZGZ%2BPsQWKJQORXs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zsDj_AdT_XRm-gw4ApAJ6bK5jLqYF-isHLmauRz-AfeYAK_8pRbphREHTY4N3DEDJmtaikHttQPZi_p3lVS3vPIlJGHTPT0PjcF2GNcq29WriY4t2wz4mBG0-oYxi2e8ywjOkhVKHButq94n5bUADZy7vX6xj9-6jDLvVRoUnX2bAebGhtrq_sRj-n3vH8CpUisw0J4Qc9qtX4zHdzhUvuZuW6rQhGRiqp6fViKjGsaBORnyoOutOY_JrEp0ZzWjhMhVTz7KuzkCFVPUYF6WLLvaG9f68LpMv74pWS7JAu7Si9W79EdrVU09tKBewBhZa9O73lc9On7_g8oIeqFl2t7nW6y1AGjCDs2vDnObD0Z73Cq9wpCz6rzs8TsWCBXXTOMy1Mi51koFls5ZNYWrs0dYcriNGtlVu_9TeeX8mkV5SlSq6_CzQKpnQSLbJlRJQDfWn7P4eELT_PD7djmH5LuPKyMOgq_dki1J02csUIBGO_m7r6UeQeE4x18h0s1vDdEfs03pva9KZW3JJ1CNZMiXVZ69nKo2GzrVkf-e20eS08BZlBF16ZgB1CtcEaEDGw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4KKCVqQxZbzGG57JtOUP0M-o0AbJntKxXM3x4t2IAcCNtwEQASAAYJWSroK0B4IBF2NhLXB1Yi03NDI0NjYyMDU0NzY3ODQ4yAEJqQJFXLiirsexPqgDAcgDAqoE1wFP0MM1OX8w9Px117MR15fA2y54Y7Nes4wDzZLn3Qu7CjkKa39-Ej6tOoIfIDdiVX16hX6uHnTe2yF89odTbARN8ZbqqFLfN7Lk3_OKfe-h_avxOwf9TWt6G3Bq2VdGTqQCFTR_j3YcdlxQ9mRzr4JqQwnm_mjs142iC5SVNV8xHYwpsqONjM1KcIccSHVA_REvjdYw3McV0Nlq7nIGmu_YrsoZ9QsQYiXvzZlPrjdLUCeGaWzFiYnF2th5s8ypPRmtvZvGEf8AzcdaSowUNNsyXr1OH0gfYoAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1L--r92rsDJWl0F2E2C2-skrz5Eg%26client%3Dca-pub-7424662054767848%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
40af400e8c91f02188ba45f50e2fcfe9e0551221d23bf002f8ad1ee7c8cae18f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
117
expires
Wed, 02 Oct 2024 10:02:04 GMT
img
imageproxy.eu.criteo.net/img/ Frame 9BAD 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1695291222%2F23169136-vl6wVmdk.jpg&v=3&w=400&rid=4&s=EgZ8ONPwM2QX4GXiQI_EHK3B&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTGkVgAG4zwGrSSeAAon0EFhl-wBpp-v3aQoRA&u=%7Ch2Cr%2FRrnfqNA397T7ueW1ti45ADfZGZ%2BPsQWKJQORXs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zsDj_AdT_XRm-gw4ApAJ6bK5jLqYF-isHLmauRz-AfeYAK_8pRbphREHTY4N3DEDJmtaikHttQPZi_p3lVS3vPIlJGHTPT0PjcF2GNcq29WriY4t2wz4mBG0-oYxi2e8ywjOkhVKHButq94n5bUADZy7vX6xj9-6jDLvVRoUnX2bAebGhtrq_sRj-n3vH8CpUisw0J4Qc9qtX4zHdzhUvuZuW6rQhGRiqp6fViKjGsaBORnyoOutOY_JrEp0ZzWjhMhVTz7KuzkCFVPUYF6WLLvaG9f68LpMv74pWS7JAu7Si9W79EdrVU09tKBewBhZa9O73lc9On7_g8oIeqFl2t7nW6y1AGjCDs2vDnObD0Z73Cq9wpCz6rzs8TsWCBXXTOMy1Mi51koFls5ZNYWrs0dYcriNGtlVu_9TeeX8mkV5SlSq6_CzQKpnQSLbJlRJQDfWn7P4eELT_PD7djmH5LuPKyMOgq_dki1J02csUIBGO_m7r6UeQeE4x18h0s1vDdEfs03pva9KZW3JJ1CNZMiXVZ69nKo2GzrVkf-e20eS08BZlBF16ZgB1CtcEaEDGw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4KKCVqQxZbzGG57JtOUP0M-o0AbJntKxXM3x4t2IAcCNtwEQASAAYJWSroK0B4IBF2NhLXB1Yi03NDI0NjYyMDU0NzY3ODQ4yAEJqQJFXLiirsexPqgDAcgDAqoE1wFP0MM1OX8w9Px117MR15fA2y54Y7Nes4wDzZLn3Qu7CjkKa39-Ej6tOoIfIDdiVX16hX6uHnTe2yF89odTbARN8ZbqqFLfN7Lk3_OKfe-h_avxOwf9TWt6G3Bq2VdGTqQCFTR_j3YcdlxQ9mRzr4JqQwnm_mjs142iC5SVNV8xHYwpsqONjM1KcIccSHVA_REvjdYw3McV0Nlq7nIGmu_YrsoZ9QsQYiXvzZlPrjdLUCeGaWzFiYnF2th5s8ypPRmtvZvGEf8AzcdaSowUNNsyXr1OH0gfYoAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1L--r92rsDJWl0F2E2C2-skrz5Eg%26client%3Dca-pub-7424662054767848%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3e4d3b31a603c0a84e9241aec4f03e9e2460a041b6d4f5c1c2b6f815756bb106
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
23874
expires
Tue, 24 Oct 2023 07:05:25 GMT
img
imageproxy.eu.criteo.net/img/ Frame 9BAD 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fimages%2Fbonprix%2F20230502%2F200x65_neulabel_criteo_de.png&v=3&w=400&rid=4&s=LMbwVQqqZkIT_OqRJg0FwumN
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTGkVgAG4zwGrSSeAAon0EFhl-wBpp-v3aQoRA&u=%7Ch2Cr%2FRrnfqNA397T7ueW1ti45ADfZGZ%2BPsQWKJQORXs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zsDj_AdT_XRm-gw4ApAJ6bK5jLqYF-isHLmauRz-AfeYAK_8pRbphREHTY4N3DEDJmtaikHttQPZi_p3lVS3vPIlJGHTPT0PjcF2GNcq29WriY4t2wz4mBG0-oYxi2e8ywjOkhVKHButq94n5bUADZy7vX6xj9-6jDLvVRoUnX2bAebGhtrq_sRj-n3vH8CpUisw0J4Qc9qtX4zHdzhUvuZuW6rQhGRiqp6fViKjGsaBORnyoOutOY_JrEp0ZzWjhMhVTz7KuzkCFVPUYF6WLLvaG9f68LpMv74pWS7JAu7Si9W79EdrVU09tKBewBhZa9O73lc9On7_g8oIeqFl2t7nW6y1AGjCDs2vDnObD0Z73Cq9wpCz6rzs8TsWCBXXTOMy1Mi51koFls5ZNYWrs0dYcriNGtlVu_9TeeX8mkV5SlSq6_CzQKpnQSLbJlRJQDfWn7P4eELT_PD7djmH5LuPKyMOgq_dki1J02csUIBGO_m7r6UeQeE4x18h0s1vDdEfs03pva9KZW3JJ1CNZMiXVZ69nKo2GzrVkf-e20eS08BZlBF16ZgB1CtcEaEDGw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4KKCVqQxZbzGG57JtOUP0M-o0AbJntKxXM3x4t2IAcCNtwEQASAAYJWSroK0B4IBF2NhLXB1Yi03NDI0NjYyMDU0NzY3ODQ4yAEJqQJFXLiirsexPqgDAcgDAqoE1wFP0MM1OX8w9Px117MR15fA2y54Y7Nes4wDzZLn3Qu7CjkKa39-Ej6tOoIfIDdiVX16hX6uHnTe2yF89odTbARN8ZbqqFLfN7Lk3_OKfe-h_avxOwf9TWt6G3Bq2VdGTqQCFTR_j3YcdlxQ9mRzr4JqQwnm_mjs142iC5SVNV8xHYwpsqONjM1KcIccSHVA_REvjdYw3McV0Nlq7nIGmu_YrsoZ9QsQYiXvzZlPrjdLUCeGaWzFiYnF2th5s8ypPRmtvZvGEf8AzcdaSowUNNsyXr1OH0gfYoAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1L--r92rsDJWl0F2E2C2-skrz5Eg%26client%3Dca-pub-7424662054767848%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a71193943da4f3877526c6f868c74c829bff69efae4a45b82b51eed31916dc74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
1484
expires
Fri, 04 Oct 2024 16:03:46 GMT
img
