4fotki1slovo.net Open in urlscan Pro
188.165.26.20 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://4fotki1slovo.net/
Effective URL:
https://4fotki1slovo.net/
Submission: On May 22 via api (May 22nd 2024, 3:23:05 am UTC) from US — Scanned from FR

Summary HTTP 63 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 15 IPs in 5 countries across 12 domains to perform 63 HTTP transactions. The main IP is 188.165.26.20, located in France and belongs to OVH, FR. The main domain is 4fotki1slovo.net.
TLS certificate: Issued by R3 on May 20th 2024. Valid for: 3 months.

This is the only time 4fotki1slovo.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	188.165.26.20 188.165.26.20	16276 (OVH) (OVH)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
12	104.19.131.76 104.19.131.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1 1	18.245.86.80 18.245.86.80	16509 (AMAZON-02) (AMAZON-02)
9	2600:9000:275... 2600:9000:275b:a000:1b:cadc:ef40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	192.99.15.88 192.99.15.88	16276 (OVH) (OVH)
6	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
3	172.64.146.129 172.64.146.129	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.120.230.251 3.120.230.251	16509 (AMAZON-02) (AMAZON-02)
63	15

19 188.165.26.20 (France)

ASN16276 (OVH, FR)

4fotki1slovo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.19.131.76 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.86.80 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-80.fra60.r.cloudfront.net

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:275b:a000:1b:cadc:ef40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.99.15.88 (Canada)

ASN16276 (OVH, FR)
PTR: s2.gameanswers.net

s2.alus.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.146.129 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

cl.imghosts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.230.251 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-230-251.eu-central-1.compute.amazonaws.com

api.cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	4fotki1slovo.net 4fotki1slovo.net	53 KB
12	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 9348 c.mgid.com — Cisco Umbrella Rank: 6469 cdn.mgid.com — Cisco Umbrella Rank: 12085 servicer.mgid.com — Cisco Umbrella Rank: 9449 s-img.mgid.com — Cisco Umbrella Rank: 9491 cm.mgid.com — Cisco Umbrella Rank: 1408	195 KB
10	inmobi.com cmp.inmobi.com — Cisco Umbrella Rank: 4414 api.cmp.inmobi.com — Cisco Umbrella Rank: 15328	212 KB
6	gstatic.com fonts.gstatic.com	75 KB
3	imghosts.com cl.imghosts.com — Cisco Umbrella Rank: 13162	1 MB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	89 KB
2	alus.info s2.alus.info	22 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103	191 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33 ajax.googleapis.com — Cisco Umbrella Rank: 380	35 KB
1	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 968	27 KB
1	quantcast.com 1 redirects cmp.quantcast.com — Cisco Umbrella Rank: 7285	592 B
1	bootstrapcdn.com netdna.bootstrapcdn.com — Cisco Umbrella Rank: 3183	18 KB
63	12

	Domain	Requested by
19	4fotki1slovo.net	4fotki1slovo.net
9	cmp.inmobi.com	4fotki1slovo.net cmp.quantcast.com cmp.inmobi.com
6	fonts.gstatic.com	fonts.googleapis.com
5	s-img.mgid.com	4fotki1slovo.net
3	cl.imghosts.com	4fotki1slovo.net
2	cdn.mgid.com	4fotki1slovo.net
2	connect.facebook.net	4fotki1slovo.net connect.facebook.net
2	s2.alus.info	4fotki1slovo.net s2.alus.info
2	jsc.mgid.com	4fotki1slovo.net jsc.mgid.com
2	pagead2.googlesyndication.com	4fotki1slovo.net pagead2.googlesyndication.com
1	api.cmp.inmobi.com	cmp.inmobi.com
1	cdn.id5-sync.com	jsc.mgid.com
1	cm.mgid.com	jsc.mgid.com
1	servicer.mgid.com	jsc.mgid.com
1	c.mgid.com	4fotki1slovo.net
1	cmp.quantcast.com	1 redirects
1	ajax.googleapis.com	4fotki1slovo.net
1	fonts.googleapis.com	4fotki1slovo.net
1	netdna.bootstrapcdn.com	4fotki1slovo.net
63	19

This site contains links to these domains. Also see Links.

Domain
widgets.mgid.com
www.mgid.com
clck.mgid.com
4pics1wordanswers.info
4bilder1wortlosungen.net
4fotos1palabras.com
4images1mot.info
4immagini-1parola.com
4plaatjes1woord.net
4fotos1palavra.org
codycross-answers.net

Subject Issuer	Validity	Valid
4fotki1slovo.net R3	`2024-05-20` - `2024-08-18`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-03-27` - `2024-06-25`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
mgid.com E1	`2024-05-09` - `2024-08-07`	3 months	crt.sh
s2.alus.info R3	`2024-04-21` - `2024-07-20`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-29` - `2024-05-29`	3 months	crt.sh
cl.imghosts.com Cloudflare Inc ECC CA-3	`2023-10-03` - `2024-10-02`	a year	crt.sh
id5-sync.com E1	`2024-04-06` - `2024-07-05`	3 months	crt.sh
cmp.inmobi.com Sectigo ECC Organization Validation Secure Server CA	`2023-08-18` - `2024-08-17`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://4fotki1slovo.net/
Frame ID: 0DF5342EA2E2AAB8B955709B1DFEB69F
Requests: 63 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

4 фотки 1 слово ответы! Легкий поиск по буквам!!!

Page URL History Show full URLs

http://4fotki1slovo.net/ HTTP 307
https://4fotki1slovo.net/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Matomo Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

piwik\.js|piwik\.php

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

63
Requests

94 %
HTTPS

47 %
IPv6

12
Domains

19
Subdomains

15
IPs

5
Countries

2280 kB
Transfer

4439 kB
Size

4
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://widgets.mgid.com/?utm_source=4fotki1slovo.net&utm_medium=referral&utm_campaign=widgets&utm_content=1241833

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/15112541/i/57574683/0/pp/1/1?h=pKJI9Vw1UHGkQV42Khz_VBA1lSmIXHaIpfpmiier-6pBhpYOJuLsF3r_wOw8HZZo9r4QMuC59FP71tw-ReS61bxJK9VoY3aB07Tw4PDjMos*&rid=97ecb2f2-17ea-11ef-8dd4-e43d1a2a04aa&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=kho_NPzp5JXRIoI6DELR0raJl2n_4P_bw3TS1kpP0fJshg9bVbnqIsMuIhP0UICM

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/12580623/i/57574683/0/pp/2/1?h=pKJI9Vw1UHGkQV42Khz_VMo8_4agk4rUg5FzO22urc7il_GP34hdUUm0stXMsss-9r4QMuC59FP71tw-ReS61eglE8zB7dXrSz5e7X8UxUo*&rid=97ecb2f2-17ea-11ef-8dd4-e43d1a2a04aa&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=kho_NPzp5JXRIoI6DELR0raJl2n_4P_bw3TS1kpP0fJshg9bVbnqIsMuIhP0UICM

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16262779/i/57574683/0/pp/3/1?h=pKJI9Vw1UHGkQV42Khz_VDCwN6m_IXTrJ2BQjNfNI0J_YOZp8VtZoAEjrdvoscxg9r4QMuC59FP71tw-ReS61RZKd6cIQ5fYwD_ZBvwsIY4*&rid=97ecb2f2-17ea-11ef-8dd4-e43d1a2a04aa&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=kho_NPzp5JXRIoI6DELR0raJl2n_4P_bw3TS1kpP0fJshg9bVbnqIsMuIhP0UICM

