urlscan.io logo urlscan.io
SecurityTrails logo

dodo24.site Open in urlscan Pro
2a03:6f00:6:1::b972:f736  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://dodo24.site/
Effective URL: https://dodo24.site/
Submission: On July 20 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 4 countries across 19 domains to perform 100 HTTP transactions. The main IP is 2a03:6f00:6:1::b972:f736, located in Russian Federation and belongs to TIMEWEB-AS, RU. The main domain is dodo24.site.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 19th 2021. Valid for: a year.
This is the only time dodo24.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.114.247.54 9123 (TIMEWEB-AS)
3 2a03:6f00:6:1... 9123 (TIMEWEB-AS)
9 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2620:1ec:46::42 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 84.252.130.113 200350 (YANDEXCLOUD)
4 2a00:1450:400... 15169 (GOOGLE)
10 87.240.190.72 47541 (VKONTAKTE...)
5 142.250.186.34 15169 (GOOGLE)
6 2a03:2880:f01... 32934 (FACEBOOK)
2 6 216.58.212.166 15169 (GOOGLE)
1 3 142.250.186.70 15169 (GOOGLE)
3 9 2a02:6b8::1:119 13238 (YANDEX)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
5 217.69.133.145 47764 (MAILRU-AS...)
3 185.151.242.16 49505 (SELECTEL)
7 2.16.186.160 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 7 2a00:1450:400... 15169 (GOOGLE)
3 6 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
10 2a03:2880:f11... 32934 (FACEBOOK)
100 26
1    185.114.247.54 (St Petersburg, Russian Federation)

ASN9123 (TIMEWEB-AS, RU)
PTR: vh382.timeweb.ru
dodo24.site
3    2a03:6f00:6:1::b972:f736 (Russian Federation)

ASN9123 (TIMEWEB-AS, RU)
dodo24.site
9    2a02:26f0:6c00::210:ba28 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
dodopizza-a.akamaihd.net
1    2620:1ec:46::42 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
eventstream.dodopizza.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    84.252.130.113 (Russian Federation)

ASN200350 (YANDEXCLOUD, RU)
api.mindbox.ru
4    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
10    87.240.190.72 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv72-190-240-87.vk.com
vk.com
5    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
www.googleadservices.com
6    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
6    216.58.212.166 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f166.1e100.net
9750456.fls.doubleclick.net
10580686.fls.doubleclick.net
3    142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
10380332.fls.doubleclick.net
9    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
3    2606:4700:20::681a:16d (United States)

ASN13335 (CLOUDFLARENET, US)
www.artfut.com
5    217.69.133.145 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru
top-fwz1.mail.ru
3    185.151.242.16 (Russian Federation)

ASN49505 (SELECTEL, RU)
static.popmechanic.ru
7    2.16.186.160 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-160.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
7    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
5    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
10    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
10 www.facebook.com connect.facebook.net
10 vk.com www.googletagmanager.com
dodo24.site
vk.com
9 dodopizza-a.akamaihd.net dodo24.site
dodopizza-a.akamaihd.net
8 www.google.com 3 redirects
7 mc.yandex.com 2 redirects mc.yandex.ru
7 analytics.tiktok.com dodo24.site
analytics.tiktok.com
6 www.google.de 10580686.fls.doubleclick.net
6 connect.facebook.net www.googletagmanager.com
connect.facebook.net
5 googleads.g.doubleclick.net 3 redirects www.googleadservices.com
5 top-fwz1.mail.ru dodo24.site
top-fwz1.mail.ru
5 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
10580686.fls.doubleclick.net
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 dodo24.site 1 redirects dodo24.site
dodopizza-a.akamaihd.net
3 adservice.google.com 9750456.fls.doubleclick.net
10380332.fls.doubleclick.net
10580686.fls.doubleclick.net
3 10580686.fls.doubleclick.net 1 redirects www.googletagmanager.com
3 static.popmechanic.ru www.googletagmanager.com
static.popmechanic.ru
3 www.artfut.com www.googletagmanager.com
www.artfut.com
3 10380332.fls.doubleclick.net 1 redirects www.googletagmanager.com
3 9750456.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 adservice.google.de adservice.google.com
2 mc.yandex.ru 1 redirects dodo24.site
2 api.mindbox.ru dodo24.site
api.mindbox.ru
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com dodo24.site
1 eventstream.dodopizza.com dodopizza-a.akamaihd.net
100 25

This site contains no links.

Subject Issuer Validity Valid
dodo24.site
Sectigo RSA Domain Validation Secure Server CA		 2021-07-19 -
2022-07-19		 a year crt.sh
a248.e.akamai.net
DigiCert Secure Site ECC CA-1		 2020-07-15 -
2021-09-13		 a year crt.sh
eventstream.dodopizza.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-01 -
2022-06-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.mindbox.ru
Thawte RSA CA 2018		 2021-03-16 -
2022-03-21		 a year crt.sh
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-06-09 -
2022-06-10		 2 years crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-02-27 -
2021-08-09		 5 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-09-02 -
2021-09-02		 a year crt.sh
*.mail.ru
GeoTrust ECC CA 2018		 2020-11-13 -
2021-11-17		 a year crt.sh
static.popmechanic.ru
R3		 2021-07-05 -
2021-10-03		 3 months crt.sh
*.tiktok.com
RapidSSL RSA CA 2018		 2019-11-14 -
2022-01-12		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://dodo24.site/
Frame ID: F34C6F013F700DCFC41F358BFE8D94B0
Requests: 89 HTTP requests in this frame

Frame: https://9750456.fls.doubleclick.net/activityi;dc_pre=CM6T_8Pi8PECFdIViwodG_QLDA;src=9750456;type=dodo_0;cat=dodo_0;ord=1;num=3141102696647;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F
Frame ID: 445595DB2FC5E57E669C561081EA8C05
Requests: 1 HTTP requests in this frame

Frame: https://10380332.fls.doubleclick.net/activityi;dc_pre=CPyXgMTi8PECFQuyewod3mAMhQ;src=10380332;type=invmedia;cat=webal0;ord=1;num=8613206879952;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F
Frame ID: 13DF5D2598CC2FABDDB1229B8A64D199
Requests: 1 HTTP requests in this frame

Frame: https://10580686.fls.doubleclick.net/activityi;dc_pre=CO3AgcTi8PECFUqddwod92sEgQ;src=10580686;type=count;cat=dodoa0;ord=1246415434295;gtm=2wg7j0;auiddc=767910549.1626753902;u1=2094646666.1626753903;u2=null;u3=null;u4=null;u5=null;u6=null;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F
Frame ID: AFEDF25A7655447731070A210A827F8C
Requests: 5 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CM6T_8Pi8PECFdIViwodG_QLDA;src=9750456;type=dodo_0;cat=dodo_0;ord=1;num=3141102696647;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F
Frame ID: 6678BBD8CC7C4557BF87E2824BA18289
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CM6T_8Pi8PECFdIViwodG_QLDA;src=9750456;type=dodo_0;cat=dodo_0;ord=1;num=3141102696647;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F
Frame ID: D3E94D7ED501B1A3FA55BA067755474E
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPyXgMTi8PECFQuyewod3mAMhQ;src=10380332;type=invmedia;cat=webal0;ord=1;num=8613206879952;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F
Frame ID: 0D2AE1AC27AC4D2A5082FD36253F52FF
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CPyXgMTi8PECFQuyewod3mAMhQ;src=10380332;type=invmedia;cat=webal0;ord=1;num=8613206879952;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F
Frame ID: 1F471A70A3638DC0FFF29D3A30230CA9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://dodo24.site/ HTTP 301
    https://dodo24.site/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