imageproxy.eu.criteo.net/img/ Frame 9BAD 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1537531619%2F18238123-c0bo8Rkl.jpg&v=3&w=400&rid=4&s=sOvPe5dItOIxwRVpNniBnadJ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTGkVgAG4zwGrSSeAAon0EFhl-wBpp-v3aQoRA&u=%7Ch2Cr%2FRrnfqNA397T7ueW1ti45ADfZGZ%2BPsQWKJQORXs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zsDj_AdT_XRm-gw4ApAJ6bK5jLqYF-isHLmauRz-AfeYAK_8pRbphREHTY4N3DEDJmtaikHttQPZi_p3lVS3vPIlJGHTPT0PjcF2GNcq29WriY4t2wz4mBG0-oYxi2e8ywjOkhVKHButq94n5bUADZy7vX6xj9-6jDLvVRoUnX2bAebGhtrq_sRj-n3vH8CpUisw0J4Qc9qtX4zHdzhUvuZuW6rQhGRiqp6fViKjGsaBORnyoOutOY_JrEp0ZzWjhMhVTz7KuzkCFVPUYF6WLLvaG9f68LpMv74pWS7JAu7Si9W79EdrVU09tKBewBhZa9O73lc9On7_g8oIeqFl2t7nW6y1AGjCDs2vDnObD0Z73Cq9wpCz6rzs8TsWCBXXTOMy1Mi51koFls5ZNYWrs0dYcriNGtlVu_9TeeX8mkV5SlSq6_CzQKpnQSLbJlRJQDfWn7P4eELT_PD7djmH5LuPKyMOgq_dki1J02csUIBGO_m7r6UeQeE4x18h0s1vDdEfs03pva9KZW3JJ1CNZMiXVZ69nKo2GzrVkf-e20eS08BZlBF16ZgB1CtcEaEDGw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4KKCVqQxZbzGG57JtOUP0M-o0AbJntKxXM3x4t2IAcCNtwEQASAAYJWSroK0B4IBF2NhLXB1Yi03NDI0NjYyMDU0NzY3ODQ4yAEJqQJFXLiirsexPqgDAcgDAqoE1wFP0MM1OX8w9Px117MR15fA2y54Y7Nes4wDzZLn3Qu7CjkKa39-Ej6tOoIfIDdiVX16hX6uHnTe2yF89odTbARN8ZbqqFLfN7Lk3_OKfe-h_avxOwf9TWt6G3Bq2VdGTqQCFTR_j3YcdlxQ9mRzr4JqQwnm_mjs142iC5SVNV8xHYwpsqONjM1KcIccSHVA_REvjdYw3McV0Nlq7nIGmu_YrsoZ9QsQYiXvzZlPrjdLUCeGaWzFiYnF2th5s8ypPRmtvZvGEf8AzcdaSowUNNsyXr1OH0gfYoAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1L--r92rsDJWl0F2E2C2-skrz5Eg%26client%3Dca-pub-7424662054767848%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9a92ab85a5389edffe566db510012c49d50af57b003656ed947a6f9e6f1353eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
30802
expires
Fri, 20 Oct 2023 19:03:29 GMT
img
imageproxy.eu.criteo.net/img/ Frame 9BAD 		354 B
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fbonprix%2Fstarrating%2Fstar_4.png&v=3&w=400&rid=4&s=u4d8gANmsyX95m5QENytTHgL
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTGkVgAG4zwGrSSeAAon0EFhl-wBpp-v3aQoRA&u=%7Ch2Cr%2FRrnfqNA397T7ueW1ti45ADfZGZ%2BPsQWKJQORXs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zsDj_AdT_XRm-gw4ApAJ6bK5jLqYF-isHLmauRz-AfeYAK_8pRbphREHTY4N3DEDJmtaikHttQPZi_p3lVS3vPIlJGHTPT0PjcF2GNcq29WriY4t2wz4mBG0-oYxi2e8ywjOkhVKHButq94n5bUADZy7vX6xj9-6jDLvVRoUnX2bAebGhtrq_sRj-n3vH8CpUisw0J4Qc9qtX4zHdzhUvuZuW6rQhGRiqp6fViKjGsaBORnyoOutOY_JrEp0ZzWjhMhVTz7KuzkCFVPUYF6WLLvaG9f68LpMv74pWS7JAu7Si9W79EdrVU09tKBewBhZa9O73lc9On7_g8oIeqFl2t7nW6y1AGjCDs2vDnObD0Z73Cq9wpCz6rzs8TsWCBXXTOMy1Mi51koFls5ZNYWrs0dYcriNGtlVu_9TeeX8mkV5SlSq6_CzQKpnQSLbJlRJQDfWn7P4eELT_PD7djmH5LuPKyMOgq_dki1J02csUIBGO_m7r6UeQeE4x18h0s1vDdEfs03pva9KZW3JJ1CNZMiXVZ69nKo2GzrVkf-e20eS08BZlBF16ZgB1CtcEaEDGw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4KKCVqQxZbzGG57JtOUP0M-o0AbJntKxXM3x4t2IAcCNtwEQASAAYJWSroK0B4IBF2NhLXB1Yi03NDI0NjYyMDU0NzY3ODQ4yAEJqQJFXLiirsexPqgDAcgDAqoE1wFP0MM1OX8w9Px117MR15fA2y54Y7Nes4wDzZLn3Qu7CjkKa39-Ej6tOoIfIDdiVX16hX6uHnTe2yF89odTbARN8ZbqqFLfN7Lk3_OKfe-h_avxOwf9TWt6G3Bq2VdGTqQCFTR_j3YcdlxQ9mRzr4JqQwnm_mjs142iC5SVNV8xHYwpsqONjM1KcIccSHVA_REvjdYw3McV0Nlq7nIGmu_YrsoZ9QsQYiXvzZlPrjdLUCeGaWzFiYnF2th5s8ypPRmtvZvGEf8AzcdaSowUNNsyXr1OH0gfYoAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1L--r92rsDJWl0F2E2C2-skrz5Eg%26client%3Dca-pub-7424662054767848%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cfb9ab1e326d1a30bb341a4d74db9b750c6c4aebb6304ad1264b1761c6b280d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
354
expires
Wed, 02 Oct 2024 10:02:04 GMT
img
imageproxy.eu.criteo.net/img/ Frame 9BAD 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1512554171%2F17312573-DGuU4KUk.jpg&v=3&w=400&rid=4&s=1DVbpcwKIxJPDCL8HeVihdpQ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTGkVgAG4zwGrSSeAAon0EFhl-wBpp-v3aQoRA&u=%7Ch2Cr%2FRrnfqNA397T7ueW1ti45ADfZGZ%2BPsQWKJQORXs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zsDj_AdT_XRm-gw4ApAJ6bK5jLqYF-isHLmauRz-AfeYAK_8pRbphREHTY4N3DEDJmtaikHttQPZi_p3lVS3vPIlJGHTPT0PjcF2GNcq29WriY4t2wz4mBG0-oYxi2e8ywjOkhVKHButq94n5bUADZy7vX6xj9-6jDLvVRoUnX2bAebGhtrq_sRj-n3vH8CpUisw0J4Qc9qtX4zHdzhUvuZuW6rQhGRiqp6fViKjGsaBORnyoOutOY_JrEp0ZzWjhMhVTz7KuzkCFVPUYF6WLLvaG9f68LpMv74pWS7JAu7Si9W79EdrVU09tKBewBhZa9O73lc9On7_g8oIeqFl2t7nW6y1AGjCDs2vDnObD0Z73Cq9wpCz6rzs8TsWCBXXTOMy1Mi51koFls5ZNYWrs0dYcriNGtlVu_9TeeX8mkV5SlSq6_CzQKpnQSLbJlRJQDfWn7P4eELT_PD7djmH5LuPKyMOgq_dki1J02csUIBGO_m7r6UeQeE4x18h0s1vDdEfs03pva9KZW3JJ1CNZMiXVZ69nKo2GzrVkf-e20eS08BZlBF16ZgB1CtcEaEDGw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4KKCVqQxZbzGG57JtOUP0M-o0AbJntKxXM3x4t2IAcCNtwEQASAAYJWSroK0B4IBF2NhLXB1Yi03NDI0NjYyMDU0NzY3ODQ4yAEJqQJFXLiirsexPqgDAcgDAqoE1wFP0MM1OX8w9Px117MR15fA2y54Y7Nes4wDzZLn3Qu7CjkKa39-Ej6tOoIfIDdiVX16hX6uHnTe2yF89odTbARN8ZbqqFLfN7Lk3_OKfe-h_avxOwf9TWt6G3Bq2VdGTqQCFTR_j3YcdlxQ9mRzr4JqQwnm_mjs142iC5SVNV8xHYwpsqONjM1KcIccSHVA_REvjdYw3McV0Nlq7nIGmu_YrsoZ9QsQYiXvzZlPrjdLUCeGaWzFiYnF2th5s8ypPRmtvZvGEf8AzcdaSowUNNsyXr1OH0gfYoAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1L--r92rsDJWl0F2E2C2-skrz5Eg%26client%3Dca-pub-7424662054767848%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9d59193f983cef22739b510a95f91d98b5fa3c308de52d24eb0ff3f57418d63c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
19092
expires
Fri, 20 Oct 2023 13:08:00 GMT
img
imageproxy.eu.criteo.net/img/ Frame 9BAD 