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16001151/i/57574683/0/pp/4/1?h=pKJI9Vw1UHGkQV42Khz_VAZfCO8sNGQlKQ1wfR9I_I2WGwFxveDO5w7gQ6UIHPZN9r4QMuC59FP71tw-ReS61XBPkwhXlkrrjMsNJ3G8Y7s*&rid=97ecb2f2-17ea-11ef-8dd4-e43d1a2a04aa&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=kho_NPzp5JXRIoI6DELR0raJl2n_4P_bw3TS1kpP0fJshg9bVbnqIsMuIhP0UICM

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/12580681/i/57574683/0/pp/5/1?h=pKJI9Vw1UHGkQV42Khz_VOyg5BfYljy78UrMOuBMFIDZynzVWLVtv-jhQAma-oT19r4QMuC59FP71tw-ReS61fLzWlOPQ7o6V4Fri6xO31A*&rid=97ecb2f2-17ea-11ef-8dd4-e43d1a2a04aa&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=kho_NPzp5JXRIoI6DELR0raJl2n_4P_bw3TS1kpP0fJshg9bVbnqIsMuIhP0UICM

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/11740023/i/57574683/0/pp/6/1?h=pKJI9Vw1UHGkQV42Khz_VNiGNkhW5Xz4j45yT6ay6TwhYNP-AKO2tZOuF3f2y5xT9r4QMuC59FP71tw-ReS61QyQMCmBL1ebG6mWtWhjcME*&rid=97ecb2f2-17ea-11ef-8dd4-e43d1a2a04aa&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=kho_NPzp5JXRIoI6DELR0raJl2n_4P_bw3TS1kpP0fJshg9bVbnqIsMuIhP0UICM

Search URL Search Domain Scan URL

URL: https://4pics1wordanswers.info/

Search URL Search Domain Scan URL

URL: https://4bilder1wortlosungen.net/

Search URL Search Domain Scan URL

URL: https://4fotos1palabras.com/

Search URL Search Domain Scan URL

URL: https://4images1mot.info/

Search URL Search Domain Scan URL

URL: https://4immagini-1parola.com/

Search URL Search Domain Scan URL

URL: https://4plaatjes1woord.net/

Search URL Search Domain Scan URL

URL: https://4fotos1palavra.org/

Search URL Search Domain Scan URL

URL: https://codycross-answers.net/
Title: codycross cheats 2022

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://4fotki1slovo.net/ HTTP 307
https://4fotki1slovo.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://cmp.quantcast.com/choice/WyACP95RaN8mv/4fotki1slovo.net/choice.js?tag_version=V2 HTTP 301
https://cmp.inmobi.com/choice/WyACP95RaN8mv/4fotki1slovo.net/choice.js?tag_version=V2

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
4fotki1slovo.net/
Redirect Chain

http://4fotki1slovo.net/
https://4fotki1slovo.net/

15 KB
5 KB

68ms
16ms

Document
text/html

188.165.26.20
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://4fotki1slovo.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.165.26.20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 92863e1b8ff8509cb446c05ae76b0c737515444d13f75091366ebef599ce08ff

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 22 May 2024 03:23:00 GMT
server: nginx

Redirect headers

Location: https://4fotki1slovo.net/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 bootstrap.min.css
netdna.bootstrapcdn.com/bootstrap/3.1.1/css/ 98 KB
18 KB 89ms
27ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/bootstrap/3.1.1/css/bootstrap.min.css

Requested by

Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:23:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 860
age: 6166071
cdn-cachedat: 08/25/2022 04:46:14
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"8a7442ca6bedd62cec4881040b9a9e83"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: dfa42f7d8fed91579a7ade936ecae16d
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8879af5fcd683c71-CDG
cdn-requestpullsuccess: True

GET
H2 200 style.css
4fotki1slovo.net/ 4 KB
2 KB 17ms
13ms Stylesheet
text/css 188.165.26.20
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://4fotki1slovo.net/style.css?1
Requested by: Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.165.26.20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 7544db74e285d2b5ecc531c542ee124cb90d588c2424958ae28deeba570b1dc9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Wed, 22 May 2024 03:23:00 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 09:23:09 GMT
server: nginx
etag: W/"6102737d-fa2"
content-type: text/css
cache-control: max-age=1296000, public
expires: Thu, 06 Jun 2024 03:23:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 98ms
35ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,700

Requested by

Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 May 2024 03:23:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 May 2024 01:49:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 May 2024 03:23:00 GMT

GET
H2 200 logo32.png
4fotki1slovo.net/images/ 18 KB
18 KB 18ms
14ms Image
image/png 188.165.26.20
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4fotki1slovo.net/images/logo32.png
Requested by: Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.165.26.20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 347314b886585cf3cfcf598c78d9e852a813e5488dd0a13c5865991a4ea12e27

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:23:00 GMT
last-modified: Thu, 29 Jul 2021 09:19:36 GMT
server: nginx
etag: "610272a8-4734"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 18228
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
51 KB 120ms
43ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

be6420a60fc53934263a6651b0bc77b90cfeac8ce68793937919c22095e20270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:23:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52051
x-xss-protection: 0
server: cafe
etag: 5655053446271200791
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 22 May 2024 03:23:00 GMT

GET
H3 200 4fotki1slovo.net.1241833.js Show response
jsc.mgid.com/4/f/ 6 KB
3 KB 75ms
38ms Script
text/javascript 104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/4/f/4fotki1slovo.net.1241833.js

Requested by

Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

438819502b09dd814e086efe2288637ae2cdbdf662baf54cdc22a9d316a779a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:23:00 GMT
x-amz-version-id: wDXZf2OYJrts55mfKVA.Z6_oaIfhGFt0
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: XTH009JMVWNA75GY
age: 6866
cf-polished: origSize=6069
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: nnO3jhnuCxxEtypXv4REN/yqeWbXwn2N1u+qP61IcDQJVI/89Z3IbesrsBVr6QmaMEVWmFP0gd4=
cf-bgj: minify
last-modified: Mon, 20 May 2024 13:18:28 GMT
server: cloudflare
etag: W/"5bd39f56afffb4ff4d5fd2ff637f4d1e"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 8879af6039fd22ab-CDG
expires: Wed, 22 May 2024 06:23:00 GMT

GET
H2 200 ratings.js Show response
4fotki1slovo.net/ 5 KB
1 KB 30ms
27ms Script
application/javascript 188.165.26.20
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://4fotki1slovo.net/ratings.js
Requested by: Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.165.26.20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 77bff3e3c97deb5e1f9b0b9c5372e3754abca3c546f401c7ed74462cce1ec6bc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Wed, 22 May 2024 03:23:00 GMT
content-encoding: gzip
last-modified: Tue, 16 Dec 2014 16:15:57 GMT
server: nginx
etag: W/"54905abd-1371"
content-type: application/javascript
cache-control: max-age=1296000, public
expires: Thu, 06 Jun 2024 03:23:00 GMT

GET
H2 200 rating_on.gif
4fotki1slovo.net/images/rt/ 1009 B
1 KB 27ms
26ms Image
image/gif 188.165.26.20
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4fotki1slovo.net/images/rt/rating_on.gif
Requested by: Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.165.26.20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: be1b058eb9e3fef483e425718456e8bc58fda7d4a81de0d6e794b1e03dfdbd01