100
Requests

100 %
HTTPS

67 %
IPv6

19
Domains

25
Subdomains

26
IPs

4
Countries

1475 kB
Transfer

4781 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dodo24.site/ HTTP 301
    https://dodo24.site/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://9750456.fls.doubleclick.net/activityi;src=9750456;type=dodo_0;cat=dodo_0;ord=1;num=3141102696647;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F HTTP 302
  • https://9750456.fls.doubleclick.net/activityi;dc_pre=CM6T_8Pi8PECFdIViwodG_QLDA;src=9750456;type=dodo_0;cat=dodo_0;ord=1;num=3141102696647;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F
Request Chain 19
  • https://10380332.fls.doubleclick.net/activityi;src=10380332;type=invmedia;cat=webal0;ord=1;num=8613206879952;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F HTTP 302
  • https://10380332.fls.doubleclick.net/activityi;dc_pre=CPyXgMTi8PECFQuyewod3mAMhQ;src=10380332;type=invmedia;cat=webal0;ord=1;num=8613206879952;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F
Request Chain 35
  • https://10580686.fls.doubleclick.net/activityi;src=10580686;type=count;cat=dodoa0;ord=1246415434295;gtm=2wg7j0;auiddc=767910549.1626753902;u1=2094646666.1626753903;u2=null;u3=null;u4=null;u5=null;u6=null;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F HTTP 302
  • https://10580686.fls.doubleclick.net/activityi;dc_pre=CO3AgcTi8PECFUqddwod92sEgQ;src=10580686;type=count;cat=dodoa0;ord=1246415434295;gtm=2wg7j0;auiddc=767910549.1626753902;u1=2094646666.1626753903;u2=null;u3=null;u4=null;u5=null;u6=null;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F
Request Chain 48
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/706133363/?random=1999855223&cv=9&fst=1626753902595&num=1&value=0&label=EtsFCMuZtqwBEPP62tAC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fdodo24.site%2F&tiba=%F0%9F%8D%95%20%D0%94%D0%BE%D0%B4%D0%BE%20%D0%9F%D0%B8%D1%86%D1%86%D0%B0%20%7C%20%D0%A1%D0%B5%D1%82%D1%8C%20%D0%BF%D0%B8%D1%86%D1%86%D0%B5%D1%80%D0%B8%D0%B9%20%E2%84%961%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8&auid=767910549.1626753902&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=bkv2YMyCJo7G7_UP4eiN4AY&sscte=1&crd=&eitems=ChEI8MXUhwYQxfWEsYSY0bjmARIdAOXRx5qQQqh9EYdNdWD0Ag4XpC-k-X8Q1PF0M8k HTTP 302
  • https://www.google.com/pagead/1p-conversion/706133363/?random=1999855223&cv=9&fst=1626753902595&num=1&value=0&label=EtsFCMuZtqwBEPP62tAC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fdodo24.site%2F&tiba=%F0%9F%8D%95%20%D0%94%D0%BE%D0%B4%D0%BE%20%D0%9F%D0%B8%D1%86%D1%86%D0%B0%20%7C%20%D0%A1%D0%B5%D1%82%D1%8C%20%D0%BF%D0%B8%D1%86%D1%86%D0%B5%D1%80%D0%B8%D0%B9%20%E2%84%961%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8&auid=767910549.1626753902&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=bkv2YMyCJo7G7_UP4eiN4AY&cid=CAQSKQCNIrLMfHA4Ov4PB2ohtC5Vh-TQxeQHNsUtieqCbpZI96fPepqDD76i&eitems=ChEI8MXUhwYQxfWEsYSY0bjmARIdAOXRx5oQ6XhQH2zdTzcUkWOVLJBxHYp7nPCd-R4&random=2090990427&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/706133363/?random=1999855223&cv=9&fst=1626753902595&num=1&value=0&label=EtsFCMuZtqwBEPP62tAC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fdodo24.site%2F&tiba=%F0%9F%8D%95%20%D0%94%D0%BE%D0%B4%D0%BE%20%D0%9F%D0%B8%D1%86%D1%86%D0%B0%20%7C%20%D0%A1%D0%B5%D1%82%D1%8C%20%D0%BF%D0%B8%D1%86%D1%86%D0%B5%D1%80%D0%B8%D0%B9%20%E2%84%961%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8&auid=767910549.1626753902&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=bkv2YMyCJo7G7_UP4eiN4AY&cid=CAQSKQCNIrLMfHA4Ov4PB2ohtC5Vh-TQxeQHNsUtieqCbpZI96fPepqDD76i&eitems=ChEI8MXUhwYQxfWEsYSY0bjmARIdAOXRx5oQ6XhQH2zdTzcUkWOVLJBxHYp7nPCd-R4&random=2090990427&resp=GooglemKTybQhCsO&ipr=y
Request Chain 49
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/921389490/?random=2018718440&cv=9&fst=1626753902601&num=1&value=0&label=9KYSCKu_t90BELKTrbcD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fdodo24.site%2F&tiba=%F0%9F%8D%95%20%D0%94%D0%BE%D0%B4%D0%BE%20%D0%9F%D0%B8%D1%86%D1%86%D0%B0%20%7C%20%D0%A1%D0%B5%D1%82%D1%8C%20%D0%BF%D0%B8%D1%86%D1%86%D0%B5%D1%80%D0%B8%D0%B9%20%E2%84%961%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8&auid=767910549.1626753902&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=bkv2YMeDJoui7_UPyY688Ao&sscte=1&crd=&eitems=ChEI8MXUhwYQxfWEsYSY0bjmARIdAOXRx5r136UvmgeraqJaArgPcWg4BtOIF9r6DyY HTTP 302
  • https://www.google.com/pagead/1p-conversion/921389490/?random=2018718440&cv=9&fst=1626753902601&num=1&value=0&label=9KYSCKu_t90BELKTrbcD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fdodo24.site%2F&tiba=%F0%9F%8D%95%20%D0%94%D0%BE%D0%B4%D0%BE%20%D0%9F%D0%B8%D1%86%D1%86%D0%B0%20%7C%20%D0%A1%D0%B5%D1%82%D1%8C%20%D0%BF%D0%B8%D1%86%D1%86%D0%B5%D1%80%D0%B8%D0%B9%20%E2%84%961%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8&auid=767910549.1626753902&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=bkv2YMeDJoui7_UPyY688Ao&cid=CAQSKQCNIrLMjtbFJzp4pv0KOXEUFkQKUbbOup8E-cUcVZzKy2DazWWTgYMn&eitems=ChEI8MXUhwYQxfWEsYSY0bjmARIdAOXRx5rZCgHBtu41rR2sPon7maXQELk8nojQxwo&random=334751456&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/921389490/?random=2018718440&cv=9&fst=1626753902601&num=1&value=0&label=9KYSCKu_t90BELKTrbcD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fdodo24.site%2F&tiba=%F0%9F%8D%95%20%D0%94%D0%BE%D0%B4%D0%BE%20%D0%9F%D0%B8%D1%86%D1%86%D0%B0%20%7C%20%D0%A1%D0%B5%D1%82%D1%8C%20%D0%BF%D0%B8%D1%86%D1%86%D0%B5%D1%80%D0%B8%D0%B9%20%E2%84%961%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8&auid=767910549.1626753902&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=bkv2YMeDJoui7_UPyY688Ao&cid=CAQSKQCNIrLMjtbFJzp4pv0KOXEUFkQKUbbOup8E-cUcVZzKy2DazWWTgYMn&eitems=ChEI8MXUhwYQxfWEsYSY0bjmARIdAOXRx5rZCgHBtu41rR2sPon7maXQELk8nojQxwo&random=334751456&resp=GooglemKTybQhCsO&ipr=y
Request Chain 61
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9339.yjv3yXJ3nRBxjtMgcSb0ssaPEnKtYJ9pB7okJAxwsI-kOyWNIx4gS_F9nCCS-8Kb.rg1W0C4pXor7E2IB3zeY4TPKOqw%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9339.Lw2JESvpfn0JHGvSJ7QZuGxO4QAB5fn5pgFHnekfbS6t_gQ9WR5Ltleewq_o8Jg7xtDmlPAohduJ_H0PUuZ8Hg%2C%2C.aoApwSFJpCpU0CVeLQf8GLJJe4Y%2C
Request Chain 82
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/411044958/?random=890270672&cv=9&fst=1626753903024&num=1&npa=1&label=tJlbCIywk_kBEN6YgMQB&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10580686.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCO3AgcTi8PECFUqddwod92sEgQ%3Bsrc%3D10580686%3Btype%3Dcount%3Bcat%3Ddodoa0%3Bord%3D1246415434295%3Bgtm%3D2wg7j0%3Bauiddc%3D767910549.1626753902%3Bu1%3D2094646666.1626753903%3Bu2%3Dnull%3Bu3%3Dnull%3Bu4%3Dnull%3Bu5%3Dnull%3Bu6%3Dnull%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fdodo24.site%252F%3F&ref=https%3A%2F%2Fdodo24.site%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=b0v2YIjJArnE7_UPp7GSYA&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/411044958/?random=890270672&cv=9&fst=1626753903024&num=1&npa=1&label=tJlbCIywk_kBEN6YgMQB&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10580686.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCO3AgcTi8PECFUqddwod92sEgQ%3Bsrc%3D10580686%3Btype%3Dcount%3Bcat%3Ddodoa0%3Bord%3D1246415434295%3Bgtm%3D2wg7j0%3Bauiddc%3D767910549.1626753902%3Bu1%3D2094646666.1626753903%3Bu2%3Dnull%3Bu3%3Dnull%3Bu4%3Dnull%3Bu5%3Dnull%3Bu6%3Dnull%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fdodo24.site%252F%3F&ref=https%3A%2F%2Fdodo24.site%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=b0v2YIjJArnE7_UPp7GSYA&cid=CAQSKQCNIrLMeIQodzhoWUeu6glPj6Vn17IFnMDl_KxwFs3TjqD924HySsv8&random=3771030865&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/411044958/?random=890270672&cv=9&fst=1626753903024&num=1&npa=1&label=tJlbCIywk_kBEN6YgMQB&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10580686.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCO3AgcTi8PECFUqddwod92sEgQ%3Bsrc%3D10580686%3Btype%3Dcount%3Bcat%3Ddodoa0%3Bord%3D1246415434295%3Bgtm%3D2wg7j0%3Bauiddc%3D767910549.1626753902%3Bu1%3D2094646666.1626753903%3Bu2%3Dnull%3Bu3%3Dnull%3Bu4%3Dnull%3Bu5%3Dnull%3Bu6%3Dnull%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fdodo24.site%252F%3F&ref=https%3A%2F%2Fdodo24.site%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=b0v2YIjJArnE7_UPp7GSYA&cid=CAQSKQCNIrLMeIQodzhoWUeu6glPj6Vn17IFnMDl_KxwFs3TjqD924HySsv8&random=3771030865&resp=GooglemKTybQhCsO&ipr=y
Request Chain 83
  • https://mc.yandex.com/watch/45773817?wmode=7&page-url=https%3A%2F%2Fdodo24.site%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A1212%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A624308744782%3Ahid%3A459178176%3Az%3A120%3Ai%3A20210720060502%3Aet%3A1626753903%3Ac%3A1%3Arn%3A161297301%3Au%3A162675390332065447%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1626753901054%3Ads%3A0%2C70%2C65%2C23%2C519%2C0%2C%2C29%2C0%2C1319%2C1320%2C0%2C903%3Adsn%3A0%2C69%2C65%2C23%2C519%2C0%2C%2C8%2C0%2C1319%2C1320%2C0%2C904%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1626753903%3At%3A%F0%9F%8D%95%20%D0%94%D0%BE%D0%B4%D0%BE%20%D0%9F%D0%B8%D1%86%D1%86%D0%B0%20%7C%20%D0%A1%D0%B5%D1%82%D1%8C%20%D0%BF%D0%B8%D1%86%D1%86%D0%B5%D1%80%D0%B8%D0%B9%20%E2%84%961%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8 HTTP 302
  • https://mc.yandex.com/watch/45773817/1?wmode=7&page-url=https%3A%2F%2Fdodo24.site%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A1212%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A624308744782%3Ahid%3A459178176%3Az%3A120%3Ai%3A20210720060502%3Aet%3A1626753903%3Ac%3A1%3Arn%3A161297301%3Au%3A162675390332065447%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1626753901054%3Ads%3A0%2C70%2C65%2C23%2C519%2C0%2C%2C29%2C0%2C1319%2C1320%2C0%2C903%3Adsn%3A0%2C69%2C65%2C23%2C519%2C0%2C%2C8%2C0%2C1319%2C1320%2C0%2C904%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1626753903%3At%3A%F0%9F%8D%95%20%D0%94%D0%BE%D0%B4%D0%BE%20%D0%9F%D0%B8%D1%86%D1%86%D0%B0%20%7C%20%D0%A1%D0%B5%D1%82%D1%8C%20%D0%BF%D0%B8%D1%86%D1%86%D0%B5%D1%80%D0%B8%D0%B9%20%E2%84%961%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8

100 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dodo24.site/
Redirect Chain
  • http://dodo24.site/
  • https://dodo24.site/
191 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dodo24.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:6:1::b972:f736 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
c243041afb7da32d210fa27d0efa708a96c0dbc33dce4c59f28c654ebd0049c1

Request headers

:method
GET
:authority
dodo24.site
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx/1.16.1
date
Tue, 20 Jul 2021 04:05:01 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

Server
nginx/1.16.1
Date
Tue, 20 Jul 2021 04:05:01 GMT
Content-Type
text/html
Content-Length
169
Connection
keep-alive
Location
https://dodo24.site/
app-desktop.6278404534ce08232a87.js
dodopizza-a.akamaihd.net/site-static/dist/ 		1 MB
299 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dodopizza-a.akamaihd.net/site-static/dist/app-desktop.6278404534ce08232a87.js
Requested by
Host: dodo24.site
URL: https://dodo24.site/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1f910de19537cbc18021303a8ab2caff1776b3929fe9d624ff288a35331664c9

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Jul 2021 04:05:01 GMT
content-encoding
gzip
content-md5
7tbPn8pYqmvdf+BrSKDldw==
content-length
304852
x-ms-lease-status
unlocked
last-modified
Tue, 13 Jul 2021 08:13:10 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D945D60D9EB75D
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
13ccf4fb-501e-00e3-1bbf-772b61000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=30946281
x-ms-version
2009-09-19
vendors~desktop-about~desktop-bonus-actions~desktop-cart~desktop-checkout~desktop-contacts~desktop-c~6269b5a6.17b22161065bd7cb8661.js
dodopizza-a.akamaihd.net/site-static/dist/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dodopizza-a.akamaihd.net/site-static/dist/vendors~desktop-about~desktop-bonus-actions~desktop-cart~desktop-checkout~desktop-contacts~desktop-c~6269b5a6.17b22161065bd7cb8661.js
Requested by
Host: dodopizza-a.akamaihd.net
URL: https://dodopizza-a.akamaihd.net/site-static/dist/app-desktop.6278404534ce08232a87.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7348f39f3c271e9f5b362c8bbceb8c3a80a4b0157a3ef8537723a5258b2b9a95

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Jul 2021 04:05:02 GMT
content-encoding
gzip
content-md5
W6ntzHwVJggEzkQ8fZrycQ==
content-length
6250
x-ms-lease-status
unlocked
last-modified
Thu, 08 Jul 2021 07:50:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D941E4FCEF7E6C
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d2e4a3a2-e01e-00fa-7ece-730709000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=30512772
x-ms-version
2009-09-19
vendors~desktop-about~desktop-bonus-actions~desktop-cart~desktop-checkout~desktop-contacts~desktop-c~a2beb340.627a29c93513f72e53b6.js
dodopizza-a.akamaihd.net/site-static/dist/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dodopizza-a.akamaihd.net/site-static/dist/vendors~desktop-about~desktop-bonus-actions~desktop-cart~desktop-checkout~desktop-contacts~desktop-c~a2beb340.627a29c93513f72e53b6.js
Requested by
Host: dodopizza-a.akamaihd.net
URL: https://dodopizza-a.akamaihd.net/site-static/dist/app-desktop.6278404534ce08232a87.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
82d42c798cdf86ae8a5d54a0e73e6cc2dbb551fc52dc43c38cb0e6e5a130cc43

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Jul 2021 04:05:01 GMT
content-encoding
gzip
content-md5
7mQA168snVW+vCnViJS+Ag==
content-length
5910
x-ms-lease-status
unlocked
last-modified
Tue, 06 Jul 2021 09:30:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D94060C3CE0EE4
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f013e7f8-501e-00e3-4b4a-722b61000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=30346222
x-ms-version
2009-09-19
vendors~desktop-about~desktop-bonus-actions~desktop-cart~desktop-checkout~desktop-contacts~desktop-d~48bf066f.4b6cf1f992e8043bf33d.js
dodopizza-a.akamaihd.net/site-static/dist/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dodopizza-a.akamaihd.net/site-static/dist/vendors~desktop-about~desktop-bonus-actions~desktop-cart~desktop-checkout~desktop-contacts~desktop-d~48bf066f.4b6cf1f992e8043bf33d.js
Requested by
Host: dodopizza-a.akamaihd.net
URL: https://dodopizza-a.akamaihd.net/site-static/dist/app-desktop.6278404534ce08232a87.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5d5bfc10b310011245fde2d9cb56c9a58569be56e04dc4945054044ccca777ed

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Jul 2021 04:05:01 GMT
content-encoding
gzip
content-md5
4Foi686gTYuNbQWwRlzupQ==
content-length
24944
x-ms-lease-status
unlocked
last-modified
Tue, 13 Jul 2021 07:07:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D945CCCF7E951C
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
98c0e6a6-c01e-0107-16b5-777e3e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=30942222
x-ms-version
2009-09-19
vendors~desktop-index~mobile-bonus-actions~mobile-checkout~mobile-menu.9d5caaf3711bf864913e.js
dodopizza-a.akamaihd.net/site-static/dist/ 		61 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dodopizza-a.akamaihd.net/site-static/dist/vendors~desktop-index~mobile-bonus-actions~mobile-checkout~mobile-menu.9d5caaf3711bf864913e.js
Requested by
Host: dodopizza-a.akamaihd.net
URL: https://dodopizza-a.akamaihd.net/site-static/dist/app-desktop.6278404534ce08232a87.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5efe90f95ff3f498bec40b522968d7b753ef922fb6a74b36ccdf6c6068034cdf

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Jul 2021 04:05:01 GMT
content-encoding
gzip
content-md5
xjA/rSMM4ZLw+1qjaC0MlA==
content-length
21817
x-ms-lease-status
unlocked
last-modified
Tue, 06 Jul 2021 09:30:58 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D94060C375C7B5
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b67e141c-901e-007d-2e4a-725226000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=30346155
x-ms-version
2009-09-19
desktop-index.16d6f69e8b00a83d1d91.js
dodopizza-a.akamaihd.net/site-static/dist/ 		111 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dodopizza-a.akamaihd.net/site-static/dist/desktop-index.16d6f69e8b00a83d1d91.js
Requested by
Host: dodopizza-a.akamaihd.net
URL: https://dodopizza-a.akamaihd.net/site-static/dist/app-desktop.6278404534ce08232a87.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e4fc400114f26cd99c870d897cfb9037b08f998b105f1e035c1d3c20dfc01a2a

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Jul 2021 04:05:02 GMT
content-encoding
gzip
content-md5
toG7PWbS6CIkmcEIM8MYWQ==
content-length
31912
x-ms-lease-status
unlocked
last-modified
Tue, 13 Jul 2021 07:06:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D945CCCED8DF4A
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
96cabc9e-c01e-002a-06b7-77bbab000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=30942677
x-ms-version
2009-09-19
globalsite_localizations18.36e6f863ddb5de7cca31.js
dodopizza-a.akamaihd.net/site-static/dist/ 		46 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dodopizza-a.akamaihd.net/site-static/dist/globalsite_localizations18.36e6f863ddb5de7cca31.js
Requested by
Host: dodopizza-a.akamaihd.net
URL: https://dodopizza-a.akamaihd.net/site-static/dist/app-desktop.6278404534ce08232a87.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
518e69875eccda4a6c666c0f89d0a92bc46aa0a84cc1b3715f6fc001819b246b