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1598858616%2F20142398-gF8nywm7.jpg&v=3&w=400&rid=4&s=WkONcz1nJU3cWYKFfFyCyIIg&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTGkVgAG4zwGrSSeAAon0EFhl-wBpp-v3aQoRA&u=%7Ch2Cr%2FRrnfqNA397T7ueW1ti45ADfZGZ%2BPsQWKJQORXs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zsDj_AdT_XRm-gw4ApAJ6bK5jLqYF-isHLmauRz-AfeYAK_8pRbphREHTY4N3DEDJmtaikHttQPZi_p3lVS3vPIlJGHTPT0PjcF2GNcq29WriY4t2wz4mBG0-oYxi2e8ywjOkhVKHButq94n5bUADZy7vX6xj9-6jDLvVRoUnX2bAebGhtrq_sRj-n3vH8CpUisw0J4Qc9qtX4zHdzhUvuZuW6rQhGRiqp6fViKjGsaBORnyoOutOY_JrEp0ZzWjhMhVTz7KuzkCFVPUYF6WLLvaG9f68LpMv74pWS7JAu7Si9W79EdrVU09tKBewBhZa9O73lc9On7_g8oIeqFl2t7nW6y1AGjCDs2vDnObD0Z73Cq9wpCz6rzs8TsWCBXXTOMy1Mi51koFls5ZNYWrs0dYcriNGtlVu_9TeeX8mkV5SlSq6_CzQKpnQSLbJlRJQDfWn7P4eELT_PD7djmH5LuPKyMOgq_dki1J02csUIBGO_m7r6UeQeE4x18h0s1vDdEfs03pva9KZW3JJ1CNZMiXVZ69nKo2GzrVkf-e20eS08BZlBF16ZgB1CtcEaEDGw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4KKCVqQxZbzGG57JtOUP0M-o0AbJntKxXM3x4t2IAcCNtwEQASAAYJWSroK0B4IBF2NhLXB1Yi03NDI0NjYyMDU0NzY3ODQ4yAEJqQJFXLiirsexPqgDAcgDAqoE1wFP0MM1OX8w9Px117MR15fA2y54Y7Nes4wDzZLn3Qu7CjkKa39-Ej6tOoIfIDdiVX16hX6uHnTe2yF89odTbARN8ZbqqFLfN7Lk3_OKfe-h_avxOwf9TWt6G3Bq2VdGTqQCFTR_j3YcdlxQ9mRzr4JqQwnm_mjs142iC5SVNV8xHYwpsqONjM1KcIccSHVA_REvjdYw3McV0Nlq7nIGmu_YrsoZ9QsQYiXvzZlPrjdLUCeGaWzFiYnF2th5s8ypPRmtvZvGEf8AzcdaSowUNNsyXr1OH0gfYoAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1L--r92rsDJWl0F2E2C2-skrz5Eg%26client%3Dca-pub-7424662054767848%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5effd3d9258b84852d460e5767401978535a4cbaea3c4484130aa0983e25ec19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
19422
expires
Fri, 20 Oct 2023 13:13:00 GMT
img
imageproxy.eu.criteo.net/img/ Frame 9BAD 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1683436435%2F23060325-vEohea4T.jpg&v=3&w=400&rid=4&s=UU-IO12nj6x5TncfiqfwaacF&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTGkVgAG4zwGrSSeAAon0EFhl-wBpp-v3aQoRA&u=%7Ch2Cr%2FRrnfqNA397T7ueW1ti45ADfZGZ%2BPsQWKJQORXs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zsDj_AdT_XRm-gw4ApAJ6bK5jLqYF-isHLmauRz-AfeYAK_8pRbphREHTY4N3DEDJmtaikHttQPZi_p3lVS3vPIlJGHTPT0PjcF2GNcq29WriY4t2wz4mBG0-oYxi2e8ywjOkhVKHButq94n5bUADZy7vX6xj9-6jDLvVRoUnX2bAebGhtrq_sRj-n3vH8CpUisw0J4Qc9qtX4zHdzhUvuZuW6rQhGRiqp6fViKjGsaBORnyoOutOY_JrEp0ZzWjhMhVTz7KuzkCFVPUYF6WLLvaG9f68LpMv74pWS7JAu7Si9W79EdrVU09tKBewBhZa9O73lc9On7_g8oIeqFl2t7nW6y1AGjCDs2vDnObD0Z73Cq9wpCz6rzs8TsWCBXXTOMy1Mi51koFls5ZNYWrs0dYcriNGtlVu_9TeeX8mkV5SlSq6_CzQKpnQSLbJlRJQDfWn7P4eELT_PD7djmH5LuPKyMOgq_dki1J02csUIBGO_m7r6UeQeE4x18h0s1vDdEfs03pva9KZW3JJ1CNZMiXVZ69nKo2GzrVkf-e20eS08BZlBF16ZgB1CtcEaEDGw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4KKCVqQxZbzGG57JtOUP0M-o0AbJntKxXM3x4t2IAcCNtwEQASAAYJWSroK0B4IBF2NhLXB1Yi03NDI0NjYyMDU0NzY3ODQ4yAEJqQJFXLiirsexPqgDAcgDAqoE1wFP0MM1OX8w9Px117MR15fA2y54Y7Nes4wDzZLn3Qu7CjkKa39-Ej6tOoIfIDdiVX16hX6uHnTe2yF89odTbARN8ZbqqFLfN7Lk3_OKfe-h_avxOwf9TWt6G3Bq2VdGTqQCFTR_j3YcdlxQ9mRzr4JqQwnm_mjs142iC5SVNV8xHYwpsqONjM1KcIccSHVA_REvjdYw3McV0Nlq7nIGmu_YrsoZ9QsQYiXvzZlPrjdLUCeGaWzFiYnF2th5s8ypPRmtvZvGEf8AzcdaSowUNNsyXr1OH0gfYoAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1L--r92rsDJWl0F2E2C2-skrz5Eg%26client%3Dca-pub-7424662054767848%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
17c3a82d150fe7c421ab91aed77e05c31fab8202666c8a7c61b942484b673084
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
30730
expires
Tue, 24 Oct 2023 13:51:54 GMT
img
imageproxy.eu.criteo.net/img/ Frame 9BAD 		305 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fbonprix%2Fstarrating%2Fstar_5.png&v=3&w=400&rid=4&s=RtrExZbSuLQDRVJn_oA1pGM7
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTGkVgAG4zwGrSSeAAon0EFhl-wBpp-v3aQoRA&u=%7Ch2Cr%2FRrnfqNA397T7ueW1ti45ADfZGZ%2BPsQWKJQORXs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zsDj_AdT_XRm-gw4ApAJ6bK5jLqYF-isHLmauRz-AfeYAK_8pRbphREHTY4N3DEDJmtaikHttQPZi_p3lVS3vPIlJGHTPT0PjcF2GNcq29WriY4t2wz4mBG0-oYxi2e8ywjOkhVKHButq94n5bUADZy7vX6xj9-6jDLvVRoUnX2bAebGhtrq_sRj-n3vH8CpUisw0J4Qc9qtX4zHdzhUvuZuW6rQhGRiqp6fViKjGsaBORnyoOutOY_JrEp0ZzWjhMhVTz7KuzkCFVPUYF6WLLvaG9f68LpMv74pWS7JAu7Si9W79EdrVU09tKBewBhZa9O73lc9On7_g8oIeqFl2t7nW6y1AGjCDs2vDnObD0Z73Cq9wpCz6rzs8TsWCBXXTOMy1Mi51koFls5ZNYWrs0dYcriNGtlVu_9TeeX8mkV5SlSq6_CzQKpnQSLbJlRJQDfWn7P4eELT_PD7djmH5LuPKyMOgq_dki1J02csUIBGO_m7r6UeQeE4x18h0s1vDdEfs03pva9KZW3JJ1CNZMiXVZ69nKo2GzrVkf-e20eS08BZlBF16ZgB1CtcEaEDGw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4KKCVqQxZbzGG57JtOUP0M-o0AbJntKxXM3x4t2IAcCNtwEQASAAYJWSroK0B4IBF2NhLXB1Yi03NDI0NjYyMDU0NzY3ODQ4yAEJqQJFXLiirsexPqgDAcgDAqoE1wFP0MM1OX8w9Px117MR15fA2y54Y7Nes4wDzZLn3Qu7CjkKa39-Ej6tOoIfIDdiVX16hX6uHnTe2yF89odTbARN8ZbqqFLfN7Lk3_OKfe-h_avxOwf9TWt6G3Bq2VdGTqQCFTR_j3YcdlxQ9mRzr4JqQwnm_mjs142iC5SVNV8xHYwpsqONjM1KcIccSHVA_REvjdYw3McV0Nlq7nIGmu_YrsoZ9QsQYiXvzZlPrjdLUCeGaWzFiYnF2th5s8ypPRmtvZvGEf8AzcdaSowUNNsyXr1OH0gfYoAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1L--r92rsDJWl0F2E2C2-skrz5Eg%26client%3Dca-pub-7424662054767848%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e9b75cd6ed8e19ac702fa5b7a5299179f82d9dfe25eced5cd9f70936309229a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
305
expires
Wed, 02 Oct 2024 10:02:04 GMT
img
imageproxy.eu.criteo.net/img/ Frame 9BAD 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1592825564%2F17225227-6RUSDSG1.jpg&v=3&w=400&rid=4&s=LOXqE_ffI-KKUPKjI_MqxKjB&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTGkVgAG4zwGrSSeAAon0EFhl-wBpp-v3aQoRA&u=%7Ch2Cr%2FRrnfqNA397T7ueW1ti45ADfZGZ%2BPsQWKJQORXs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zsDj_AdT_XRm-gw4ApAJ6bK5jLqYF-isHLmauRz-AfeYAK_8pRbphREHTY4N3DEDJmtaikHttQPZi_p3lVS3vPIlJGHTPT0PjcF2GNcq29WriY4t2wz4mBG0-oYxi2e8ywjOkhVKHButq94n5bUADZy7vX6xj9-6jDLvVRoUnX2bAebGhtrq_sRj-n3vH8CpUisw0J4Qc9qtX4zHdzhUvuZuW6rQhGRiqp6fViKjGsaBORnyoOutOY_JrEp0ZzWjhMhVTz7KuzkCFVPUYF6WLLvaG9f68LpMv74pWS7JAu7Si9W79EdrVU09tKBewBhZa9O73lc9On7_g8oIeqFl2t7nW6y1AGjCDs2vDnObD0Z73Cq9wpCz6rzs8TsWCBXXTOMy1Mi51koFls5ZNYWrs0dYcriNGtlVu_9TeeX8mkV5SlSq6_CzQKpnQSLbJlRJQDfWn7P4eELT_PD7djmH5LuPKyMOgq_dki1J02csUIBGO_m7r6UeQeE4x18h0s1vDdEfs03pva9KZW3JJ1CNZMiXVZ69nKo2GzrVkf-e20eS08BZlBF16ZgB1CtcEaEDGw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4KKCVqQxZbzGG57JtOUP0M-o0AbJntKxXM3x4t2IAcCNtwEQASAAYJWSroK0B4IBF2NhLXB1Yi03NDI0NjYyMDU0NzY3ODQ4yAEJqQJFXLiirsexPqgDAcgDAqoE1wFP0MM1OX8w9Px117MR15fA2y54Y7Nes4wDzZLn3Qu7CjkKa39-Ej6tOoIfIDdiVX16hX6uHnTe2yF89odTbARN8ZbqqFLfN7Lk3_OKfe-h_avxOwf9TWt6G3Bq2VdGTqQCFTR_j3YcdlxQ9mRzr4JqQwnm_mjs142iC5SVNV8xHYwpsqONjM1KcIccSHVA_REvjdYw3McV0Nlq7nIGmu_YrsoZ9QsQYiXvzZlPrjdLUCeGaWzFiYnF2th5s8ypPRmtvZvGEf8AzcdaSowUNNsyXr1OH0gfYoAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1L--r92rsDJWl0F2E2C2-skrz5Eg%26client%3Dca-pub-7424662054767848%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b39fdafd759050ef5d851bd6f584c4b376cd8b1a36ab173ab396fe5444ade3f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:11 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