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:23:00 GMT
last-modified: Tue, 16 Dec 2014 16:16:04 GMT
server: nginx
etag: "54905ac4-3f1"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1009
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rating_half.gif
4fotki1slovo.net/images/rt/ 1009 B
1 KB 27ms
27ms Image
image/gif 188.165.26.20
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4fotki1slovo.net/images/rt/rating_half.gif
Requested by: Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.165.26.20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 7599b02c78a3b4c19a0d7f6e3d7bc181d8f1abeda40de117d82ce2f4ff7f3dc5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:23:00 GMT
last-modified: Tue, 16 Dec 2014 16:16:04 GMT
server: nginx
etag: "54905ac4-3f1"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1009
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rating_off.gif
4fotki1slovo.net/images/rt/ 608 B
783 B 18ms
13ms Image
image/gif 188.165.26.20
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4fotki1slovo.net/images/rt/rating_off.gif
Requested by: Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.165.26.20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 6bf7f288ac5290f7089ea2b900a2a4d418882a3d9da24e83d26cc7081ac69d25

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:23:00 GMT
last-modified: Tue, 16 Dec 2014 16:16:04 GMT
server: nginx
etag: "54905ac4-260"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 608
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 loading.gif
4fotki1slovo.net/images/rt/ 771 B
946 B 19ms
14ms Image
image/gif 188.165.26.20
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4fotki1slovo.net/images/rt/loading.gif
Requested by: Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.165.26.20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 81a161d5793ac2a33f02ddcd64fb0dc2d028616dac084e4f64e77f4898b0c4e4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:23:00 GMT
last-modified: Tue, 16 Dec 2014 16:16:04 GMT
server: nginx
etag: "54905ac4-303"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 771
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 us.png
4fotki1slovo.net/images/ 3 KB
3 KB 19ms
15ms Image
image/png 188.165.26.20
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4fotki1slovo.net/images/us.png
Requested by: Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.165.26.20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: fc5b4c20937e193f49e7e75450b270e20c642f346ce27d040dbc78321cee08e4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:23:00 GMT
last-modified: Tue, 16 Dec 2014 16:16:03 GMT
server: nginx
etag: "54905ac3-cf5"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3317
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 de.png
4fotki1slovo.net/images/ 2 KB
2 KB 20ms
15ms Image
image/png 188.165.26.20
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4fotki1slovo.net/images/de.png
Requested by: Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.165.26.20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 58c58e0909e14282f5a18361f515f998d64981f33c223cd37b50d86025e28dbd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:23:00 GMT
last-modified: Tue, 16 Dec 2014 16:15:59 GMT
server: nginx
etag: "54905abf-73c"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1852
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 es.png
4fotki1slovo.net/images/ 2 KB
2 KB 20ms
16ms Image
image/png 188.165.26.20
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4fotki1slovo.net/images/es.png
Requested by: Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.165.26.20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 90feaed8b265048ee9f5129893715c9734f3829b7632819c7445acb90b8fe442

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:23:00 GMT
last-modified: Tue, 16 Dec 2014 16:15:59 GMT
server: nginx
etag: "54905abf-89a"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 2202
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fr.png
4fotki1slovo.net/images/ 2 KB
2 KB 20ms
17ms Image
image/png 188.165.26.20
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4fotki1slovo.net/images/fr.png
Requested by: Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.165.26.20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: b91da1ddcde9c60a43dc2d9f514de71c623ebb15fdcd4a61e830731f049e737d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:23:00 GMT
last-modified: Tue, 16 Dec 2014 16:15:59 GMT
server: nginx
etag: "54905abf-88f"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 2191
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ru.png
4fotki1slovo.net/images/ 1 KB
1 KB 20ms
17ms Image
image/png 188.165.26.20
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4fotki1slovo.net/images/ru.png
Requested by: Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.165.26.20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 6950854c2b2a1eda6ad5727d2d95c70db5b1657fd4d4d367935756143a514abd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:23:00 GMT
last-modified: Tue, 16 Dec 2014 16:16:03 GMT
server: nginx
etag: "54905ac3-510"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1296
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 it.png
4fotki1slovo.net/images/ 2 KB
2 KB 21ms
17ms Image
image/png 188.165.26.20
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4fotki1slovo.net/images/it.png
Requested by: Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.165.26.20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 5504b9b8fdd3668fd4a4c3389e2824611d0eb38435c8fddc1be8fee7f5b08037

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:23:00 GMT
last-modified: Tue, 16 Dec 2014 16:16:00 GMT
server: nginx
etag: "54905ac0-8ef"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 2287
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 nl.png
4fotki1slovo.net/images/ 2 KB
2 KB 21ms
18ms Image
image/png 188.165.26.20
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4fotki1slovo.net/images/nl.png
Requested by: Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.165.26.20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 0478d233580d999d4180aff87b542dfe1fb73f4aa19ff2578110eaa0ee132bb7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:23:00 GMT
last-modified: Tue, 16 Dec 2014 16:16:02 GMT
server: nginx
etag: "54905ac2-703"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1795
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 br.png
4fotki1slovo.net/images/ 3 KB
3 KB 21ms
18ms Image
image/png 188.165.26.20
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4fotki1slovo.net/images/br.png
Requested by: Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.165.26.20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 019e210535002e755e38abe4d2332d76f5a96d706f9243c0570b4f0adafbca35

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:23:00 GMT
last-modified: Thu, 11 Jun 2015 10:30:24 GMT
server: nginx
etag: "55796340-c82"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3202
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 99ms
27ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 14:53:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44968
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33576
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 May 2025 14:53:32 GMT

GET
H2 200 jquery.lazyload.min.js Show response
4fotki1slovo.net/ 3 KB
1 KB 14ms
14ms Script
application/javascript 188.165.26.20
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://4fotki1slovo.net/jquery.lazyload.min.js
Requested by: Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.165.26.20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e576f12e82c468567e420386b68476ff7045815976395bc6baad1a822c7368a7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Wed, 22 May 2024 03:23:00 GMT
content-encoding: gzip
last-modified: Tue, 16 Dec 2014 16:15:56 GMT
server: nginx
etag: W/"54905abc-d35"
content-type: application/javascript
cache-control: max-age=1296000, public
expires: Thu, 06 Jun 2024 03:23:00 GMT

GET
H2

200

choice.js Show response
cmp.inmobi.com/choice/WyACP95RaN8mv/4fotki1slovo.net/
Redirect Chain

https://cmp.quantcast.com/choice/WyACP95RaN8mv/4fotki1slovo.net/choice.js?tag_version=V2
https://cmp.inmobi.com/choice/WyACP95RaN8mv/4fotki1slovo.net/choice.js?tag_version=V2

3 KB
2 KB

139ms
55ms

Script
application/javascript

2600:9000:275b:a000:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/choice/WyACP95RaN8mv/4fotki1slovo.net/choice.js?tag_version=V2
Requested by: Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/
Protocol: H2
Server: 2600:9000:275b:a000:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: de759870d4e1ab1e2b5b4d4f2c90d7fcf9fdb77cbb4345ac0ee71b23ebdff318

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://4fotki1slovo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Wed, 22 May 2024 03:23:02 GMT
content-encoding: br
via: 1.1 256cd380c9790a2b71d68709829caa18.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 19:53:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
x-amz-server-side-encryption: AES256
etag: W/"fca4aac82c43a40e0f25543241c5a3d9"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-id: TVUX8hUhx6O6xMi04GBKsNfLv9Y5XtYlb0XXW4xXInxlxgTK8Pn_Xg==