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Jul 2021 04:05:02 GMT
content-encoding
gzip
content-md5
fMFFRMLEhu1QJXR5JQFpIg==
content-length
14152
x-ms-lease-status
unlocked
last-modified
Tue, 06 Jul 2021 09:30:58 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D94060C3489267
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5258aa9e-701e-001a-0749-72e181000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=30346157
x-ms-version
2009-09-19
events
eventstream.dodopizza.com//api/ 		0
212 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://eventstream.dodopizza.com//api/events
Requested by
Host: dodopizza-a.akamaihd.net
URL: https://dodopizza-a.akamaihd.net/site-static/dist/app-desktop.6278404534ce08232a87.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::42 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 20 Jul 2021 04:05:01 GMT
content-length
0
x-azure-ref
0bkv2YAAAAABdhja6zhkZRbHDnCv06Hg/RlJBRURHRTEwMTEAZDBlNjMxYTEtYzA3NS00ZDUzLThlZTEtOTFmNTM5NTMzMjRi
x-cache
CONFIG_NOCACHE
request-context
appId=cid-v1:038bf19f-cc27-4b27-b1d8-9aa96d193f29
be20534fd8b4b6d47024.svg
dodopizza-a.akamaihd.net/site-static/dist/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dodopizza-a.akamaihd.net/site-static/dist/be20534fd8b4b6d47024.svg
Requested by
Host: dodo24.site
URL: https://dodo24.site/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
488d9e29efd9d1860d8245cd53f7e287274370ac0247d36b7d0050c031dd4de9

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Jul 2021 04:05:02 GMT
content-encoding
gzip
content-md5
viBTT9i0ttRwJIaWte5yNQ==
content-length
1689
x-ms-lease-status
unlocked
last-modified
Thu, 24 Oct 2019 07:21:42 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D75852D1A96BB8
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
eaee7e9e-401e-00b8-202e-342c1d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=23517361
x-ms-version
2009-09-19
4aea810fbde5ee6519af.svg
dodopizza-a.akamaihd.net/site-static/dist/ 		348 B
728 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dodopizza-a.akamaihd.net/site-static/dist/4aea810fbde5ee6519af.svg
Requested by
Host: dodo24.site
URL: https://dodo24.site/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1cc244fd88e18acd97592feb2af2a18847ee2be656e8cd2abb401c21f2ed2390

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Jul 2021 04:05:02 GMT
content-encoding
gzip
content-md5
SuqBD73l7mUZr5tRcnHyxQ==
content-length
258
x-ms-lease-status
unlocked
last-modified
Thu, 28 Feb 2019 06:56:54 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D69D49ECC21AAC
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
5d998b0e-601e-0005-024e-e43a91000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14735182
x-ms-version
2009-09-19
9b9c7d0c3d1762ac8888.woff2
dodo24.site/dist/ 		103 KB
104 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dodo24.site/dist/9b9c7d0c3d1762ac8888.woff2
Requested by
Host: dodo24.site
URL: https://dodo24.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:6:1::b972:f736 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
8bf28bdcc42207a020f6628c9994a0c198c875560f303a0507daed2028964f98

Request headers

sec-fetch-mode
cors
origin
https://dodo24.site
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
loglevel=INFO; dodo_visit=c5434104-f3af-403e-a47f-4cb0744cfa3d; dodo_visitor=5fcc5ccf-f0be-4f48-ba46-ee141fcdec3c
:path
/dist/9b9c7d0c3d1762ac8888.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
dodo24.site
referer
https://dodo24.site/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://dodo24.site
Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 04:05:02 GMT
server
nginx/1.16.1
content-type
application/octet-stream; charset=binary; charset=utf-8
enabled
dodo24.site/api/geolocator/ 		5 B
82 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dodo24.site/api/geolocator/enabled
Requested by
Host: dodopizza-a.akamaihd.net
URL: https://dodopizza-a.akamaihd.net/site-static/dist/app-desktop.6278404534ce08232a87.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:6:1::b972:f736 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
loglevel=INFO; dodo_visit=c5434104-f3af-403e-a47f-4cb0744cfa3d; dodo_visitor=5fcc5ccf-f0be-4f48-ba46-ee141fcdec3c
:path
/api/geolocator/enabled
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/x-www-form-urlencoded
accept
*/*
cache-control
no-cache
:authority
dodo24.site
referer
https://dodo24.site/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://dodo24.site/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 20 Jul 2021 04:05:02 GMT
server
nginx/1.16.1
content-length
5
content-type
text/html; charset=utf-8
gtm.js
www.googletagmanager.com/ 		334 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T3GXLH2
Requested by
Host: dodo24.site
URL: https://dodo24.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3d9b1b5b0cff93a741de48de0a4da79dbda542a19dc8a52d83daf2c92cb9cb3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 04:05:02 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
90489
x-xss-protection
0
last-modified
Tue, 20 Jul 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 20 Jul 2021 04:05:02 GMT
tracker.js
api.mindbox.ru/scripts/v1/ 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.mindbox.ru/scripts/v1/tracker.js
Requested by
Host: dodo24.site
URL: https://dodo24.site/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
84.252.130.113 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
nginx /
Resource Hash
b24ac49bfc1bab8f318d64d1bbe7e98fe1e0d816cb3ea7d3e251ad6b4fc08c8a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=315360000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src 'self' 'unsafe-inline'
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
8e9f64b736ac540e
transfer-encoding
chunked
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 02 Jul 2021 16:48:14 UTC
server
nginx
x-frame-options
DENY
date
Tue, 20 Jul 2021 04:05:02 GMT
strict-transport-security
max-age=315360000; includeSubDomains; preload
content-type
application/javascript
cache-control
public,max-age=604800
feature-policy
vibrate 'self'
etag
W/"5a4bc88341c488386d322bff9ccade42"
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3GXLH2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
4443
date
Tue, 20 Jul 2021 02:50:59 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Tue, 20 Jul 2021 04:50:59 GMT
openapi.js
vk.com/js/api/ 		100 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/api/openapi.js?159
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3GXLH2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv72-190-240-87.vk.com
Software
kittenx /
Resource Hash
4a59afde8e0c966992b4cf31107f3e706e78572223f8f28162c218673bf7a71b

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 04:05:02 GMT
content-encoding
br
x-frontend
front224207
last-modified
Tue, 15 Jun 2021 09:11:55 GMT
server
kittenx
etag
"60c86edb-5802"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
22530
expires
Sat, 24 Jul 2021 04:05:02 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3GXLH2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
255b564f51555254a3a189315254611bac81e318ed25f6b577f2deed8c49ce9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 04:05:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13897
x-xss-protection
0
server
cafe
etag
1785974167624152338
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 20 Jul 2021 04:05:02 GMT
fbevents.js
connect.facebook.net/en_US/ 		95 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3GXLH2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24676
x-xss-protection
0
pragma
public
x-fb-debug
obZB6qyOmUUYL5EZqqtBcAWIlvi6R2m7nCoTXgYHmtu4p3T+HJoUyItY2afm/9FVzNTfGJAE4pX6v7601+76RA==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
date
Tue, 20 Jul 2021 04:05:02 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
activityi;dc_pre=CM6T_8Pi8PECFdIViwodG_QLDA;src=9750456;type=dodo_0;cat=dodo_0;ord=1;num=3141102696647;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F
9750456.fls.doubleclick.net/ Frame 4455
Redirect Chain
  • https://9750456.fls.doubleclick.net/activityi;src=9750456;type=dodo_0;cat=dodo_0;ord=1;num=3141102696647;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F?
  • https://9750456.fls.doubleclick.net/activityi;dc_pre=CM6T_8Pi8PECFdIViwodG_QLDA;src=9750456;type=dodo_0;cat=dodo_0;ord=1;num=3141102696647;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A...
486 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://9750456.fls.doubleclick.net/activityi;dc_pre=CM6T_8Pi8PECFdIViwodG_QLDA;src=9750456;type=dodo_0;cat=dodo_0;ord=1;num=3141102696647;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3GXLH2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f166.1e100.net
Software
cafe /
Resource Hash
3537a1cc081b2f3ad3823fd41beb49a59fc22bcb17b292577a2e923e96184a1f
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
9750456.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CM6T_8Pi8PECFdIViwodG_QLDA;src=9750456;type=dodo_0;cat=dodo_0;ord=1;num=3141102696647;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dodo24.site/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 20 Jul 2021 04:05:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
385
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 20-Jul-2021 04:20:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 20 Jul 2021 04:05:02 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://9750456.fls.doubleclick.net/activityi;dc_pre=CM6T_8Pi8PECFdIViwodG_QLDA;src=9750456;type=dodo_0;cat=dodo_0;ord=1;num=3141102696647;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activityi;dc_pre=CPyXgMTi8PECFQuyewod3mAMhQ;src=10380332;type=invmedia;cat=webal0;ord=1;num=8613206879952;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F
10380332.fls.doubleclick.net/ Frame 13DF
Redirect Chain
  • https://10380332.fls.doubleclick.net/activityi;src=10380332;type=invmedia;cat=webal0;ord=1;num=8613206879952;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F?
  • https://10380332.fls.doubleclick.net/activityi;dc_pre=CPyXgMTi8PECFQuyewod3mAMhQ;src=10380332;type=invmedia;cat=webal0;ord=1;num=8613206879952;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=http...
489 B
416 B 		Document
General
Check archive.org
Download Go to
Full URL
https://10380332.fls.doubleclick.net/activityi;dc_pre=CPyXgMTi8PECFQuyewod3mAMhQ;src=10380332;type=invmedia;cat=webal0;ord=1;num=8613206879952;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3GXLH2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
cafe /
Resource Hash
6678ea01d5f6be00a5d8a5652ca67454bb56add18e173961f6fcb03f56581c93
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
10380332.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CPyXgMTi8PECFQuyewod3mAMhQ;src=10380332;type=invmedia;cat=webal0;ord=1;num=8613206879952;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dodo24.site/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 20 Jul 2021 04:05:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
391
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 20-Jul-2021 04:20:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 20 Jul 2021 04:05:02 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://10380332.fls.doubleclick.net/activityi;dc_pre=CPyXgMTi8PECFQuyewod3mAMhQ;src=10380332;type=invmedia;cat=webal0;ord=1;num=8613206879952;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
tag.js
mc.yandex.ru/metrika/ 		223 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: dodo24.site
URL: https://dodo24.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e788c7f07903cd5e96a062aa3ea175c987b0772cce696914daca381dee353dfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 04:05:02 GMT
content-encoding
br
last-modified
Thu, 15 Jul 2021 10:21:03 GMT
etag
"60ec4755-11a70"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
72304
expires
Tue, 20 Jul 2021 05:05:02 GMT
openapi.js
vk.com/js/api/ 		100 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/api/openapi.js?167
Requested by
Host: dodo24.site
URL: https://dodo24.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv72-190-240-87.vk.com
Software
kittenx /
Resource Hash
4a59afde8e0c966992b4cf31107f3e706e78572223f8f28162c218673bf7a71b

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 04:05:02 GMT
content-encoding
br
x-frontend
front224207
last-modified
Tue, 15 Jun 2021 09:11:55 GMT
server
kittenx
etag
"60c86edb-5802"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
22530
expires
Sat, 24 Jul 2021 04:05:02 GMT
tagtag.min.js
www.artfut.com/static/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.artfut.com/static/tagtag.min.js?campaign_code=fbaa89de14
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3GXLH2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edfc75726cf71265dd903eeb0f37bd74534194e42a0e6db6894beb6987023454
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 04:05:02 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
553
pragma
public
last-modified
Mon, 21 Sep 2020 11:48:28 GMT
server
cloudflare
etag
W/"5f68930c-cb0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sx335Xhk8e90opZurZk%2BltfWbWOY0%2FECvJJN2fJdk4acEDAs%2BhUTzq863jwgylrTW%2FpICDsBiX5xZxf31gkLFfnEEiKnONGRx3Q%2BXt6vhG39apnm9TvuLTKxGqjVW17J%2FyS2%2BHrzN%2BBux77m"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1200, public
cf-ray
67194f12a9b84a73-FRA
expires
Tue, 20 Jul 2021 04:15:49 GMT
code.js
top-fwz1.mail.ru/js/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/js/code.js
Requested by
Host: dodo24.site
URL: https://dodo24.site/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
4d396cf09445102d6fbb4a89372a193497a4c9a60894707a55862ca13fc32c1b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 04:05:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin
*
last-modified
Thu, 15 Jul 2021 14:55:53 GMT
server
nginx
etag
W/"60f04c79-60e6"
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
max-age=3600, private
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory
timing-allow-origin
*
access-control-allow-headers
*
expires
Tue, 20 Jul 2021 05:05:02 GMT
loader.js
static.popmechanic.ru/service/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.popmechanic.ru/service/loader.js?c=5758
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3GXLH2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.151.242.16 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
83b966d0878748065f2e1479def69df9e847dcab7b75b4351a14e8d9e5019896

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Jul 2021 04:05:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Jul 2021 15:53:35 GMT
Server
nginx/1.18.0 (Ubuntu)
Etag
W/"86d6fc3291adcaeaca12813f615b4c5b"
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS, PATCH, PUT
X-Amz-Version-Id
null
Cache-Control
max-age=14400
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-CSRFToken,Authorization
Expires
Tue, 20 Jul 2021 08:05:02 GMT
openapi.js
vk.com/js/api/ 		100 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/api/openapi.js?168
Requested by
Host: dodo24.site
URL: https://dodo24.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv72-190-240-87.vk.com
Software
kittenx /
Resource Hash
4a59afde8e0c966992b4cf31107f3e706e78572223f8f28162c218673bf7a71b