11062
expires
Fri, 20 Oct 2023 13:14:47 GMT
img
imageproxy.eu.criteo.net/img/ Frame 9BAD 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1666607466%2F22194302-UI8UyvOQ.jpg&v=3&w=400&rid=4&s=9f4XFbh3cYmmLxmvdQhAyf1y&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTGkVgAG4zwGrSSeAAon0EFhl-wBpp-v3aQoRA&u=%7Ch2Cr%2FRrnfqNA397T7ueW1ti45ADfZGZ%2BPsQWKJQORXs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zsDj_AdT_XRm-gw4ApAJ6bK5jLqYF-isHLmauRz-AfeYAK_8pRbphREHTY4N3DEDJmtaikHttQPZi_p3lVS3vPIlJGHTPT0PjcF2GNcq29WriY4t2wz4mBG0-oYxi2e8ywjOkhVKHButq94n5bUADZy7vX6xj9-6jDLvVRoUnX2bAebGhtrq_sRj-n3vH8CpUisw0J4Qc9qtX4zHdzhUvuZuW6rQhGRiqp6fViKjGsaBORnyoOutOY_JrEp0ZzWjhMhVTz7KuzkCFVPUYF6WLLvaG9f68LpMv74pWS7JAu7Si9W79EdrVU09tKBewBhZa9O73lc9On7_g8oIeqFl2t7nW6y1AGjCDs2vDnObD0Z73Cq9wpCz6rzs8TsWCBXXTOMy1Mi51koFls5ZNYWrs0dYcriNGtlVu_9TeeX8mkV5SlSq6_CzQKpnQSLbJlRJQDfWn7P4eELT_PD7djmH5LuPKyMOgq_dki1J02csUIBGO_m7r6UeQeE4x18h0s1vDdEfs03pva9KZW3JJ1CNZMiXVZ69nKo2GzrVkf-e20eS08BZlBF16ZgB1CtcEaEDGw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4KKCVqQxZbzGG57JtOUP0M-o0AbJntKxXM3x4t2IAcCNtwEQASAAYJWSroK0B4IBF2NhLXB1Yi03NDI0NjYyMDU0NzY3ODQ4yAEJqQJFXLiirsexPqgDAcgDAqoE1wFP0MM1OX8w9Px117MR15fA2y54Y7Nes4wDzZLn3Qu7CjkKa39-Ej6tOoIfIDdiVX16hX6uHnTe2yF89odTbARN8ZbqqFLfN7Lk3_OKfe-h_avxOwf9TWt6G3Bq2VdGTqQCFTR_j3YcdlxQ9mRzr4JqQwnm_mjs142iC5SVNV8xHYwpsqONjM1KcIccSHVA_REvjdYw3McV0Nlq7nIGmu_YrsoZ9QsQYiXvzZlPrjdLUCeGaWzFiYnF2th5s8ypPRmtvZvGEf8AzcdaSowUNNsyXr1OH0gfYoAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1L--r92rsDJWl0F2E2C2-skrz5Eg%26client%3Dca-pub-7424662054767848%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ccde65510ff3b393d424c4a1815edd6736ae6d2f46ea8749769cfc5f35b0be45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
48668
expires
Fri, 20 Oct 2023 19:53:47 GMT
img
imageproxy.eu.criteo.net/img/ Frame 9BAD 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1674549595%2F23006217-tr5bdTVg.jpg&v=3&w=400&rid=4&s=vA-vHkyHIDW5wkUJa3qIF3Bt&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTGkVgAG4zwGrSSeAAon0EFhl-wBpp-v3aQoRA&u=%7Ch2Cr%2FRrnfqNA397T7ueW1ti45ADfZGZ%2BPsQWKJQORXs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zsDj_AdT_XRm-gw4ApAJ6bK5jLqYF-isHLmauRz-AfeYAK_8pRbphREHTY4N3DEDJmtaikHttQPZi_p3lVS3vPIlJGHTPT0PjcF2GNcq29WriY4t2wz4mBG0-oYxi2e8ywjOkhVKHButq94n5bUADZy7vX6xj9-6jDLvVRoUnX2bAebGhtrq_sRj-n3vH8CpUisw0J4Qc9qtX4zHdzhUvuZuW6rQhGRiqp6fViKjGsaBORnyoOutOY_JrEp0ZzWjhMhVTz7KuzkCFVPUYF6WLLvaG9f68LpMv74pWS7JAu7Si9W79EdrVU09tKBewBhZa9O73lc9On7_g8oIeqFl2t7nW6y1AGjCDs2vDnObD0Z73Cq9wpCz6rzs8TsWCBXXTOMy1Mi51koFls5ZNYWrs0dYcriNGtlVu_9TeeX8mkV5SlSq6_CzQKpnQSLbJlRJQDfWn7P4eELT_PD7djmH5LuPKyMOgq_dki1J02csUIBGO_m7r6UeQeE4x18h0s1vDdEfs03pva9KZW3JJ1CNZMiXVZ69nKo2GzrVkf-e20eS08BZlBF16ZgB1CtcEaEDGw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4KKCVqQxZbzGG57JtOUP0M-o0AbJntKxXM3x4t2IAcCNtwEQASAAYJWSroK0B4IBF2NhLXB1Yi03NDI0NjYyMDU0NzY3ODQ4yAEJqQJFXLiirsexPqgDAcgDAqoE1wFP0MM1OX8w9Px117MR15fA2y54Y7Nes4wDzZLn3Qu7CjkKa39-Ej6tOoIfIDdiVX16hX6uHnTe2yF89odTbARN8ZbqqFLfN7Lk3_OKfe-h_avxOwf9TWt6G3Bq2VdGTqQCFTR_j3YcdlxQ9mRzr4JqQwnm_mjs142iC5SVNV8xHYwpsqONjM1KcIccSHVA_REvjdYw3McV0Nlq7nIGmu_YrsoZ9QsQYiXvzZlPrjdLUCeGaWzFiYnF2th5s8ypPRmtvZvGEf8AzcdaSowUNNsyXr1OH0gfYoAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1L--r92rsDJWl0F2E2C2-skrz5Eg%26client%3Dca-pub-7424662054767848%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
bc2409b099a1d24957e622bec62fa51aa77ae315d139802064a40907dd14a475
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:11 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
41892
expires
Fri, 20 Oct 2023 16:59:24 GMT
all
csm.eu.criteo.net/ Frame 9BAD 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=gWKdZk4A_2_RT2MV4c5yegupmRARuiusI_ta40X0BQXvatr3uh9xA9ZZmbTt26sPBad5v3M-vAtXQF_uYRCpD4MVsMxCP1DDiweNllJuoMo1exJmU2RV2ZYWJeDhafQF1ncdY-2s_eBou9KNAGvQmUiQzfbhqq5FFntoHzS_vkDh42Lsso8z51U8Xc-2jlS9GgpOw4lc2jCOSxqwexf7PamZdaSPjGDNWRTjA7VjdKo9xaS4BsmhiwgK_OU&sds=2&rev=88955&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTGkVgAG4zwGrSSeAAon0EFhl-wBpp-v3aQoRA&u=%7Ch2Cr%2FRrnfqNA397T7ueW1ti45ADfZGZ%2BPsQWKJQORXs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zsDj_AdT_XRm-gw4ApAJ6bK5jLqYF-isHLmauRz-AfeYAK_8pRbphREHTY4N3DEDJmtaikHttQPZi_p3lVS3vPIlJGHTPT0PjcF2GNcq29WriY4t2wz4mBG0-oYxi2e8ywjOkhVKHButq94n5bUADZy7vX6xj9-6jDLvVRoUnX2bAebGhtrq_sRj-n3vH8CpUisw0J4Qc9qtX4zHdzhUvuZuW6rQhGRiqp6fViKjGsaBORnyoOutOY_JrEp0ZzWjhMhVTz7KuzkCFVPUYF6WLLvaG9f68LpMv74pWS7JAu7Si9W79EdrVU09tKBewBhZa9O73lc9On7_g8oIeqFl2t7nW6y1AGjCDs2vDnObD0Z73Cq9wpCz6rzs8TsWCBXXTOMy1Mi51koFls5ZNYWrs0dYcriNGtlVu_9TeeX8mkV5SlSq6_CzQKpnQSLbJlRJQDfWn7P4eELT_PD7djmH5LuPKyMOgq_dki1J02csUIBGO_m7r6UeQeE4x18h0s1vDdEfs03pva9KZW3JJ1CNZMiXVZ69nKo2GzrVkf-e20eS08BZlBF16ZgB1CtcEaEDGw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4KKCVqQxZbzGG57JtOUP0M-o0AbJntKxXM3x4t2IAcCNtwEQASAAYJWSroK0B4IBF2NhLXB1Yi03NDI0NjYyMDU0NzY3ODQ4yAEJqQJFXLiirsexPqgDAcgDAqoE1wFP0MM1OX8w9Px117MR15fA2y54Y7Nes4wDzZLn3Qu7CjkKa39-Ej6tOoIfIDdiVX16hX6uHnTe2yF89odTbARN8ZbqqFLfN7Lk3_OKfe-h_avxOwf9TWt6G3Bq2VdGTqQCFTR_j3YcdlxQ9mRzr4JqQwnm_mjs142iC5SVNV8xHYwpsqONjM1KcIccSHVA_REvjdYw3McV0Nlq7nIGmu_YrsoZ9QsQYiXvzZlPrjdLUCeGaWzFiYnF2th5s8ypPRmtvZvGEf8AzcdaSowUNNsyXr1OH0gfYoAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1L--r92rsDJWl0F2E2C2-skrz5Eg%26client%3Dca-pub-7424662054767848%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 