Redirect headers

x-amz-website-redirect-location: https://cmp.inmobi.com/choice/WyACP95RaN8mv/4fotki1slovo.net/choice.js?tag_version=V2
date: Wed, 22 May 2024 03:23:01 GMT
via: 1.1 fca814089bc9a82fba87ce0548f9f358.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 0
last-modified: Wed, 15 Nov 2023 19:53:18 GMT
server: AmazonS3
etag: "bb151cfe1abe4986c6cfa59b0a86cb8f"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
location: https://cmp.inmobi.com/choice/WyACP95RaN8mv/4fotki1slovo.net/choice.js?tag_version=V2
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 8PozYNZpAkCeq7K2Uhce5QIOUJAIbNxDUtFsFhYe8iERoSGI1RjjrA==

GET
H2 200 rating_over.gif
4fotki1slovo.net/images/rt/ 1009 B
1 KB 28ms
27ms Image
image/gif 188.165.26.20
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4fotki1slovo.net/images/rt/rating_over.gif
Requested by: Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.165.26.20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: d4cc3dfa1061aedf2533cf134f9d584568bc41a25090fb7ce77c5cdbec6c37e6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:23:00 GMT
last-modified: Tue, 16 Dec 2014 16:16:06 GMT
server: nginx
etag: "54905ac6-3f1"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1009
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK piwik.js Show response
s2.alus.info/ 65 KB
22 KB 420ms
205ms Script
application/javascript 192.99.15.88
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.alus.info/piwik.js
Requested by: Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.15.88 , Canada, ASN16276 (OVH, FR),
Reverse DNS: s2.gameanswers.net
Software: nginx/1.23.4 /
Resource Hash: b39abd9035f703b76dfed940898d572b9864f676eb1912a9142f0639dca6b2ce

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 22 May 2024 03:23:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Feb 2024 08:55:29 GMT
Server: nginx/1.23.4
ETag: W/"65c34581-1042f"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Sat, 01 Jun 2024 03:23:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 108ms
49ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://4fotki1slovo.net
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 14:31:42 GMT
x-content-type-options: nosniff
age: 46278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 May 2025 14:31:42 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 88ms
29ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://4fotki1slovo.net
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 14:19:23 GMT
x-content-type-options: nosniff
age: 47017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 May 2025 14:19:23 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 129ms
70ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://4fotki1slovo.net
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 14:31:42 GMT
x-content-type-options: nosniff
age: 46278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 May 2025 14:31:42 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 114ms
56ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://4fotki1slovo.net
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 14:20:12 GMT
x-content-type-options: nosniff
age: 46968
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 May 2025 14:20:12 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 84ms
25ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://4fotki1slovo.net
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 14:28:47 GMT
x-content-type-options: nosniff
age: 46453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9576
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 May 2025 14:28:47 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 122ms
64ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://4fotki1slovo.net
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 14:15:12 GMT
x-content-type-options: nosniff
age: 47268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 May 2025 14:15:12 GMT

GET
H3 200 4fotki1slovo.net.1241833.es6.js Show response
jsc.mgid.com/4/f/ 329 KB
98 KB 57ms
36ms Script
text/javascript 104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/4/f/4fotki1slovo.net.1241833.es6.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/4/f/4fotki1slovo.net.1241833.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9179efebfc0848eae00fc151a292cfc65858343ec1c94fe18dc32de1463002aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Origin: https://4fotki1slovo.net
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:23:00 GMT
x-amz-version-id: wrlp5njeWww0LFSookIv0OoRqNuRHEEE
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: HWSHMNDHQP9TSVGP
age: 1252
cf-polished: origSize=336922
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: twVpneS5dC1N2TdycVMfUJyoQJG9u6sxPnM1Z1ZyYzkYduhIijV4h4p2M/iAeFqPxGZulNzQrts=
cf-bgj: minify
last-modified: Tue, 21 May 2024 10:27:10 GMT
server: cloudflare
etag: W/"25013aa7deb94c58cf21df9cf681198b"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 8879af60a92df0f8-CDG
expires: Wed, 22 May 2024 06:23:00 GMT

GET
H2 200 all.js Show response
connect.facebook.net/ru_RU/ 3 KB
4 KB 92ms
26ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/all.js

Requested by

Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cbea5b18a6e4c74b3e356e8aa325784c03aea878253b148788593cd8b3b7f834

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 May 2024 03:23:00 GMT
content-md5: NLdrpueWW0fo7h4wj39vbw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=12, mss=1294, tbw=2805, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug: J+/eGnQr7YIeDC7NyjXTR8xFiclxoRiYzI8y9cLBS80ou/+ikMMbKpLRnK3JoCrSW47BvnAB1mKvgvddkRJhAQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 7d8b52e8ccebeb7907a4f1b2a8aeeaaf
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "ea64c0dbaf70414c0d365eda6fa3ec4a"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Wed, 22 May 2024 03:27:09 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405160101/ 415 KB
140 KB 60ms
60ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7524301848946754&plah=4fotki1slovo.net&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

12680e691211315bdc0c88cb6070f2e2ffa38ad38368cde4a0f10c0bd30a8692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:23:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143398
x-xss-protection: 0
server: cafe
etag: 3815996818564829105
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 22 May 2024 03:23:00 GMT

GET
BLOB 200
OK 5ba8a67a-2a08-4ea2-b757-9154d5f727e3
https://4fotki1slovo.net/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://4fotki1slovo.net/5ba8a67a-2a08-4ea2-b757-9154d5f727e3
Requested by: Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 5dc1fc74-12ac-44de-9ca6-a5bcb48513e2
https://4fotki1slovo.net/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://4fotki1slovo.net/5dc1fc74-12ac-44de-9ca6-a5bcb48513e2
Requested by: Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
BLOB 206
Partial Content 3ee79cff-5a59-4e95-b806-00fd3afd9dc3
https://4fotki1slovo.net/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://4fotki1slovo.net/3ee79cff-5a59-4e95-b806-00fd3afd9dc3
Requested by: Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: fr-FR,fr;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H3 200 all.js Show response
connect.facebook.net/ru_RU/ 302 KB
85 KB 59ms
25ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/all.js?hash=93ead48560689480fa81d29c4c74678b

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

30fa466eb13ae9fef3e91e73d2238866fae15c86581b9b68658f6310b0f6ea6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Origin: https://4fotki1slovo.net
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 May 2024 03:23:00 GMT
content-md5: NYuyHQ+COGrxrMX9Vz8ZzQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87304
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=33, mss=1232, tbw=4332, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug: 7UHEh96QLXoPp0AWqNY6NabqihCk6yVjppCRH9mNebFbCvVN9YTdTU8xnFsoCNodZKSnvLV0R02D63Xv16WfrA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: a526910b7c4ddbdc8c75f190f71c4a86
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "da2895f74d69abce21869014e8d0414f"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Thu, 22 May 2025 01:07:09 GMT