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 04:05:02 GMT
content-encoding
br
x-frontend
front224207
last-modified
Tue, 15 Jun 2021 09:11:55 GMT
server
kittenx
etag
"60c86edb-5802"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
22530
expires
Sat, 24 Jul 2021 04:05:02 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		112 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C15MT7ICBTHJIASGT4F0&lib=ttq
Requested by
Host: dodo24.site
URL: https://dodo24.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-160.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b2e073148910a00458434458b00572b34876c61a20fb800b263c6be40b32383c

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-request-id
80c9e20f.1b410ded
date
Tue, 20 Jul 2021 04:05:02 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-53-33-183.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-186-156.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time
160,2.16.186.156
server-timing
cdn-cache; desc=MISS, edge; dur=155, origin; dur=5, inner; dur=0
pragma
no-cache
server
nginx
x-tt-logid
202107200405020102450241585B1BF250
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
6,23.53.33.183
x-tt-trace-host
017e91b44d650fd63de34512f3821367f1ca3921f1a4e608e2d6bfbfdf8b1b9ab427c4b788b76ddd56c1a24857ca503c71123be7105b9a69e5365e4bc59627d929a9be302db7b2f771af9be6db83c736b49eba2549340dba0e19982593eac49f351c855dcd798e059a76ffe39fc15c07d8
expires
Tue, 20 Jul 2021 04:05:02 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		112 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2STHMKAJ6IC584G88I0&lib=ttq
Requested by
Host: dodo24.site
URL: https://dodo24.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-160.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b2e073148910a00458434458b00572b34876c61a20fb800b263c6be40b32383c

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-request-id
3f1d73d2.1b410def
date
Tue, 20 Jul 2021 04:05:02 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-53-33-191.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-186-156.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time
171,2.16.186.156
server-timing
cdn-cache; desc=MISS, edge; dur=162, origin; dur=10, inner; dur=0
pragma
no-cache
server
nginx
x-tt-logid
20210720040502010245037144151D3DCB
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
10,23.53.33.191
x-tt-trace-host
017e91b44d650fd63de34512f3821367f1ca3921f1a4e608e2d6bfbfdf8b1b9ab48a96423d0622d28c135ed5dd9bcff3d942d0871268f1f03393a8ee4355866ef80eee92ba50ad1da20bc3ee8c11230aaca0445490146052cce4ddf768229f75f3806a79391885ed2e857863f3ebb2a121
expires
Tue, 20 Jul 2021 04:05:02 GMT
activityi;register_conversion=1;src=9750456;type=dodo_0;cat=dodo_0;ord=1;num=3141102696647;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F
9750456.fls.doubleclick.net/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9750456.fls.doubleclick.net/activityi;register_conversion=1;src=9750456;type=dodo_0;cat=dodo_0;ord=1;num=3141102696647;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f166.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
activityi;register_conversion=1;src=10380332;type=invmedia;cat=webal0;ord=1;num=8613206879952;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F
10380332.fls.doubleclick.net/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://10380332.fls.doubleclick.net/activityi;register_conversion=1;src=10380332;type=invmedia;cat=webal0;ord=1;num=8613206879952;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 03:56:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
542
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1306
x-xss-protection
0
expires
Tue, 20 Jul 2021 04:56:00 GMT
identity.js
connect.facebook.net/signals/plugins/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.43
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
4673
x-xss-protection
0
pragma
public
x-fb-debug
ibg/T/HXdWPDJboTcVV3GezrHM6FJfYjrVyN6OSACTdAsv8nlPv8PzIMmjCq2FuZlRdAGDVLWYJ2h2Eb3OmAvw==
x-frame-options
DENY
date
Tue, 20 Jul 2021 04:05:02 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
2212104589051996
connect.facebook.net/signals/config/ 		260 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2212104589051996?v=2.9.43&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c684c7f1971dae47039a8f76319cf8cf37d837a7e6f6337328012f720d476c25
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
wfe5lxoPvcauctUAgW77ujjOVOAr6kqIBUrID1GLC2z6+H4V6exo8qgYazKzNk2AdFsiZlfHWyc9mzKGa0rBOg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 20 Jul 2021 04:05:02 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
tracking.min.js
www.artfut.com/static/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.artfut.com/static/tracking.min.js
Requested by
Host: www.artfut.com
URL: https://www.artfut.com/static/tagtag.min.js?campaign_code=fbaa89de14
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d4e3bd1621e63bb4bfbae3c3275134b26016bb76175fefe9c5998f8ade1009c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 04:05:02 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1000
pragma
public
last-modified
Mon, 21 Sep 2020 11:48:28 GMT
server
cloudflare
etag
W/"5f68930c-686e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SmKvg9G9CkFLd7MVfznt1pftjOi%2F%2BHdZgz5o8n%2BGif4Xf7uxWtyMVUE37JtsAQFP6i7Vq3Vs93e0kVe%2BqBeaLzWV2vakvKDVxlCR7jCWVogBtvMqbpx3U9JeNKyP0eG69hpOEW6SP1q5Vq%2BM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1200, public
cf-ray
67194f12d9f44a73-FRA
expires
Tue, 20 Jul 2021 04:08:22 GMT
crossdevice.min.js
www.artfut.com/static/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.artfut.com/static/crossdevice.min.js
Requested by
Host: www.artfut.com
URL: https://www.artfut.com/static/tagtag.min.js?campaign_code=fbaa89de14
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cd07e6c64768b866c81e2e1cc61f88f631f377a3afc426d7b0c9de3875e65ae
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 04:05:02 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1041
pragma
public
last-modified
Mon, 21 Sep 2020 11:48:27 GMT
server
cloudflare
etag
W/"5f68930b-655c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gtPf7NW62w5sYpUj5xOh0OqbXLHjiW4%2B85z%2F869iK8vCKqkFKGaqqSHTco8ScgQmD6pqbi5RWtGIt%2FkO8cskYtZV8bSguD%2BuzcdIY0bdV9764TJ1TyXeUSfUEEfc7a1fTYu4Q7CwGHaN0ATO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1200, public
cf-ray
67194f12d9f54a73-FRA
expires
Tue, 20 Jul 2021 04:07:41 GMT
activityi;dc_pre=CO3AgcTi8PECFUqddwod92sEgQ;src=10580686;type=count;cat=dodoa0;ord=1246415434295;gtm=2wg7j0;auiddc=767910549.1626753902;u1=2094646666.1626753903;u2=null;u3=null;u4=null;u5=null;u6=n...
10580686.fls.doubleclick.net/ Frame AFED
Redirect Chain
  • https://10580686.fls.doubleclick.net/activityi;src=10580686;type=count;cat=dodoa0;ord=1246415434295;gtm=2wg7j0;auiddc=767910549.1626753902;u1=2094646666.1626753903;u2=null;u3=null;u4=null;u5=null;u...
  • https://10580686.fls.doubleclick.net/activityi;dc_pre=CO3AgcTi8PECFUqddwod92sEgQ;src=10580686;type=count;cat=dodoa0;ord=1246415434295;gtm=2wg7j0;auiddc=767910549.1626753902;u1=2094646666.1626753903...
1 KB
691 B 		Document
General
Check archive.org
Download Go to
Full URL
https://10580686.fls.doubleclick.net/activityi;dc_pre=CO3AgcTi8PECFUqddwod92sEgQ;src=10580686;type=count;cat=dodoa0;ord=1246415434295;gtm=2wg7j0;auiddc=767910549.1626753902;u1=2094646666.1626753903;u2=null;u3=null;u4=null;u5=null;u6=null;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3GXLH2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f166.1e100.net
Software
cafe /
Resource Hash
266b9d1a0364b86dbba21bd1ff95d4c6d6e24459054a2e68dbdd03f019175d8b
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
10580686.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CO3AgcTi8PECFUqddwod92sEgQ;src=10580686;type=count;cat=dodoa0;ord=1246415434295;gtm=2wg7j0;auiddc=767910549.1626753902;u1=2094646666.1626753903;u2=null;u3=null;u4=null;u5=null;u6=null;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dodo24.site/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 20 Jul 2021 04:05:02 GMT
expires
Tue, 20 Jul 2021 04:05:02 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
666
x-xss-protection
0
set-cookie
IDE=AHWqTUnaeypRsTwZr9wyWMygxuckn3YT-qUSbkS89w5P1WUj4cVke1rDZfPIbZOp3gg; expires=Sun, 14-Aug-2022 04:05:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 20 Jul 2021 04:05:02 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://10580686.fls.doubleclick.net/activityi;dc_pre=CO3AgcTi8PECFUqddwod92sEgQ;src=10580686;type=count;cat=dodoa0;ord=1246415434295;gtm=2wg7j0;auiddc=767910549.1626753902;u1=2094646666.1626753903;u2=null;u3=null;u4=null;u5=null;u6=null;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=17378170&t=pageview&_s=1&dl=https%3A%2F%2Fdodo24.site%2F&ul=en-us&de=UTF-8&dt=%F0%9F%8D%95%20%D0%94%D0%BE%D0%B4%D0%BE%20%D0%9F%D0%B8%D1%86%D1%86%D0%B0%20%7C%20%D0%A1%D0%B5%D1%82%D1%8C%20%D0%BF%D0%B8%D1%86%D1%86%D0%B5%D1%80%D0%B8%D0%B9%20%E2%84%961%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEALQAAAAC~&jid=1168441685&gjid=780821452&cid=2094646666.1626753903&tid=UA-100114221-5&_gid=1090387919.1626753903&_r=1&gtm=2wg7j0T3GXLH2&cd1=1626753902453.ncpvw5wq&cd2=2094646666.1626753903&z=1382944493
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Jul 2021 04:05:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dodo24.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.google-analytics.com/gtm/ 		100 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-WFMSHJN&t=gtm5&cid=2094646666.1626753903
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b5dd875c5ccd393ede33c0009e89f20da47132d5d50316c203bc46eb0025da31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 04:05:02 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40219
x-xss-protection
0
expires
Tue, 20 Jul 2021 04:05:02 GMT
activityi;register_conversion=1;src=10580686;type=count;cat=dodoa0;ord=1246415434295;gtm=2wg7j0;auiddc=767910549.1626753902;u1=2094646666.1626753903;u2=null;u3=null;u4=null;u5=null;u6=null;ps=1;~or...
10580686.fls.doubleclick.net/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://10580686.fls.doubleclick.net/activityi;register_conversion=1;src=10580686;type=count;cat=dodoa0;ord=1246415434295;gtm=2wg7j0;auiddc=767910549.1626753902;u1=2094646666.1626753903;u2=null;u3=null;u4=null;u5=null;u6=null;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f166.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
collect
stats.g.doubleclick.net/j/ 		4 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-100114221-5&cid=2094646666.1626753903&jid=1168441685&gjid=780821452&_gid=1090387919.1626753903&_u=aGBAAEAKQAAAAC~&z=122533593