19 Oct 2023 21:49:10 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9BAD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTGkVgAG4zwGrSSeAAon0EFhl-wBpp-v3aQoRA&u=%7Ch2Cr%2FRrnfqNA397T7ueW1ti45ADfZGZ%2BPsQWKJQORXs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zsDj_AdT_XRm-gw4ApAJ6bK5jLqYF-isHLmauRz-AfeYAK_8pRbphREHTY4N3DEDJmtaikHttQPZi_p3lVS3vPIlJGHTPT0PjcF2GNcq29WriY4t2wz4mBG0-oYxi2e8ywjOkhVKHButq94n5bUADZy7vX6xj9-6jDLvVRoUnX2bAebGhtrq_sRj-n3vH8CpUisw0J4Qc9qtX4zHdzhUvuZuW6rQhGRiqp6fViKjGsaBORnyoOutOY_JrEp0ZzWjhMhVTz7KuzkCFVPUYF6WLLvaG9f68LpMv74pWS7JAu7Si9W79EdrVU09tKBewBhZa9O73lc9On7_g8oIeqFl2t7nW6y1AGjCDs2vDnObD0Z73Cq9wpCz6rzs8TsWCBXXTOMy1Mi51koFls5ZNYWrs0dYcriNGtlVu_9TeeX8mkV5SlSq6_CzQKpnQSLbJlRJQDfWn7P4eELT_PD7djmH5LuPKyMOgq_dki1J02csUIBGO_m7r6UeQeE4x18h0s1vDdEfs03pva9KZW3JJ1CNZMiXVZ69nKo2GzrVkf-e20eS08BZlBF16ZgB1CtcEaEDGw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4KKCVqQxZbzGG57JtOUP0M-o0AbJntKxXM3x4t2IAcCNtwEQASAAYJWSroK0B4IBF2NhLXB1Yi03NDI0NjYyMDU0NzY3ODQ4yAEJqQJFXLiirsexPqgDAcgDAqoE1wFP0MM1OX8w9Px117MR15fA2y54Y7Nes4wDzZLn3Qu7CjkKa39-Ej6tOoIfIDdiVX16hX6uHnTe2yF89odTbARN8ZbqqFLfN7Lk3_OKfe-h_avxOwf9TWt6G3Bq2VdGTqQCFTR_j3YcdlxQ9mRzr4JqQwnm_mjs142iC5SVNV8xHYwpsqONjM1KcIccSHVA_REvjdYw3McV0Nlq7nIGmu_YrsoZ9QsQYiXvzZlPrjdLUCeGaWzFiYnF2th5s8ypPRmtvZvGEf8AzcdaSowUNNsyXr1OH0gfYoAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1L--r92rsDJWl0F2E2C2-skrz5Eg%26client%3Dca-pub-7424662054767848%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 13 Oct 2024 21:49:11 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 9BAD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTGkVgAG4zwGrSSeAAon0EFhl-wBpp-v3aQoRA&u=%7Ch2Cr%2FRrnfqNA397T7ueW1ti45ADfZGZ%2BPsQWKJQORXs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zsDj_AdT_XRm-gw4ApAJ6bK5jLqYF-isHLmauRz-AfeYAK_8pRbphREHTY4N3DEDJmtaikHttQPZi_p3lVS3vPIlJGHTPT0PjcF2GNcq29WriY4t2wz4mBG0-oYxi2e8ywjOkhVKHButq94n5bUADZy7vX6xj9-6jDLvVRoUnX2bAebGhtrq_sRj-n3vH8CpUisw0J4Qc9qtX4zHdzhUvuZuW6rQhGRiqp6fViKjGsaBORnyoOutOY_JrEp0ZzWjhMhVTz7KuzkCFVPUYF6WLLvaG9f68LpMv74pWS7JAu7Si9W79EdrVU09tKBewBhZa9O73lc9On7_g8oIeqFl2t7nW6y1AGjCDs2vDnObD0Z73Cq9wpCz6rzs8TsWCBXXTOMy1Mi51koFls5ZNYWrs0dYcriNGtlVu_9TeeX8mkV5SlSq6_CzQKpnQSLbJlRJQDfWn7P4eELT_PD7djmH5LuPKyMOgq_dki1J02csUIBGO_m7r6UeQeE4x18h0s1vDdEfs03pva9KZW3JJ1CNZMiXVZ69nKo2GzrVkf-e20eS08BZlBF16ZgB1CtcEaEDGw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4KKCVqQxZbzGG57JtOUP0M-o0AbJntKxXM3x4t2IAcCNtwEQASAAYJWSroK0B4IBF2NhLXB1Yi03NDI0NjYyMDU0NzY3ODQ4yAEJqQJFXLiirsexPqgDAcgDAqoE1wFP0MM1OX8w9Px117MR15fA2y54Y7Nes4wDzZLn3Qu7CjkKa39-Ej6tOoIfIDdiVX16hX6uHnTe2yF89odTbARN8ZbqqFLfN7Lk3_OKfe-h_avxOwf9TWt6G3Bq2VdGTqQCFTR_j3YcdlxQ9mRzr4JqQwnm_mjs142iC5SVNV8xHYwpsqONjM1KcIccSHVA_REvjdYw3McV0Nlq7nIGmu_YrsoZ9QsQYiXvzZlPrjdLUCeGaWzFiYnF2th5s8ypPRmtvZvGEf8AzcdaSowUNNsyXr1OH0gfYoAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1L--r92rsDJWl0F2E2C2-skrz5Eg%26client%3Dca-pub-7424662054767848%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 13 Oct 2024 21:49:11 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 45A8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvCZ9un_TgtzODD42OQ-elDvuaRwFYC_IVHG7ONsSznb10jvr0IP9tHcdAf91ouNo9R7hXFZYQDU4BV2w_etGDPu3a1ehcg1F7z2EwdrnnSEUUfu41Rdv1bQstCiqGing0sP6TBo-92M4RX9v_q64NL7sFC6z8VAYusVgTu0cs5aer9lh2X3sGNg1B9llMSnd8TObgL1_TS3H4sxt7KW1NTsIdxsRNdkvSIDKKXLVuUaDsVZo-d9FXVIUZO__JnmRb4pUOjZXfyYuYdHyFTAMbBKbmJeJf73oehsdL1SS_QXa1bAQNxCyrhC8W7KS6MkQ0spmNEv0esYwIVIiXEOYFMixgagGvL3aD34P-l-ftsZu6IWUDvT1IpUGfa6Qavs1YBjOPdTPAiNYPDlAUSJcerHor-o8SVf0DwDD9R3GD1Z0PNQVgmu7MV7lFQtrk8PxAs6ZuLVyZoNSV0y3KnclkXIHNKNdPnv22y_79-mCpBbWei44gDMZyQDf2v-T35oY7lkFg2VGHjncybVnI49vYaTvqFBXaCdjby2mpChfEVeCMuzSvXnaihCZnaoeC8fbsvpLYsyQoBE5WzTD61CQcTERfa3seJw8OJJPfxIJ9x9iwDAVbf5ahN0poTtb734BhNAHAws3ZuBvv7LMl0KpPd1ODufr6NDx3hlp-RqBtj0CfvoXyA2EsJO9mU1RgFGBPsUe7bY1Gr2spTZOm5mHF2w-1cFSQCCOEHGfZASpZvT4VwzL3-l2z3BvNU9L4NYiaZO9WyMy_Q-Br0TKltq_02SucniBudfBXzLuZHlM_glB66Y8z3ulWJ_VY9klcd2COEXtIJNfM2xuZkMCTDM-fgryO6LnZlepldBSp6DEC6Ht-6zVmYquCrEcAwVO13xQebczpnojf1Ix7_Ah0xsd-HKPcwC8MYX5wkMp18cuvASKQxc9nPwQyxjKI_8LZPLnI_RIQbUCqVMAZZTWjpGh8ubThIk4pa-MqfhVd0EY1tjZqQ9Tf3TybGf13wsIETBG4q3E5wD93rBJmlTI4ZGfms1zgKCOQL0MH_8uOWg97Uq__BVu1K4qYx88ZYcURS5Qwla2lY-Mtsl1U7_vFiHkDAoB8EzKpn4bxggWtdVDrxzbx-cV6UxUnZNzipk30cg2FXHj6Za38hBR0-iVzyCdKSiCuIAGpU6IhdquK254cU5AvVG_ESpaQyOzCe4O6d7ZRpiauqeOBNTEEEBdwm_Qn5GBtvCkCg-LzXkpdopDnJeDcMMOo-orU7-5GrN-xkiGjmBNTN7QYcESzvbP_03U0I0MTYeBiKnUaf4N4bcns&sai=AMfl-YTlPa15bWGeDYkdgSC7jbHOp6r9eJox14f49Xk8nlYj8NUIaYMwnipm37A6OiFxuiMoZBxii4U9KOf0IB9pP5KdXZJL0jonyEOzT-Z3DGPbWDaJzZJIaTUYL-GU3943mkFsAp6YLym-bLGQPzneeRlo46WYysxw2lCA161mEqsUgbbsgAoRnvQypOgrr8EWQ6nfBPqWFie7jBc8KfgMyMf1oPwdtMSdkZrysNYLKuvDVB6ODjyrC6s2cZ1OZD0jpON3uPhSGnK1KTSuqF1Jnl9RDzrnug4ZOOq31iChlgkkDMmlf9_309G3u44v2yBQ-dbyg-C8xwg952eonlzmH048HrnjyOtpN1Tu7RpkuFFTJCyZX0hqUr4fY7hCvsGpNxcreqHQuZ8RNQyoQjFag9-d6zlVmdfACf1MOX2tdOWQDX7TAkLlu0FJAnqEvrFelCKlXyKKxqMMYeq4Ipm-GSB1AyTRDNYw6_WQBja_&sig=Cg0ArKJSzM-IugQNaM2qEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=123&vt=11&dtpt=122&dett=2&cstd=0&cisv=r20231017.12718&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: 4tololo.ru