GET
H3 200 /
c.mgid.com/pv/ 43 B
188 B 78ms
60ms Image
image/gif 104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.mgid.com/pv/?lu=https%3A%2F%2F4fotki1slovo.net%2F&cbuster=1716348180702324595745&pvid=18f9e52d8dd88fcbfc5&implVersion=11&cxurl=https%3A%2F%2F4fotki1slovo.net%2F&site=769565&i=1&scua=%22x86%22&scub=%2264%22&scu=%22Google%20Chrome%22%3Bv%3D%22124%22%2C%20%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%20%22Chromium%22%3Bv%3D%22124%22&scufvl=%22Chromium%22%3Bv%3D%22124.0.6367.207%22%2C%20%22Google%20Chrome%22%3Bv%3D%22124.0.6367.207%22%2C%20%22Not-A.Brand%22%3Bv%3D%2299.0.0.0%22&scum=%3F0&scup=%22Win32%22&scupv=%2210.0.0%22&scufv=%22124.0.6367.207%22&scuw=%3F0

Requested by

Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:23:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 8879af618a6522ab-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 39ms
28ms Image
image/svg+xml 104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.mgid.com/images/mgid/mgid_ua.svg

Requested by

Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:23:00 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: FT3B2YNDBGENVSWC
age: 602
alt-svc: h3=":443"; ma=86400
x-amz-id-2: T5sPcjZtf+bDh6XdJmp7hMMaIrle5xKb9BwVfmaNkAxai8X9iK4oKQPncfqBkIMJTmPLzS6Pbg2Yz9at9uMFJU2Q4p1mhW6T9hRl6tH5ghk=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 8879af628abf22ab-CDG
expires: Thu, 23 May 2024 03:23:00 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1 KB 38ms
27ms Image
image/svg+xml 104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.mgid.com/images/logos/Adchoices.svg

Requested by

Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:23:00 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: YQB9E0XZ4AF5YHE7
age: 2609
alt-svc: h3=":443"; ma=86400
x-amz-id-2: CxpyNkMvUy7EglrL46ndveEgmcKj5NlhgNn3xrtwadQGLxOYO5GJbbUWfWYVC/75XuxenQ1eXpI=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 8879af628ac022ab-CDG
expires: Thu, 23 May 2024 03:23:00 GMT

POST
H/1.1 204
No Response piwik.php
s2.alus.info/ 0
246 B 259ms
258ms Ping
text/html 192.99.15.88
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.alus.info/piwik.php?action_name=4%20%D1%84%D0%BE%D1%82%D0%BA%D0%B8%201%20%D1%81%D0%BB%D0%BE%D0%B2%D0%BE%20%D0%BE%D1%82%D0%B2%D0%B5%D1%82%D1%8B!%20%D0%9B%D0%B5%D0%B3%D0%BA%D0%B8%D0%B9%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%20%D0%BF%D0%BE%20%D0%B1%D1%83%D0%BA%D0%B2%D0%B0%D0%BC!!!&idsite=32&rec=1&r=648890&h=5&m=23&s=0&url=https%3A%2F%2F4fotki1slovo.net%2F&_id=1b859d67ef140a9e&_idn=1&send_image=0&_refts=0&pv_id=Omo5nS&pf_net=52&pf_srv=16&pf_tfr=1&pf_dm1=205&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22124.0.6367.207%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22124.0.6367.207%22%7D%2C%7B%22brand%22%3A%22Not-A.Brand%22%2C%22version%22%3A%2299.0.0.0%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by: Host: s2.alus.info
URL: https://s2.alus.info/piwik.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.15.88 , Canada, ASN16276 (OVH, FR),
Reverse DNS: s2.gameanswers.net
Software: nginx/1.23.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

Access-Control-Allow-Origin: https://4fotki1slovo.net
Date: Wed, 22 May 2024 03:23:01 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.23.4
Connection: keep-alive
Content-Type: text/html; charset=UTF-8

GET
H3 200 1 Show response
servicer.mgid.com/1241833/ 6 KB
2 KB 53ms
43ms Script
application/x-javascript 104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicer.mgid.com/1241833/1?cmpreason=wvz&tcfV2=1&w=728&h=491&sz=235x215&szp=1,2,3,4,5,6&szl=1,2,3;4,5,6&cols=3&sessionId=664d6515-02810&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2F4fotki1slovo.net%2F&cbuster=1716348181008733346135&pvid=18f9e52d8dd88fcbfc5&implVersion=11&cxurl=https%3A%2F%2F4fotki1slovo.net%2F&scua=%22x86%22&scub=%2264%22&scu=%22Google%20Chrome%22%3Bv%3D%22124%22%2C%20%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%20%22Chromium%22%3Bv%3D%22124%22&scufvl=%22Chromium%22%3Bv%3D%22124.0.6367.207%22%2C%20%22Google%20Chrome%22%3Bv%3D%22124.0.6367.207%22%2C%20%22Not-A.Brand%22%3Bv%3D%2299.0.0.0%22&scum=%3F0&scup=%22Win32%22&scupv=%2210.0.0%22&scufv=%22124.0.6367.207%22&scuw=%3F0&mp4=1&ap=1&consentStrLen=0&uniqId=135e9&niet=4g&nisd=false&pv=5&lct=1716287220&jsv=es6&pageView=1&dpr=1&ref=&hashCommit=15035905&tfre=640

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/4/f/4fotki1slovo.net.1241833.es6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cd2b39e610c918fc267a8df1a8890605032e53e6f8e82ef9bae33f6fa4fce70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:23:01 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 8879af636b0822ab-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMi8xMDE5MjQvZDI0Y...
s-img.mgid.com/g/15112541/492x277/-/ 17 KB
18 KB 63ms
29ms Image
image/webp 104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/15112541/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMi8xMDE5MjQvZDI0YWU1YTJhZTM2NGRiODRhY2E4NGE1MWQ1ZjJkMTAuanBlZw.webp?v=1716348181-txXvF3JXAowIvldhMI2qxwyZMssJdhX1sc12rRvvuIs

Requested by

Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eeda2f1bdb37381724f4c39eb49fdf60296154514ab03aa75f20fddae17fdda2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Origin: https://4fotki1slovo.net
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:23:01 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 985372c9-da61-40e8-bcbb-acec852f9ccc
age: 4798282
alt-svc: h3=":443"; ma=86400
content-length: 17800
last-modified: Wed, 19 Jul 2023 12:36:12 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8879af63feb7d3dc-CDG

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNS8xMDE5MjQvMWJmN...
s-img.mgid.com/g/16262779/492x277/-/ 10 KB
10 KB 177ms
143ms Image
image/webp 104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/16262779/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNS8xMDE5MjQvMWJmNWEwZWQ2MDVjN2U5MDhlNzU0MmJkNThiMWZkNzIuanBlZw.webp?v=1716348181-s5MRFlhx6Gb_Rttc0bmqvP1sJMfM-GO5e1oqFp--O-s

Requested by

Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87124f18c83129a2c74d89e7d7be39009d8d6dcae6fc3fc74720c7cc4c1df43a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Origin: https://4fotki1slovo.net
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:23:01 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 9abf877e-8d21-48ab-aa87-fde6bc953e6e
age: 6169967
alt-svc: h3=":443"; ma=86400
content-length: 10172
last-modified: Tue, 13 Jun 2023 19:55:53 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8879af63feb9d3dc-CDG

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNC8xMDE5MjQvMmVkN...
s-img.mgid.com/g/16001151/492x277/-/ 15 KB
15 KB 154ms
121ms Image
image/webp 104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/16001151/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNC8xMDE5MjQvMmVkNjk5OTRjN2ZlZjk3MDQzNDNiZDg5ZTdiY2QyYTYuanBn.webp?v=1716348181-GWQpPo_uYMMMA30atn0eNwD-zqpvZei0_svQkg2bS1o