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 20 Jul 2021 04:05:02 GMT
content-type
text/plain
access-control-allow-origin
https://dodo24.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-100114221-5&cid=2094646666.1626753903&jid=1168441685&_u=aGBAAEAKQAAAAC~&z=720157432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Jul 2021 04:05:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-100114221-5&cid=2094646666.1626753903&jid=1168441685&_u=aGBAAEAKQAAAAC~&z=720157432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Jul 2021 04:05:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/706133363/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/706133363/?random=1626753902595&cv=9&fst=1626753902595&num=1&value=0&label=EtsFCMuZtqwBEPP62tAC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fdodo24.site%2F&tiba=%F0%9F%8D%95%20%D0%94%D0%BE%D0%B4%D0%BE%20%D0%9F%D0%B8%D1%86%D1%86%D0%B0%20%7C%20%D0%A1%D0%B5%D1%82%D1%8C%20%D0%BF%D0%B8%D1%86%D1%86%D0%B5%D1%80%D0%B8%D0%B9%20%E2%84%961%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8&auid=767910549.1626753902&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
db1099e4f95b077c528bde523ced6d25a4e0a7c268a0f8804662116f93034320
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Jul 2021 04:05:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/921389490/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/921389490/?random=1626753902601&cv=9&fst=1626753902601&num=1&value=0&label=9KYSCKu_t90BELKTrbcD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fdodo24.site%2F&tiba=%F0%9F%8D%95%20%D0%94%D0%BE%D0%B4%D0%BE%20%D0%9F%D0%B8%D1%86%D1%86%D0%B0%20%7C%20%D0%A1%D0%B5%D1%82%D1%8C%20%D0%BF%D0%B8%D1%86%D1%86%D0%B5%D1%80%D0%B8%D0%B9%20%E2%84%961%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8&auid=767910549.1626753902&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
bed4a84466514cae292963a70fc54fa50e104150b8888ddec82aacb6c96ce623
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Jul 2021 04:05:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1271
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/privacysandbox/conversion/706133363/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/privacysandbox/conversion/706133363/?random=1626753902595&cv=9&fst=1626753902595&num=1&fmt=3&value=0&label=EtsFCMuZtqwBEPP62tAC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fdodo24.site%2F&tiba=%F0%9F%8D%95%20%D0%94%D0%BE%D0%B4%D0%BE%20%D0%9F%D0%B8%D1%86%D1%86%D0%B0%20%7C%20%D0%A1%D0%B5%D1%82%D1%8C%20%D0%BF%D0%B8%D1%86%D1%86%D0%B5%D1%80%D0%B8%D0%B9%20%E2%84%961%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8&auid=767910549.1626753902&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
www.google.com/pagead/privacysandbox/conversion/921389490/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/privacysandbox/conversion/921389490/?random=1626753902601&cv=9&fst=1626753902601&num=1&fmt=3&value=0&label=9KYSCKu_t90BELKTrbcD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fdodo24.site%2F&tiba=%F0%9F%8D%95%20%D0%94%D0%BE%D0%B4%D0%BE%20%D0%9F%D0%B8%D1%86%D1%86%D0%B0%20%7C%20%D0%A1%D0%B5%D1%82%D1%8C%20%D0%BF%D0%B8%D1%86%D1%86%D0%B5%D1%80%D0%B8%D0%B9%20%E2%84%961%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8&auid=767910549.1626753902&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/412211146/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/412211146/?random=1626753902606&cv=9&fst=1626753902606&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fdodo24.site%2F&tiba=%F0%9F%8D%95%20%D0%94%D0%BE%D0%B4%D0%BE%20%D0%9F%D0%B8%D1%86%D1%86%D0%B0%20%7C%20%D0%A1%D0%B5%D1%82%D1%8C%20%D0%BF%D0%B8%D1%86%D1%86%D0%B5%D1%80%D0%B8%D0%B9%20%E2%84%961%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
32dfbf2dba63fc8b5510e2b82eed5e9699213095641b17f5b9dd3822082fd919
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Jul 2021 04:05:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1070
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/691011518/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/691011518/?random=1626753902607&cv=9&fst=1626753902607&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fdodo24.site%2F&tiba=%F0%9F%8D%95%20%D0%94%D0%BE%D0%B4%D0%BE%20%D0%9F%D0%B8%D1%86%D1%86%D0%B0%20%7C%20%D0%A1%D0%B5%D1%82%D1%8C%20%D0%BF%D0%B8%D1%86%D1%86%D0%B5%D1%80%D0%B8%D0%B9%20%E2%84%961%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7e70e9d77da4715b4365519259aad335caf44e1bc3e7f1d0ff619e8fe4b362a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Jul 2021 04:05:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1070
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/706133363/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/706133363/?random=1999855223&cv=9&fst=1626753902595&num=1&value=0&label=EtsFCMuZtqwBEPP62tAC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&...
  • https://www.google.com/pagead/1p-conversion/706133363/?random=1999855223&cv=9&fst=1626753902595&num=1&value=0&label=EtsFCMuZtqwBEPP62tAC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...
  • https://www.google.de/pagead/1p-conversion/706133363/?random=1999855223&cv=9&fst=1626753902595&num=1&value=0&label=EtsFCMuZtqwBEPP62tAC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_a...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/706133363/?random=1999855223&cv=9&fst=1626753902595&num=1&value=0&label=EtsFCMuZtqwBEPP62tAC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fdodo24.site%2F&tiba=%F0%9F%8D%95%20%D0%94%D0%BE%D0%B4%D0%BE%20%D0%9F%D0%B8%D1%86%D1%86%D0%B0%20%7C%20%D0%A1%D0%B5%D1%82%D1%8C%20%D0%BF%D0%B8%D1%86%D1%86%D0%B5%D1%80%D0%B8%D0%B9%20%E2%84%961%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8&auid=767910549.1626753902&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=bkv2YMyCJo7G7_UP4eiN4AY&cid=CAQSKQCNIrLMfHA4Ov4PB2ohtC5Vh-TQxeQHNsUtieqCbpZI96fPepqDD76i&eitems=ChEI8MXUhwYQxfWEsYSY0bjmARIdAOXRx5oQ6XhQH2zdTzcUkWOVLJBxHYp7nPCd-R4&random=2090990427&resp=GooglemKTybQhCsO&ipr=y
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Jul 2021 04:05:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Jul 2021 04:05:02 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/706133363/?random=1999855223&cv=9&fst=1626753902595&num=1&value=0&label=EtsFCMuZtqwBEPP62tAC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fdodo24.site%2F&tiba=%F0%9F%8D%95%20%D0%94%D0%BE%D0%B4%D0%BE%20%D0%9F%D0%B8%D1%86%D1%86%D0%B0%20%7C%20%D0%A1%D0%B5%D1%82%D1%8C%20%D0%BF%D0%B8%D1%86%D1%86%D0%B5%D1%80%D0%B8%D0%B9%20%E2%84%961%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8&auid=767910549.1626753902&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=bkv2YMyCJo7G7_UP4eiN4AY&cid=CAQSKQCNIrLMfHA4Ov4PB2ohtC5Vh-TQxeQHNsUtieqCbpZI96fPepqDD76i&eitems=ChEI8MXUhwYQxfWEsYSY0bjmARIdAOXRx5oQ6XhQH2zdTzcUkWOVLJBxHYp7nPCd-R4&random=2090990427&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/921389490/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/921389490/?random=2018718440&cv=9&fst=1626753902601&num=1&value=0&label=9KYSCKu_t90BELKTrbcD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&...
  • https://www.google.com/pagead/1p-conversion/921389490/?random=2018718440&cv=9&fst=1626753902601&num=1&value=0&label=9KYSCKu_t90BELKTrbcD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...
  • https://www.google.de/pagead/1p-conversion/921389490/?random=2018718440&cv=9&fst=1626753902601&num=1&value=0&label=9KYSCKu_t90BELKTrbcD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_a...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/921389490/?random=2018718440&cv=9&fst=1626753902601&num=1&value=0&label=9KYSCKu_t90BELKTrbcD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fdodo24.site%2F&tiba=%F0%9F%8D%95%20%D0%94%D0%BE%D0%B4%D0%BE%20%D0%9F%D0%B8%D1%86%D1%86%D0%B0%20%7C%20%D0%A1%D0%B5%D1%82%D1%8C%20%D0%BF%D0%B8%D1%86%D1%86%D0%B5%D1%80%D0%B8%D0%B9%20%E2%84%961%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8&auid=767910549.1626753902&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=bkv2YMeDJoui7_UPyY688Ao&cid=CAQSKQCNIrLMjtbFJzp4pv0KOXEUFkQKUbbOup8E-cUcVZzKy2DazWWTgYMn&eitems=ChEI8MXUhwYQxfWEsYSY0bjmARIdAOXRx5rZCgHBtu41rR2sPon7maXQELk8nojQxwo&random=334751456&resp=GooglemKTybQhCsO&ipr=y
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Jul 2021 04:05:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Jul 2021 04:05:02 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/921389490/?random=2018718440&cv=9&fst=1626753902601&num=1&value=0&label=9KYSCKu_t90BELKTrbcD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fdodo24.site%2F&tiba=%F0%9F%8D%95%20%D0%94%D0%BE%D0%B4%D0%BE%20%D0%9F%D0%B8%D1%86%D1%86%D0%B0%20%7C%20%D0%A1%D0%B5%D1%82%D1%8C%20%D0%BF%D0%B8%D1%86%D1%86%D0%B5%D1%80%D0%B8%D0%B9%20%E2%84%961%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8&auid=767910549.1626753902&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=bkv2YMeDJoui7_UPyY688Ao&cid=CAQSKQCNIrLMjtbFJzp4pv0KOXEUFkQKUbbOup8E-cUcVZzKy2DazWWTgYMn&eitems=ChEI8MXUhwYQxfWEsYSY0bjmARIdAOXRx5rZCgHBtu41rR2sPon7maXQELk8nojQxwo&random=334751456&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CM6T_8Pi8PECFdIViwodG_QLDA;src=9750456;type=dodo_0;cat=dodo_0;ord=1;num=3141102696647;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F
adservice.google.com/ddm/fls/i/ Frame 6678 		485 B
617 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CM6T_8Pi8PECFdIViwodG_QLDA;src=9750456;type=dodo_0;cat=dodo_0;ord=1;num=3141102696647;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F
Requested by
Host: 9750456.fls.doubleclick.net
URL: https://9750456.fls.doubleclick.net/activityi;dc_pre=CM6T_8Pi8PECFdIViwodG_QLDA;src=9750456;type=dodo_0;cat=dodo_0;ord=1;num=3141102696647;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
be52760ac09c47ccaef1e57ed37311bf61a3df7a1385a4169048f82f38f25484
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.com
:scheme
https
:path
/ddm/fls/i/dc_pre=CM6T_8Pi8PECFdIViwodG_QLDA;src=9750456;type=dodo_0;cat=dodo_0;ord=1;num=3141102696647;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://9750456.fls.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://9750456.fls.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 20 Jul 2021 04:05:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
384
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles.css
static.popmechanic.ru/service/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.popmechanic.ru/service/styles.css?v=4.1.3
Requested by
Host: static.popmechanic.ru
URL: https://static.popmechanic.ru/service/loader.js?c=5758
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.151.242.16 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8f2e3ed535c2d948ea4b237be3e8c0a8f750e521a0e02087f99b00cad196fdd8