URL: https://4tololo.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:49:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 45A8 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c483cac92987f6d3fce804c592dc9b1f8312982e28df3f714edd8dcd0fe13bea

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CFB5 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
27650
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 14:08:21 GMT
expires
Fri, 18 Oct 2024 14:08:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js
pagead2.googlesyndication.com/bg/ Frame CFB5 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cefb4359419828caa397712613224f4fd3d9f67a9a44b81b8c87296ba5ba81ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:21:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
106033
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14821
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 16:21:58 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231011&jk=2042773842920898&bg=!6uml6abNAAbFpEfJ5aQ7ADQBe5WfOBOsRh3jF1gfjawv25VsFVLefPglbDYJCPlYOk3uEakjxK6bPurceJcL8041mXA-AgAAAFpSAAAAC2gBB5kC7L_9qE1GNJicgEd2RB6OClrnYx4rmc_B-IFcyp2SQizz8Tg_RluLLcH7ohD65IiBMzbrvmXtAaWgx8A9uvFd3M5KcSRI3Wdf87Qse1PDpfbWH3On4dF2F4beVh1pF_cPWQCkUg1dNfoIHqRPa5_LPstsUfv4haS0OgmMbQZUGPyD3KfPIPay4rD9anUFeS2NosoUhwHFH-7Be8GZgmrXZQ5iHNo47AlPz7I58sUN7cxtGHPWITmKO-isme4AGROTgFfqUEAeEfzC2EoX3dcUd3_vG1gqDi6WSTfyrjwiB9nhjPHzjxJjIzi3GskdQn1gik9yRkZMe2oLz2qErI7XVc3sciYNRxtggEn7OMPosRNQFdSX-mAxTIVGZ2bfW-bM8kOw2ZeQH3W0fdUfBtumVjfGekV6IlNUkUfVseEkB0GScQ-drN9LoUofpc9plDZMU1UE_9WeXG2TC4NJiujFBrF-oTCQ_h0-Vgs95vVDF3TVh-oUEoh6DQhpQ4z9n3MUlUh-TvH6Kp5nd4FAYAvTGjAu5Kfd9JnVHQ7ldvKiQyYL9ntxggblcBz1VOQpH1PnXhYpIap1tUfOkh2h783FaIfw93Jm2BQdpgsy9URA5X7mNeHlMdyJIM-ETabHfJy_1LZ_Ee565UyGoZwGKsCWBMRxtJSPV5eaV2RYeFko4ZRCxc_jNCXFjiyaFEgziV52Ju7QWPS9V9I-3cnQU8sLhehqpRQfs0-mtojzMmkPrBSM9A-wFAdDSfuVZ72HkIc7wwzmbbrnqR3MNjjudxw1ovJHA4LyeagKEgev46P4_xfiSqy6P7-C6pmxpVf7jueHI1XXb419423yZRZdRLiNA-W-p0UnRfV_QA5Ws4bf32aqh7SHLRzjzU_bHxJ8GU7DtlAkAVj60Nm_n8iQHa9YhNutFXiy0Zhz1lSqirD4uRzRHMjZl0k_baBL69HgVcdhUYGi2F14bxa3qur1TCpsdynrJwbZSl9c4oG5zpY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4tololo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame CFB5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BpTIjVqQxZam3GofetOUPip-7kAIAAAAAOAHgBAI&bg=!d3SldDvNAAZy-tsgUvo7ADQBe5WfOE22QlDChsP7nLGAb1QQJTGiXPBswDaDAhoaxN39Du4Nx9ddHCmq1FKbXZJZ95UMAgAAAEBSAAAAB2gBBwoAUe-Az6OV6C5EL8NQKuo_pRzpfePYuA3q5UdT8cq22WRyV7k0JxmU-2wCzFGF_JnkdD7UhC2jyQvPEOxqQvy9OQcwsTLGdWPHuWf9vwlx-fMNRJkDPcIHmCdEJSESVJDh0dAmSgVPpm13dwLhYkQCHYFJg7mz3sdHcQN1BSyD1WL3M8SEnznkykSkMf_MGC6kl7zMNYBLLIOsLquUTFXO95oryjr8xxaIc3AO9NM4hJR3bUALplLTruErrmm2n3iLK_HyMFVNdPmHSYN_9rWYuTqwdeZLMxlFpnaWgcLFWfChfCUjIxeREAXwnoVUSOFhagUF93gY2OtkMsTJGIfQzqjEV2iuxDbulD4yvK7NN45p3RmX7Ih8i026RfdN2scZdp05K11cy2PqrF8hcGq6hk1onbWKfS9jFymFZEww7h3PeDwPSOP3R_E7zcwaOGqpITMs3KiZKRCKmURs6rcK03kZ3d_NdnblCxQ1Zr9FUKrtoAAUOStydsPDWuxbGyrggTOQc_CkJ4k3Zs94XQWm-ZXcwMK-k5ntmaFYtA29O6_mPdzHAzCkgP_CCiJTfhj69JimjZv2m4jjzaBJyQYDb5rGGNFbZB6KR576W3Eqlyxw2g2WAOnZ1op9jwYZ6oxfut0MvUY5X6LB4QPs0LES8bX747IKEty_ROOxSfueHR12fuJa4ahMQCIjrRVhwStUNAfALvWsdQDIXGEj-Ft3Q5nZE5xBxWST_m1Fq4ps7e6Q3iEEvS9hVxVm6MJJACP_SImkrozDEmkRFc6v9mebilZnfNXePls_KJGfHZ58iPVPczFirJdRduqAzpxSEEDDX37wuV1B6hJIj4m2DaWuviBHHAlaZAhP4ZqqJ_QuQn6PSMC8VCClBQeSMaKyNCUSFUc0O8e8vvsAss1edTw2yFv7OTTu0e4KFpklgOMNYOstkowWSlK8RqwxrhFVYXEKqSCVlLs1y7oxRO4QyYVwp2dFeWMA4yR4r2URFmTiHI0K7KAvCRjgJX6uSNhEN5SHQxZ4WTOjKtUZ2gz9gkTj0Ep7Z1ZOmKec8B3IpAfvofebLQ14tUDGDK_Z_1V4877v49oSrbSSaYIWzb9j8On7zL5DqWQ2hss7ddh6me5jPKTpRW882MZ-VkRLUFGDR1E5elySSuwB8fzrsx1RLIY6e9xs6ptz_zqyDCGW1x1ddsYDlyDUveAceHgYEU4aJk-KFLY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 21:49:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5E13 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHjQ7KCqmOPvMtqxirnOnXbxIGUuvzd4e-U9RIyc8a0femj1H2nINLgtVMHw2yT_p7Sa9q17pgc1v9VYIRxI2Fj-a844S45ZBpMNOaulX2ZuTr0W9nkU6pzmlFrKcRlKn3OVlCGEC43XoG&sai=AMfl-YTcHe9NZpr6aaeQBTfYgiWah-KPIJqoU1W56tdQosKKF_rOZ7uX4NFumaZWdkEvcGOB0T07UpH36K9f12mV_gnUYFvhQI7IFy0C1B2tA7B9bgUZe568jbXQrDqTlqT2p1xXhCwK60P5klu2Vw&sig=Cg0ArKJSzPib2z_-CkK6EAE&cid=CAQSTADICaaNiStMQNKjwSEmlmbQOaOs8jYTQfPu8h3S7e8HH4de_ULQqSuGpKU8VD4OwIPK4ASqnmGEASqHNltmw_EKV--1kABXQx7F18MYAQ&id=lidar2&mcvt=1000&p=0,0,280,1170&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20231018&bin=7&avms=nio&bs=0,0&mc=0.55&if=1&vu=1&app=0&itpl=22&adk=1225749&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697752150355&rpt=539&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 21:49:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 45A8 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvgX3vUWb98f053peFzxEkn7ZFeh95eZ-ARjfbCqZA5gtwqq8wOky1WzylQ7LSvECcq2xQlIMNmsx1YI9AuPGA7zXqXPPkxNP6zR-AHtMWzBAkpAczfL_YdcH6Q7F-heI7Tl4hYvybKGT0J&sai=AMfl-YQ44ghzH5u7dqigJnO1v7R9Y42-3VaCDgQ20869aAs_YOc1LNn_fdq-ZDcxhRHrSv8UsIU9lo1N6Tmu9mB4om800y6_kH_xRTrPzESd28ggOrY1Vh3YwLaGDZB29vgGYSh6fo28p4zjSjGh&sig=Cg0ArKJSzHYgM-J3uCr-EAE&cid=CAQSSwDICaaN6Y2Osuw9aLVtZMdZjYSL87YIOPGthBFJgdD0xzaDmFfAz4cXnxlu3YevRvtVn1xFSZ-gnslY2KSk-ZY8EYcb5TQMkJ1TqRgB&id=lidar2&mcvt=1000&p=0,0,250,250&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231018&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2108178227&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697752150898&rpt=261&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 21:49:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| _tmr function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| once function| _toConsumableArray function| _nonIterableSpread function| _unsupportedIterableToArray function| _iterableToArray function| _arrayWithoutHoles function| _arrayLikeToArray undefined| $ function| jQuery object| drupalSettings object| drupalTranslations object| Drupal object| tabbable function| Mmenu function| ScrollProgress object| lazySizesConfig object| adsbygoogle object| lazySizes object| Ya object| yaCounter12884488 object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| cnc object| pcode_892191_default_bGxagIPD2K object| __activeTestIds object| __vasActiveTestIds object| __pcodeAllActiveTestIds number| pr function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| ya object| yaads object| GoogleGcLKhOms boolean| yandex_context_perf_logging object| $sf object| yaSafeFrameAsyncCallbacks object| googletag object| google_image_requests

34 Cookies

Domain/Path Name / Value
.4tololo.ru/ Name: _ga
Value: GA1.2.1201430437.1697752149
.4tololo.ru/ Name: _gid
Value: GA1.2.1299665407.1697752149
.4tololo.ru/ Name: _gat_gtag_UA_29554680_1
Value: 1
.4tololo.ru/ Name: tmr_lvid
Value: aef5ca2c964b4688020a2f95ef862e71
.4tololo.ru/ Name: tmr_lvidTS
Value: 1697752149109
.4tololo.ru/ Name: _ym_uid
Value: 1697752149228820523
.4tololo.ru/ Name: _ym_d
Value: 1697752149
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 302108189fake
.yandex.com/ Name: i
Value: X/5U0LjAXzuQxoazwPQXF5a1jqNrvGy1bCuS1y107ZdUrGJMLWCzZ4DF0oGQH6uMVW3p2HBbICMq3ZXDqfsy1hXJO+Q=
.yandex.com/ Name: yandexuid
Value: 455548891697752149
.4tololo.ru/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 2015583350fake
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.ru/ Name: yandexuid
Value: 455548891697752149
.yandex.ru/ Name: yuidss
Value: 455548891697752149
.yandex.ru/ Name: i
Value: X/5U0LjAXzuQxoazwPQXF5a1jqNrvGy1bCuS1y107ZdUrGJMLWCzZ4DF0oGQH6uMVW3p2HBbICMq3ZXDqfsy1hXJO+Q=
.yandex.ru/ Name: yp
Value: 1697838549.yu.6858830441697752149
.yandex.ru/ Name: ymex
Value: 1700344149.oyu.6858830441697752149
.mail.ru/ Name: VID
Value: 2uaREf1OBr2K00000y1uT4YK:::0-0-0-a4bfd14-0:CAASEGTOog8xbJRuXXcVd_HF3SwaYDE6QFE_zxE5bQtBBV5OQZzxzctR5seF0cUTIukzIlWCEAfQ7UAqBlq1jDLtQnE64d7w8_8wCG8V_TYesuqzFMx_2aucQX4-isgXSu0fyW6_qJeMncms6w630XmFKrx88g
mc.yandex.com/ Name: yabs-sid
Value: 1537196471697752149
.yandex.com/ Name: yuidss
Value: 455548891697752149
.yandex.com/ Name: ymex
Value: 1729288149.yrts.1697752149
.yandex.com/ Name: bh
Value: KgI/MA==
.4tololo.ru/ Name: _ym_visorc
Value: w
.4tololo.ru/ Name: __gads
Value: ID=c2734f627eef4b4c:T=1697752150:RT=1697752150:S=ALNI_MaIOJUe2HUAORPPKhLjnFsZ6IqNPg
.4tololo.ru/ Name: __gpi
Value: UID=00000c9cb7222443:T=1697752150:RT=1697752150:S=ALNI_MZYLIBd8iVdWuBulG1eQ9axvawsAQ
.casalemedia.com/ Name: CMID
Value: ZTGkVtspgs0ybRcmn9XX0QAA
.casalemedia.com/ Name: CMPS
Value: 1206
.casalemedia.com/ Name: CMPRO
Value: 1206
.adnxs.com/ Name: uuid2
Value: 3451683101512118873
.doubleclick.net/ Name: IDE
Value: AHWqTUnC1Ij7E_GJKEP4or28qrW8cNIq0mNcG5OLmmkzVaqjlyFCS41EZFRbnFRtTig
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GU(DiipP!@wnfH8K6pQK`!5=E<*L5>xj'2bhb#4lajW[4dQ84i3)z]6kNN??m?0Dp97]*bpRz*qF1`*b]jJ)gl[N
.googleadservices.com/ Name: ar_debug
Value: 1
4tololo.ru/ Name: tmr_detect
Value: 0%7C1697752151491

3 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://bs.yandex.ru/informer/12884488/3_1_FFFFFFFF_EFEFEFFF_0_pageviews
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7424662054767848&output=html&h=380&slotname=1654143314&adk=2108178227&adf=2953393628&pi=t.ma~as.1654143314&w=282&lmt=1697725531&rafmt=12&format=282x380&url=https%3A%2F%2F4tololo.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697752150242&bpp=1&bdt=1498&idt=117&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=282x380%2C1170x280&correlator=8540510458808&frm=20&pv=1&ga_vid=1201430437.1697752149&ga_sid=1697752150&ga_hid=30019862&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=807&ady=1735&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805680%2C44805918%2C31078297&oid=2&pvsid=2042773842920898&tmod=468800969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JjVH5NzWaW&p=https%3A//4tololo.ru&dtd=121
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=7200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN ALLOW
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4tololo.ru
ads.eu.criteo.com
an.yandex.ru
bs.yandex.ru
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
csm.eu.criteo.net
dsum-sec.casalemedia.com
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imageproxy.eu.criteo.net
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
rtb.nl3.eu.criteo.com
s0.2mdn.net
static.criteo.net
top-fwz1.mail.ru
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
yastatic.net
104.18.26.193
142.250.184.226
178.250.1.6
185.89.210.20
216.58.206.34
216.58.212.162
2606:4700::6811:180e
2a00:1450:4001:808::2006
2a00:1450:4001:80b::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::200e
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2004
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8::90
89.248.192.249
95.163.52.67
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
018db845ee4d3f511188dd6d06020e112a456d43372fa838eb95493f431e95fd
019c6fe6538b30be914f190a9c5b376e4cc530d6ab0617ed3a65c0fb2d25adf1
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e1c16d3cae2100df54387b68b7b46631255e3cdcf29a4ac1deaa3a20fa292cf
0e436af44842c7ba8fbdd49705376e0993ec53ab9cdf8607752b79803f379033
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
11ecb3cae0694606919341ed14d1d1532fd4e76febb0c68b1208de6b31be218b
127309f8ddb62d43fb00072df114a3a8d571dc696837cf0a497b530bc46af50d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12b436c4c168ad503c940012629f3e086d46cd6e133c008ab225d8b4106573fa
134646d03c6f0a7a2f36e62430dfe285608ec209c43890bbeddfecb9e2c3f6c0
17c3a82d150fe7c421ab91aed77e05c31fab8202666c8a7c61b942484b673084
19c7f2d67ca62d27bde1b4233524e1dd5949774be7a5af671de8b556b1944da5
1a95a608ba33508a860440a08c70c6c4065ce79f0199c3c07ff218004ea4cf03
1d155a02467f118cf934a79fd22f70794ad15c49fefa23dfefe1f00e2a0648a2
2314aefe8cadb9bce4f1c7f72f3c7c1751ad09796e1208e90be216cc3ca3219f
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
3028c6d05b5c57845302147d5ca4711cf60a30007e1aeaf298e860898a15fd2f
30f77a5ff0bcba46d4e760b0c939a5ff112da0d3ddd13a261834134e00cc21c7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
323e97a21aadcf01347deb4b73abb6ad9adc23ec3f9306555d804ff8b5a65c55
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
34bb46634d07ac579411823eb39fac1376b012257460066a98b95075d086ccdd
35ee55d2cf2beec9327c27b2077694f8733157e8689b7ae6b4fdafc002a0099c
36fcff274a1eb1736e5091e8b63be085d92fb6afcef9ce842dc19f10a7a34b27
3e4d3b31a603c0a84e9241aec4f03e9e2460a041b6d4f5c1c2b6f815756bb106
40af400e8c91f02188ba45f50e2fcfe9e0551221d23bf002f8ad1ee7c8cae18f
412d897fb78ee670014a69bcd21786ba7aef0ab99fdfb4c57ca481111bddff6c
436d27a5169c77439197b79ba02c8a727d1d43a9b30e222a9aa4afab80575502
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e222284f01efb7647313f19306b06298d1822a1e71d3ae581e28a02c8723b90
4e7f945c76f434707d0212ff9556708131f51d1fd7493adbff06115e9a59fc82
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
588de651d2498f6a5b694293426a4a3c9ee3ccecae5a1cb58dfa4db2c333eae1
5effd3d9258b84852d460e5767401978535a4cbaea3c4484130aa0983e25ec19
5f62cb4535513612d81e1e228ad86ad8af4d1265584df0d03aaef0821e00ddf5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a52978302611c8fcf9de986db6a414213c23d998b80b62ffa3b3768cfe6a20a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e61be2f374a0122510025578940baf7ef8dbbcaf3ecc5f5535cfc81bd1cfd39
6f5700c81c700b92dcb54d32a8dcd13de7ed6297bb7af15824c9e38b59122950
71a0d18d95b49ffe6ceca17fc64859a9c94358f7d81659e0b3b5bf237cdbfc96
722c1e8d4bf851ae06a1447bd4cdec3deb3a52a0b7beda3a3d76f4330c921840
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7515bf959b73b956ceb967351c7e299cbb3668a53d35f9c770eb72e00d93ced6
7f5a18e2a7f0e1e9f1d6107e4c6b16b319a0460a9ae37579749d91044436dedd
805ca6df446fc74390ed22fe6b14a8ea44b2472c72d41e6c7bd499eeaced42c5
8664ed1f9a4b2900634814089972a92251b87713df3796db5ad73ce5b45d93c5
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
8872bcc5eb4d39eebe08dbe05647363b8bb3519789e2eeac5990a53fb97c605f
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
95211153599c70da791ef1bdc5c946c6c8cec2dbd9994e3ae8520d6cd1ee158a
983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f
9a92ab85a5389edffe566db510012c49d50af57b003656ed947a6f9e6f1353eb
9b9e97b7b496481f27c9ba78ff383bd8d6d8c5aa1e6cef318712a3df179a4808
9d59193f983cef22739b510a95f91d98b5fa3c308de52d24eb0ff3f57418d63c
9e5be4246d8ea296e833f91202baf97ed113e87d4a055f907e6c4019db2a1778
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a27d3d374379be8a16b7f67de1a1029c675a4af71dab1ce5b1a6f07eefc6d1fd
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a71193943da4f3877526c6f868c74c829bff69efae4a45b82b51eed31916dc74
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ac205741324af58a4c727305a428a3481b7d83448dc423f0485f7dfad4fca2c8
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ae88fc0d7a961832f809527d30bd3983a6866d42f66a56ade23f543681594db6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b39fdafd759050ef5d851bd6f584c4b376cd8b1a36ab173ab396fe5444ade3f9
b89d9ae9b3168e0f275ae93a9e6ba9eaae0c4a106a88246f6fcd10844a99824c
bc2409b099a1d24957e622bec62fa51aa77ae315d139802064a40907dd14a475
c00572e5b8ab0753b737003123d461a5491da326c68b44fc503a86efe6711149
c19512985ab2852f2e78c8d1b59a136d2e68df855c4acb2ef97e32aef33b5b27
c2369c162a49b53d572cf8f0edc988850f85f899b4da27489465dac8fb5108bb
c483cac92987f6d3fce804c592dc9b1f8312982e28df3f714edd8dcd0fe13bea
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
c52d57bb84c6b9a6d59e8a45add531f3524940e5cddf2251055ed2bf12935e92
c75548a34018774de06a82fc11628242bf0abb2ca3f350f7220bf4c0b82faef0
c856015b720b5a9ae6a6c9cd3ec4fce3811dbda6f2a94040e0be40f0d86794be
ccde65510ff3b393d424c4a1815edd6736ae6d2f46ea8749769cfc5f35b0be45
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
ceec41468f0cc73c37dcb60899bc324965bd9bedb9bab20685507c21b6262d67
cefb4359419828caa397712613224f4fd3d9f67a9a44b81b8c87296ba5ba81ae
cfb9ab1e326d1a30bb341a4d74db9b750c6c4aebb6304ad1264b1761c6b280d1
d0ff679aa9afa786356beec82df6b4ce3c643eb4eabe8c5b2bbd39d68e08c9d8
d59614b4f04a4a8ad293aab74677751e8c80bfa8b0c2c31db485975fcf09f7ff
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
d9496355ec345a1d220893aede0340e4ff1b21bf49212dbb25e2f5e258481d48
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8784cf600efa5162eecb46132810cb58c14dab82fd4bfdfcfca7d0c7d7feea9
e9b75cd6ed8e19ac702fa5b7a5299179f82d9dfe25eced5cd9f70936309229a0
ee9ee08d78a0c74c94ecca87475dfeafe7ca418a17e01a36e98736d2868b80fe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01f4fb3a8f91924b332671acf08a07f2db047848cbb5a219d7f9aadddcc39cc
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a
f8dc10c73db676e263f15ff8bd2ae9d992bd76126e6a7241442b14a262b124b1
fc88593dfd65838e75a1ff2ce09649f34e8b5f0d6182fb1cf7d38422e53c5886