Requested by

Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

548ea9419a81e60a62550d5803718f438a45aec546fdcd80d5e7154c3482ee89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Origin: https://4fotki1slovo.net
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:23:01 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: b50722c1-6e38-4dee-ab90-b808831b5ef5
age: 6165858
alt-svc: h3=":443"; ma=86400
content-length: 15208
last-modified: Fri, 21 Apr 2023 08:05:59 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8879af63feb8d3dc-CDG

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMi8xMDE5MjQvOGI3NDE3OGY4MjhiOWRhM...
s-img.mgid.com/g/12580681/492x277/-/ 17 KB
18 KB 117ms
84ms Image
image/webp 104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/12580681/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMi8xMDE5MjQvOGI3NDE3OGY4MjhiOWRhMmE1NzkxZWQxNmJlNWM3N2EuanBlZw.webp?v=1716348181-7KLWBYXecHPMzGs4DGAWs4kAf9_VKsFU5NvfWJgScX8

Requested by

Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95aacd00fb14bf5877cedaf52dcfb2934d1c31ec9b65da229c8f8953f808163c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Origin: https://4fotki1slovo.net
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:23:01 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 1588b528-b832-4766-9b14-c33b5c813e23
age: 3115895
alt-svc: h3=":443"; ma=86400
content-length: 17664
last-modified: Tue, 29 Mar 2022 08:53:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8879af63feb6d3dc-CDG

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMjhlNzVjNTM2ZmQwZWJlN...
s-img.mgid.com/g/11740023/492x277/-/ 28 KB
28 KB 68ms
35ms Image
image/webp 104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/11740023/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMjhlNzVjNTM2ZmQwZWJlNzZjY2YyZTI5YTRiODMzNzAuanBlZw.webp?v=1716348181-x1Y8Z8yQqjp3vXSf-hRI8sxGSPbRVyd_DZ--OeY3oKM

Requested by

Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e41fdb78973afda473d0ae20399b1d5d2104b5ba0c6ba2ac2c601579fc6da75

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Origin: https://4fotki1slovo.net
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:23:01 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 451140ac-6e62-4fc0-b7f8-1e5f434497bc
age: 6174251
alt-svc: h3=":443"; ma=86400
content-length: 28306
last-modified: Wed, 12 Jul 2023 05:42:47 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8879af63feb5d3dc-CDG

GET
H3 206 http%3A%2F%2Fimghosts.com%2Ft%2F2022-02%2F101924%2F6d450484bdc46b22d10760f54e7bff44.gif
cl.imghosts.com/imgh/image/fetch/ar_16:9,c_fill,e_sharpen:100,f_mp4,fl_lossy,g_faces:auto,w_960/ 32 KB
0 71ms
34ms Media
video/mp4 172.64.146.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.imghosts.com/imgh/image/fetch/ar_16:9,c_fill,e_sharpen:100,f_mp4,fl_lossy,g_faces:auto,w_960/http%3A%2F%2Fimghosts.com%2Ft%2F2022-02%2F101924%2F6d450484bdc46b22d10760f54e7bff44.gif?v=1716348181-FUWeQxX-7plmeVS9jioIds6SnRaTaigPM7uaeVwI9Ik

Requested by

Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.146.129 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer: https://4fotki1slovo.net/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:23:01 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1100662
Content-Range: bytes 0-1427045/1427046
server-timing: cld-cloudflare;mitm=c;dur=171;start=2024-05-09T09:36:20.505Z;desc=miss,content-info;desc="width=960,height=540,owidth=600,oheight=499,obytes=2419272;";cloudinary;dur=133;start=2024-05-09T09:36:20.533Z
alt-svc: h3=":443"; ma=86400
Content-Length: 1427046
last-modified: Thu, 23 Mar 2023 21:42:14 GMT
server: cloudflare
etag: "c6f394a9ae50c7f70b59da9d9e5025bc"
vary: Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, max-age=31536000
timing-allow-origin: *
x-robots-tag: noindex
cf-ray: 8879af6409690356-CDG
expires: Thu, 22 May 2025 03:23:01 GMT

GET
H3 200 i.js Show response
cm.mgid.com/ 0
180 B 51ms
41ms Script
application/javascript 104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.mgid.com/i.js?cbuster=17163481810833228479

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/4/f/4fotki1slovo.net.1241833.es6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 22 May 2024 03:23:01 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 8879af63eb3622ab-CDG
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 93 KB
27 KB 93ms
31ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/4/f/4fotki1slovo.net.1241833.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d830a998066b3e15644d716280d1e6bdcef4dcb2c463da234743b7acb8416ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:23:01 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 08 May 2024 12:31:06 GMT
server: cloudflare
x-amz-request-id: 040EQDGHFGYT3CS2
age: 2294
etag: W/"975872beea6fa436507d8a74321584b7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8879af643d3702c7-CDG
x-amz-id-2: XV9pTZSlTVRIUUtz4alBqnG+5it0qud1yqxmYZSiDU6GOoVyYke1s3WObebDh1oh8DQNKHrU/IrhfDFJ5m4TOg==

GET
H2 200 cmp2.js Show response
cmp.inmobi.com/tcfv2/ 167 KB
46 KB 31ms
30ms Script
text/javascript 2600:9000:275b:a000:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=4fotki1slovo.net
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/WyACP95RaN8mv/4fotki1slovo.net/choice.js?tag_version=V2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:a000:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af2cf95536bf55bfb908ac0faa2690dd408fff853fc5ed4f63d2446dc95dd061

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 02:38:27 GMT
content-encoding: gzip
via: 1.1 256cd380c9790a2b71d68709829caa18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 2674
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 21 May 2024 05:38:03 GMT
server: AmazonS3
etag: W/"ed8dbcb37add9d6820b2aba407417cb2"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
vary: Accept-Encoding
x-amz-cf-id: jse9Bwm_9ViYmDk2tDAMqbccP_BKN0ZkKZNzi-3EfE-Ve2ncui0W2A==

GET
H3 206 http%3A%2F%2Fimghosts.com%2Ft%2F2022-02%2F101924%2F6d450484bdc46b22d10760f54e7bff44.gif
cl.imghosts.com/imgh/image/fetch/ar_16:9,c_fill,e_sharpen:100,f_mp4,fl_lossy,g_faces:auto,w_960/ 18 KB
18 KB 62ms
27ms Media
video/mp4 172.64.146.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.146.129 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b79825f49d51eea560c83a9dee93d408b78fb19a999942be5eaa4c1a6fc964bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer: https://4fotki1slovo.net/
Range: bytes=1409024-
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:23:01 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1100662
Content-Range: bytes 1409024-1427045/1427046
server-timing: cld-cloudflare;mitm=c;dur=171;start=2024-05-09T09:36:20.505Z;desc=miss,content-info;desc="width=960,height=540,owidth=600,oheight=499,obytes=2419272;";cloudinary;dur=133;start=2024-05-09T09:36:20.533Z
alt-svc: h3=":443"; ma=86400
Content-Length: 18022
last-modified: Thu, 23 Mar 2023 21:42:14 GMT
server: cloudflare
etag: "c6f394a9ae50c7f70b59da9d9e5025bc"
vary: Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, max-age=31536000
timing-allow-origin: *
x-robots-tag: noindex
cf-ray: 8879af6499920356-CDG
expires: Thu, 22 May 2025 03:23:01 GMT