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Jul 2021 04:05:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Jul 2021 15:53:35 GMT
Server
nginx/1.18.0 (Ubuntu)
Etag
W/"4f6a0a4821e5a6bc4bcfc4ce5c19c9cb"
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS, PATCH, PUT
X-Amz-Version-Id
null
Cache-Control
max-age=864000
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/css
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-CSRFToken,Authorization
Expires
Fri, 30 Jul 2021 04:05:02 GMT
forms.js
static.popmechanic.ru/service/ 		281 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.popmechanic.ru/service/forms.js?v=4.1.3
Requested by
Host: static.popmechanic.ru
URL: https://static.popmechanic.ru/service/loader.js?c=5758
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.151.242.16 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bdb271012bbb98fadac7b5622d76afebdd7303e908e2e6977257ad6acf787fbf

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Jul 2021 04:05:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Jul 2021 15:53:35 GMT
Server
nginx/1.18.0 (Ubuntu)
Etag
W/"024939d4021c5c0e8cfabc77a7614730"
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS, PATCH, PUT
X-Amz-Version-Id
null
Cache-Control
max-age=864000
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-CSRFToken,Authorization
Expires
Fri, 30 Jul 2021 04:05:02 GMT
rtrg
vk.com/ 		49 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/rtrg?p=VK-RTRG-295202-bQnG6&metatag_url=https%3A%2F%2Fdodo24.site%2F&metatag_title=%F0%9F%8D%95%20%D0%94%D0%BE%D0%B4%D0%BE%20%D0%9F%D0%B8%D1%86%D1%86%D0%B0%20%7C%20%D0%A1%D0%B5%D1%82%D1%8C%20%D0%BF%D0%B8%D1%86%D1%86%D0%B5%D1%80%D0%B8%D0%B9%20%E2%84%961%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv72-190-240-87.vk.com
Software
kittenx / KPHP/7.4.107895
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 04:05:02 GMT
content-encoding
gzip
x-frontend
front224207
server
kittenx
x-powered-by
KPHP/7.4.107895
strict-transport-security
max-age=15768000
content-type
image/gif
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
65
rtrg
vk.com/ 		49 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/rtrg?p=VK-RTRG-317677-g8d6V&metatag_url=https%3A%2F%2Fdodo24.site%2F&metatag_title=%F0%9F%8D%95%20%D0%94%D0%BE%D0%B4%D0%BE%20%D0%9F%D0%B8%D1%86%D1%86%D0%B0%20%7C%20%D0%A1%D0%B5%D1%82%D1%8C%20%D0%BF%D0%B8%D1%86%D1%86%D0%B5%D1%80%D0%B8%D0%B9%20%E2%84%961%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv72-190-240-87.vk.com
Software
kittenx / KPHP/7.4.107895
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 04:05:02 GMT
content-encoding
gzip
x-frontend
front224207
server
kittenx
x-powered-by
KPHP/7.4.107895
strict-transport-security
max-age=15768000
content-type
image/gif
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
65
/
www.google.com/pagead/1p-user-list/412211146/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/412211146/?random=1626753902606&cv=9&fst=1626753600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7j0&sendb=1&frm=0&url=https%3A%2F%2Fdodo24.site%2F&tiba=%F0%9F%8D%95%20%D0%94%D0%BE%D0%B4%D0%BE%20%D0%9F%D0%B8%D1%86%D1%86%D0%B0%20%7C%20%D0%A1%D0%B5%D1%82%D1%8C%20%D0%BF%D0%B8%D1%86%D1%86%D0%B5%D1%80%D0%B8%D0%B9%20%E2%84%961%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8&async=1&fmt=3&is_vtc=1&random=4073393747&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Jul 2021 04:05:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/412211146/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/412211146/?random=1626753902606&cv=9&fst=1626753600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7j0&sendb=1&frm=0&url=https%3A%2F%2Fdodo24.site%2F&tiba=%F0%9F%8D%95%20%D0%94%D0%BE%D0%B4%D0%BE%20%D0%9F%D0%B8%D1%86%D1%86%D0%B0%20%7C%20%D0%A1%D0%B5%D1%82%D1%8C%20%D0%BF%D0%B8%D1%86%D1%86%D0%B5%D1%80%D0%B8%D0%B9%20%E2%84%961%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8&async=1&fmt=3&is_vtc=1&random=4073393747&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Jul 2021 04:05:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CM6T_8Pi8PECFdIViwodG_QLDA;src=9750456;type=dodo_0;cat=dodo_0;ord=1;num=3141102696647;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F
adservice.google.de/ddm/fls/i/ Frame D3E9 		194 B
391 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CM6T_8Pi8PECFdIViwodG_QLDA;src=9750456;type=dodo_0;cat=dodo_0;ord=1;num=3141102696647;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CM6T_8Pi8PECFdIViwodG_QLDA;src=9750456;type=dodo_0;cat=dodo_0;ord=1;num=3141102696647;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.de
:scheme
https
:path
/ddm/fls/i/dc_pre=CM6T_8Pi8PECFdIViwodG_QLDA;src=9750456;type=dodo_0;cat=dodo_0;ord=1;num=3141102696647;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adservice.google.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adservice.google.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 20 Jul 2021 04:05:02 GMT
expires
Tue, 20 Jul 2021 04:05:02 GMT
cache-control
private, max-age=0
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
177
x-xss-protection
0
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
dc_pre=CPyXgMTi8PECFQuyewod3mAMhQ;src=10380332;type=invmedia;cat=webal0;ord=1;num=8613206879952;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F
adservice.google.com/ddm/fls/i/ Frame 0D2A 		488 B
413 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CPyXgMTi8PECFQuyewod3mAMhQ;src=10380332;type=invmedia;cat=webal0;ord=1;num=8613206879952;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F
Requested by
Host: 10380332.fls.doubleclick.net
URL: https://10380332.fls.doubleclick.net/activityi;dc_pre=CPyXgMTi8PECFQuyewod3mAMhQ;src=10380332;type=invmedia;cat=webal0;ord=1;num=8613206879952;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F?
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb86393c8aef5ab7b5c17dc792a5dd571927ace0b6c258164121680c188c94de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.com
:scheme
https
:path
/ddm/fls/i/dc_pre=CPyXgMTi8PECFQuyewod3mAMhQ;src=10380332;type=invmedia;cat=webal0;ord=1;num=8613206879952;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://10380332.fls.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://10380332.fls.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 20 Jul 2021 04:05:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
390
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
www.google.com/pagead/1p-user-list/691011518/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/691011518/?random=1626753902607&cv=9&fst=1626753600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7j0&sendb=1&frm=0&url=https%3A%2F%2Fdodo24.site%2F&tiba=%F0%9F%8D%95%20%D0%94%D0%BE%D0%B4%D0%BE%20%D0%9F%D0%B8%D1%86%D1%86%D0%B0%20%7C%20%D0%A1%D0%B5%D1%82%D1%8C%20%D0%BF%D0%B8%D1%86%D1%86%D0%B5%D1%80%D0%B8%D0%B9%20%E2%84%961%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8&async=1&fmt=3&is_vtc=1&random=3262079918&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Jul 2021 04:05:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/691011518/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/691011518/?random=1626753902607&cv=9&fst=1626753600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7j0&sendb=1&frm=0&url=https%3A%2F%2Fdodo24.site%2F&tiba=%F0%9F%8D%95%20%D0%94%D0%BE%D0%B4%D0%BE%20%D0%9F%D0%B8%D1%86%D1%86%D0%B0%20%7C%20%D0%A1%D0%B5%D1%82%D1%8C%20%D0%BF%D0%B8%D1%86%D1%86%D0%B5%D1%80%D0%B8%D0%B9%20%E2%84%961%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8&async=1&fmt=3&is_vtc=1&random=3262079918&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Jul 2021 04:05:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9339.yjv3yXJ3nRBxjtMgcSb0ssaPEnKtYJ9pB7okJAxwsI-kOyWNIx4gS_F9nCCS-8Kb.rg1W0C4pXor7E2IB3zeY4TPKOqw%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9339.Lw2JESvpfn0JHGvSJ7QZuGxO4QAB5fn5pgFHnekfbS6t_gQ9WR5Ltleewq_o8Jg7xtDmlPAohduJ_H0PUuZ8Hg%2C%2C.aoApwSFJpCpU0CVeLQf8GLJJe4Y%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9339.Lw2JESvpfn0JHGvSJ7QZuGxO4QAB5fn5pgFHnekfbS6t_gQ9WR5Ltleewq_o8Jg7xtDmlPAohduJ_H0PUuZ8Hg%2C%2C.aoApwSFJpCpU0CVeLQf8GLJJe4Y%2C
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 04:05:03 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9339.Lw2JESvpfn0JHGvSJ7QZuGxO4QAB5fn5pgFHnekfbS6t_gQ9WR5Ltleewq_o8Jg7xtDmlPAohduJ_H0PUuZ8Hg%2C%2C.aoApwSFJpCpU0CVeLQf8GLJJe4Y%2C
date
Tue, 20 Jul 2021 04:05:03 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 04:05:02 GMT
last-modified
Thu, 15 Jul 2021 10:21:03 GMT
etag
"60ec4755-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Tue, 20 Jul 2021 05:05:02 GMT
rtrg
vk.com/ 		49 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/rtrg?p=VK-RTRG-656772-dXwWH&metatag_url=https%3A%2F%2Fdodo24.site%2F&metatag_title=%F0%9F%8D%95%20%D0%94%D0%BE%D0%B4%D0%BE%20%D0%9F%D0%B8%D1%86%D1%86%D0%B0%20%7C%20%D0%A1%D0%B5%D1%82%D1%8C%20%D0%BF%D0%B8%D1%86%D1%86%D0%B5%D1%80%D0%B8%D0%B9%20%E2%84%961%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv72-190-240-87.vk.com
Software
kittenx / KPHP/7.4.107895
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 04:05:02 GMT
content-encoding
gzip
x-frontend
front224207
server
kittenx
x-powered-by
KPHP/7.4.107895
strict-transport-security
max-age=15768000
content-type
image/gif
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
65
rtrg
vk.com/ 		49 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/rtrg?p=VK-RTRG-894183-cs5rK&metatag_url=https%3A%2F%2Fdodo24.site%2F&metatag_title=%F0%9F%8D%95%20%D0%94%D0%BE%D0%B4%D0%BE%20%D0%9F%D0%B8%D1%86%D1%86%D0%B0%20%7C%20%D0%A1%D0%B5%D1%82%D1%8C%20%D0%BF%D0%B8%D1%86%D1%86%D0%B5%D1%80%D0%B8%D0%B9%20%E2%84%961%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv72-190-240-87.vk.com
Software
kittenx / KPHP/7.4.107895
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 04:05:02 GMT
content-encoding
gzip
x-frontend
front224207
server
kittenx
x-powered-by
KPHP/7.4.107895
strict-transport-security
max-age=15768000
content-type
image/gif
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
65
rtrg
vk.com/ 		49 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/rtrg?p=VK-RTRG-827517-7I35B&metatag_url=https%3A%2F%2Fdodo24.site%2F&metatag_title=%F0%9F%8D%95%20%D0%94%D0%BE%D0%B4%D0%BE%20%D0%9F%D0%B8%D1%86%D1%86%D0%B0%20%7C%20%D0%A1%D0%B5%D1%82%D1%8C%20%D0%BF%D0%B8%D1%86%D1%86%D0%B5%D1%80%D0%B8%D0%B9%20%E2%84%961%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv72-190-240-87.vk.com
Software
kittenx / KPHP/7.4.107895
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 04:05:02 GMT
content-encoding
gzip
x-frontend
front224207
server
kittenx
x-powered-by
KPHP/7.4.107895
strict-transport-security
max-age=15768000
content-type
image/gif
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
65
track-visit
api.mindbox.ru/v1.1/customer/ 		134 B
875 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mindbox.ru/v1.1/customer/track-visit?version=1.0.207&transport=XmlHttpRequest
Requested by
Host: api.mindbox.ru
URL: https://api.mindbox.ru/scripts/v1/tracker.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
84.252.130.113 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
Kestrel /
Resource Hash
f0d036cc9d3fd99b06e2ac5d332385326de1c1e1361942fe9e40f5dae706d1c4
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=315360000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' 'unsafe-inline'
x-content-type-options
nosniff
content-length
134
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
server
Kestrel
x-frame-options
DENY
date
Tue, 20 Jul 2021 04:05:02 GMT
strict-transport-security
max-age=315360000; includeSubDomains; preload
content-type
application/json; charset=utf-8
access-control-allow-origin
https://dodo24.site
cache-control
no-cache, no-store, must-revalidate
feature-policy
vibrate 'self'
access-control-allow-credentials
true
expires
-1
rtrg
vk.com/ 		49 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/rtrg?p=VK-RTRG-295202-bQnG6&metatag_url=https%3A%2F%2Fdodo24.site%2F&metatag_title=%F0%9F%8D%95%20%D0%94%D0%BE%D0%B4%D0%BE%20%D0%9F%D0%B8%D1%86%D1%86%D0%B0%20%7C%20%D0%A1%D0%B5%D1%82%D1%8C%20%D0%BF%D0%B8%D1%86%D1%86%D0%B5%D1%80%D0%B8%D0%B9%20%E2%84%961%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8
Requested by
Host: vk.com
URL: https://vk.com/js/api/openapi.js?159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv72-190-240-87.vk.com
Software
kittenx / KPHP/7.4.107895
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 04:05:02 GMT
content-encoding
gzip
x-frontend
front224207
server
kittenx
x-powered-by
KPHP/7.4.107895
strict-transport-security
max-age=15768000
content-type
image/gif
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
65
rtrg
vk.com/ 		49 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/rtrg?p=VK-RTRG-469948-i0xO3&metatag_url=https%3A%2F%2Fdodo24.site%2F&metatag_title=%F0%9F%8D%95%20%D0%94%D0%BE%D0%B4%D0%BE%20%D0%9F%D0%B8%D1%86%D1%86%D0%B0%20%7C%20%D0%A1%D0%B5%D1%82%D1%8C%20%D0%BF%D0%B8%D1%86%D1%86%D0%B5%D1%80%D0%B8%D0%B9%20%E2%84%961%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv72-190-240-87.vk.com
Software
kittenx / KPHP/7.4.107895
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 04:05:02 GMT
content-encoding
gzip
x-frontend
front224207
server
kittenx
x-powered-by
KPHP/7.4.107895
strict-transport-security
max-age=15768000
content-type
image/gif
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
65
counter
top-fwz1.mail.ru/ 		43 B
879 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/counter?js=13;id=3202752;u=https%3A//dodo24.site/;st=1626753901739;title=%F0%9F%8D%95%20%D0%94%D0%BE%D0%B4%D0%BE%20%D0%9F%D0%B8%D1%86%D1%86%D0%B0%20%7C%20%D0%A1%D0%B5%D1%82%D1%8C%20%D0%BF%D0%B8%D1%86%D1%86%D0%B5%D1%80%D0%B8%D0%B9%20%E2%84%961%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=24b954426c2729e1;ver=60.3.0;tz=-120%2FEurope%2FBerlin;ni=9.4//4g/0/0/;lvid=1626753902924%3A1626753902926%3A1%3Afd2f3340e418c37f1af5ccde8bf8bfee;opts=dl;_=0.8162076934139335
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 20 Jul 2021 04:05:02 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
https://dodo24.site
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://dodo24.site
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory
timing-allow-origin
https://dodo24.site
access-control-allow-headers
*
counter
top-fwz1.mail.ru/ 		43 B
881 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/counter?js=13;id=3209492;u=https%3A//dodo24.site/;st=1626753901739;pid=USER_ID;title=%F0%9F%8D%95%20%D0%94%D0%BE%D0%B4%D0%BE%20%D0%9F%D0%B8%D1%86%D1%86%D0%B0%20%7C%20%D0%A1%D0%B5%D1%82%D1%8C%20%D0%BF%D0%B8%D1%86%D1%86%D0%B5%D1%80%D0%B8%D0%B9%20%E2%84%961%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=24b954426c2729e1;ver=60.3.0;tz=-120%2FEurope%2FBerlin;ni=9.4//4g/0/0/;lvid=1626753902924%3A1626753902927%3A2%3Afd2f3340e418c37f1af5ccde8bf8bfee;opts=sec%2Cdl;_=0.31798521072361585
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 20 Jul 2021 04:05:02 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
https://dodo24.site
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://dodo24.site
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory
timing-allow-origin
https://dodo24.site
access-control-allow-headers
*
tracker
top-fwz1.mail.ru/ 		43 B
880 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/tracker?js=13;id=3202752;u=https%3A//dodo24.site/;st=1626753901739;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=24b954426c2729e1;ver=60.3.0;tz=-120%2FEurope%2FBerlin;nt=0/0/1626753901054/////519/519/519/519/589/552/589/654/677/656/685/903/903/1319/1320/1320;ni=9.4//4g/0/0/;lvid=1626753902924%3A1626753902929%3A3%3Afd2f3340e418c37f1af5ccde8bf8bfee;opts=dl;_=0.9206897514660877;e=RT/load;et=1626753902928
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 20 Jul 2021 04:05:02 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
https://dodo24.site
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://dodo24.site
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory
timing-allow-origin
https://dodo24.site
access-control-allow-headers
*
tracker
top-fwz1.mail.ru/ 		43 B
882 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/tracker?js=13;id=3209492;u=https%3A//dodo24.site/;st=1626753901739;pid=USER_ID;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=24b954426c2729e1;ver=60.3.0;tz=-120%2FEurope%2FBerlin;nt=0/0/1626753901054/////519/519/519/519/589/552/589/654/677/656/685/903/903/1319/1320/1320;ni=9.4//4g/0/0/;lvid=1626753902924%3A1626753902930%3A4%3Afd2f3340e418c37f1af5ccde8bf8bfee;opts=sec%2Cdl;_=0.07564707544394089;e=RT/load;et=1626753902928
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 20 Jul 2021 04:05:02 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
https://dodo24.site
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://dodo24.site
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory
timing-allow-origin
https://dodo24.site
access-control-allow-headers
*
conversion.js
www.googleadservices.com/pagead/ Frame AFED 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: 10580686.fls.doubleclick.net
URL: https://10580686.fls.doubleclick.net/activityi;dc_pre=CO3AgcTi8PECFUqddwod92sEgQ;src=10580686;type=count;cat=dodoa0;ord=1246415434295;gtm=2wg7j0;auiddc=767910549.1626753902;u1=2094646666.1626753903;u2=null;u3=null;u4=null;u5=null;u6=null;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F?
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
7f910a1e8b2da14636a741dbc704263fd7d9fd021284a40e9b44ac6dd470fb3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://10580686.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 04:05:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17224
x-xss-protection
0
server
cafe
etag
1232925476602830293
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 20 Jul 2021 04:05:02 GMT
dc_pre=CO3AgcTi8PECFUqddwod92sEgQ;src=10580686;type=count;cat=dodoa0;ord=1246415434295;gtm=2wg7j0;auiddc=*;u1=2094646666.1626753903;u2=null;u3=null;u4=null;u5=null;u6=null;ps=1;~oref=https%3A%2F%2F...
adservice.google.com/ddm/fls/z/ Frame AFED 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CO3AgcTi8PECFUqddwod92sEgQ;src=10580686;type=count;cat=dodoa0;ord=1246415434295;gtm=2wg7j0;auiddc=*;u1=2094646666.1626753903;u2=null;u3=null;u4=null;u5=null;u6=null;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F
Requested by
Host: 10580686.fls.doubleclick.net
URL: https://10580686.fls.doubleclick.net/activityi;dc_pre=CO3AgcTi8PECFUqddwod92sEgQ;src=10580686;type=count;cat=dodoa0;ord=1246415434295;gtm=2wg7j0;auiddc=767910549.1626753902;u1=2094646666.1626753903;u2=null;u3=null;u4=null;u5=null;u6=null;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F?
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://10580686.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Jul 2021 04:05:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
identify.js
analytics.tiktok.com/i18n/pixel/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C15MT7ICBTHJIASGT4F0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-160.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
da556df4dc2e8a01fc001ae2a2446328a6615e19a40e9113a8718f0ac018d2c4

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-request-id
4224d86b.1b410f45
date
Tue, 20 Jul 2021 04:05:03 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-53-33-221.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-186-156.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time
165,2.16.186.156
server-timing
cdn-cache; desc=MISS, edge; dur=155, origin; dur=10, inner; dur=0
pragma
no-cache
server
nginx
x-tt-logid
20210720040503010245002169391CC3D7
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
10,23.53.33.221
x-tt-trace-host
017e91b44d650fd63de34512f3821367f1ca3921f1a4e608e2d6bfbfdf8b1b9ab4a0badaf3f3fac9c8dc0c0cf29dcf308e6174b1871c770979e9436c6b5b9169f6ef6d8c5fb2b30446f9f59676796f9b65fe01f69c8eb117f71afad99d74dac8319e1903712fae4195a2298248e20d149b
expires
Tue, 20 Jul 2021 04:05:03 GMT
config.js
analytics.tiktok.com/i18n/pixel/ 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C15MT7ICBTHJIASGT4F0&hostname=dodo24.site
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C15MT7ICBTHJIASGT4F0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-160.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b8ca951526d0ec9fe02bc085c3d10aed59ac577db36d4ee1348fec7f89b1f0b0

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-request-id
8ad46614.1b410f55
date
Tue, 20 Jul 2021 04:05:03 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-53-33-150.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-186-156.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time
199,2.16.186.156
server-timing
cdn-cache; desc=MISS, edge; dur=156, origin; dur=43, inner; dur=28
content-length
19867
pragma
no-cache
server
nginx
x-tt-logid
202107200405030102450310563C1CEEE8
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
43,23.53.33.150
x-tt-trace-host
017e91b44d650fd63de34512f3821367f1ca3921f1a4e608e2d6bfbfdf8b1b9ab480e28a7f559394624b431a81dab57aa048756b1b9c53a2cc400a50d0cc724399796c184bbea37c522ecd761475f9ad397de9f9f8b218b9cf02f96f6a24895014dd1d007397b14b10fcc280ca2c5ee0e7
expires
Tue, 20 Jul 2021 04:05:03 GMT
config.js
analytics.tiktok.com/i18n/pixel/ 		668 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C2STHMKAJ6IC584G88I0&hostname=dodo24.site
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C15MT7ICBTHJIASGT4F0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-160.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1decdd707d5c98649439c338e92432b9a4683218e6a0f1caa1946d28ecad73c2

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-request-id
3dcf30fc.1b410f57
date
Tue, 20 Jul 2021 04:05:03 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-53-33-159.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-186-156.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time
182,2.16.186.156
server-timing
cdn-cache; desc=MISS, edge; dur=161, origin; dur=21, inner; dur=16
content-length
297
pragma
no-cache
server
nginx
x-tt-logid
20210720040503010245027150161D5E91
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
21,23.53.33.159
x-tt-trace-host
017e91b44d650fd63de34512f3821367f1ca3921f1a4e608e2d6bfbfdf8b1b9ab4a8dc9f869dc0fa194b40f170bd8f516b62b3e2bcf8a452e2b3a0b80f7054bbcae2a4ec2f91f44d59292d5da5ca87cf07c4866567c7848ce446c60dd2bf58ab0f9fe9c3ee92915f9f5410d12ffa9d1b5e
expires
Tue, 20 Jul 2021 04:05:03 GMT
1726128750789379
connect.facebook.net/signals/config/ 		261 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1726128750789379?v=2.9.43&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dc301c09ebc572393551b802d5544e712760f253502bfdb0988771c152ce048b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
+AGkRC+Bvq96+nPpBGqRXJzTyGMeBBuDq+rmx9/Z3/IhhAgxrqZUKD6JBlb8dz0EtGjA8B3s41ud0Iq/H61C+A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 20 Jul 2021 04:05:03 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2212104589051996&ev=PageView&dl=https%3A%2F%2Fdodo24.site%2F&rl=&if=false&ts=1626753902982&sw=1600&sh=1200&v=2.9.43&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1626753902981.149841552&it=1626753902533&coo=false&tm=1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 04:05:02 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 20 Jul 2021 04:05:02 GMT
dc_pre=CPyXgMTi8PECFQuyewod3mAMhQ;src=10380332;type=invmedia;cat=webal0;ord=1;num=8613206879952;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F
adservice.google.de/ddm/fls/i/ Frame 1F47 		194 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CPyXgMTi8PECFQuyewod3mAMhQ;src=10380332;type=invmedia;cat=webal0;ord=1;num=8613206879952;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CPyXgMTi8PECFQuyewod3mAMhQ;src=10380332;type=invmedia;cat=webal0;ord=1;num=8613206879952;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.de
:scheme
https
:path
/ddm/fls/i/dc_pre=CPyXgMTi8PECFQuyewod3mAMhQ;src=10380332;type=invmedia;cat=webal0;ord=1;num=8613206879952;gtm=2wg7j0;auiddc=767910549.1626753902;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adservice.google.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adservice.google.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 20 Jul 2021 04:05:03 GMT
expires
Tue, 20 Jul 2021 04:05:03 GMT
cache-control
private, max-age=0
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
177
x-xss-protection
0
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
/
www.googleadservices.com/pagead/conversion/411044958/ Frame AFED 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/411044958/?random=1626753903024&cv=9&fst=1626753903024&num=1&npa=1&label=tJlbCIywk_kBEN6YgMQB&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10580686.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCO3AgcTi8PECFUqddwod92sEgQ%3Bsrc%3D10580686%3Btype%3Dcount%3Bcat%3Ddodoa0%3Bord%3D1246415434295%3Bgtm%3D2wg7j0%3Bauiddc%3D767910549.1626753902%3Bu1%3D2094646666.1626753903%3Bu2%3Dnull%3Bu3%3Dnull%3Bu4%3Dnull%3Bu5%3Dnull%3Bu6%3Dnull%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fdodo24.site%252F%3F&ref=https%3A%2F%2Fdodo24.site%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
c239f55bbddc39286c3d58356932feb3016f2a3ce6433cff1928a4329ad8028d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://10580686.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Jul 2021 04:05:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1252
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/411044958/ Frame AFED
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/411044958/?random=890270672&cv=9&fst=1626753903024&num=1&npa=1&label=tJlbCIywk_kBEN6YgMQB&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w...
  • https://www.google.com/pagead/1p-conversion/411044958/?random=890270672&cv=9&fst=1626753903024&num=1&npa=1&label=tJlbCIywk_kBEN6YgMQB&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=...
  • https://www.google.de/pagead/1p-conversion/411044958/?random=890270672&cv=9&fst=1626753903024&num=1&npa=1&label=tJlbCIywk_kBEN6YgMQB&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/411044958/?random=890270672&cv=9&fst=1626753903024&num=1&npa=1&label=tJlbCIywk_kBEN6YgMQB&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10580686.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCO3AgcTi8PECFUqddwod92sEgQ%3Bsrc%3D10580686%3Btype%3Dcount%3Bcat%3Ddodoa0%3Bord%3D1246415434295%3Bgtm%3D2wg7j0%3Bauiddc%3D767910549.1626753902%3Bu1%3D2094646666.1626753903%3Bu2%3Dnull%3Bu3%3Dnull%3Bu4%3Dnull%3Bu5%3Dnull%3Bu6%3Dnull%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fdodo24.site%252F%3F&ref=https%3A%2F%2Fdodo24.site%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=b0v2YIjJArnE7_UPp7GSYA&cid=CAQSKQCNIrLMeIQodzhoWUeu6glPj6Vn17IFnMDl_KxwFs3TjqD924HySsv8&random=3771030865&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: 10580686.fls.doubleclick.net
URL: https://10580686.fls.doubleclick.net/activityi;dc_pre=CO3AgcTi8PECFUqddwod92sEgQ;src=10580686;type=count;cat=dodoa0;ord=1246415434295;gtm=2wg7j0;auiddc=767910549.1626753902;u1=2094646666.1626753903;u2=null;u3=null;u4=null;u5=null;u6=null;ps=1;~oref=https%3A%2F%2Fdodo24.site%2F?
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://10580686.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Jul 2021 04:05:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Jul 2021 04:05:03 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/411044958/?random=890270672&cv=9&fst=1626753903024&num=1&npa=1&label=tJlbCIywk_kBEN6YgMQB&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10580686.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCO3AgcTi8PECFUqddwod92sEgQ%3Bsrc%3D10580686%3Btype%3Dcount%3Bcat%3Ddodoa0%3Bord%3D1246415434295%3Bgtm%3D2wg7j0%3Bauiddc%3D767910549.1626753902%3Bu1%3D2094646666.1626753903%3Bu2%3Dnull%3Bu3%3Dnull%3Bu4%3Dnull%3Bu5%3Dnull%3Bu6%3Dnull%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fdodo24.site%252F%3F&ref=https%3A%2F%2Fdodo24.site%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=b0v2YIjJArnE7_UPp7GSYA&cid=CAQSKQCNIrLMeIQodzhoWUeu6glPj6Vn17IFnMDl_KxwFs3TjqD924HySsv8&random=3771030865&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
mc.yandex.com/watch/45773817/
Redirect Chain
  • https://mc.yandex.com/watch/45773817?wmode=7&page-url=https%3A%2F%2Fdodo24.site%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A1212%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen...
  • https://mc.yandex.com/watch/45773817/1?wmode=7&page-url=https%3A%2F%2Fdodo24.site%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A1212%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...
335 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/45773817/1?wmode=7&page-url=https%3A%2F%2Fdodo24.site%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A1212%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A624308744782%3Ahid%3A459178176%3Az%3A120%3Ai%3A20210720060502%3Aet%3A1626753903%3Ac%3A1%3Arn%3A161297301%3Au%3A162675390332065447%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1626753901054%3Ads%3A0%2C70%2C65%2C23%2C519%2C0%2C%2C29%2C0%2C1319%2C1320%2C0%2C903%3Adsn%3A0%2C69%2C65%2C23%2C519%2C0%2C%2C8%2C0%2C1319%2C1320%2C0%2C904%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1626753903%3At%3A%F0%9F%8D%95%20%D0%94%D0%BE%D0%B4%D0%BE%20%D0%9F%D0%B8%D1%86%D1%86%D0%B0%20%7C%20%D0%A1%D0%B5%D1%82%D1%8C%20%D0%BF%D0%B8%D1%86%D1%86%D0%B5%D1%80%D0%B8%D0%B9%20%E2%84%961%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
26ca3ddbe3ab42b3e1fa8e1591d999f9578e6f709d2c30ac802385d55018db9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Jul 2021 04:05:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 20-Jul-2021 04:05:03 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://dodo24.site
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
335
x-xss-protection
1; mode=block
expires
Tue, 20-Jul-2021 04:05:03 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Jul 2021 04:05:03 GMT
last-modified
Tue, 20-Jul-2021 04:05:03 GMT
location
/watch/45773817/1?wmode=7&page-url=https%3A%2F%2Fdodo24.site%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A1212%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A624308744782%3Ahid%3A459178176%3Az%3A120%3Ai%3A20210720060502%3Aet%3A1626753903%3Ac%3A1%3Arn%3A161297301%3Au%3A162675390332065447%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1626753901054%3Ads%3A0%2C70%2C65%2C23%2C519%2C0%2C%2C29%2C0%2C1319%2C1320%2C0%2C903%3Adsn%3A0%2C69%2C65%2C23%2C519%2C0%2C%2C8%2C0%2C1319%2C1320%2C0%2C904%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1626753903%3At%3A%F0%9F%8D%95%20%D0%94%D0%BE%D0%B4%D0%BE%20%D0%9F%D0%B8%D1%86%D1%86%D0%B0%20%7C%20%D0%A1%D0%B5%D1%82%D1%8C%20%D0%BF%D0%B8%D1%86%D1%86%D0%B5%D1%80%D0%B8%D0%B9%20%E2%84%961%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8
strict-transport-security
max-age=31536000
access-control-allow-origin
https://dodo24.site
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 20-Jul-2021 04:05:03 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
734 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C15MT7ICBTHJIASGT4F0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-160.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
3c6de28b.1b41101d
date
Tue, 20 Jul 2021 04:05:03 GMT
x-cache-remote
TCP_MISS from a23-53-33-180.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
upstream-caught
1626753903277298
x-cache
TCP_MISS from a2-16-186-156.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-parent-response-time
165,2.16.186.156
server-timing
cdn-cache; desc=MISS, edge; dur=152, origin; dur=13, inner; dur=8
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202107200405030102450310413D1DB3E2
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
13,23.53.33.180
x-tt-trace-host
017e91b44d650fd63de34512f3821367f1ca3921f1a4e608e2d6bfbfdf8b1b9ab4ad5e01adf9eb8d69f997c34d937ef1a75e03869b8c94c9a763b212d4e85000095f4e282b04d8e8b04168a153f24f6a44f30e23465c9af4ec28417b122f5a8566286fad66bbe6b93e56dd6d9ec2568cc6
expires
Tue, 20 Jul 2021 04:05:03 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
735 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C15MT7ICBTHJIASGT4F0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-160.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
80ca32c7.1b411039
date
Tue, 20 Jul 2021 04:05:03 GMT
x-cache-remote
TCP_MISS from a23-53-33-183.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
upstream-caught
1626753903303440
x-cache
TCP_MISS from a2-16-186-156.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-parent-response-time
170,2.16.186.156
server-timing
cdn-cache; desc=MISS, edge; dur=160, origin; dur=12, inner; dur=8
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202107200405030102450491834A1CFDD9
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
12,23.53.33.183
x-tt-trace-host
017e91b44d650fd63de34512f3821367f1ca3921f1a4e608e2d6bfbfdf8b1b9ab427c4b788b76ddd56c1a24857ca503c71123be7105b9a69e5365e4bc59627d929bdb9b07586e8f8efd66311930dac6a220867b1e5a0ead9d706fdb9fe0c9e8ce8b0cc36add93d91fcb3f3bebf107b9df6
expires
Tue, 20 Jul 2021 04:05:03 GMT
2952946128137598
connect.facebook.net/signals/config/ 		261 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2952946128137598?v=2.9.43&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ad2732d60ccfcd8ca762865a8dec3e4e339dd96e897bf2a2566860a0a13bb895
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
BCx3xbKiBlJw1ETxrDaSAecUhzS//vFGvGXTL5sFjJVE0adIvQmiXHRXfvaYi2L7XuvIbdxB8djHeKMx5gfAyQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 20 Jul 2021 04:05:03 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1726128750789379&ev=PageView&dl=https%3A%2F%2Fdodo24.site%2F&rl=&if=false&ts=1626753903222&sw=1600&sh=1200&v=2.9.43&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1626753902981.149841552&it=1626753902533&coo=false&tm=1&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 04:05:03 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Tue, 20 Jul 2021 04:05:03 GMT
1152979181827953
connect.facebook.net/signals/config/ 		261 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1152979181827953?v=2.9.43&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
415cf082e9ef4b988a490467d050d5edfe92bebf10e401a241b798708d01b528
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c;
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
SOwjZAXqo9YvWpswaRlvteiDe5gLUNKnQG3vSPThYicB5O0VE4Ik0WesKH+5JjSmdxYLo89SF8tPYbx/c+1cGw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 20 Jul 2021 04:05:04 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2212104589051996&ev=PageView&dl=https%3A%2F%2Fdodo24.site%2F&rl=&if=false&ts=1626753903512&sw=1600&sh=1200&v=2.9.43&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1626753902981.149841552&it=1626753902533&coo=false&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 04:05:03 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Tue, 20 Jul 2021 04:05:03 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1726128750789379&ev=PageView&dl=https%3A%2F%2Fdodo24.site%2F&rl=&if=false&ts=1626753903513&sw=1600&sh=1200&v=2.9.43&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1626753902981.149841552&it=1626753902533&coo=false&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 04:05:03 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Tue, 20 Jul 2021 04:05:03 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2952946128137598&ev=PageView&dl=https%3A%2F%2Fdodo24.site%2F&rl=&if=false&ts=1626753903515&sw=1600&sh=1200&v=2.9.43&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1626753902981.149841552&it=1626753902533&coo=false&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 04:05:03 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Tue, 20 Jul 2021 04:05:03 GMT
/
www.facebook.com/tr/ 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryMMEh9RBx16peCyZn