GET
H2 200 geoip Show response
cmp.inmobi.com/ 39 B
323 B 72ms
24ms XHR
application/json 2600:9000:275b:a000:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/geoip
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=4fotki1slovo.net
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:a000:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 48b05fb62e4ccabc2460171b02ebc9db870f6519f3f37378c4521391bf5194fc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:23:01 GMT
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P7
x-cache: FunctionGeneratedResponse from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
content-length: 39
x-amz-cf-id: keUlL3Ixrg9dgsxjn1MVQWDXwsKUFT5ta0GWXX8orNX9iCbWtLVX2A==

GET
H3 206 http%3A%2F%2Fimghosts.com%2Ft%2F2022-02%2F101924%2F6d450484bdc46b22d10760f54e7bff44.gif
cl.imghosts.com/imgh/image/fetch/ar_16:9,c_fill,e_sharpen:100,f_mp4,fl_lossy,g_faces:auto,w_960/ 1 MB
1 MB 0ms
0ms Media
video/mp4 172.64.146.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: 4fotki1slovo.net
URL: https://4fotki1slovo.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.146.129 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6e54e327e7319278ce826c6b27b20f9bf0e17ed687fc786d8a93d006b0bf053

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer: https://4fotki1slovo.net/
Range: bytes=32768-
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:23:01 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1100662
Content-Range: bytes 32768-1427045/1427046
server-timing: cld-cloudflare;mitm=c;dur=171;start=2024-05-09T09:36:20.505Z;desc=miss,content-info;desc="width=960,height=540,owidth=600,oheight=499,obytes=2419272;";cloudinary;dur=133;start=2024-05-09T09:36:20.533Z
alt-svc: h3=":443"; ma=86400
Content-Length: 1394278
last-modified: Thu, 23 Mar 2023 21:42:14 GMT
server: cloudflare
etag: "c6f394a9ae50c7f70b59da9d9e5025bc"
vary: Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, max-age=31536000
timing-allow-origin: *
x-robots-tag: noindex
cf-ray: 8879af6499920356-CDG
expires: Thu, 22 May 2025 03:23:01 GMT

GET
H2 200 cmp-list.json Show response
cmp.inmobi.com/GVL-v2/ 18 KB
4 KB 27ms
26ms XHR
application/json 2600:9000:275b:a000:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/GVL-v2/cmp-list.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=4fotki1slovo.net
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:a000:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5df720bf21df5c81ec974a875c4dedf09ee26ccd6c2f914fa867a90c6c2cf538

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:00:44 GMT
content-encoding: br
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 1338
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 22 May 2024 03:00:42 GMT
server: AmazonS3
etag: W/"d10fcc959a5a77f20ae53f69a1451df2"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: NzTBsFeS5FBs3jTGvLgCVuHrE75F9B2t4zgCH3EdeT6lrfFgrWij7g==

GET
H2 200 cmp2ui-ru.js Show response
cmp.inmobi.com/tcfv2/53/ 384 KB
75 KB 28ms
28ms Script
text/javascript 2600:9000:275b:a000:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/53/cmp2ui-ru.js
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=4fotki1slovo.net
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:a000:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 52761323179991d123e7691c631af98029fa25e0754cd5aa5eb09ce96b6f890c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 05:38:28 GMT
content-encoding: br
via: 1.1 256cd380c9790a2b71d68709829caa18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 78274
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Tue, 21 May 2024 05:37:56 GMT
server: AmazonS3
etag: W/"253202c8cd2f6df3d099c37649286670"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: i1NK2PacM_Zv1h2TpE8D-7vTlfTj-RhmTIK3ibfmLDwiOYILrHscBw==

GET
H2 200 vendor-list-trimmed-v1.json Show response
cmp.inmobi.com/GVL-v2/ 360 KB
43 KB 28ms
27ms XHR
application/json 2600:9000:275b:a000:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=4fotki1slovo.net
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:a000:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b4ccfefd002e8a40c5098e4f0d4327d5d55f7d8b6eb80cb52a5bbd190e772f33

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 05:11:51 GMT
content-encoding: br
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 79871
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Thu, 16 May 2024 23:59:20 GMT
server: AmazonS3
etag: W/"e2bcee663677e0a88f6ed90c9cd0c496"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: Nsctb5VXkAlS_vHuhVNIEpZnTlzrOWTqQ7iESQNiSAG-wlluoOcqKw==

GET
H2 200 google-atp-list.json Show response
cmp.inmobi.com/tcfv2/ 142 KB
33 KB 52ms
52ms XHR
application/json 2600:9000:275b:a000:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/google-atp-list.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=4fotki1slovo.net
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:a000:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e7bf50fbca0db2d41093fb93a0193a4b837cd81b9568e60a8655cf6f0e1cb294

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:00:26 GMT
content-encoding: br
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 1356
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 22 May 2024 03:00:24 GMT
server: AmazonS3
etag: W/"17c29ea6b0885c00cf51ebff96ab97e9"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: yQB3MaE5KvKxelCOWtzhrOzcrF1mB7ya8DATap46-XqKI8waLDfkUQ==

GET
H2 200 purposes-ru.json Show response
cmp.inmobi.com/GVL-v2/ 151 KB
8 KB 25ms
25ms XHR
application/json 2600:9000:275b:a000:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/GVL-v2/purposes-ru.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=4fotki1slovo.net
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:a000:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ac16ca7b287ec2186140272e09fa2b628e8ae7e5db9bfda878ba32729f95cb1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 00:28:18 GMT
content-encoding: gzip
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 10790
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Thu, 16 May 2024 23:59:22 GMT
server: AmazonS3
etag: W/"35e938ffacdc4a4764e88b01e1d41ed2"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: LwrogqEOw4VJz0It4KF8oudT3tK5UjebnynJHL0i2s1qkCDeB29WhQ==

GET
H2 200 / Show response
api.cmp.inmobi.com/ 2 B
101 B 101ms
27ms XHR
text/plain 3.120.230.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cmp.inmobi.com/?log=%7B%22accountId%22%3A%22WyACP95RaN8mv%22%2C%22domain%22%3A%224fotki1slovo.net%22%2C%22publisher%22%3A%224fotki1slovo.net%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.53%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22s2Qvb7r6Z2gvdUglx90B9Q%22%2C%22tagVersion%22%3A%22V2%22%2C%22gvlVersion%22%3A2%2C%22clientTimestamp%22%3A1716348181427%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-fannomug1f3c43qpwyu2%22%7D
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2ui-ru.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.120.230.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-230-251.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Wed, 22 May 2024 03:23:01 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H2 200 geoip Show response
cmp.inmobi.com/ 39 B
323 B 25ms
25ms XHR
application/json 2600:9000:275b:a000:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/geoip
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2ui-ru.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:a000:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 48b05fb62e4ccabc2460171b02ebc9db870f6519f3f37378c4521391bf5194fc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:23:01 GMT
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P7
x-cache: FunctionGeneratedResponse from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
content-length: 39
x-amz-cf-id: TV1MyNyYoenhuGLNCBQdjYkaL7EYUWhA6Q0yucQB_2JYwmGHAq06SQ==

GET
H2 200 favicon.ico
4fotki1slovo.net/ 1 KB
1 KB 14ms
14ms Other
image/x-icon 188.165.26.20
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://4fotki1slovo.net/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.165.26.20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 5adbec29e9976dfdbb882378ffa23120391f1ba9b85751cea3483ef28912d534

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://4fotki1slovo.net/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 03:23:01 GMT
last-modified: Tue, 16 Dec 2014 16:15:55 GMT
server: nginx
accept-ranges: bytes
etag: "54905abb-47e"
content-length: 1150
content-type: image/x-icon

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mgid.com/	1970-01-20 20:45:49	Name: __cf_bm Value: bECF1zP3CXzlWzJG2.yooapME1dMswgT3yXYSWnCq1I-1716348180-1.0.1.1-hxKVn8GgIy9hcQvCBe7qyEPvZ8owzUB1fupu1UmlqFrvqm7lYoLFOX_A06CjITc_fjqq3pF3alXOi43yzOCrBQ
4fotki1slovo.net/	1970-01-21 06:11:43	Name: _pk_id.32.d807 Value: 1b859d67ef140a9e.1716348181.
4fotki1slovo.net/	1970-01-20 20:45:49	Name: _pk_ses.32.d807 Value: 1
4fotki1slovo.net/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1241833%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221716348181070%22%7D%7D

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://4fotki1slovo.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4fotki1slovo.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4fotki1slovo.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4fotki1slovo.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4fotki1slovo.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4fotki1slovo.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4fotki1slovo.net
ajax.googleapis.com
api.cmp.inmobi.com
c.mgid.com
cdn.id5-sync.com
cdn.mgid.com
cl.imghosts.com
cm.mgid.com
cmp.inmobi.com
cmp.quantcast.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
jsc.mgid.com
netdna.bootstrapcdn.com
pagead2.googlesyndication.com
s-img.mgid.com
s2.alus.info
servicer.mgid.com
104.19.131.76
142.250.186.66
157.240.251.9
172.64.146.129
18.245.86.80
188.165.26.20
192.99.15.88
2600:9000:275b:a000:1b:cadc:ef40:93a1
2606:4700:10::ac43:266a
2606:4700::6812:acf
2a00:1450:4001:802::200a
2a00:1450:4001:81d::200a
2a00:1450:4001:82b::2003
2a03:2880:f083:9:face:b00c:0:3
3.120.230.251
019e210535002e755e38abe4d2332d76f5a96d706f9243c0570b4f0adafbca35
0478d233580d999d4180aff87b542dfe1fb73f4aa19ff2578110eaa0ee132bb7
12680e691211315bdc0c88cb6070f2e2ffa38ad38368cde4a0f10c0bd30a8692
30fa466eb13ae9fef3e91e73d2238866fae15c86581b9b68658f6310b0f6ea6b
347314b886585cf3cfcf598c78d9e852a813e5488dd0a13c5865991a4ea12e27
438819502b09dd814e086efe2288637ae2cdbdf662baf54cdc22a9d316a779a6
47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d
48b05fb62e4ccabc2460171b02ebc9db870f6519f3f37378c4521391bf5194fc
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4ac16ca7b287ec2186140272e09fa2b628e8ae7e5db9bfda878ba32729f95cb1
52761323179991d123e7691c631af98029fa25e0754cd5aa5eb09ce96b6f890c
548ea9419a81e60a62550d5803718f438a45aec546fdcd80d5e7154c3482ee89
5504b9b8fdd3668fd4a4c3389e2824611d0eb38435c8fddc1be8fee7f5b08037
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58c58e0909e14282f5a18361f515f998d64981f33c223cd37b50d86025e28dbd
5adbec29e9976dfdbb882378ffa23120391f1ba9b85751cea3483ef28912d534
5cd2b39e610c918fc267a8df1a8890605032e53e6f8e82ef9bae33f6fa4fce70
5df720bf21df5c81ec974a875c4dedf09ee26ccd6c2f914fa867a90c6c2cf538
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6950854c2b2a1eda6ad5727d2d95c70db5b1657fd4d4d367935756143a514abd
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6bf7f288ac5290f7089ea2b900a2a4d418882a3d9da24e83d26cc7081ac69d25
6d830a998066b3e15644d716280d1e6bdcef4dcb2c463da234743b7acb8416ed
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
7544db74e285d2b5ecc531c542ee124cb90d588c2424958ae28deeba570b1dc9
7599b02c78a3b4c19a0d7f6e3d7bc181d8f1abeda40de117d82ce2f4ff7f3dc5
77bff3e3c97deb5e1f9b0b9c5372e3754abca3c546f401c7ed74462cce1ec6bc
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7e41fdb78973afda473d0ae20399b1d5d2104b5ba0c6ba2ac2c601579fc6da75
81a161d5793ac2a33f02ddcd64fb0dc2d028616dac084e4f64e77f4898b0c4e4
87124f18c83129a2c74d89e7d7be39009d8d6dcae6fc3fc74720c7cc4c1df43a
90feaed8b265048ee9f5129893715c9734f3829b7632819c7445acb90b8fe442
9179efebfc0848eae00fc151a292cfc65858343ec1c94fe18dc32de1463002aa
92863e1b8ff8509cb446c05ae76b0c737515444d13f75091366ebef599ce08ff
95aacd00fb14bf5877cedaf52dcfb2934d1c31ec9b65da229c8f8953f808163c
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
af2cf95536bf55bfb908ac0faa2690dd408fff853fc5ed4f63d2446dc95dd061
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b39abd9035f703b76dfed940898d572b9864f676eb1912a9142f0639dca6b2ce
b4ccfefd002e8a40c5098e4f0d4327d5d55f7d8b6eb80cb52a5bbd190e772f33
b6e54e327e7319278ce826c6b27b20f9bf0e17ed687fc786d8a93d006b0bf053
b79825f49d51eea560c83a9dee93d408b78fb19a999942be5eaa4c1a6fc964bf
b91da1ddcde9c60a43dc2d9f514de71c623ebb15fdcd4a61e830731f049e737d
bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d
be1b058eb9e3fef483e425718456e8bc58fda7d4a81de0d6e794b1e03dfdbd01
be6420a60fc53934263a6651b0bc77b90cfeac8ce68793937919c22095e20270
cbea5b18a6e4c74b3e356e8aa325784c03aea878253b148788593cd8b3b7f834
d4cc3dfa1061aedf2533cf134f9d584568bc41a25090fb7ce77c5cdbec6c37e6
de759870d4e1ab1e2b5b4d4f2c90d7fcf9fdb77cbb4345ac0ee71b23ebdff318
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e576f12e82c468567e420386b68476ff7045815976395bc6baad1a822c7368a7
e7bf50fbca0db2d41093fb93a0193a4b837cd81b9568e60a8655cf6f0e1cb294
e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b
eeda2f1bdb37381724f4c39eb49fdf60296154514ab03aa75f20fddae17fdda2
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fc5b4c20937e193f49e7e75450b270e20c642f346ce27d040dbc78321cee08e4

4fotki1slovo.net Open in urlscan Pro 188.165.26.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

94 %HTTPS

47 %IPv6

12 Domains

19 Subdomains

15 IPs

5 Countries

2280 kBTransfer

4439 kBSize

4 Cookies

16 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

4fotki1slovo.net Open in urlscan Pro
188.165.26.20 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

94 %
HTTPS

47 %
IPv6

12
Domains

19
Subdomains

15
IPs

5
Countries

2280 kB
Transfer

4439 kB
Size

4
Cookies

63 HTTP transactions
0 data transactions