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Tue, 20 Jul 2021 04:05:04 GMT
content-type
text/plain
access-control-allow-origin
https://dodo24.site
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
/
www.facebook.com/tr/ 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryYftliZJAIs53ZAAV

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Tue, 20 Jul 2021 04:05:04 GMT
content-type
text/plain
access-control-allow-origin
https://dodo24.site
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
/
www.facebook.com/tr/ 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarymvJwdO41AgZ40QpA

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Tue, 20 Jul 2021 04:05:04 GMT
content-type
text/plain
access-control-allow-origin
https://dodo24.site
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1152979181827953&ev=PageView&dl=https%3A%2F%2Fdodo24.site%2F&rl=&if=false&ts=1626753904264&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=30&fbp=fb.1.1626753902981.149841552&it=1626753902533&coo=false&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 04:05:04 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Tue, 20 Jul 2021 04:05:04 GMT
/
www.facebook.com/tr/ 		0
104 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryGIADL7h2WS7IXSm3

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Tue, 20 Jul 2021 04:05:04 GMT
content-type
text/plain
access-control-allow-origin
https://dodo24.site
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
45773817
mc.yandex.com/webvisor/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/45773817?wmode=0&wv-part=1&wv-hit=459178176&page-url=https%3A%2F%2Fdodo24.site%2F&rn=364152688&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1626753906%3Aw%3A1600x1200%3Av%3A591%3Az%3A120%3Ai%3A20210720060505%3Au%3A162675390332065447%3Avf%3A4uzkmd4e35cd16k0n%3Awe%3A1%3Ati%3A2%3Ast%3A1626753906
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Jul 2021 04:05:05 GMT
last-modified
Tue, 20-Jul-2021 04:05:05 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://dodo24.site
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 20-Jul-2021 04:05:05 GMT
45773817
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/45773817?wmode=0&wv-part=1&wv-hit=459178176&page-url=https%3A%2F%2Fdodo24.site%2F&rn=160506131&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1626753906%3Aw%3A1600x1200%3Av%3A591%3Az%3A120%3Ai%3A20210720060505%3Au%3A162675390332065447%3Avf%3A4uzkmd4e35cd16k0n%3Awe%3A1%3Ati%3A2%3Ast%3A1626753906
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dodo24.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Jul 2021 04:05:05 GMT
last-modified
Tue, 20-Jul-2021 04:05:05 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://dodo24.site
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 20-Jul-2021 04:05:05 GMT

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| settings string| cdnHost object| webpackJsonp object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| _ object| dataLayer object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga function| vkAsyncInit number| openapiInject function| fbq function| _fbq object| _fbq_gtm_ids function| ym object| fran_link_nav object| fran_link_foot object| fran_link_mob object| phone_free_dsk object| phone_free_mb object| phone_free_mf number| currentTimestamp undefined| localStorageTimestamp undefined| previousTimestamp undefined| visitsDifference undefined| trackUserHistory object| __dmp_config function| setSpecCookie function| my_callback object| _tmr object| cookie_date string| deduplication_cookie_value string| TiktokAnalyticsObject object| ttq string| cityads_deduplication_cookie_value function| setCookie string| tel_href string| tel_text object| phones1 string| i1 object| phones2 string| i2 object| phones3 string| i3 object| phones4 string| i4 string| e_fire string| e_dfire string| e_veg string| e_baby string| e_vegbaby object| e_products object| m_products object| pizza undefined| p object| gaplugins object| gaGlobal object| gaData object| ADMITAD function| _ga_originalSendHitTask object| ad_product object| google_optimize function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO boolean| PopMechanicMutex object| PopMechanic function| obj2qs object| fastXDM object| VK object| Ya object| yaCounter45773817 function| mindbox boolean| mindboxInitialized function| directCrm object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge object| device function| TiktokJelly object| _jelly_sdks

3 Cookies

Domain/Path Name / Value
dodo24.site/ Name: dodo_visitor
Value: 5fcc5ccf-f0be-4f48-ba46-ee141fcdec3c
dodo24.site/ Name: dodo_visit
Value: c5434104-f3af-403e-a47f-4cb0744cfa3d
dodo24.site/ Name: loglevel
Value: INFO

2 Console Messages

Source Level URL
Text
console-api log URL: https://dodo24.site/(Line 309)
Message:
Привет! Мы ищем увлечённых мотивированных разработчиков и поэтому приглашаем тебя к себе. Сайт — это лишь вершина информационной системы, которую мы создаём для достижения своей цели. Наша цель — построения самой эффективной сети быстрого питания на планете. Сегодня у нас более 660 пиццерий в 14 странах, и мы обрабатываем 4600 запросов в секунду. Через 2 года у нас будет более 1000 пиццерий и 6К запросов в секунду. Чтобы успевать за темпами роста бизнеса, мы совершенствуем стек технологий: заменяем ASP.NET 5 + jQuery на ASP.NET Core + React, переходим от монолитной архитектуры к сервисной, автоматизируем деплой и регрессионное тестирование. Хостим всё в Azure. Мы предлагаем белую зарплату, опционы и возможность принять участие в построении международного бизнеса. Чтобы понять, подходим ли мы друг другу, просто приходи в гости — посмотришь офис, окунёшься в атмосферу. Пиши на d.mamlygina@dodopizza.com или в telegram @Darja_Mamlygina Подробнее тут: https://dodopizza.dev
console-api warning URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2STHMKAJ6IC584G88I0&lib=ttq(Line 3)
Message:
Cannot assign to read only property 'call' of object '#<Object>'

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10380332.fls.doubleclick.net
10580686.fls.doubleclick.net
9750456.fls.doubleclick.net
adservice.google.com
adservice.google.de
analytics.tiktok.com
api.mindbox.ru
connect.facebook.net
dodo24.site
dodopizza-a.akamaihd.net
eventstream.dodopizza.com
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
static.popmechanic.ru
stats.g.doubleclick.net
top-fwz1.mail.ru
vk.com
www.artfut.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
142.250.186.34
142.250.186.70
185.114.247.54
185.151.242.16
2.16.186.160
216.58.212.166
217.69.133.145
2606:4700:20::681a:16d
2620:1ec:46::42
2a00:1450:4001:801::2003
2a00:1450:4001:803::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2004
2a00:1450:4001:827::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:400c:c04::9d
2a02:26f0:6c00::210:ba28
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:6f00:6:1::b972:f736
84.252.130.113
87.240.190.72
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1cc244fd88e18acd97592feb2af2a18847ee2be656e8cd2abb401c21f2ed2390
1decdd707d5c98649439c338e92432b9a4683218e6a0f1caa1946d28ecad73c2
1f910de19537cbc18021303a8ab2caff1776b3929fe9d624ff288a35331664c9
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
255b564f51555254a3a189315254611bac81e318ed25f6b577f2deed8c49ce9b
266b9d1a0364b86dbba21bd1ff95d4c6d6e24459054a2e68dbdd03f019175d8b
26ca3ddbe3ab42b3e1fa8e1591d999f9578e6f709d2c30ac802385d55018db9a
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
32dfbf2dba63fc8b5510e2b82eed5e9699213095641b17f5b9dd3822082fd919
3537a1cc081b2f3ad3823fd41beb49a59fc22bcb17b292577a2e923e96184a1f
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
3d9b1b5b0cff93a741de48de0a4da79dbda542a19dc8a52d83daf2c92cb9cb3f
415cf082e9ef4b988a490467d050d5edfe92bebf10e401a241b798708d01b528
488d9e29efd9d1860d8245cd53f7e287274370ac0247d36b7d0050c031dd4de9
4a59afde8e0c966992b4cf31107f3e706e78572223f8f28162c218673bf7a71b
4d396cf09445102d6fbb4a89372a193497a4c9a60894707a55862ca13fc32c1b
518e69875eccda4a6c666c0f89d0a92bc46aa0a84cc1b3715f6fc001819b246b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5d5bfc10b310011245fde2d9cb56c9a58569be56e04dc4945054044ccca777ed
5efe90f95ff3f498bec40b522968d7b753ef922fb6a74b36ccdf6c6068034cdf
6678ea01d5f6be00a5d8a5652ca67454bb56add18e173961f6fcb03f56581c93
7348f39f3c271e9f5b362c8bbceb8c3a80a4b0157a3ef8537723a5258b2b9a95
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7cd07e6c64768b866c81e2e1cc61f88f631f377a3afc426d7b0c9de3875e65ae
7e70e9d77da4715b4365519259aad335caf44e1bc3e7f1d0ff619e8fe4b362a4
7f910a1e8b2da14636a741dbc704263fd7d9fd021284a40e9b44ac6dd470fb3b
82d42c798cdf86ae8a5d54a0e73e6cc2dbb551fc52dc43c38cb0e6e5a130cc43
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
83b966d0878748065f2e1479def69df9e847dcab7b75b4351a14e8d9e5019896
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8bf28bdcc42207a020f6628c9994a0c198c875560f303a0507daed2028964f98
8f2e3ed535c2d948ea4b237be3e8c0a8f750e521a0e02087f99b00cad196fdd8
9d4e3bd1621e63bb4bfbae3c3275134b26016bb76175fefe9c5998f8ade1009c
ad2732d60ccfcd8ca762865a8dec3e4e339dd96e897bf2a2566860a0a13bb895
b24ac49bfc1bab8f318d64d1bbe7e98fe1e0d816cb3ea7d3e251ad6b4fc08c8a
b2e073148910a00458434458b00572b34876c61a20fb800b263c6be40b32383c
b5dd875c5ccd393ede33c0009e89f20da47132d5d50316c203bc46eb0025da31
b8ca951526d0ec9fe02bc085c3d10aed59ac577db36d4ee1348fec7f89b1f0b0
bdb271012bbb98fadac7b5622d76afebdd7303e908e2e6977257ad6acf787fbf
be52760ac09c47ccaef1e57ed37311bf61a3df7a1385a4169048f82f38f25484
bed4a84466514cae292963a70fc54fa50e104150b8888ddec82aacb6c96ce623
c239f55bbddc39286c3d58356932feb3016f2a3ce6433cff1928a4329ad8028d
c243041afb7da32d210fa27d0efa708a96c0dbc33dce4c59f28c654ebd0049c1
c684c7f1971dae47039a8f76319cf8cf37d837a7e6f6337328012f720d476c25
da556df4dc2e8a01fc001ae2a2446328a6615e19a40e9113a8718f0ac018d2c4
db1099e4f95b077c528bde523ced6d25a4e0a7c268a0f8804662116f93034320
dc301c09ebc572393551b802d5544e712760f253502bfdb0988771c152ce048b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fc400114f26cd99c870d897cfb9037b08f998b105f1e035c1d3c20dfc01a2a
e788c7f07903cd5e96a062aa3ea175c987b0772cce696914daca381dee353dfa
edfc75726cf71265dd903eeb0f37bd74534194e42a0e6db6894beb6987023454
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d036cc9d3fd99b06e2ac5d332385326de1c1e1361942fe9e40f5dae706d1c4
fb86393c8aef5ab7b5c17dc792a5dd571927ace0b6c258164121680c188c94de
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa