urlscan.io logo urlscan.io
SecurityTrails logo

www.gl5.ru Open in urlscan Pro
104.21.42.164  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
Effective URL: https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
Submission: On August 29 via manual from AZ — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 51 IPs in 10 countries across 53 domains to perform 198 HTTP transactions. The main IP is 104.21.42.164, located in and belongs to CLOUDFLARENET, US. The main domain is www.gl5.ru.
TLS certificate: Issued by GTS CA 1P5 on August 6th 2023. Valid for: 3 months.
This is the only time www.gl5.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 15 104.21.42.164 13335 (CLOUDFLAR...)
4 136.144.31.36 52000 (MIRHOSTING)
5 52.16.56.1 16509 (AMAZON-02)
11 142.250.186.66 15169 (GOOGLE)
5 172.67.163.139 13335 (CLOUDFLAR...)
1 69.16.175.10 20446 (STACKPATH...)
1 172.217.18.14 15169 (GOOGLE)
9 142.250.186.36 15169 (GOOGLE)
9 142.250.185.194 15169 (GOOGLE)
2 216.239.32.178 15169 (GOOGLE)
5 13 93.158.134.119 13238 (YANDEX)
3 104.17.24.14 13335 (CLOUDFLAR...)
2 64.233.166.154 15169 (GOOGLE)
1 142.250.186.72 15169 (GOOGLE)
1 142.250.186.34 15169 (GOOGLE)
5 142.250.186.131 15169 (GOOGLE)
2 142.250.186.163 15169 (GOOGLE)
1 216.239.32.36 15169 (GOOGLE)
11 142.250.186.33 15169 (GOOGLE)
13 23.111.100.20 39134 (UNITEDNET)
1 192.229.202.216 15133 (EDGECAST)
1 34.111.205.194 396982 (GOOGLE-CL...)
1 195.209.108.47 52007 (ADRIVER)
1 95.163.84.7 12695 (DINET-AS)
2 84.201.179.252 200350 (YANDEXCLOUD)
2 130.193.42.23 200350 (YANDEXCLOUD)
2 2 23.111.107.44 39134 (UNITEDNET)
1 2 89.108.119.28 197695 (AS-REG)
1 212.76.129.181 42632 (MNOGOBYTE...)
1 1 31.220.27.135 39572 (ADVANCEDH...)
1 172.67.155.223 13335 (CLOUDFLAR...)
1 1 77.223.124.18 50340 (SELECTEL-MSK)
2 2 195.209.108.57 52007 (ADRIVER)
1 1 65.109.23.99 24940 (HETZNER-AS)
4 4 217.199.220.43 61400 (NETRACK-AS)
2 3 188.42.196.115 7979 (SERVERS-COM)
1 1 46.243.142.48 208677 (CLOUDRU-AS)
1 1 217.66.147.38 29209 (SPBMTS-AS...)
2 2 217.66.147.42 29209 (SPBMTS-AS...)
1 1 213.87.44.187 13174 (MTSNET Mo...)
2 2 87.250.250.90 13238 (YANDEX)
1 1 176.9.79.218 24940 (HETZNER-AS)
1 2 31.172.81.158 44066 (DE-FIRSTC...)
1 1 95.163.92.180 12695 (DINET-AS)
3 3 142.132.138.213 24940 (HETZNER-AS)
1 2 193.3.184.212 50214 (QWARTA)
1 188.114.97.3 13335 (CLOUDFLAR...)
1 1 188.72.109.103 208677 (CLOUDRU-AS)
1 1 217.65.2.150 29076 (CITYTELEC...)
2 2 148.251.237.106 24940 (HETZNER-AS)
2 37.230.131.17 200197 (HYBRID-PO...)
1 2 193.232.148.143 48061 (UMA-TECH-AS)
1 23.111.115.84 39134 (UNITEDNET)
1 159.69.72.5 24940 (HETZNER-AS)
4 178.250.1.17 44788 (ASN-CRITE...)
4 142.250.181.226 15169 (GOOGLE)
32 178.250.7.2 44788 (ASN-CRITE...)
4 178.250.1.6 44788 (ASN-CRITE...)
6 178.250.7.17 44788 (ASN-CRITE...)
7 178.250.7.19 44788 (ASN-CRITE...)
2 31.172.68.122 44066 (DE-FIRSTC...)
2 2 3.74.29.98 16509 (AMAZON-02)
5 216.58.206.34 15169 (GOOGLE)
1 2 104.18.24.173 13335 (CLOUDFLAR...)
1 1 151.101.194.49 54113 (FASTLY)
1 15.197.193.217 16509 (AMAZON-02)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 1 35.190.0.66 15169 (GOOGLE)
1 1 35.186.193.173 15169 (GOOGLE)
2 178.250.7.12 44788 (ASN-CRITE...)
1 178.250.1.10 44788 (ASN-CRITE...)
198 51
15    104.21.42.164 (None, )

ASN13335 (CLOUDFLARENET, US)
gl5.ru
www.gl5.ru
4    136.144.31.36 (Moscow, Russian Federation)

ASN52000 (MIRHOSTING, NL)
cdn.alfasense.net
5    52.16.56.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-56-1.eu-west-1.compute.amazonaws.com
srv.tunefindforfans.com
11    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
pagead2.googlesyndication.com
5    172.67.163.139 (United States)

ASN13335 (CLOUDFLARENET, US)
www.gl5.ru
1    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
code.jquery.com
1    172.217.18.14 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f14.1e100.net
cse.google.com
9    142.250.186.36 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f4.1e100.net
www.google.com
9    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
googleads.g.doubleclick.net
2    216.239.32.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
13    93.158.134.119 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
mc.yandex.com
3    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    64.233.166.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wm-in-f154.1e100.net
stats.g.doubleclick.net
1    142.250.186.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f8.1e100.net
www.googletagmanager.com
1    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
partner.googleadservices.com
5    142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net
www.gstatic.com
2    142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net
www.google.de
1    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
11    142.250.186.33 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f1.1e100.net
tpc.googlesyndication.com
13    23.111.100.20 (Russian Federation)

ASN39134 (UNITEDNET, RU)
cs.alfasense.com
1    192.229.202.216 (United States)

ASN15133 (EDGECAST, US)
cstatic.weborama.com
1    34.111.205.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.205.111.34.bc.googleusercontent.com
dx.frontend.weborama.com
1    195.209.108.47 (Russian Federation)

ASN52007 (ADRIVER, RU)
ad.adriver.ru
1    95.163.84.7 (Russian Federation)

ASN12695 (DINET-AS, RU)
const.uno
2    84.201.179.252 (Russian Federation)

ASN200350 (YANDEXCLOUD, RU)
v.alfasrv.com
2    130.193.42.23 (Russian Federation)

ASN200350 (YANDEXCLOUD, RU)
s.alfasrv.com
2    23.111.107.44 (Russian Federation)

ASN39134 (UNITEDNET, RU)
cs.agency2.ru
2    89.108.119.28 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51802.reg.regrucolo.ru
x01.aidata.io
1    212.76.129.181 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)
sync.adspend.space
1    31.220.27.135 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    172.67.155.223 (United States)

ASN13335 (CLOUDFLARENET, US)
a.utraff.com
1    77.223.124.18 (Moscow, Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
ssp.afp.ai
2    195.209.108.57 (Russian Federation)

ASN52007 (ADRIVER, RU)
ev.adriver.ru
1    65.109.23.99 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.99.23.109.65.clients.your-server.de
ssp.bidvol.com
4    217.199.220.43 (Russian Federation)

ASN61400 (NETRACK-AS, RU)
PTR: s3.kimberlite.io
kimberlite.io
3    188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    46.243.142.48 (Moscow, Russian Federation)

ASN208677 (CLOUDRU-AS, RU)
PTR: fr16.segmento.ru
solta-sync.rutarget.ru
1    217.66.147.38 (St Petersburg, Russian Federation)

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-38-147-66-217.spbmts.ru
sm.rtb.mts.ru
2    217.66.147.42 (St Petersburg, Russian Federation)

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-42-147-66-217.spbmts.ru
vma.mts.ru
1    213.87.44.187 (Russian Federation)

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru
tech.rtb.mts.ru
2    87.250.250.90 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru
an.yandex.ru
1    176.9.79.218 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.218.79.9.176.clients.your-server.de
exchange.buzzoola.com
2    31.172.81.158 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
1    95.163.92.180 (Russian Federation)

ASN12695 (DINET-AS, RU)
match.qtarget.tech
3    142.132.138.213 (Falkenstein, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.213.138.132.142.clients.your-server.de
www.acint.net
acint.net
2    193.3.184.212 (Russian Federation)

ASN50214 (QWARTA, RU)
ssp-rtb.sape.ru
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
a.adsource.tech
1    188.72.109.103 (Sucre, Bolivia, Plurinational State Of)

ASN208677 (CLOUDRU-AS, RU)
alfasense-sync.rutarget.ru
1    217.65.2.150 (Moscow, Russian Federation)

ASN29076 (CITYTELECOM-AS Filanco LTD, RU)
match.new-programmatic.com
2    148.251.237.106 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-1.community.moscow
sync.upravel.com
2    37.230.131.17 (Amsterdam, Netherlands)

ASN200197 (HYBRID-POLAND, PL)
ssp.hybrid.ai
2    193.232.148.143 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp4.sender.ltmse.com
px.adhigh.net
1    23.111.115.84 (Russian Federation)

ASN39134 (UNITEDNET, RU)
pbs.alfasense.com
1    159.69.72.5 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.5.72.69.159.clients.your-server.de
ssp.otm-r.com
4    178.250.1.17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
4    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
www.googletagservices.com
32    178.250.7.2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
6    178.250.7.17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
7    178.250.7.19 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
2    31.172.68.122 (Frankfurt am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde1469.fornex.org
covivado.club
2    3.74.29.98 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-29-98.eu-central-1.compute.amazonaws.com
pm.w55c.net
5    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net
cm.g.doubleclick.net
2    104.18.24.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ius.ctnsnet.com
2    178.250.7.12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr3.eu.criteo.com
1    178.250.1.10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl3.eu.criteo.com
Apex Domain
Subdomains		 Transfer
45 criteo.net
static.criteo.net — Cisco Umbrella Rank: 621
csm.eu.criteo.net — Cisco Umbrella Rank: 9439
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9904
444 KB
22 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
tpc.googlesyndication.com — Cisco Umbrella Rank: 155
359 KB
20 gl5.ru
gl5.ru
www.gl5.ru
106 KB
16 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
stats.g.doubleclick.net — Cisco Umbrella Rank: 93
cm.g.doubleclick.net — Cisco Umbrella Rank: 242
67 KB
14 alfasense.com
cs.alfasense.com — Cisco Umbrella Rank: 138126
pbs.alfasense.com — Cisco Umbrella Rank: 112883
13 KB
11 criteo.com
ads.eu.criteo.com — Cisco Umbrella Rank: 9359
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10417
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 16830
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 15639
167 KB
11 google.com
cse.google.com — Cisco Umbrella Rank: 3083
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 3101
184 KB
10 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 11632
3 KB
5 gstatic.com
www.gstatic.com
596 KB
5 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4306
an.yandex.ru — Cisco Umbrella Rank: 5239
76 KB
5 tunefindforfans.com
srv.tunefindforfans.com — Cisco Umbrella Rank: 40724
60 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 222
227 KB
4 mts.ru
sm.rtb.mts.ru — Cisco Umbrella Rank: 38677
vma.mts.ru — Cisco Umbrella Rank: 40805
tech.rtb.mts.ru — Cisco Umbrella Rank: 44659
3 KB
4 kimberlite.io
kimberlite.io — Cisco Umbrella Rank: 34190
2 KB
4 alfasrv.com
v.alfasrv.com — Cisco Umbrella Rank: 276266
s.alfasrv.com — Cisco Umbrella Rank: 283803
2 KB
4 alfasense.net
cdn.alfasense.net — Cisco Umbrella Rank: 234863
78 KB
3 acint.net
www.acint.net — Cisco Umbrella Rank: 31022
acint.net — Cisco Umbrella Rank: 26200
1 KB
3 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1605
2 KB
3 adriver.ru
ad.adriver.ru — Cisco Umbrella Rank: 22541
ev.adriver.ru — Cisco Umbrella Rank: 37547
2 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
16 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 817
s.tribalfusion.com — Cisco Umbrella Rank: 1944
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 877
2 KB
2 covivado.club
covivado.club — Cisco Umbrella Rank: 290968
24 KB
2 adhigh.net
px.adhigh.net — Cisco Umbrella Rank: 20337
829 B
2 hybrid.ai
ssp.hybrid.ai — Cisco Umbrella Rank: 9133
207 B
2 upravel.com
sync.upravel.com — Cisco Umbrella Rank: 41814
1 KB
2 sape.ru
ssp-rtb.sape.ru — Cisco Umbrella Rank: 31386
1 KB
2 bumlam.com
sync.bumlam.com — Cisco Umbrella Rank: 3779
1 KB
2 rutarget.ru
solta-sync.rutarget.ru — Cisco Umbrella Rank: 58423
alfasense-sync.rutarget.ru — Cisco Umbrella Rank: 292194
822 B
2 aidata.io
x01.aidata.io — Cisco Umbrella Rank: 16751
940 B
2 agency2.ru
cs.agency2.ru — Cisco Umbrella Rank: 118181
1 KB
2 weborama.com
cstatic.weborama.com — Cisco Umbrella Rank: 84929
dx.frontend.weborama.com — Cisco Umbrella Rank: 39517
2 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6490
515 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
21 KB
1 ctnsnet.com
ius.ctnsnet.com — Cisco Umbrella Rank: 7139
626 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 6414
555 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2024
174 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 360
265 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 713
544 B
1 otm-r.com
ssp.otm-r.com — Cisco Umbrella Rank: 275485
297 B
1 new-programmatic.com
match.new-programmatic.com — Cisco Umbrella Rank: 41667
267 B
1 adsource.tech
a.adsource.tech — Cisco Umbrella Rank: 106216
688 B
1 qtarget.tech
match.qtarget.tech — Cisco Umbrella Rank: 101697
267 B
1 buzzoola.com
exchange.buzzoola.com — Cisco Umbrella Rank: 22185
174 B
1 bidvol.com
ssp.bidvol.com — Cisco Umbrella Rank: 38930
484 B
1 afp.ai
ssp.afp.ai — Cisco Umbrella Rank: 45737
294 B
1 utraff.com
a.utraff.com — Cisco Umbrella Rank: 47644
757 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 10942
204 B
1 adspend.space
sync.adspend.space — Cisco Umbrella Rank: 52540
242 B
1 const.uno
const.uno — Cisco Umbrella Rank: 99731
249 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1120
599 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
79 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 736
29 KB
198 53
Domain Requested by
32 static.criteo.net ads.eu.criteo.com
18 www.gl5.ru www.gl5.ru
code.jquery.com
13 cs.alfasense.com cdn.alfasense.net
11 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.gl5.ru
11 pagead2.googlesyndication.com www.gl5.ru
pagead2.googlesyndication.com
code.jquery.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
10 mc.yandex.com 3 redirects mc.yandex.ru
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
9 www.google.com cse.google.com
code.jquery.com
www.gstatic.com
tpc.googlesyndication.com
www.google.com
7 imageproxy.eu.criteo.net ads.eu.criteo.com
6 csm.eu.criteo.net ads.eu.criteo.com
5 cm.g.doubleclick.net googleads.g.doubleclick.net
5 www.gstatic.com www.google.com
5 srv.tunefindforfans.com www.gl5.ru
srv.tunefindforfans.com
4 cat.nl3.eu.criteo.com ads.eu.criteo.com
4 www.googletagservices.com googleads.g.doubleclick.net
www.gl5.ru
4 ads.eu.criteo.com googleads.g.doubleclick.net
www.gl5.ru
4 kimberlite.io 4 redirects
4 cdn.alfasense.net www.gl5.ru
cdn.alfasense.net
3 ads.betweendigital.com 2 redirects cdn.alfasense.net
3 cdnjs.cloudflare.com www.gl5.ru
ads.eu.criteo.com
3 mc.yandex.ru 2 redirects www.gl5.ru
2 rtb.fr3.eu.criteo.com googleads.g.doubleclick.net
2 pm.w55c.net 2 redirects
2 covivado.club www.gl5.ru
covivado.club
2 px.adhigh.net 1 redirects
2 ssp.hybrid.ai cdn.alfasense.net
2 sync.upravel.com 2 redirects
2 ssp-rtb.sape.ru 1 redirects cdn.alfasense.net
2 www.acint.net 2 redirects
2 sync.bumlam.com 1 redirects
2 an.yandex.ru 2 redirects
2 vma.mts.ru 2 redirects
2 ev.adriver.ru 2 redirects
2 x01.aidata.io 1 redirects
2 cs.agency2.ru 2 redirects
2 s.alfasrv.com
2 v.alfasrv.com
2 www.google.de
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 www.google-analytics.com www.gl5.ru
www.google-analytics.com
2 gl5.ru 2 redirects
1 rtb.nl3.eu.criteo.com googleads.g.doubleclick.net
1 ius.ctnsnet.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 tr.blismedia.com googleads.g.doubleclick.net
1 match.adsrvr.org googleads.g.doubleclick.net
1 sync-tm.everesttech.net 1 redirects
1 s.tribalfusion.com googleads.g.doubleclick.net
1 a.tribalfusion.com 1 redirects
1 ssp.otm-r.com cdn.alfasense.net
1 pbs.alfasense.com cdn.alfasense.net
1 match.new-programmatic.com 1 redirects
1 alfasense-sync.rutarget.ru 1 redirects
1 a.adsource.tech
1 acint.net 1 redirects
1 match.qtarget.tech 1 redirects
1 exchange.buzzoola.com 1 redirects
1 tech.rtb.mts.ru 1 redirects
1 sm.rtb.mts.ru 1 redirects
1 solta-sync.rutarget.ru 1 redirects
1 ssp.bidvol.com 1 redirects
1 ssp.afp.ai 1 redirects
1 a.utraff.com
1 s.uuidksinc.net 1 redirects
1 sync.adspend.space
1 const.uno cdn.alfasense.net
1 ad.adriver.ru cdn.alfasense.net
1 dx.frontend.weborama.com cstatic.weborama.com
1 cstatic.weborama.com cdn.alfasense.net
1 region1.analytics.google.com www.googletagmanager.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.googletagmanager.com www.google-analytics.com
1 cse.google.com www.gl5.ru
1 code.jquery.com www.gl5.ru
198 74

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
cl5.ru
Subject Issuer Validity Valid
gl5.ru
GTS CA 1P5		 2023-08-06 -
2023-11-04		 3 months crt.sh
*.alfasense.net
AlphaSSL CA - SHA256 - G2		 2022-10-27 -
2023-11-28		 a year crt.sh
srv.tunefindforfans.com
Amazon RSA 2048 M02		 2023-07-31 -
2024-08-28		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-08-14 -
2024-01-24		 5 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.alfasense.com
AlphaSSL CA - SHA256 - G4		 2022-12-10 -
2024-01-11		 a year crt.sh
*.weborama.com
Gandi Standard SSL CA 2		 2023-03-03 -
2024-02-28		 a year crt.sh
*.frontend.weborama.com
Go Daddy Secure Certificate Authority - G2		 2022-08-30 -
2023-10-01		 a year crt.sh
*.adriver.ru
GlobalSign GCC R3 DV TLS CA 2020		 2023-03-07 -
2024-04-07		 a year crt.sh
const.uno
R3		 2023-08-14 -
2023-11-12		 3 months crt.sh
*.alfasrv.com
AlphaSSL CA - SHA256 - G2		 2022-10-05 -
2023-11-06		 a year crt.sh
sync.adspend.space
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
utraff.com
GTS CA 1P5		 2023-08-14 -
2023-11-12		 3 months crt.sh
adsource.tech
GTS CA 1P5		 2023-08-21 -
2023-11-19		 3 months crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2022-09-26 -
2023-09-26		 a year crt.sh
*.sape.ru
R3		 2023-08-09 -
2023-11-07		 3 months crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-13 -
2024-02-13		 a year crt.sh
*.otm-r.com
AlphaSSL CA - SHA256 - G4		 2023-06-19 -
2024-07-20		 a year crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-21		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-27 -
2023-10-22		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-08 -
2023-11-08		 3 months crt.sh
vivarevasta.top
R3		 2023-08-08 -
2023-11-06		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-29		 3 months crt.sh

This page contains 18 frames:

Primary Page: https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
Frame ID: BE0505EFF24ABC1B2AB358D8D94270E4
Requests: 94 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20190131/zrt_lookup.html
Frame ID: A78631013FA523228973A1751A39C088
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8019775436904435&output=html&adk=1812271804&adf=3025194257&lmt=1693306716&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C356x945_r&format=0x0&url=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693313915945&bpp=2&bdt=317&idt=197&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6827183342517&frm=20&pv=2&ga_vid=398317794.1693313916&ga_sid=1693313916&ga_hid=1687589857&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077444%2C42531706%2C44795922%2C31077389%2C21065724&oid=2&pvsid=706724022780221&tmod=661182444&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=213
Frame ID: 0882BBB46F4E56C33C193BF92D81DA9B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8019775436904435&output=html&h=280&slotname=8728295789&adk=601693685&adf=1831963675&pi=t.ma~as.8728295789&w=650&fwrn=4&fwrnh=100&lmt=1693306716&rafmt=1&format=650x280&url=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693313915947&bpp=2&bdt=319&idt=217&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6827183342517&frm=20&pv=1&ga_vid=398317794.1693313916&ga_sid=1693313916&ga_hid=1687589857&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077444%2C42531706%2C44795922%2C31077389%2C21065724&oid=2&pvsid=706724022780221&tmod=661182444&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IYuWfyKmBW&p=https%3A//www.gl5.ru&dtd=221
Frame ID: 807DBD353E2554370168D435D3AB9303
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4dzMUAAAAAKiQ4N3jMCYwE9SIQ5b2ZGq8naN8&co=aHR0cHM6Ly93d3cuZ2w1LnJ1OjQ0Mw..&hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=normal&cb=7kphkzqmj2x0
Frame ID: 278083594BC5549875FBB21982F48476
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 68700947AFAE73EF378DBE0460E1DB73
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CDD6A072A8C090715372F3A2A766E94E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6Ld4dzMUAAAAAKiQ4N3jMCYwE9SIQ5b2ZGq8naN8
Frame ID: B53E920CD337A17491E4AF47FDBF1ABC
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8019775436904435&output=html&h=280&adk=1822737079&adf=2561986437&pi=t.aa~a.190590905~i.22~rp.4&w=650&fwrn=4&fwrnh=100&lmt=1693306716&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6438916086&ad_type=text_image&format=650x280&url=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&fwr=0&pra=3&rh=163&rw=650&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693313916939&bpp=1&bdt=1311&idt=1&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43982642264460c1-228c96375fde00e4%3AT%3D1693313916%3ART%3D1693313916%3AS%3DALNI_Mb8i3KqdI5_wL-vU269pnFu5FSH_Q&gpic=UID%3D00000c69cb4acb82%3AT%3D1693313916%3ART%3D1693313916%3AS%3DALNI_MZIfp-AZEdkamDtCF-9yGfnG2rp7Q&prev_fmts=0x0%2C650x280&nras=2&correlator=6827183342517&frm=20&pv=1&ga_vid=398317794.1693313916&ga_sid=1693313916&ga_hid=1687589857&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=1266&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077444%2C42531706%2C44795922%2C31077389%2C21065724&oid=2&pvsid=706724022780221&tmod=47055246&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=nGDVMn2K7F&p=https%3A//www.gl5.ru&dtd=5
Frame ID: 6E3CC03DB09F46CFEDD2E2C5FCC492AD
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Frame ID: CCD34DC953FF6D785CBEB0F4B4930379
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Frame ID: 93A9CA64C627583038FAA80DABFAD353
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Frame ID: E582CADA0DBE63AEBF70F0354677468D
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD014By4X1AArQnF9vQPi2xnfQDdlOdg&u=%7COKIgpqOK8DzZSDHCyjSHBIxSI%2BcZJrWPVv2BNQgZ3KQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T2AWRlHZFqNLc3RoMYYFkAd1FczsaqiQzUn7j0o6i0taIPJvCpdwRANnDandhaD3VGKE09Yw3jJ5Sr9vriZr2SVL-x1d-TVFUNAHvkWpy1DK4z9Nnm6L1wJg6KIkx1bMQ4pO3IS-JJAFHz_gE8QZg8TviHJYoVqerJ-cizSn9oHO3Hqo-3Bptr6sKW58uhJX1GuYeukGOMGP6FAwlL7NC-kGZtSzsyNl92FBhHfI-RhkNWEZaPRrdEZe3eT8RI5u9fsUvJRUnoM3lM2wkNaXx9jqdk8K_ZjZqORRkYxEpVgHqIcKcDMfXODEDXumC3vnx_DG2L5OwO-M4MDfQvG_UPI7q_FHyRy4eXshfI5WGdYt27P2DhIQAKti1IA3zRQvw70FNwsxBf8X9q-wSE0x24eCp3ZNYpyaxZxe57GDQl-TxmLbvMcMX5jXhckN5wUh0y8lUNKedejZIWnF9wgWb3ASFmbKczv9hGes1r1HqYhmrXVCONMHnWmkvTNxFAzB8NrcYk_wqcrxhvYyYUGkXK3Jl7eb5f-5-2ONxO3IjfhoK8n0khY25MTVw5DyV-nmTXqfLRru4xkpXFxRwJpUQN5TZ9DQK4xbdhNd6x3UsMNn&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGTtpfOvtZN6mD_WLrr4PnKGr0AfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTsAU_Qgp2Fx5zFcE92fxC5lrz2VluAzbM3yCAGdNW-QRALZMve5ifLPGIOpNJmJk5etQpSG7ukhMsdcl7mQtseOrbONp_wJKAhTLZTXXVKho79pePoyC_YDLseNY4EwWrCz0u5RPoXnXzteReioC57-68-kVX_IuEV5y5RCavKmwVycsGCkuiYTXcTxGmfL1vVNDoBdxMUJb5nZatic2-LIqkT6Rr33uLbbMN6unrk3wBaiNe3vmRZDGQvIyCIktnjIUogzWgHm3PRoTQKN8nXchvQ_qN-OsUFGDylSHWOt_hmbZuvEm5N_CWDtjC6gAaO1LKct7KlrWKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3gjMlruJ9yz3g7oRGrmk9oi2FCZw%26client%3Dca-pub-8019775436904435%26adurl%3D
Frame ID: 29C42876442192A6F3AD6515FD95F8F4
Requests: 12 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD018By4X1AArQnJ5uylUhwtwmH_k2WQ&u=%7COKIgpqOK8Dwb11ny2PdIDNQ8CAQCXUb0OO8AeQ6dJiE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-ox6jq5uP4vOL-FhBPok8rq59LQxzJ4SYhSaOEnzVwe7cgF-ow3AEzfTVq8DR_h_nDzdht095CABhDf5goUwyubgDEqRKkmHnmYLYMsjGFcTNzfXQ8hz19EwTuPIq9MoSGd7xobcbwpYdZKRKt4rsc1lfufYsu8UswFzYGYYFZ6qHyU7nk_hYnEFmNHOc5pKuqEaokkZQ9Hyk_2ppset_wAXaRr3GOWjIgNKojhjUbyjSHqravbp5mUevzE2sUQCdcp83FOsnJ4vHrmvg_AaKP5m-FFLRPVxTkY6_rPpnp8x4Z--aJhtq5Dn2flpe1GsdhP783GiYOEY_7Aa1UjqE-CgESg8aGrMPWYTrVu_B5C5R27gUZJqh4X8OfN1wrX721YcOwIy0hEWxiMo1FJGJCDNaLFTONs7JKf1SpcPjrTNOnxKwaiAua7fG1RZdD3xxVr8WrCaHetsqPWWKeEJhsRXEN6TVmuLx_2gtZyKl94NprsAd3YZhAN088LvdHOT86Y5-TC1tYS8Igr5VXEyI2O5UqIwI3YC0Cyx11Kndt5-Ygy9WRzGE50rw1KedbQUYdIjPNClYq7eCg-SXlalaPlV_mITYgroRIASp8dCGqo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtKxrfOvtZN-mD_WLrr4PnKGr0AfJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTsAU_QeqhuMsP438mCXRHsrSdg9F6pQovIpy6bCAIrsdvwepQF27QXoQN1SBNz_2pe0hdD2qw_F7A1W9H1j1CZODl86TMs6i79Q1M333_hx7miDqEkNuWntrnDr23n9fWrq1v2z5QJ81U44Gii-Z_Z_N-CJGCfoCaOzoskPhiLbEPp9sE4qdni7Ec7nIOyjUmZv8kfmmWeYiZUPuxRwv9WllZpTMDknddmlqYtnsLYSR2IIEiQf_o794-y75r8wH_GGdGoUe7O7scGzreuHTHvdhuoTk5MS3Qc2IZe3ykZmfx_YJIJC-ppEcEqKhvpgAbs6KWm5_L3uY0BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0o8XNi2V7aHCx3hWTrVGlFa97oAQ%26client%3Dca-pub-8019775436904435%26adurl%3D
Frame ID: DA0F8279887D10B726B710F9823EA7AE
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js
Frame ID: C03DD9DAE6C6B4E1E6ECB2376DAC583C
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD02ABy4X1AArQnOli8gltXXNZ8qpkWg&u=%7COKIgpqOK8DwNxxSASp%2BqQSgBryyEjh6dp6UaJ9Tudts%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUKpu9hy7Ffnun-WE9FjbXP1W0e4y8lK96xIqJRLJoNk_R_9LZxWlB9CMmRA414eeU6CFLwxAC3u2cad6flRwHxxoSySX_crPUF2KGIvX_g1l8M2qvAzIvrtoSqDOHfh4IT6YwzGSUad4yDnsKE3dUMDir8B0WNSUp8T_7CuJTIKweX1yAl5nmCDTvsGS6sjwU5lp5KTMRIHQfHNmXJQLZkOeg2I0m6DsmB7S-9SCpmtAAAdzp7YITGJM8-pBQlyAPMBjx5mALqEcajo1Uyyzk007K_toPR1B8O_ffUxWF1JUx6WUduVOgLFsuCkSBCoZ1AipxHDWtSWAlbOhIdkdrjzji86IzLY9OTEVzoZbTrA0g_xmeZwpxmwTVUzrtdafu5o1hwJRUCaU4Dy8ndOOR4Zmn0rw2n3vkqUD9hcM9Apsb7aGkMeUKoWMPEuX-_aq4BEYgHc-kjaBQWEgTUTYXi3Brerb8n7uDcgLIiMpZ_Ic0q4nXv0pNKtU8vNx7i0jx2C23mgJs_EBeAPYk3YKJmboVLqpSEk86_pb736c_a-cSDFENJ2rqvbaqnoMRi8W6Bg5nNIO-qXmMLpM-0GynZKxqwBIvtZWkpvAXp_tlZx4O-MLS8yz9Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGUrofOvtZOCmD_WLrr4PnKGr0AfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTtAU_QWyfE5CicfqAl82U273409WWgN7EoQxhIbMfwPntjuWt92GdRkRfuV-x8__pMUlzTAlPkOipehd0Ylwu-7A0Q2qQ3R8_XrjplLuplX-qLd_qE0hBi9qmDlVAmtxpkBn44zYFw_cHvZiJyY7bCqZp5IqDNJgYnEVtu-WzwvO3AGz383pjIqTQLSXq3EqoQ4SSaotvOxpaWdEtgdfK8FXlHLlQlB16LaetpAbifSbasm5h2kAhMxm41Mk3un9ew_Yfra641JBFK23zsggNbEH3R2hiBmVAWsOz0cZxX7OtASq3EnD_CbGOU4fD1i4AG7ajznMK8-trOAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_20m4JX7eaU2tO8Wab1PAHzzCgIog%26client%3Dca-pub-8019775436904435%26adurl%3D
Frame ID: E98418A4DBBA0D2084AE30621971FD2F
Requests: 13 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfQAAa0AKwQADAArJvz3HYqc_dlvGQjjJ8w&u=%7CZv5iWoJ9thCuTL83xBPIC3x8kJE%2B%2FU6ZVHEpi8aOTVs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUZvkb7Wl-VYDq7jFMw4QK-Jm3uRjxMDExV9A4B_9uc1S6Be9z-_Dqf-iTgGrtWILeL97lKHH1yLDJfDDqVjvOlHJ_uo95xbjQeWOgNVhhmfu-1raFwmgFCln2eoGJ_hCD6AtGGjV7ArJgPZKFBfuizbPr6iKtCeoYesImNuVTWQ6QoobreOKJT1Vo0aQHJjagcdgk5nl36XPFQ5aqcpzVOQcZnZFST8vaX_QqAvzE0dVLUU3jss-0OqO-o9_Jo7YTAXN1fb7WxXd2bQH36foxac7FJdKGE0WecYlOMZtCOBx-nNMKUT_eXgwNS3YRvP-K_ijbt7zshWg1yvTNCPxYPY9BxgvVtlPCQ_gsIsVZcozd_tNG0Wb5T5zqA8WAoJKZLzhZLm9ZmTiesClu3nqxR0lpnVtsMPdTiLUbYuoormqkiqyc_lFek00iy1IpG2NcqaSFwMf6XFxnHMIUg1ZA8vmlTu5cQdNZAKIpaf3yLuPnefXM6pg-AsjeWWwwpwHKiBjDLtWNHkiXCeW-W1rfUEnIIHsnKfsMqYY5p0UbGbz-JfysNLiud3z9yOON8HTJT7nr8dy56nW4HV-feRAk3Eek3YsVbZ-YthiZWH2eUAnnQtOULCfXU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCskEPfevtZMDWAYOAhAa_k6u4Csme0rFczeGS93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItODAxOTc3NTQzNjkwNDQzNcgBCakCocLwQvsnsj6oAwHIAwKqBPIBT9B9BoOrMdvMJLT_y_5K_g-kaSK1aRtI8dg0icGoW-XzxEfty8fJqyE_t7kSaXI80q2mqTp_5EyRNqp03oiZ2l0DKRrFXDPM2doePyQehCD6FIrzmmy7W4HUqjFl-MIqEssYMoeInQutzy159cXIDGj1FxYeZE_4kXkodyTdGTmsTLMXESsUkfvIjW1eSO-1Q6ua1mqfeTckoVfR9yNPBzHWSRPRmKWHo_mCcL_RYiDJiaP-53mEO5MLFwLZBjPPBdW4V-oUWse-bSa7ppXk05im5fpdgTHLgXdiBNmg7YLasXA4oNDZrmO7Ku4rH83VZfSABo7Uspy3sqWtYqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ryc557n86Nf4Z6s4IGKxRC5sI0g%26client%3Dca-pub-8019775436904435%26adurl%3D
Frame ID: 3C08C67281D74B9EAB70A4E859A4ED5F
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 15C6F106E5B4A902AD2B1209E163BBA4
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Сплин - Прочь из моей головы текст песни(слова)

Page URL History Show full URLs

  1. http://gl5.ru/s/splin/splin-proch-iz-moej-golovy.html HTTP 301
    https://gl5.ru/s/splin/splin-proch-iz-moej-golovy.html HTTP 301
    https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:adriver\.core\.\d\.js|https?://(?:content|ad|masterh\d)\.adriver\.ru/)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

198
Requests

88 %
HTTPS

0 %
IPv6

53
Domains

74
Subdomains

51
IPs

10
Countries

2556 kB
Transfer

6063 kB
Size

65
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gl5.ru/s/splin/splin-proch-iz-moej-golovy.html HTTP 301
    https://gl5.ru/s/splin/splin-proch-iz-moej-golovy.html HTTP 301
    https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10110.xxuDtqLClEiEG7Kqs87CpFSNOl9FTWTWhPacHOZdcpG67pAvED9tNuRVK69shPVW.utY5QyL0YwIBenOtxyfWDUb-BUA%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10110.5TtdzMscWmBvUopJxm8r1c5oeINS2kec-z9iBv0YcFGdhXY2OuyMah3oURz-Hucc_u-6EQjKiOj1-cR8xxVKbZr57PPHP4KTB48njsOws4g%2C.uBjLWR0KIwDbV1bnrhouaUhEi48%2C
Request Chain 72
  • https://mc.yandex.com/watch/69086140?wmode=7&page-url=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiugyrqh3hb%3Afp%3A328%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1094%3Acn%3A1%3Adp%3A0%3Als%3A1630795842055%3Ahid%3A434852524%3Az%3A120%3Ai%3A20230829145836%3Aet%3A1693313916%3Ac%3A1%3Arn%3A419199867%3Arqn%3A1%3Au%3A1693313916741355537%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C78%2C1%2C206%2C0%2C%2C6%2C0%2C356%2C356%2C0%2C354%3Aco%3A0%3Acpf%3A1%3Ans%3A1693313915340%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1693313917%3At%3A%D0%A1%D0%BF%D0%BB%D0%B8%D0%BD%20-%20%D0%9F%D1%80%D0%BE%D1%87%D1%8C%20%D0%B8%D0%B7%20%D0%BC%D0%BE%D0%B5%D0%B9%20%D0%B3%D0%BE%D0%BB%D0%BE%D0%B2%D1%8B%20%D1%82%D0%B5%D0%BA%D1%81%D1%82%20%D0%BF%D0%B5%D1%81%D0%BD%D0%B8(%D1%81%D0%BB%D0%BE%D0%B2%D0%B0)&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
  • https://mc.yandex.com/watch/69086140/1?wmode=7&page-url=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiugyrqh3hb%3Afp%3A328%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1094%3Acn%3A1%3Adp%3A0%3Als%3A1630795842055%3Ahid%3A434852524%3Az%3A120%3Ai%3A20230829145836%3Aet%3A1693313916%3Ac%3A1%3Arn%3A419199867%3Arqn%3A1%3Au%3A1693313916741355537%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C78%2C1%2C206%2C0%2C%2C6%2C0%2C356%2C356%2C0%2C354%3Aco%3A0%3Acpf%3A1%3Ans%3A1693313915340%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1693313917%3At%3A%D0%A1%D0%BF%D0%BB%D0%B8%D0%BD%20-%20%D0%9F%D1%80%D0%BE%D1%87%D1%8C%20%D0%B8%D0%B7%20%D0%BC%D0%BE%D0%B5%D0%B9%20%D0%B3%D0%BE%D0%BB%D0%BE%D0%B2%D1%8B%20%D1%82%D0%B5%D0%BA%D1%81%D1%82%20%D0%BF%D0%B5%D1%81%D0%BD%D0%B8%28%D1%81%D0%BB%D0%BE%D0%B2%D0%B0%29&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1
Request Chain 73
  • https://cs.agency2.ru/p?ssp=ai&skipme=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec HTTP 301
  • https://x01.aidata.io/0.gif?pid=7140034&id=7574fdef-0c58-4bf8-8c08-e0b5ef4c937d HTTP 302
  • https://x01.aidata.io/0.gif?pid=7140034&id=7574fdef-0c58-4bf8-8c08-e0b5ef4c937d&bounce=1
Request Chain 75
  • https://s.uuidksinc.net/match/1215/?remote_uid=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec HTTP 302
  • https://cs.alfasense.com/p?ssp=kd&uid=jg8biU3L5gyx2P4aO42n
Request Chain 77
  • https://ssp.afp.ai/api/sync/alfadart?skipme=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec HTTP 302
  • https://cs.alfasense.com/p?ssp=al&id=6cefc55b-4c91-4cf0-ac08-010d75d6bf5f
Request Chain 78
  • https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=8918732&bn=8918732&skip=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec HTTP 302
  • https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=8918732&bn=8918732&skip=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec&tuid=-4469930286 HTTP 302
  • https://cs.alfasense.com/p?ssp=ar&id=Aa4lK5OIxz_g3ifoAhsxMCg
Request Chain 79
  • https://ssp.bidvol.com/usersync?dspcsid=135&redirect=1&id=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec HTTP 302
  • https://cs.alfasense.com/p?ssp=bv&uid=a5x4vrnqr5
Request Chain 80
  • https://kimberlite.io/rtb/sync/alfasense?u=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec HTTP 307
  • https://ads.betweendigital.com/match?bidder_id=45004&callback_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbetween2%3Fu%3D%24%7BUSER_ID%7D%26f%3Dhttps%253A%252F%252Fcs.alfasense.com%252Fp%253Fssp%253Dst%2526id%253DZO3rfGe-x-s%26n%3D1 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45004&callback_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbetween2%3Fu%3D%24%7BUSER_ID%7D%26f%3Dhttps%253A%252F%252Fcs.alfasense.com%252Fp%253Fssp%253Dst%2526id%253DZO3rfGe-x-s%26n%3D1&crf=1&rts=-2369530022371240061 HTTP 302
  • https://kimberlite.io/rtb/sync/between2?u=f8511940-deaf-52f1-9c68-3ccbf885d7b7&f=https%3A%2F%2Fcs.alfasense.com%2Fp%3Fssp%3Dst%26id%3DZO3rfGe-x-s&n=1 HTTP 307
  • https://solta-sync.rutarget.ru/sync HTTP 302
  • https://kimberlite.io/rtb/sync/segmento?u=p3LaVrrFAYD_ HTTP 307
  • https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZO3rfGe-x-s HTTP 301
  • https://vma.mts.ru/match/second?ssp=59&exu=ZO3rfGe-x-s HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=37eb4e60-68c4-43a4-a997-19adcc51dfa6&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FN-tOYGjEQ6SplxmtzFHfpg%3Flocation%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D59%2526em%253D0%26sign%3D1717350664 HTTP 302
  • https://an.yandex.ru/setud/mts_banner/N-tOYGjEQ6SplxmtzFHfpg?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=1717350664 HTTP 302
  • https://an.yandex.ru/setud/mts_banner/N-tOYGjEQ6SplxmtzFHfpg?redir-setuniq=1&location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=1717350664 HTTP 302
  • https://vma.mts.ru/em?next=59&em=0 HTTP 301
  • https://kimberlite.io/rtb/sync/mts?u=be148231-2b48-4afe-8716-df3c62985fb4 HTTP 307
  • https://cs.alfasense.com/p?ssp=st&id=ZO3rfGe-x-s
Request Chain 81
  • https://exchange.buzzoola.com/cookiesync/redirect?skip2=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec&redirect_url=https%3A%2F%2Fcs.alfasense.com%2Fp%3Fssp%3Dbz%26uid%3D%24%7BUUID%7D HTTP 301
  • https://cs.alfasense.com/p?ssp=bz&uid=d7dbb6da-1586-42c5-7ebb-183de98b70a8
Request Chain 82
  • https://sync.bumlam.com/?src=asense&uid=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec HTTP 302
  • https://sync.bumlam.com/?src=asense&s_data=CAIQARj81renBmIkYjAyMzBmNmYtMmJiOC00M2M1LWFmZTYtOGMwMGQ5YTUzNGVjogEQxJ0qSkZrEe6G4AAlkMBkfA**
Request Chain 83
  • https://match.qtarget.tech/userbind?src=alfasense&id=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec HTTP 302
  • https://cs.alfasense.com/p?ssp=tg&redir=0&id=
Request Chain 84
  • https://www.acint.net/rmatch?dp=185&euid=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec&r=https%3A%2F%2Fcs.alfasense.com%2Fp%3Fssp%3Dsp%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://www.acint.net/rmatch?r=https%3A%2F%2Fcs.alfasense.com%2Fp%3Fssp%3Dsp%26uid%3D$%7BUSER_ID%7D&dp=185&tc=1&euid=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec HTTP 302
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fcs.alfasense.com%252Fp%253Fssp%253Dsp%2526uid%253D$%257BUSER_ID%257D&dp=14 HTTP 302
  • https://acint.net/rmatch?dp=14&euid=2503420A7DEBED64C700558002D6F607&r=https%3A%2F%2Fcs.alfasense.com%2Fp%3Fssp%3Dsp%26uid%3D$%7BUSER_ID%7D HTTP 302
  • https://cs.alfasense.com/p?ssp=sp&uid=0100007F7CEBED648E037C0B02F13D50
Request Chain 85
  • https://cs.agency2.ru/p?ssp=al&uid=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec HTTP 301
  • https://cs.alfasense.com/p?ssp=a2&uid=7574fdef-0c58-4bf8-8c08-e0b5ef4c937d
Request Chain 87
  • https://alfasense-sync.rutarget.ru/sync?uid=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec HTTP 302
  • https://cs.alfasense.com/p?ssp=sg&uid=wmT2HnBvMwpe
Request Chain 88
  • https://match.new-programmatic.com/userbind?src=alfasense&id=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec HTTP 302
  • https://cs.alfasense.com/p?ssp=tg&redir=0&id=
Request Chain 89
  • https://sync.upravel.com/alfadart/sync?uid=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec HTTP 302
  • https://sync.upravel.com/alfadart/sync?uid=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec&session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuZ2w1LnJ1LyJdfX0 HTTP 302
  • https://cs.alfasense.com/p?ssp=up&id=173b9518-af20-4cef-916c-a352c4c33b5d
Request Chain 92
  • https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10110.q70QE0qfHgynmwE79KFaBU4dXMpWQNT8DHfmMZMQuLOYLzOOuQJN2oSidrZnNZN9.CACFFmAGDbIGjco3olaVMJE3d6U%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10110.uPBv09pNmKRdV8Tz7uFFb9OPXAXyL-1Xy_T0dRwW6g-ls2elQfWyFP_aw7-cCWZUh_DGos4pcDn8_3asYgMSBsmQTUnldczaMkbrdqqv5C0%2C.jUSR0UJAl4NYh86GzGtTVp7NjQM%2C
Request Chain 98
  • https://px.adhigh.net/rtb/direct_banner?bid_id=6a91af2bb6109c&pid=66&tid=300x250_alfadart&known=1&is_video=false&resp_type=JSON&provider=direct.prebidjs&size=300x250&floor=50&cur=RUB HTTP 302
  • https://px.adhigh.net/rtb/direct_banner?bid_id=6a91af2bb6109c&pid=66&tid=300x250_alfadart&known=1&is_video=false&resp_type=JSON&provider=direct.prebidjs&size=300x250&floor=50&cur=RUB&bounced=1
Request Chain 159
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENZZlJKwhVB1OAXIsvEDC0U&google_cver=1&google_push=AXcoOmQzdydJWiV04EpcMJ7ZlO-7jDNGEqaiOwRChODD5slvYGN_3HjAU4ZeYo0plh6CLOy7WNPUNXfl8czU2bsybHehD1bXpP-2XWM8 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENZZlJKwhVB1OAXIsvEDC0U&google_cver=1&google_push=AXcoOmQzdydJWiV04EpcMJ7ZlO-7jDNGEqaiOwRChODD5slvYGN_3HjAU4ZeYo0plh6CLOy7WNPUNXfl8czU2bsybHehD1bXpP-2XWM8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NTBKR0RQMGcxUUFZaU41&google_gid=CAESENZZlJKwhVB1OAXIsvEDC0U&google_cver=1&google_push=AXcoOmQzdydJWiV04EpcMJ7ZlO-7jDNGEqaiOwRChODD5slvYGN_3HjAU4ZeYo0plh6CLOy7WNPUNXfl8czU2bsybHehD1bXpP-2XWM8
Request Chain 160
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEFUzBpDuPtC7bLM1HOaM51I&google_cver=1&google_push=AXcoOmSmriK8cVh4s6b8ms0OCkKLICP6XbWKvKdSrMMg9-TT-VEWcBuG6NgZPHvJmgjsBOgyfaEeWAXA84ZQZCtbvT64kPMewvVS1DDw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSmriK8cVh4s6b8ms0OCkKLICP6XbWKvKdSrMMg9-TT-VEWcBuG6NgZPHvJmgjsBOgyfaEeWAXA84ZQZCtbvT64kPMewvVS1DDw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFUzBpDuPtC7bLM1HOaM51I&google_cver=1&google_push=AXcoOmSmriK8cVh4s6b8ms0OCkKLICP6XbWKvKdSrMMg9-TT-VEWcBuG6NgZPHvJmgjsBOgyfaEeWAXA84ZQZCtbvT64kPMewvVS1DDw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSmriK8cVh4s6b8ms0OCkKLICP6XbWKvKdSrMMg9-TT-VEWcBuG6NgZPHvJmgjsBOgyfaEeWAXA84ZQZCtbvT64kPMewvVS1DDw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 161
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEEBUIv1eM1wpbximChCi_lc&google_cver=1&google_push=AXcoOmRiRJgXteV6kRtq9ku2tzA6emgK3UnMZ9nj2Q8VWNAllHjcoisnXTtRBvUfeiANtnXXuByVQQ_vk9Q4YrQNd93tOkx_0Fs7-ro HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEBUIv1eM1wpbximChCi_lc&google_push=AXcoOmRiRJgXteV6kRtq9ku2tzA6emgK3UnMZ9nj2Q8VWNAllHjcoisnXTtRBvUfeiANtnXXuByVQQ_vk9Q4YrQNd93tOkx_0Fs7-ro
Request Chain 164
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESENI8jKDIDu6nm7PA10ckFfo&google_cver=1&google_push=AXcoOmSppYPfk4uzlwd9-wIb5b380UlV5lHXbWp96YcbSzVFFCR3jHtMcldtNzHD2Y7go5N4g0C0SQbBXINIYpEpAOvYU96iTr68H89P HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=DbeHhmCATSaYMBxg0_-24A2&google_push=AXcoOmSppYPfk4uzlwd9-wIb5b380UlV5lHXbWp96YcbSzVFFCR3jHtMcldtNzHD2Y7go5N4g0C0SQbBXINIYpEpAOvYU96iTr68H89P
Request Chain 165
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEGlxxAPyQz-tKe7ZEXWo3R0&google_cver=1&google_push=AXcoOmQQqAEdADPFA7SMb2KBnwP8Qx3g_FWO0r-CMjwhVDHvrCe9OCOsGy5EYMJDFR-L-dqjBWR3t0djBruMgELQniljNWJa5GFuz1RrsA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQQqAEdADPFA7SMb2KBnwP8Qx3g_FWO0r-CMjwhVDHvrCe9OCOsGy5EYMJDFR-L-dqjBWR3t0djBruMgELQniljNWJa5GFuz1RrsA&google_hm=tsXLE0DhQUWfUQ4uQijsgLg

198 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request splin-proch-iz-moej-golovy.html
www.gl5.ru/s/splin/
Redirect Chain
  • http://gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
  • https://gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
  • https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.42.164 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99a121cc5b663678c7af3c1d2532656f6346a9a2e56f471f7c22c43c1904d8ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7fe4f7643f834d5b-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 29 Aug 2023 12:58:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8rFFtrgWb0W4P5fRQ3A%2BbJ0v2Z6oMg4NA4sQX%2Fw%2BigleHXsK%2Bn8siMnGKvwJSoEvtCuMgLHU2s8RWQWtMCb49ylodz2kqTH4fUnvAQ7cMeKaU548LdFT7VjfAFx"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000;
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7fe4f763cefd4d5b-FRA
content-type
text/html; charset=iso-8859-1
date
Tue, 29 Aug 2023 12:58:35 GMT
location
https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fAczkdidMrJxCR9ZUJSlCEeRyvybdyjubYMY%2F%2BFpNDKQvU92pJjZVTQQkRRkXoH9xh9ObPYmBnzzZMuHQgsoRMwkTq80PRcRf6dCjeAuwlubC%2BO2TDrG9UY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000;
mia-boyka-ananas-adidas-160.jpg
www.gl5.ru/photos/m/mia-boyka/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gl5.ru/photos/m/mia-boyka/mia-boyka-ananas-adidas-160.jpg
Requested by
Host: www.gl5.ru
URL: https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.42.164 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1c30bafc1dadbf6df1f21690867f2e3621c3914bdf968693b86dea45dc549d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:35 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
720558
alt-svc
h3=":443"; ma=86400
content-length
4647
last-modified
Tue, 26 Nov 2019 02:31:03 GMT
server
cloudflare
etag
"5ddc8e67-1227"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mNFyKWRlweAz43TvTFzJsqLsWBdfJE8zZr25F15932y9fvEkZicVrt8GMcO%2FR5QuxkvLoJsGXwuB%2BCbG3rdSCDKW4acxoJ8KHlQNluILgFWqMeKgdSVKGf9sPO%2Fc"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
cf-ray
7fe4f764b8274d5b-FRA
expires
Wed, 30 Aug 2023 01:12:04 GMT
mull3-milaya-milaya-160.jpg
www.gl5.ru/photos/m/mull3/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gl5.ru/photos/m/mull3/mull3-milaya-milaya-160.jpg
Requested by
Host: www.gl5.ru
URL: https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.42.164 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad09f7f363054e1444e4b959899fcfdec6c42c8f9cb700bb93bbbcd415d832f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:35 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1674569
alt-svc
h3=":443"; ma=86400
content-length
5989
last-modified
Tue, 26 Nov 2019 03:18:26 GMT
server
cloudflare
etag
"5ddc9982-1765"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2ByKjQ4Z7HovJbe5IKjK%2F4JM1Q5Qb2iamzDXmnNA2rIpv09DFgkC%2FbJK46hB2u8luSLW%2BgJ0mJFmBMCRa2KI%2BXR2PWVzAJ5z6cDFejjHT7VaeOPhaVfkxeM%2BOvkoZ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
cf-ray
7fe4f764b8294d5b-FRA
expires
Tue, 29 Aug 2023 05:25:15 GMT
jah-khalib-dzhadua-160.jpg
www.gl5.ru/photos/h/khalib-jah/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gl5.ru/photos/h/khalib-jah/jah-khalib-dzhadua-160.jpg
Requested by
Host: www.gl5.ru
URL: https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.42.164 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f722a5a714647fe8b79304defef61d9743dc2e9fb6d3f81aafe27dbe08f0ec7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:35 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
720558
alt-svc
h3=":443"; ma=86400
content-length
3892
last-modified
Mon, 28 Oct 2019 21:34:42 GMT
server
cloudflare
etag
"5db75ef2-f34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iyReZb5SHZ4s4%2BVJAl9D%2BnoH0br3mvRPxv3cBF7E%2BF19o%2FO2IUTjJ%2B6%2BVEusDlW5RwXc8eyd4akIgJblhCoznxYyCkvnSy0%2BjpTrRUwoO39w1%2Fa6URIPRYl1FLuN"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
cf-ray
7fe4f764b82b4d5b-FRA
expires
Tue, 29 Aug 2023 05:25:38 GMT
gayazovs-brothers-uvezite-menya-na-deep-house-160.jpg
www.gl5.ru/photos/g/gayazovs-brothers/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gl5.ru/photos/g/gayazovs-brothers/gayazovs-brothers-uvezite-menya-na-deep-house-160.jpg
Requested by
Host: www.gl5.ru
URL: https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.42.164 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50b261f5fd2bf498bda962da74b21abe18827b551e0734ff4e439912b161c3eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:35 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
720558
alt-svc
h3=":443"; ma=86400
content-length
6093
last-modified
Tue, 26 Nov 2019 03:23:46 GMT
server
cloudflare
etag
"5ddc9ac2-17cd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NCpQIxPZlG%2FiifGSkeP1tXGwUqeqbdNsCpc7iRjsXou%2FBRK03qftkwYjqeeFNWtBeRujDoLPCYjmg1tT%2BxtsRKxqIcgJLMczlOs0NQGCD0LVMFe3XCRdlWZBXGzI"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
cf-ray
7fe4f764b82f4d5b-FRA
expires
Tue, 29 Aug 2023 05:26:27 GMT
splin.jpg
www.gl5.ru/photos/s/splin/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gl5.ru/photos/s/splin/splin.jpg
Requested by
Host: www.gl5.ru
URL: https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.42.164 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ea677148a0cc9c7838c5afcd996e0a5fa73ddce6577664f81c193aaf7a5b1c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:35 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
12203
last-modified
Fri, 11 May 2018 20:53:42 GMT
server
cloudflare
etag
"5af602d6-2fab"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LVuFf1cl8PKLH03BgHpH4QWFtCelBSGCquajcz3zqtLcEVqGzm8YajdKSnS4BGluO3pipZl5jb%2BBwwInfZWU%2BUr8SL%2BqslqYV3YP4NikaFRsHqvCQaj5YG8F3dBy"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
cf-ray
7fe4f764b8314d5b-FRA
expires
Tue, 19 Sep 2023 09:46:44 GMT
splin1.jpg
www.gl5.ru/photos/s/splin/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gl5.ru/photos/s/splin/splin1.jpg
Requested by
Host: www.gl5.ru
URL: https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.42.164 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a9d3576d5d9ef72647cdcac3f1c9c641c2824707d433e8ff4c980849a6401bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:35 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
6713
last-modified
Fri, 11 May 2018 20:53:42 GMT
server
cloudflare
etag
"5af602d6-1a39"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7g3iC1XEuVZrgy1whdMqKaDO1dopkMAts4eHknLm%2F8mZOkvCkLZl53WG9QN2hpcBJ41PMc4d1XemjkZHGsDdyyWdIGkv6Cu5vxb4rzN7VvUsA8jZnpx8ouMc5Wm"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
cf-ray
7fe4f764b8334d5b-FRA
expires
Tue, 19 Sep 2023 09:46:44 GMT
mevl-holodok-160.jpg
www.gl5.ru/photos/m/mevl/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gl5.ru/photos/m/mevl/mevl-holodok-160.jpg
Requested by
Host: www.gl5.ru
URL: https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.42.164 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2079d73121e4f5d92eb8b5dcc2fc505a5e8a780cf1bbaf69eb32e9fbec1fe46e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:35 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
720558
alt-svc
h3=":443"; ma=86400
content-length
6456
last-modified
Tue, 26 Nov 2019 04:02:26 GMT
server
cloudflare
etag
"5ddca3d2-1938"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WPCW4S%2BbZyyIdWmY6afZ2vVHcpYdpApXtV5vBY7RVF1LLXwtsxHjxASymXvKkuxXLaNLwid2XI3%2BZzWwQQYQgDizQM1S%2BoiqIQIM08ODXg9gua8zz72DvML8T5vT"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
cf-ray
7fe4f764b8344d5b-FRA
expires
Fri, 01 Sep 2023 04:14:33 GMT
navai-bahh-tee-ne-primu-i-darom-160.jpg
www.gl5.ru/photos/a/aliev-alexandr/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gl5.ru/photos/a/aliev-alexandr/navai-bahh-tee-ne-primu-i-darom-160.jpg
Requested by
Host: www.gl5.ru
URL: https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.42.164 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fe3cf4ba417ff40a02e27ff1f26ceedb50d5b510f636849c9fcb48738a80f07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:35 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
720558
alt-svc
h3=":443"; ma=86400
content-length
1713
last-modified
Tue, 26 Nov 2019 03:54:33 GMT
server
cloudflare
etag
"5ddca1f9-6b1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8RXO17mcQ5PZjhKBOwaCR2bDo%2FAYrml9YphcHqCjVMstrB2dPLTK7k0Brbk8UPZB7xxu4loZF48bSgtK528xmZabIyVSGPDpKOXN5o6rhDBiGv1J8BsHWFFbXmWB"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
cf-ray
7fe4f764b8354d5b-FRA
expires
Fri, 01 Sep 2023 04:14:33 GMT
ramil-palcami-po-gubam-160.jpg
www.gl5.ru/photos/r/ramil/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gl5.ru/photos/r/ramil/ramil-palcami-po-gubam-160.jpg
Requested by
Host: www.gl5.ru
URL: https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.42.164 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec6a08ab8fbd5a5ced2a049b76bd2d783e0472e113f974dbd173023b3d05d9e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:35 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
723160
alt-svc
h3=":443"; ma=86400
content-length
4692
last-modified
Tue, 26 Nov 2019 03:48:44 GMT
server
cloudflare
etag
"5ddca09c-1254"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fcvo1vsYaCwI2CEqcCYat4D%2BshISCamDy616188%2FiTiL3Kr4qn8IFfykBld%2BrdOJ%2B%2Bif526Wu0DOPvD18sXc6ZIG6C39O1mTqPTV%2FeuMxhTlJ81NoitUUc0Vq2mC"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
cf-ray
7fe4f764b8374d5b-FRA
expires
Tue, 29 Aug 2023 05:26:27 GMT
mband-pravilnaya-devochka.jpg
www.gl5.ru/photos/m/m-band/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gl5.ru/photos/m/m-band/mband-pravilnaya-devochka.jpg
Requested by
Host: www.gl5.ru
URL: https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.42.164 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2994111509869935b944a6a97dff845f8fbafebc2ab754e9ad922315736f8e28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:35 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
720579
alt-svc
h3=":443"; ma=86400
content-length
4168
last-modified
Thu, 18 May 2017 20:23:31 GMT
server
cloudflare
etag
"591e02c3-1048"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ru2vMOHNlh21tTkomYJ811Bjr5Z95%2FNXbbHNnkDDjINCmMMhtZj5uk7xPBHA%2F0Sl1crvyIkVpAA8BenD2LW%2BRF5eipOCNxW6C5LWqa7GnQgvKlwdB9jmsMOMJwUW"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
cf-ray
7fe4f764b8394d5b-FRA
expires
Tue, 29 Aug 2023 05:26:27 GMT
budem_tancevat.jpg
www.gl5.ru/photos/k/korobov_kolya/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gl5.ru/photos/k/korobov_kolya/budem_tancevat.jpg
Requested by
Host: www.gl5.ru
URL: https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.42.164 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80826fab9c68578eed8d38ac33657732b8109ddaf86ca1bb8f4fcefeba3a1315
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:35 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
720558
alt-svc
h3=":443"; ma=86400
content-length
8112
last-modified
Thu, 11 May 2017 19:38:19 GMT
server
cloudflare
etag
"5914bdab-1fb0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tGwQ%2FACM%2F5MGU%2BU%2FBOJppfSMRtV8ZYDhxy5Q342eQgOnMilZCl8kj%2FqJA8mLxXEjsy%2F6PK7VL20izRKJG5o4kSDPJNMuF5xxilpXobHKyPdfFBP4%2Fc0apwMIOytc"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
cf-ray
7fe4f764d8594d5b-FRA
expires
Tue, 29 Aug 2023 05:26:27 GMT
rocket-loader.min.js
www.gl5.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gl5.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.gl5.ru
URL: https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.42.164 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 23 Aug 2023 13:09:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64e60500-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vnd%2Ff9YnKUSch2T1eP8j6AoUrCTHwx0Mw2Zkne%2FhjM%2BVeFbaAmt1Jxtn%2FFbTAMwlGhE1F6RUonW0G7fWR1DG6Ao7VInpNs9QmmcbewHEzpNl%2F%2BCOLN1VnMhOPEo9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7fe4f764d85a4d5b-FRA
expires
Thu, 31 Aug 2023 12:58:35 GMT
ad_2711.js
cdn.alfasense.net/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.alfasense.net/js/ad_2711.js
Requested by
Host: www.gl5.ru
URL: https://www.gl5.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.31.36 Moscow, Russian Federation, ASN52000 (MIRHOSTING, NL),
Reverse DNS
Software
nginx /
Resource Hash
48b4a529ae40fb9d4bfb5eabecb10d193e465873187b849599abd51839cbf193
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';frame-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:35 GMT
content-security-policy
frame-ancestors 'none';frame-src 'self';
x-content-type-options
nosniff
content-encoding
gzip
x-permitted-cross-domain-policies
none
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 07 Aug 2023 16:39:04 GMT
server
nginx
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"64d11e28-1220"
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=60
permissions-policy
geolocation=(self), payment=(self)
alfadart.lib.min.js
cdn.alfasense.net/lib/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.alfasense.net/lib/alfadart.lib.min.js
Requested by
Host: www.gl5.ru
URL: https://www.gl5.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.31.36 Moscow, Russian Federation, ASN52000 (MIRHOSTING, NL),
Reverse DNS
Software
nginx /
Resource Hash
a48756fa742f41ce2256254fdb6ec9244746bbec8fc342cecbe05cd0cdc99887
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';frame-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:35 GMT
content-security-policy
frame-ancestors 'none';frame-src 'self';
x-content-type-options
nosniff
content-encoding
gzip
x-permitted-cross-domain-policies
none
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 13 Jul 2023 10:00:46 GMT
server
nginx
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"64afcb4e-98f0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=60
permissions-policy
geolocation=(self), payment=(self)
mangos.js
srv.tunefindforfans.com/fruits/ 		217 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://srv.tunefindforfans.com/fruits/mangos.js
Requested by
Host: www.gl5.ru
URL: https://www.gl5.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.56.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-56-1.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.56 (Amazon) /
Resource Hash
917edc30d5b9abfc453d5d1f4bb15651fcda3783ef15666504f005ea24ceeae9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:35 GMT
content-encoding
gzip
last-modified
Fri, 18 Aug 2023 19:04:12 GMT
server
Apache/2.4.56 (Amazon)
etag
"36513-6033731b4584b-gzip"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=60, public
accept-ranges
bytes
content-length
56833
expires
Tue, 29 Aug 2023 12:59:35 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.gl5.ru
URL: https://www.gl5.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
1281dfa591e6d669eb5ce9b04becc3aa57a6d43a1034d131da846db6ca0714bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50929
x-xss-protection
0
server
cafe
etag
9347711753781616813
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 12:58:35 GMT
abbrs.js
www.gl5.ru/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gl5.ru/abbrs.js
Requested by
Host: www.gl5.ru
URL: https://www.gl5.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0ed27d1a647cbf0d2bce80e7cc93bdddb25218744e179db2fd5a2b2c640aabf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:35 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1753224
cf-polished
origSize=5654
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 01 Nov 2020 10:44:15 GMT
server
cloudflare
etag
W/"5f9e917f-1616"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2FYn32ioNSDimC4Eours%2FdzXuQz%2BtXUACEVDX6OYZ6po4lguu8b4ep8F9hJC%2BbUUHmzPXsD1PBv5R8fkgwsUBjvgY%2FXP31ZTMXUH1Ga7z4lqvSnmfGEHBSj2qfHE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1814400
cf-ray
7fe4f76529943643-FRA
expires
Tue, 29 Aug 2023 05:26:01 GMT
jquery-2.2.4.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.4.min.js
Requested by
Host: www.gl5.ru
URL: https://www.gl5.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:35 GMT
content-encoding
gzip
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
W/"28feccc0-14e4a"
vary
Accept-Encoding
x-hw
1693313915.dop218.fr8.t,1693313915.cds281.fr8.hn,1693313915.cds140.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29811
cse.js
cse.google.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse.js?cx=partner-pub-8019775436904435:3216994402
Requested by
Host: www.gl5.ru
URL: https://www.gl5.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f14.1e100.net
Software
gws /
Resource Hash
265802a8c66fa6e82cdfc402ad10fe91cefbd6957878f8b2ce754c07811fb0c3
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-j3vFikLrCOdfO9g0bqqF5g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-j3vFikLrCOdfO9g0bqqF5g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding
br
date
Tue, 29 Aug 2023 12:58:35 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3038
x-xss-protection
0
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
server
gws
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires
Tue, 29 Aug 2023 12:58:35 GMT
cse_element__de.js
www.google.com/cse/static/element/e992cd4de3c7044f/ 		310 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/e992cd4de3c7044f/cse_element__de.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-8019775436904435:3216994402
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
sffe /
Resource Hash
c78cbc891d36ddcc95ff6786a968ef27edab4085779b578253a42bcb9f8f44af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 12:54:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
259457
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105519
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 17:25:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sun, 25 Aug 2024 12:54:18 GMT
default+de.css
www.google.com/cse/static/element/e992cd4de3c7044f/ 		41 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/e992cd4de3c7044f/default+de.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-8019775436904435:3216994402
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
sffe /
Resource Hash
c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 00:29:37 GMT
x-content-type-options
nosniff
age
217738
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41811
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 17:25:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Mon, 26 Aug 2024 00:29:37 GMT
default.css
www.google.com/cse/static/style/look/v4/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-8019775436904435:3216994402
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:27:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1866
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1345
x-xss-protection
0
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Tue, 29 Aug 2023 13:17:29 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/ 		387 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8019775436904435&plah=www.gl5.ru&bust=31077389
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
739fc81e141f34b6404a5b2ce7bec44746ed729ab20661378ad525af6d5f8e20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134168
x-xss-protection
0
server
cafe
etag
7165848702019920299
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 12:58:35 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230828/r20190131/ Frame A786 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230828/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gl5.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
68230
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4437
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Aug 2023 18:01:26 GMT
etag
9878862242593084568
expires
Mon, 11 Sep 2023 18:01:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gl5.ru
URL: https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 29 Aug 2023 11:49:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4133
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 29 Aug 2023 13:49:43 GMT
tag.js
mc.yandex.ru/metrika/ 		216 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: www.gl5.ru
URL: https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
220302e21f2bc9324cb193a7606619011fd2abd69826bf8770e925afe98f6e33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Tue, 29 Aug 2023 10:13:13 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"64ed9a89-1270e"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
75534
expires
Tue, 29 Aug 2023 13:58:36 GMT
jquery.form.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.form/4.2.2/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.form/4.2.2/jquery.form.min.js
Requested by
Host: www.gl5.ru
URL: https://www.gl5.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8f8ebd4e96964c63aa9eb0933af2ddafdfdb7e94c2efc70a5af109518c9ae80
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gl5.ru/
Origin
https://www.gl5.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6344467
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5720
last-modified
Mon, 04 May 2020 16:11:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec3-42d4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=486hPgrpDvboOmNrMELJTf8ERoEZwUL4shdeEnlhOM%2BdEnsm0iV3A4ri7MW3j9SS4abJXFxagQW83rdvtOJDBLnr5dAeZI21Ab8GGfb2wxkpuJIqh9OaPBdOaFhcZomUJXZXQJg8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7fe4f7675cd491ea-FRA
expires
Sun, 18 Aug 2024 12:58:36 GMT
parse_abbrs.html
www.gl5.ru/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gl5.ru/parse_abbrs.html
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.4.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ddecac03736392c6ca294cb33357db8fe08b476450ad9a33a64bb39561196b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept
*/*
Referer
https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 29 Aug 2023 12:58:36 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6GFPn149uRn%2BD4j4to%2FiI64n7KJxuxOdGWVwBXhN%2BI58s9w3Dxp3HHFZOOQHaepjUIGL5BCmwqm45A3jAfDSrO8Eq5bwi1ZMLCCjtnrFJFFKaTKAUbnukR0t45GN"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
7fe4f7678c783643-FRA
alt-svc
h3=":443"; ma=86400
parse_abbrs.html
www.gl5.ru/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gl5.ru/parse_abbrs.html?get_div=1
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.4.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c6bdb0716a6057ed840599eefa02f871149963a1db5007feeff59b07f16ab5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept
*/*
Referer
https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:36 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29lTRJNcj2pvp316oNKR%2BzmzD6p4wJDa6FS4j%2FP7lLobgwyTsxwtSo%2BhaJmAtPjfHsyM4n%2F2143RY%2Frg%2FQGMdTGAvHKHJHuxGElgMregb59TebZpsy0I5i4jiHUt"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
7fe4f7678c793643-FRA
alt-svc
h3=":443"; ma=86400
adunit.php
srv.tunefindforfans.com/ads/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://srv.tunefindforfans.com/ads/adunit.php?id=100004387&search=&artist=%D0%A1%D0%BF%D0%BB%D0%B8%D0%BD&song=%D0%9F%D1%80%D0%BE%D1%87%D1%8C%20%D0%B8%D0%B7%20%D0%BC%D0%BE%D0%B5%D0%B9%20%D0%B3%D0%BE%D0%BB%D0%BE%D0%B2%D1%8B&alb=&alb_is=false&tvt=&vpw=1600&abf=true&bl=false&uc=&uf=&cf=&cc=&ps=1&if=0&ii=0&mo=0&url=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&t=1693313916085
Requested by
Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/mangos.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.56.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-56-1.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.56 (Amazon) /
Resource Hash
65105425c54399ed1f1d1de9e1e0242d77b0bca9385d298e73ba58b59f64504d

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gl5.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:36 GMT
content-encoding
gzip
server
Apache/2.4.56 (Amazon)
aws-region
eu-west-1
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-length
1803
expires
Sat, 26 Jul 1997 05:00:00 GMT
adunit.php
srv.tunefindforfans.com/ads/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://srv.tunefindforfans.com/ads/adunit.php?id=100004388&search=&artist=%D0%A1%D0%BF%D0%BB%D0%B8%D0%BD&song=%D0%9F%D1%80%D0%BE%D1%87%D1%8C%20%D0%B8%D0%B7%20%D0%BC%D0%BE%D0%B5%D0%B9%20%D0%B3%D0%BE%D0%BB%D0%BE%D0%B2%D1%8B&alb=&alb_is=false&tvt=&vpw=1600&abf=true&bl=false&uc=&uf=&cf=&cc=&ps=1&if=0&ii=0&mo=0&url=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&t=1693313916087
Requested by
Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/mangos.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.56.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-56-1.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.56 (Amazon) /
Resource Hash
ebbf7eb076227233571e0e8fb4af615cdc0eec2cbb85c50ecad8c6286dab4fd9

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gl5.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:36 GMT
content-encoding
gzip
server
Apache/2.4.56 (Amazon)
aws-region
eu-west-1
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-length
1803
expires
Sat, 26 Jul 1997 05:00:00 GMT
collect
www.google-analytics.com/j/ 		16 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1687589857&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&ul=en-us&de=UTF-8&dt=%D0%A1%D0%BF%D0%BB%D0%B8%D0%BD%20-%20%D0%9F%D1%80%D0%BE%D1%87%D1%8C%20%D0%B8%D0%B7%20%D0%BC%D0%BE%D0%B5%D0%B9%20%D0%B3%D0%BE%D0%BB%D0%BE%D0%B2%D1%8B%20%D1%82%D0%B5%D0%BA%D1%81%D1%82%20%D0%BF%D0%B5%D1%81%D0%BD%D0%B8(%D1%81%D0%BB%D0%BE%D0%B2%D0%B0)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=763148212&gjid=354361018&cid=398317794.1693313916&tid=UA-35747191-1&_gid=58916085.1693313916&_r=1&_slc=1&z=730911921
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6fdd39ed99dc41ac4e59104322e0a8a67a978ebe0b61bf1441051cc42b482a44
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gl5.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:58:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gl5.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-35747191-1&cid=398317794.1693313916&jid=763148212&gjid=354361018&_gid=58916085.1693313916&_u=IEBAAEAAAAAAACAAI~&z=229357931
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.166.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wm-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gl5.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 29 Aug 2023 12:58:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gl5.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		221 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-M11H97QCLH&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
8ba59dad3519d4521c25170a8dbfa9f0e9ecaf5e5c59bcc5d76f69079d94ff2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80697
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 29 Aug 2023 12:58:36 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?_=1693313916003
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.4.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
GSE /
Resource Hash
c99f08a2b6e9e3db74c882e447e6c2b632d9d596b771aae67c6df600e2a6b771
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
835
x-xss-protection
1; mode=block
expires
Tue, 29 Aug 2023 12:58:36 GMT
cookie.js
partner.googleadservices.com/gampad/ 		379 B
599 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.gl5.ru&callback=_gfp_s_&client=ca-pub-8019775436904435
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8019775436904435&plah=www.gl5.ru&bust=31077389
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
eda1092d534c85db5180ed0157ce3f2f8402e9ad790eafb0668acf0f822f8ed2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
247
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0882 		180 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8019775436904435&output=html&adk=1812271804&adf=3025194257&lmt=1693306716&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C356x945_r&format=0x0&url=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693313915945&bpp=2&bdt=317&idt=197&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6827183342517&frm=20&pv=2&ga_vid=398317794.1693313916&ga_sid=1693313916&ga_hid=1687589857&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077444%2C42531706%2C44795922%2C31077389%2C21065724&oid=2&pvsid=706724022780221&tmod=661182444&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=213
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8019775436904435&plah=www.gl5.ru&bust=31077389
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
73e6d775189194e30d9d10c91d20ad2518e1c9f277405dea1f5257cfa97eec64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gl5.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
33006
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 12:58:36 GMT
expires
Tue, 29 Aug 2023 12:58:36 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230828&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8019775436904435&plah=www.gl5.ru&bust=31077389
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
18d0fd62b385af8e4412ac063a2cbd49b3df1bc80db47ca4cf44211ae138b9ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11716
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 807D 		0
0
recaptcha__de.js
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ 		454 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?_=1693313916003
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gl5.ru/
Origin
https://www.gl5.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 23:32:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48358
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
186637
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 27 Aug 2024 23:32:38 GMT
splin.jpg
www.gl5.ru/photos/s/splin/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gl5.ru/photos/s/splin/splin.jpg
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.4.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ea677148a0cc9c7838c5afcd996e0a5fa73ddce6577664f81c193aaf7a5b1c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:36 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
827070
alt-svc
h3=":443"; ma=86400
content-length
12203
last-modified
Fri, 11 May 2018 20:53:42 GMT
server
cloudflare
etag
"5af602d6-2fab"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P9DhemgwS3C4FlQnUEATvXoH7KzTiRcb%2B7PoRuFJONhHqqjw1IbrsB2UYR86xVMrJRE62%2FOwoNfbKAgIbiQLdh7xeUa3iaDd%2Bl%2B8H6b0tKrnnaUS1vmMvwH8XdXK"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
cf-ray
7fe4f7683d5b3643-FRA
expires
Sat, 09 Sep 2023 14:02:06 GMT
splin1.jpg
www.gl5.ru/photos/s/splin/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gl5.ru/photos/s/splin/splin1.jpg
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.4.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a9d3576d5d9ef72647cdcac3f1c9c641c2824707d433e8ff4c980849a6401bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:36 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
6713
last-modified
Fri, 11 May 2018 20:53:42 GMT
server
cloudflare
etag
"5af602d6-1a39"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MxTgiE1DBCMO8lns%2Fws%2BRM9UG7Nez2P5Sb5CeUaldFQWaz2FZ2JAocyhgFUVpj5zXtdF7FRTYICA3q4VD21PspOWFizDwn10S7%2BQebUorDusykhlOAcIwzMUM3Sw"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
cf-ray
7fe4f7683d5e3643-FRA
expires
Tue, 19 Sep 2023 09:46:44 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?_=1693313916004
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.4.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
4ef30192a1e0a14f8544eecbbd32db5510560c9b189925d4dbb1999dd7bcfd22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50928
x-xss-protection
0
server
cafe
etag
6613846231407267192
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 12:58:36 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-35747191-1&cid=398317794.1693313916&jid=763148212&_u=IEBAAEAAAAAAACAAI~&z=51276855
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:58:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-35747191-1&cid=398317794.1693313916&jid=763148212&_u=IEBAAEAAAAAAACAAI~&z=51276855
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:58:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
imp.php
srv.tunefindforfans.com/showads/track/ 		42 B
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://srv.tunefindforfans.com/showads/track/imp.php?cid=92798794&aid=100004387&b=Chrome_116&artist=%D0%A1%D0%BF%D0%BB%D0%B8%D0%BD&song=%D0%9F%D1%80%D0%BE%D1%87%D1%8C+%D0%B8%D0%B7+%D0%BC%D0%BE%D0%B5%D0%B9+%D0%B3%D0%BE%D0%BB%D0%BE%D0%B2%D1%8B&uri=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&ldmo=&search=&cs=0&t=1693313916&adid=12905814&creative_id=500125397&caph=0&capv=0&atv=new
Requested by
Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/mangos.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.56.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-56-1.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.56 (Amazon) /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gl5.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 29 Aug 2023 12:58:36 GMT
cache-control
no-cache, must-revalidate
content-type
image/gif
server
Apache/2.4.56 (Amazon)
content-length
42
expires
Sat, 26 Jul 1997 05:00:00 GMT
imp.php
srv.tunefindforfans.com/showads/track/ 		42 B
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://srv.tunefindforfans.com/showads/track/imp.php?cid=92798794&aid=100004388&b=Chrome_116&artist=%D0%A1%D0%BF%D0%BB%D0%B8%D0%BD&song=%D0%9F%D1%80%D0%BE%D1%87%D1%8C+%D0%B8%D0%B7+%D0%BC%D0%BE%D0%B5%D0%B9+%D0%B3%D0%BE%D0%BB%D0%BE%D0%B2%D1%8B&uri=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&ldmo=&search=&cs=0&t=1693313916&adid=12905814&creative_id=500125397&caph=0&capv=0&atv=new
Requested by
Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/mangos.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.56.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-56-1.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.56 (Amazon) /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gl5.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 29 Aug 2023 12:58:36 GMT
cache-control
no-cache, must-revalidate
content-type
image/gif
server
Apache/2.4.56 (Amazon)
content-length
42
expires
Sat, 26 Jul 1997 05:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-M11H97QCLH&gtm=45je38n0&_p=1687589857&_gaz=1&ul=en-us&sr=1600x1200&cid=398317794.1693313916&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&dt=%D0%A1%D0%BF%D0%BB%D0%B8%D0%BD%20-%20%D0%9F%D1%80%D0%BE%D1%87%D1%8C%20%D0%B8%D0%B7%20%D0%BC%D0%BE%D0%B5%D0%B9%20%D0%B3%D0%BE%D0%BB%D0%BE%D0%B2%D1%8B%20%D1%82%D0%B5%D0%BA%D1%81%D1%82%20%D0%BF%D0%B5%D1%81%D0%BD%D0%B8(%D1%81%D0%BB%D0%BE%D0%B2%D0%B0)&sid=1693313916&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M11H97QCLH&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:58:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gl5.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-M11H97QCLH&cid=398317794.1693313916&gtm=45je38n0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M11H97QCLH&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.166.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wm-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:58:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gl5.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M11H97QCLH&cid=398317794.1693313916&gtm=45je38n0&aip=1&z=139286943
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:58:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8019775436904435&plah=www.gl5.ru&bust=31077389
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Aug 2023 12:58:36 GMT
anchor
www.google.com/recaptcha/api2/ Frame 2780 		55 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4dzMUAAAAAKiQ4N3jMCYwE9SIQ5b2ZGq8naN8&co=aHR0cHM6Ly93d3cuZ2w1LnJ1OjQ0Mw..&hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=normal&cb=7kphkzqmj2x0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
GSE /
Resource Hash
67f77c74e606710e77243887e33a674ed3d5718d8619e49f2cd075a52c446dd4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FZqtGnO1NtIG2HxYDCELTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gl5.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
31492
content-security-policy
script-src 'report-sample' 'nonce-FZqtGnO1NtIG2HxYDCELTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 12:58:36 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10110.xxuDtqLClEiEG7Kqs87CpFSNOl9FTWTWhPacHOZdcpG67pAvED9tNuRVK69shPVW.utY5QyL0YwIBenOtxyfWDUb-BUA%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10110.5TtdzMscWmBvUopJxm8r1c5oeINS2kec-z9iBv0YcFGdhXY2OuyMah3oURz-Hucc_u-6EQjKiOj1-cR8xxVKbZr57PPHP4KTB48njsOws4g%2C.uBjLWR0KIwDbV1bnrhouaUhEi48%2C
43 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10110.5TtdzMscWmBvUopJxm8r1c5oeINS2kec-z9iBv0YcFGdhXY2OuyMah3oURz-Hucc_u-6EQjKiOj1-cR8xxVKbZr57PPHP4KTB48njsOws4g%2C.uBjLWR0KIwDbV1bnrhouaUhEi48%2C
Protocol
H2
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:36 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=10110.5TtdzMscWmBvUopJxm8r1c5oeINS2kec-z9iBv0YcFGdhXY2OuyMah3oURz-Hucc_u-6EQjKiOj1-cR8xxVKbZr57PPHP4KTB48njsOws4g%2C.uBjLWR0KIwDbV1bnrhouaUhEi48%2C
date
Tue, 29 Aug 2023 12:58:36 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:36 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 29 Aug 2023 10:13:13 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"64ed9a89-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 29 Aug 2023 13:58:36 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6870 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gl5.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9709
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 10:16:47 GMT
expires
Wed, 28 Aug 2024 10:16:47 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CDD6 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
GSE /
Resource Hash
8bfc66ab6620f055f1ed833cec6dc64adec87283f2b9d4ac1620056af967771b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JwXI6S3NB92Gk_Q5WV8R9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gl5.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
539
content-security-policy
script-src 'report-sample' 'nonce-JwXI6S3NB92Gk_Q5WV8R9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 12:58:36 GMT
expires
Tue, 29 Aug 2023 12:58:36 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 2780 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4dzMUAAAAAKiQ4N3jMCYwE9SIQ5b2ZGq8naN8&co=aHR0cHM6Ly93d3cuZ2w1LnJ1OjQ0Mw..&hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=normal&cb=7kphkzqmj2x0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 09:03:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14102
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Aug 2024 09:03:34 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 2780 		454 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4dzMUAAAAAKiQ4N3jMCYwE9SIQ5b2ZGq8naN8&co=aHR0cHM6Ly93d3cuZ2w1LnJ1OjQ0Mw..&hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=normal&cb=7kphkzqmj2x0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 23:32:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48358
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
186637
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 27 Aug 2024 23:32:38 GMT
PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js
pagead2.googlesyndication.com/bg/ Frame 6870 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
3e48869d45889d8c1370161ac5b499cb02dc73c6bebefb8c487173010aabb78b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 11:26:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
91940
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14710
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 27 Aug 2024 11:26:16 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame CDD6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230828&jk=706724022780221&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers
prebid.js
cdn.alfasense.net/lib/ 		177 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.alfasense.net/lib/prebid.js
Requested by
Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/alfadart.lib.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.31.36 Moscow, Russian Federation, ASN52000 (MIRHOSTING, NL),
Reverse DNS
Software
nginx /
Resource Hash
b4d5cd59e626514d5a925245b6b73c5e9c3f626d01a91ac76bb52f658841fb85
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';frame-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:36 GMT
content-security-policy
frame-ancestors 'none';frame-src 'self';
x-content-type-options
nosniff
content-encoding
gzip
x-permitted-cross-domain-policies
none
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 27 Feb 2023 15:51:14 GMT
server
nginx
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"63fcd172-2c53e"
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=60
permissions-policy
geolocation=(self), payment=(self)
pixeljs
cs.alfasense.com/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cs.alfasense.com/pixeljs
Requested by
Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/alfadart.lib.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.100.20 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
fasthttp /
Resource Hash
483add264e246244397520af9a5827968c98559f133f04d0826b1f301127b34f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:58:36 GMT
Server
fasthttp
Access-Control-Allow-Methods
GET, HEAD, POST, OPTIONS, PUT, DELETE
Content-Type
application/javascript
Access-Control-Allow-Credentials
true
X-Host
23.111.100.20
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length
4510
weboctx.min.js
cstatic.weborama.com/bigsea/contextual/v1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cstatic.weborama.com/bigsea/contextual/v1/weboctx.min.js
Requested by
Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/alfadart.lib.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.202.216 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD6) /
Resource Hash
fd44c81e8612365e2c140cc1c544f783196829b486f52de2e3013ac3fecca570

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:36 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 09:30:45 GMT
server
ECAcc (frc/4CD6)
age
12203
etag
"1502123720+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
access-control-allow-origin
*
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control
max-age=604800
accept-ranges
bytes
content-length
1331
expires
Tue, 05 Sep 2023 12:58:36 GMT
weboctxrun.js
cdn.alfasense.net/ext/ 		213 B
781 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.alfasense.net/ext/weboctxrun.js
Requested by
Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/alfadart.lib.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.31.36 Moscow, Russian Federation, ASN52000 (MIRHOSTING, NL),
Reverse DNS
Software
nginx /
Resource Hash
eb33793d786e59b89809736b42479b6fa0c39a503ad338b21a370b7ecc437dea
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';frame-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:36 GMT
content-security-policy
frame-ancestors 'none';frame-src 'self';
x-content-type-options
nosniff
content-encoding
gzip
x-permitted-cross-domain-policies
none
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 12 Jul 2023 13:34:46 GMT
server
nginx
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"64aeabf6-d5"
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=60
permissions-policy
geolocation=(self), payment=(self)
generate_204
tpc.googlesyndication.com/ Frame 6870 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?LC78sA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:36 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
webworker.js
www.google.com/recaptcha/api2/ Frame 2780 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4dzMUAAAAAKiQ4N3jMCYwE9SIQ5b2ZGq8naN8&co=aHR0cHM6Ly93d3cuZ2w1LnJ1OjQ0Mw..&hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=normal&cb=7kphkzqmj2x0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
GSE /
Resource Hash
c548ab92911cb0c3db4cbbe04248ddbfd4f50759d33b73ba54f6086cb7716b68
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4dzMUAAAAAKiQ4N3jMCYwE9SIQ5b2ZGq8naN8&co=aHR0cHM6Ly93d3cuZ2w1LnJ1OjQ0Mw..&hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=normal&cb=7kphkzqmj2x0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Tue, 29 Aug 2023 12:58:36 GMT
collect
dx.frontend.weborama.com/ 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dx.frontend.weborama.com/collect?ctx=1&touchpoint=1090&url=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html
Requested by
Host: cstatic.weborama.com
URL: https://cstatic.weborama.com/bigsea/contextual/v1/weboctx.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.205.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.205.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:58:35 GMT
via
1.1 google
last-modified
Tue, 29 Aug 2023 12:58:36 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
https://www.gl5.ru
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT
bframe
www.google.com/recaptcha/api2/ Frame B53E 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6Ld4dzMUAAAAAKiQ4N3jMCYwE9SIQ5b2ZGq8naN8
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
GSE /
Resource Hash
60cc5bd8287bfc9b2f1091884b257d2de1c351f379c5ef0cf7180e99f52350ef
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QsS0N9nrIcVO7sg4fZl9Gw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gl5.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1157
content-security-policy
script-src 'report-sample' 'nonce-QsS0N9nrIcVO7sg4fZl9Gw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 12:58:36 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
json.cgi
ad.adriver.ru/cgi-bin/ 		484 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.adriver.ru/cgi-bin/json.cgi?sid=1&ad=719473&bt=55&pid=3198680&bid=7189165&bn=7189165&tuid=1
Requested by
Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.108.47 , Russian Federation, ASN52007 (ADRIVER, RU),
Reverse DNS
Software
/
Resource Hash
27790422580d55e8fb2c3aff38136be62d597803260966bf9362719766c3b69e

Request headers

Referer
https://www.gl5.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 29 Aug 2023 12:58:36 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://www.gl5.ru
P3P
policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
id.json
const.uno/ 		13 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://const.uno/id.json?p=5
Requested by
Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.84.7 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
d32acf592f7f63460ff06711e1a9d41fbf6327a03303ae840e83fa9ef278d8f1

Request headers

Referer
https://www.gl5.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.gl5.ru
Date
Tue, 29 Aug 2023 12:58:36 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
13
Content-Type
application/json
2x2.png
v.alfasrv.com/stats/ 		95 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v.alfasrv.com/stats/2x2.png?s=12943&e=r&t=p
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.201.179.252 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:58:36 GMT
Last-Modified
Tuesday, 29-Aug-2023 12:58:36 GMT
Server
nginx/1.14.1
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
95
1x1.png
s.alfasrv.com/events/ 		95 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.alfasrv.com/events/1x1.png?s=12943&e=r&t=p
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
130.193.42.23 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:36 GMT
server
nginx/1.20.0
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
no-cache,no-store
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-Original-Referer
content-length
95
expires
Tue, 01 Jan 1980 1:00:00 GMT
1
mc.yandex.com/watch/69086140/
Redirect Chain
  • https://mc.yandex.com/watch/69086140?wmode=7&page-url=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiug...
  • https://mc.yandex.com/watch/69086140/1?wmode=7&page-url=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaii...
428 B
789 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/69086140/1?wmode=7&page-url=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiugyrqh3hb%3Afp%3A328%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1094%3Acn%3A1%3Adp%3A0%3Als%3A1630795842055%3Ahid%3A434852524%3Az%3A120%3Ai%3A20230829145836%3Aet%3A1693313916%3Ac%3A1%3Arn%3A419199867%3Arqn%3A1%3Au%3A1693313916741355537%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C78%2C1%2C206%2C0%2C%2C6%2C0%2C356%2C356%2C0%2C354%3Aco%3A0%3Acpf%3A1%3Ans%3A1693313915340%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1693313917%3At%3A%D0%A1%D0%BF%D0%BB%D0%B8%D0%BD%20-%20%D0%9F%D1%80%D0%BE%D1%87%D1%8C%20%D0%B8%D0%B7%20%D0%BC%D0%BE%D0%B5%D0%B9%20%D0%B3%D0%BE%D0%BB%D0%BE%D0%B2%D1%8B%20%D1%82%D0%B5%D0%BA%D1%81%D1%82%20%D0%BF%D0%B5%D1%81%D0%BD%D0%B8%28%D1%81%D0%BB%D0%BE%D0%B2%D0%B0%29&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1
Protocol
H2
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
f1b544f7a5f84937eca6256f5e2032e96a7c508860453f58ba76cb899e93aef4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:58:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Tue, 29-Aug-2023 12:58:36 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gl5.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
428
x-xss-protection
1; mode=block
expires
Tue, 29-Aug-2023 12:58:36 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:58:36 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 29-Aug-2023 12:58:36 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/69086140/1?wmode=7&page-url=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiugyrqh3hb%3Afp%3A328%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1094%3Acn%3A1%3Adp%3A0%3Als%3A1630795842055%3Ahid%3A434852524%3Az%3A120%3Ai%3A20230829145836%3Aet%3A1693313916%3Ac%3A1%3Arn%3A419199867%3Arqn%3A1%3Au%3A1693313916741355537%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C78%2C1%2C206%2C0%2C%2C6%2C0%2C356%2C356%2C0%2C354%3Aco%3A0%3Acpf%3A1%3Ans%3A1693313915340%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1693313917%3At%3A%D0%A1%D0%BF%D0%BB%D0%B8%D0%BD%20-%20%D0%9F%D1%80%D0%BE%D1%87%D1%8C%20%D0%B8%D0%B7%20%D0%BC%D0%BE%D0%B5%D0%B9%20%D0%B3%D0%BE%D0%BB%D0%BE%D0%B2%D1%8B%20%D1%82%D0%B5%D0%BA%D1%81%D1%82%20%D0%BF%D0%B5%D1%81%D0%BD%D0%B8%28%D1%81%D0%BB%D0%BE%D0%B2%D0%B0%29&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1
access-control-allow-origin
https://www.gl5.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 29-Aug-2023 12:58:36 GMT
0.gif
x01.aidata.io/
Redirect Chain
  • https://cs.agency2.ru/p?ssp=ai&skipme=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec
  • https://x01.aidata.io/0.gif?pid=7140034&id=7574fdef-0c58-4bf8-8c08-e0b5ef4c937d
  • https://x01.aidata.io/0.gif?pid=7140034&id=7574fdef-0c58-4bf8-8c08-e0b5ef4c937d&bounce=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/0.gif?pid=7140034&id=7574fdef-0c58-4bf8-8c08-e0b5ef4c937d&bounce=1
Protocol
H2
Server
89.108.119.28 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51802.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:58:37 GMT
last-modified
Tue, 29 Aug 2023 12:58:36 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Tue, 29 Aug 2023 12:58:36 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:58:36 GMT
last-modified
Tue, 29 Aug 2023 12:58:35 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location
https://x01.aidata.io/0.gif?pid=7140034&id=7574fdef-0c58-4bf8-8c08-e0b5ef4c937d&bounce=1
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Tue, 29 Aug 2023 12:58:35 GMT
alfasense
sync.adspend.space/ 		0
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adspend.space/alfasense?uid=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.76.129.181 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 29 Aug 2023 12:58:36 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, authorization
access-control-max-age
1728000
access-control-allow-methods
PUT, GET, POST, OPTIONS
p
cs.alfasense.com/
Redirect Chain
  • https://s.uuidksinc.net/match/1215/?remote_uid=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec
  • https://cs.alfasense.com/p?ssp=kd&uid=jg8biU3L5gyx2P4aO42n
35 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.alfasense.com/p?ssp=kd&uid=jg8biU3L5gyx2P4aO42n
Protocol
HTTP/1.1
Server
23.111.100.20 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
fasthttp /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:58:36 GMT
Server
fasthttp
Access-Control-Allow-Methods
GET, HEAD, POST, OPTIONS, PUT, DELETE
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
X-Host
23.111.100.20
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length
35
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://cs.alfasense.com/p?ssp=kd&uid=jg8biU3L5gyx2P4aO42n
date
Tue, 29 Aug 2023 12:58:36 GMT
server
nginx/1.23.2
content-length
0
sync
a.utraff.com/ 		0
757 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.utraff.com/sync?ssp=716&skipme=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.155.223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rXk2kKAX2MFgX94z1Dag1ot%2BFdihjdItFkJOcfXu1AMHDMGwyCMRua9Y7DmxSxcSqnztyjbu%2Ff0i%2Ft6cS8mUO2LZDDb59qQdz%2Bqj6wXy1zdcWkewqQEgoE6P685xqDc%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
cf-ray
7fe4f76baffb5b6e-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
alt-svc
h3=":443"; ma=86400
p
cs.alfasense.com/
Redirect Chain
  • https://ssp.afp.ai/api/sync/alfadart?skipme=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec
  • https://cs.alfasense.com/p?ssp=al&id=6cefc55b-4c91-4cf0-ac08-010d75d6bf5f
35 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.alfasense.com/p?ssp=al&id=6cefc55b-4c91-4cf0-ac08-010d75d6bf5f
Protocol
HTTP/1.1
Server
23.111.100.20 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
fasthttp /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:58:37 GMT
Server
fasthttp
Access-Control-Allow-Methods
GET, HEAD, POST, OPTIONS, PUT, DELETE
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
X-Host
23.111.100.20
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length
35
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Tue, 29 Aug 2023 12:58:36 GMT
Server
nginx/1.14.1
Vary
Origin
Access-Control-Allow-Origin
Location
https://cs.alfasense.com/p?ssp=al&id=6cefc55b-4c91-4cf0-ac08-010d75d6bf5f
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
cs.alfasense.com/
Redirect Chain
  • https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=8918732&bn=8918732&skip=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec
  • https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=8918732&bn=8918732&skip=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec&tuid=-4469930286
  • https://cs.alfasense.com/p?ssp=ar&id=Aa4lK5OIxz_g3ifoAhsxMCg
35 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.alfasense.com/p?ssp=ar&id=Aa4lK5OIxz_g3ifoAhsxMCg
Protocol
HTTP/1.1
Server
23.111.100.20 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
fasthttp /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:58:37 GMT
Server
fasthttp
Access-Control-Allow-Methods
GET, HEAD, POST, OPTIONS, PUT, DELETE
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
X-Host
23.111.100.20
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length
35
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 29 Aug 2023 12:58:36 GMT
Transfer-Encoding
chunked
P3P
policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Content-Type
text/html
Location
https://cs.alfasense.com/p?ssp=ar&id=Aa4lK5OIxz_g3ifoAhsxMCg
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p
cs.alfasense.com/
Redirect Chain
  • https://ssp.bidvol.com/usersync?dspcsid=135&redirect=1&id=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec
  • https://cs.alfasense.com/p?ssp=bv&uid=a5x4vrnqr5
35 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.alfasense.com/p?ssp=bv&uid=a5x4vrnqr5
Protocol
HTTP/1.1
Server
23.111.100.20 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
fasthttp /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:58:37 GMT
Server
fasthttp
Access-Control-Allow-Methods
GET, HEAD, POST, OPTIONS, PUT, DELETE
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
X-Host
23.111.100.20
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length
35
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:58:36 GMT
server
nginx/1.22.0
surrogate-control
no-store
vary
Origin
access-control-allow-origin
*
location
https://cs.alfasense.com/p?ssp=bv&uid=a5x4vrnqr5
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
x-request-id
e65d1e98-8cf1-4534-a873-b75148f7a61b
expires
0
p
cs.alfasense.com/
Redirect Chain
  • https://kimberlite.io/rtb/sync/alfasense?u=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec
  • https://ads.betweendigital.com/match?bidder_id=45004&callback_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbetween2%3Fu%3D%24%7BUSER_ID%7D%26f%3Dhttps%253A%252F%252Fcs.alfasense.com%252Fp%253Fssp...
  • https://ads.betweendigital.com/match?bidder_id=45004&callback_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbetween2%3Fu%3D%24%7BUSER_ID%7D%26f%3Dhttps%253A%252F%252Fcs.alfasense.com%252Fp%253Fssp...
  • https://kimberlite.io/rtb/sync/between2?u=f8511940-deaf-52f1-9c68-3ccbf885d7b7&f=https%3A%2F%2Fcs.alfasense.com%2Fp%3Fssp%3Dst%26id%3DZO3rfGe-x-s&n=1
  • https://solta-sync.rutarget.ru/sync
  • https://kimberlite.io/rtb/sync/segmento?u=p3LaVrrFAYD_
  • https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZO3rfGe-x-s
  • https://vma.mts.ru/match/second?ssp=59&exu=ZO3rfGe-x-s
  • https://tech.rtb.mts.ru/?dsp_uid=37eb4e60-68c4-43a4-a997-19adcc51dfa6&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FN-tOYGjEQ6SplxmtzFHfpg%3Flocation%3Dhttps%253A%252F%252Fvma.mts.ru...
  • https://an.yandex.ru/setud/mts_banner/N-tOYGjEQ6SplxmtzFHfpg?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=1717350664
  • https://an.yandex.ru/setud/mts_banner/N-tOYGjEQ6SplxmtzFHfpg?redir-setuniq=1&location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=1717350664
  • https://vma.mts.ru/em?next=59&em=0
  • https://kimberlite.io/rtb/sync/mts?u=be148231-2b48-4afe-8716-df3c62985fb4
  • https://cs.alfasense.com/p?ssp=st&id=ZO3rfGe-x-s
35 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.alfasense.com/p?ssp=st&id=ZO3rfGe-x-s
Protocol
HTTP/1.1
Server
23.111.100.20 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
fasthttp /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:58:38 GMT
Server
fasthttp
Access-Control-Allow-Methods
GET, HEAD, POST, OPTIONS, PUT, DELETE
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
X-Host
23.111.100.20
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length
35
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Tue, 29 Aug 2023 12:58:38 GMT
referrer-policy
no-referrer
Server
nginx
access-control-allow-origin
*
location
https://cs.alfasense.com/p?ssp=st&id=ZO3rfGe-x-s
cache-control
no-store
access-control-allow-credentials
true
Connection
keep-alive
server-timing
app;srv=6;dur=0.0011
Content-Length
0
p
cs.alfasense.com/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect?skip2=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec&redirect_url=https%3A%2F%2Fcs.alfasense.com%2Fp%3Fssp%3Dbz%26uid%3D%24%7BUUID%7D
  • https://cs.alfasense.com/p?ssp=bz&uid=d7dbb6da-1586-42c5-7ebb-183de98b70a8
35 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.alfasense.com/p?ssp=bz&uid=d7dbb6da-1586-42c5-7ebb-183de98b70a8
Protocol
HTTP/1.1
Server
23.111.100.20 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
fasthttp /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:58:36 GMT
Server
fasthttp
Access-Control-Allow-Methods
GET, HEAD, POST, OPTIONS, PUT, DELETE
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
X-Host
23.111.100.20
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length
35
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://cs.alfasense.com/p?ssp=bz&uid=d7dbb6da-1586-42c5-7ebb-183de98b70a8
date
Tue, 29 Aug 2023 12:58:37 GMT
server
nginx
content-length
113
serverid
TODO
content-type
text/html; charset=utf-8
/
sync.bumlam.com/
Redirect Chain
  • https://sync.bumlam.com/?src=asense&uid=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec
  • https://sync.bumlam.com/?src=asense&s_data=CAIQARj81renBmIkYjAyMzBmNmYtMmJiOC00M2M1LWFmZTYtOGMwMGQ5YTUzNGVjogEQxJ0qSkZrEe6G4AAlkMBkfA**
43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bumlam.com/?src=asense&s_data=CAIQARj81renBmIkYjAyMzBmNmYtMmJiOC00M2M1LWFmZTYtOGMwMGQ5YTUzNGVjogEQxJ0qSkZrEe6G4AAlkMBkfA**
Protocol
HTTP/1.1
Server
31.172.81.158 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/gif
Date
Tue, 29 Aug 2023 12:58:36 GMT
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server
nginx
Connection
keep-alive
Content-Length
43
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date
Tue, 29 Aug 2023 12:58:36 GMT
Server
nginx
ETag
c49d2a4a-466b-11ee-86e0-002590c0647c
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
//sync.bumlam.com/?src=asense&s_data=CAIQARj81renBmIkYjAyMzBmNmYtMmJiOC00M2M1LWFmZTYtOGMwMGQ5YTUzNGVjogEQxJ0qSkZrEe6G4AAlkMBkfA**
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
p
cs.alfasense.com/
Redirect Chain
  • https://match.qtarget.tech/userbind?src=alfasense&id=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec
  • https://cs.alfasense.com/p?ssp=tg&redir=0&id=
35 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.alfasense.com/p?ssp=tg&redir=0&id=
Protocol
HTTP/1.1
Server
23.111.100.20 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
fasthttp /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:58:37 GMT
Server
fasthttp
Access-Control-Allow-Methods
GET, HEAD, POST, OPTIONS, PUT, DELETE
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
X-Host
23.111.100.20
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length
35
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Tue, 29 Aug 2023 17:58:08 GMT
Server
nginx/1.22.1
Vary
Origin
Access-Control-Allow-Origin
*
Location
https://cs.alfasense.com/p?ssp=tg&redir=0&id=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
cs.alfasense.com/
Redirect Chain
  • https://www.acint.net/rmatch?dp=185&euid=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec&r=https%3A%2F%2Fcs.alfasense.com%2Fp%3Fssp%3Dsp%26uid%3D%24%7BUSER_ID%7D
  • https://www.acint.net/rmatch?r=https%3A%2F%2Fcs.alfasense.com%2Fp%3Fssp%3Dsp%26uid%3D$%7BUSER_ID%7D&dp=185&tc=1&euid=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fcs.alfasense.com%252Fp%253Fssp%253Dsp%2526uid%253D$%257BUSER_ID%257D&dp=14
  • https://acint.net/rmatch?dp=14&euid=2503420A7DEBED64C700558002D6F607&r=https%3A%2F%2Fcs.alfasense.com%2Fp%3Fssp%3Dsp%26uid%3D$%7BUSER_ID%7D
  • https://cs.alfasense.com/p?ssp=sp&uid=0100007F7CEBED648E037C0B02F13D50
35 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.alfasense.com/p?ssp=sp&uid=0100007F7CEBED648E037C0B02F13D50
Protocol
HTTP/1.1
Server
23.111.100.20 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
fasthttp /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:58:37 GMT
Server
fasthttp
Access-Control-Allow-Methods
GET, HEAD, POST, OPTIONS, PUT, DELETE
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
X-Host
23.111.100.20
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length
35
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Tue, 29 Aug 2023 12:58:37 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://cs.alfasense.com/p?ssp=sp&uid=0100007F7CEBED648E037C0B02F13D50
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
p
cs.alfasense.com/
Redirect Chain
  • https://cs.agency2.ru/p?ssp=al&uid=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec
  • https://cs.alfasense.com/p?ssp=a2&uid=7574fdef-0c58-4bf8-8c08-e0b5ef4c937d
35 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.alfasense.com/p?ssp=a2&uid=7574fdef-0c58-4bf8-8c08-e0b5ef4c937d
Protocol
HTTP/1.1
Server
23.111.100.20 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
fasthttp /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:58:37 GMT
Server
fasthttp
Access-Control-Allow-Methods
GET, HEAD, POST, OPTIONS, PUT, DELETE
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
X-Host
23.111.100.20
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length
35
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Tue, 29 Aug 2023 12:58:36 GMT
Server
fasthttp
Access-Control-Allow-Methods
GET, HEAD, POST, OPTIONS, PUT, DELETE
Location
https://cs.alfasense.com/p?ssp=a2&uid=7574fdef-0c58-4bf8-8c08-e0b5ef4c937d
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
X-Host
23.111.107.44
Connection
keep-alive
Access-Control-Allow-Headers
authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
a.adsource.tech/ 		0
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.adsource.tech/sync?id=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec&ssp=Alfasense
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pC4PQSmEfvsELA9uDTCfGMG5pywWLxj2FbVGqNbT8SfbJb8aEBDnbF1KIPdQTVYeItj%2B%2BtN5PCDIBno6g4JJeLKqgjE2koVc0KJMUgZCbOW2Gfzx%2FV0ZQhAIfFSGh2Us%2FrE%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
cf-ray
7fe4f76d78cf3819-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
alt-svc
h3=":443"; ma=86400
p
cs.alfasense.com/
Redirect Chain
  • https://alfasense-sync.rutarget.ru/sync?uid=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec
  • https://cs.alfasense.com/p?ssp=sg&uid=wmT2HnBvMwpe
35 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.alfasense.com/p?ssp=sg&uid=wmT2HnBvMwpe
Protocol
HTTP/1.1
Server
23.111.100.20 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
fasthttp /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:58:37 GMT
Server
fasthttp
Access-Control-Allow-Methods
GET, HEAD, POST, OPTIONS, PUT, DELETE
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
X-Host
23.111.100.20
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length
35
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://cs.alfasense.com/p?ssp=sg&uid=wmT2HnBvMwpe
Date
Tue, 29 Aug 2023 12:58:37 GMT
Server
nginx
Connection
close
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
p
cs.alfasense.com/
Redirect Chain
  • https://match.new-programmatic.com/userbind?src=alfasense&id=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec
  • https://cs.alfasense.com/p?ssp=tg&redir=0&id=
35 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.alfasense.com/p?ssp=tg&redir=0&id=
Protocol
HTTP/1.1
Server
23.111.100.20 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
fasthttp /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:58:37 GMT
Server
fasthttp
Access-Control-Allow-Methods
GET, HEAD, POST, OPTIONS, PUT, DELETE
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
X-Host
23.111.100.20
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length
35
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Tue, 29 Aug 2023 12:58:37 GMT
Server
nginx/1.22.1
Vary
Origin
Access-Control-Allow-Origin
*
Location
https://cs.alfasense.com/p?ssp=tg&redir=0&id=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
cs.alfasense.com/
Redirect Chain
  • https://sync.upravel.com/alfadart/sync?uid=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec
  • https://sync.upravel.com/alfadart/sync?uid=b0230f6f-2bb8-43c5-afe6-8c00d9a534ec&session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuZ2w1LnJ1LyJdfX0
  • https://cs.alfasense.com/p?ssp=up&id=173b9518-af20-4cef-916c-a352c4c33b5d
35 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.alfasense.com/p?ssp=up&id=173b9518-af20-4cef-916c-a352c4c33b5d
Protocol
HTTP/1.1
Server
23.111.100.20 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
fasthttp /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:58:37 GMT
Server
fasthttp
Access-Control-Allow-Methods
GET, HEAD, POST, OPTIONS, PUT, DELETE
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
X-Host
23.111.100.20
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length
35
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Tue, 29 Aug 2023 12:55:04 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cs.alfasense.com/p?ssp=up&id=173b9518-af20-4cef-916c-a352c4c33b5d
access-control-allow-origin
*
content-type
image/png
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
false
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
styles__ltr.css
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame B53E 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6Ld4dzMUAAAAAKiQ4N3jMCYwE9SIQ5b2ZGq8naN8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 09:03:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14102
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Aug 2024 09:03:34 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame B53E 		454 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6Ld4dzMUAAAAAKiQ4N3jMCYwE9SIQ5b2ZGq8naN8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 23:32:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48358
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
186637
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 27 Aug 2024 23:32:38 GMT
sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check_secondary
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10110.q70QE0qfHgynmwE79KFaBU4dXMpWQNT8DHfmMZMQuLOYLzOOuQJN2oSidrZnNZN9.CACFFmAGDbIGjco3olaVMJE3d6U%2C
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10110.uPBv09pNmKRdV8Tz7uFFb9OPXAXyL-1Xy_T0dRwW6g-ls2elQfWyFP_aw7-cCWZUh_DGos4pcDn8_3asYgMSBsmQTUnldczaMkbrdqqv5C0%2C.jUSR0UJAl4NYh86Gz...
43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10110.uPBv09pNmKRdV8Tz7uFFb9OPXAXyL-1Xy_T0dRwW6g-ls2elQfWyFP_aw7-cCWZUh_DGos4pcDn8_3asYgMSBsmQTUnldczaMkbrdqqv5C0%2C.jUSR0UJAl4NYh86GzGtTVp7NjQM%2C
Protocol
H2
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10110.uPBv09pNmKRdV8Tz7uFFb9OPXAXyL-1Xy_T0dRwW6g-ls2elQfWyFP_aw7-cCWZUh_DGos4pcDn8_3asYgMSBsmQTUnldczaMkbrdqqv5C0%2C.jUSR0UJAl4NYh86GzGtTVp7NjQM%2C
date
Tue, 29 Aug 2023 12:58:37 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/ 		154 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/reactive_library_fy2021.js?bust=31077389
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8019775436904435&plah=www.gl5.ru&bust=31077389
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
187a6710700eaf60ef10e50d2d6fea3db469918bfe738c87437499f81416c35d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53639
x-xss-protection
0
server
cafe
etag
7586959618958102144
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 12:58:36 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 6E3C 		37 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8019775436904435&output=html&h=280&adk=1822737079&adf=2561986437&pi=t.aa~a.190590905~i.22~rp.4&w=650&fwrn=4&fwrnh=100&lmt=1693306716&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6438916086&ad_type=text_image&format=650x280&url=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&fwr=0&pra=3&rh=163&rw=650&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693313916939&bpp=1&bdt=1311&idt=1&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43982642264460c1-228c96375fde00e4%3AT%3D1693313916%3ART%3D1693313916%3AS%3DALNI_Mb8i3KqdI5_wL-vU269pnFu5FSH_Q&gpic=UID%3D00000c69cb4acb82%3AT%3D1693313916%3ART%3D1693313916%3AS%3DALNI_MZIfp-AZEdkamDtCF-9yGfnG2rp7Q&prev_fmts=0x0%2C650x280&nras=2&correlator=6827183342517&frm=20&pv=1&ga_vid=398317794.1693313916&ga_sid=1693313916&ga_hid=1687589857&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=1266&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077444%2C42531706%2C44795922%2C31077389%2C21065724&oid=2&pvsid=706724022780221&tmod=47055246&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=nGDVMn2K7F&p=https%3A//www.gl5.ru&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8019775436904435&plah=www.gl5.ru&bust=31077389
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
b4df7af587b224b34acbc72a9f4ffa621469a66a633d17b5ce0dfe2c3ae366c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gl5.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
15914
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 12:58:37 GMT
expires
Tue, 29 Aug 2023 12:58:37 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
prebid
ssp.hybrid.ai/auction/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ssp.hybrid.ai/auction/prebid
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.230.131.17 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.gl5.ru
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.gl5.ru
date
Tue, 29 Aug 2023 12:58:37 GMT
p3p
CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
server
Hybrid Web Server
vary
Origin
prebid
ssp-rtb.sape.ru/ 		0
657 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-rtb.sape.ru/prebid
Requested by
Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.3.184.212 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gl5.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 29 Aug 2023 12:58:37 GMT
Server
openresty
X-YaTraceId
fbd650de13c849ada5bbe5915f24de04
X-YaRequestId
4ae02d08d0aa4281a89c7c9c7e486957
Access-Control-Allow-Methods
POST
Content-Type
text/html
Access-Control-Allow-Origin
https://www.gl5.ru
X-YaSpanId
6beeacf7e3db76fa
Access-Control-Allow-Credentials
true
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Expires
Wed, 19 Apr 2000 11:43:00 GMT
adjson
ads.betweendigital.com/ 		2 B
882 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.gl5.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gl5.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
direct_banner
px.adhigh.net/rtb/
Redirect Chain
  • https://px.adhigh.net/rtb/direct_banner?bid_id=6a91af2bb6109c&pid=66&tid=300x250_alfadart&known=1&is_video=false&resp_type=JSON&provider=direct.prebidjs&size=300x250&floor=50&cur=RUB
  • https://px.adhigh.net/rtb/direct_banner?bid_id=6a91af2bb6109c&pid=66&tid=300x250_alfadart&known=1&is_video=false&resp_type=JSON&provider=direct.prebidjs&size=300x250&floor=50&cur=RUB&bounced=1
12 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.adhigh.net/rtb/direct_banner?bid_id=6a91af2bb6109c&pid=66&tid=300x250_alfadart&known=1&is_video=false&resp_type=JSON&provider=direct.prebidjs&size=300x250&floor=50&cur=RUB&bounced=1
Protocol
H2
Server
193.232.148.143 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS
smtp4.sender.ltmse.com
Software
nginx /
Resource Hash
cac9fb81a29c07978b6ff53ec2a73344f4756aba46e066610c17d9dd06fa96ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:58:37 GMT
server
nginx
x-backend-id
f4-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.gl5.ru
content-type
application/json
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
12
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:58:37 GMT
server
nginx
x-backend-id
f4-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.gl5.ru
location
https://px.adhigh.net/rtb/direct_banner?bid_id=6a91af2bb6109c&pid=66&tid=300x250_alfadart&known=1&is_video=false&resp_type=JSON&provider=direct.prebidjs&size=300x250&floor=50&cur=RUB&bounced=1
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
auction
pbs.alfasense.com/yandex/ 		11 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbs.alfasense.com/yandex/auction
Requested by
Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.115.84 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.gl5.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 29 Aug 2023 12:58:37 GMT
x-dsp-24__status
204
X-Host
23.111.115.84
Connection
keep-alive
Content-Length
11
x-geo-cityid
4000000020
pragma
no-cache
access-control-max-age
0
Access-Control-Allow-Methods
GET, HEAD, POST, OPTIONS, PUT, DELETE
Content-Type
application/json, text/xml
Access-Control-Allow-Origin
https://www.gl5.ru
cache-control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
expires
0
adjson
ssp.otm-r.com/ 		2 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.otm-r.com/adjson?tz=-120&w=300&h=250&domain=&l=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&s=38014&cur=RUB&bidid=101573797ed32b8&transactionid=919845ff-0736-4fc2-b35b-665228644744&auctionid=0152c23b-3540-4a73-bfcb-0435e8f3b7cd&bidfloor=0
Requested by
Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.69.72.5 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.5.72.69.159.clients.your-server.de
Software
nginx/1.17.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.gl5.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:58:37 GMT
server
nginx/1.17.0
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://www.gl5.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2
expires
0
prebid
ssp.hybrid.ai/auction/ 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hybrid.ai/auction/prebid
Requested by
Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.230.131.17 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gl5.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.gl5.ru
date
Tue, 29 Aug 2023 12:58:37 GMT
access-control-allow-credentials
true
server
Hybrid Web Server
vary
Origin
p3p
CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230828&jk=706724022780221&bg=!nJ-ln9DNAAYkVgHwBFY7ADQBe5WfOCv_FCGRUDAXQlvXC1RyCkM2JdhJPC7Fko9pkASmcg1-4lKudX5BnMlYKwcSiJ3HAgAAAEZSAAAABWgBBwoAXX8tHwmlNXsHIBvFZQE0XHSs4BudMYg72Fmk1fkpQRr71lWu1MmR4rI0JxG8KIiyBlzrdi9Be89-WHNUQxQEZR9fYFavKZoSi2q0SP1mubOYrpMrsQhs-kWustPdgpkCuEycwumpTwIyeeG2m0z8mHzTnLY4_hYdVy_6o2rFQM7h1hfLqeQ9QYbdamQO26qGAuxk1pm1i7PVM_U-lSlewgMFezVywb_NSc43oAiY4EldekDOKZ3Y3-GEav_Bh_ytQL3nXHuEX0ViU9OJ-cOXeTHDBuqUN5HgdxjWmFS86fQew8I7_rxH6tmT3hj5A0Koz7MoONrXhyJPSiReIPU3gLHqBItLcAUTYFYUn1Yx68fvrESa7YSjYh7kVzH67yHzqKB9ElyxR4qjQX2y5RbiTq-C0od9mAceNnTWXV3sd0mx8HbEBq8hzcjzWYh5qs2aoVmhgsBgGskjvDysXhTlHw0nE5UYw5igd4S1ujRjEjE52Qv3ohoGvft4GKKW4P0RLvVPT2wd8JBkz9BORLCHquf5xNAoFs53ZAOIIgRPnoeK0zjW7IaYnwdoekvcl4xmn8TLwOXevXeQuaQtIFyJHP9ogQd-QnrjsOlXsTfLf7f6Q8X4tRUYuZQXz51rjBNCDaCBb-4A3uWPTWBPKjiaeiAAW1-mU6Pv9X_g2SX1WnF74DFWcJpjBd7XefQsEfy-G8iuSlbwW4okqaf6KSkPoN-JfQTum4jd2tHwYBWt_SuJjrQdRdhMb86ytXdUuVD9Pqz02kQA1NEidiE3EBfrX4wRrogc7BrQBrlYbMYOWehJ2tVVKHimIGuxaNuKnW1dhK5WP8VMA_T4igfrUvC8owejxqUBGUcdcgzAvtpb0Y_WvIwch5QAW2mCJvve8Kf5X_-a-hLoZupo9WFzv3MVkn6FT9ei3o-0nMVu_Of98MM6ueYzpaLlt8gVv0fBUj_mhehdCBOWGhFrio-NoT0Je8n-ZTBqUGF5kTKmu0WzPz6aga2k1gss6gqQkEig6TuE3JrTRI5C3KZFwu_zEa3_JQH5F_w2CB3S0Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/ Frame CCD3 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8019775436904435&plah=www.gl5.ru&bust=31077389
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gl5.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
78232
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4437
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Aug 2023 15:14:45 GMT
etag
9878862242593084568
expires
Mon, 11 Sep 2023 15:14:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/ Frame 93A9 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8019775436904435&plah=www.gl5.ru&bust=31077389
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gl5.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
78232
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4437
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Aug 2023 15:14:45 GMT
etag
9878862242593084568
expires
Mon, 11 Sep 2023 15:14:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/ Frame E582 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8019775436904435&plah=www.gl5.ru&bust=31077389
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gl5.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
78232
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4437
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Aug 2023 15:14:45 GMT
etag
9878862242593084568
expires
Mon, 11 Sep 2023 15:14:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 29C4 		165 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD014By4X1AArQnF9vQPi2xnfQDdlOdg&u=%7COKIgpqOK8DzZSDHCyjSHBIxSI%2BcZJrWPVv2BNQgZ3KQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T2AWRlHZFqNLc3RoMYYFkAd1FczsaqiQzUn7j0o6i0taIPJvCpdwRANnDandhaD3VGKE09Yw3jJ5Sr9vriZr2SVL-x1d-TVFUNAHvkWpy1DK4z9Nnm6L1wJg6KIkx1bMQ4pO3IS-JJAFHz_gE8QZg8TviHJYoVqerJ-cizSn9oHO3Hqo-3Bptr6sKW58uhJX1GuYeukGOMGP6FAwlL7NC-kGZtSzsyNl92FBhHfI-RhkNWEZaPRrdEZe3eT8RI5u9fsUvJRUnoM3lM2wkNaXx9jqdk8K_ZjZqORRkYxEpVgHqIcKcDMfXODEDXumC3vnx_DG2L5OwO-M4MDfQvG_UPI7q_FHyRy4eXshfI5WGdYt27P2DhIQAKti1IA3zRQvw70FNwsxBf8X9q-wSE0x24eCp3ZNYpyaxZxe57GDQl-TxmLbvMcMX5jXhckN5wUh0y8lUNKedejZIWnF9wgWb3ASFmbKczv9hGes1r1HqYhmrXVCONMHnWmkvTNxFAzB8NrcYk_wqcrxhvYyYUGkXK3Jl7eb5f-5-2ONxO3IjfhoK8n0khY25MTVw5DyV-nmTXqfLRru4xkpXFxRwJpUQN5TZ9DQK4xbdhNd6x3UsMNn&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGTtpfOvtZN6mD_WLrr4PnKGr0AfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTsAU_Qgp2Fx5zFcE92fxC5lrz2VluAzbM3yCAGdNW-QRALZMve5ifLPGIOpNJmJk5etQpSG7ukhMsdcl7mQtseOrbONp_wJKAhTLZTXXVKho79pePoyC_YDLseNY4EwWrCz0u5RPoXnXzteReioC57-68-kVX_IuEV5y5RCavKmwVycsGCkuiYTXcTxGmfL1vVNDoBdxMUJb5nZatic2-LIqkT6Rr33uLbbMN6unrk3wBaiNe3vmRZDGQvIyCIktnjIUogzWgHm3PRoTQKN8nXchvQ_qN-OsUFGDylSHWOt_hmbZuvEm5N_CWDtjC6gAaO1LKct7KlrWKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3gjMlruJ9yz3g7oRGrmk9oi2FCZw%26client%3Dca-pub-8019775436904435%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
621101a4914c2c35e0ee589eb6b812316b6e3bad47dfe741519df6c96f2bf385
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 12:58:36 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=j635Gw_E_jhcBmn_MYzyrQ4hRfsqnllbeOUu1eUYpouWYnGUGIqY2Y6PmXJSiWMRpESk7KqfvndcPmOObh3i--TdrGpvFzhKy-BErHcOHb28Ow5ckYf_ox1hHzJflWPYYHxzObVjridbmbdJN8YHArOVEKc98GVXErGMGG7NAEAx2scXBIBQIDP1wo0nk852qa9btu4krp6-72ayiCvyvZH48Z5oXAGBAnd2HmnAN_5Li9QR-MCYqat_gbkhNAwe3I0cWQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
59435797
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame CCD3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:22:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
20155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 07:22:42 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame CCD3 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 13:56:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
82950
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Sep 2023 13:56:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CCD3 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693222425768293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Aug 2023 12:58:37 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame DA0F 		51 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD018By4X1AArQnJ5uylUhwtwmH_k2WQ&u=%7COKIgpqOK8Dwb11ny2PdIDNQ8CAQCXUb0OO8AeQ6dJiE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-ox6jq5uP4vOL-FhBPok8rq59LQxzJ4SYhSaOEnzVwe7cgF-ow3AEzfTVq8DR_h_nDzdht095CABhDf5goUwyubgDEqRKkmHnmYLYMsjGFcTNzfXQ8hz19EwTuPIq9MoSGd7xobcbwpYdZKRKt4rsc1lfufYsu8UswFzYGYYFZ6qHyU7nk_hYnEFmNHOc5pKuqEaokkZQ9Hyk_2ppset_wAXaRr3GOWjIgNKojhjUbyjSHqravbp5mUevzE2sUQCdcp83FOsnJ4vHrmvg_AaKP5m-FFLRPVxTkY6_rPpnp8x4Z--aJhtq5Dn2flpe1GsdhP783GiYOEY_7Aa1UjqE-CgESg8aGrMPWYTrVu_B5C5R27gUZJqh4X8OfN1wrX721YcOwIy0hEWxiMo1FJGJCDNaLFTONs7JKf1SpcPjrTNOnxKwaiAua7fG1RZdD3xxVr8WrCaHetsqPWWKeEJhsRXEN6TVmuLx_2gtZyKl94NprsAd3YZhAN088LvdHOT86Y5-TC1tYS8Igr5VXEyI2O5UqIwI3YC0Cyx11Kndt5-Ygy9WRzGE50rw1KedbQUYdIjPNClYq7eCg-SXlalaPlV_mITYgroRIASp8dCGqo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtKxrfOvtZN-mD_WLrr4PnKGr0AfJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTsAU_QeqhuMsP438mCXRHsrSdg9F6pQovIpy6bCAIrsdvwepQF27QXoQN1SBNz_2pe0hdD2qw_F7A1W9H1j1CZODl86TMs6i79Q1M333_hx7miDqEkNuWntrnDr23n9fWrq1v2z5QJ81U44Gii-Z_Z_N-CJGCfoCaOzoskPhiLbEPp9sE4qdni7Ec7nIOyjUmZv8kfmmWeYiZUPuxRwv9WllZpTMDknddmlqYtnsLYSR2IIEiQf_o794-y75r8wH_GGdGoUe7O7scGzreuHTHvdhuoTk5MS3Qc2IZe3ykZmfx_YJIJC-ppEcEqKhvpgAbs6KWm5_L3uY0BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0o8XNi2V7aHCx3hWTrVGlFa97oAQ%26client%3Dca-pub-8019775436904435%26adurl%3D
Requested by
Host: www.gl5.ru
URL: https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b138805db8d6ea05c65ec3e0d57b9ab162d69e197775f9bba34f24a896427ec9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 12:58:36 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=VhOn6g_E_jhcBmn_8i_g1TL6DoBZnXRQbjHgZFZ_lTVBEhig9w8kNsko7Da1kVHJuQmrq7lsvsf8ug870yABjFoyZuQA0lKeux-awYWcNO7VYpIPB7LQeX2vIO29Y8EZjir_zrmpaR_0J5T8mFjmFZKoP2C3pPx2IAfkhG7vqNyieiifJncRuD_HauihegT3jeh0qzLMDkaQEnVrTV1vlBiENSNN6SZTKRs8DZJ-WzsmdQZmiin_iDDVV1eLBpx_2a4lWw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
3206887
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame C03D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.gl5.ru
URL: https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:22:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
20155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 07:22:42 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame C03D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.gl5.ru
URL: https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 13:56:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
82950
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Sep 2023 13:56:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C03D 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.gl5.ru
URL: https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693222425768293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Aug 2023 12:58:37 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame E984 		127 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD02ABy4X1AArQnOli8gltXXNZ8qpkWg&u=%7COKIgpqOK8DwNxxSASp%2BqQSgBryyEjh6dp6UaJ9Tudts%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUKpu9hy7Ffnun-WE9FjbXP1W0e4y8lK96xIqJRLJoNk_R_9LZxWlB9CMmRA414eeU6CFLwxAC3u2cad6flRwHxxoSySX_crPUF2KGIvX_g1l8M2qvAzIvrtoSqDOHfh4IT6YwzGSUad4yDnsKE3dUMDir8B0WNSUp8T_7CuJTIKweX1yAl5nmCDTvsGS6sjwU5lp5KTMRIHQfHNmXJQLZkOeg2I0m6DsmB7S-9SCpmtAAAdzp7YITGJM8-pBQlyAPMBjx5mALqEcajo1Uyyzk007K_toPR1B8O_ffUxWF1JUx6WUduVOgLFsuCkSBCoZ1AipxHDWtSWAlbOhIdkdrjzji86IzLY9OTEVzoZbTrA0g_xmeZwpxmwTVUzrtdafu5o1hwJRUCaU4Dy8ndOOR4Zmn0rw2n3vkqUD9hcM9Apsb7aGkMeUKoWMPEuX-_aq4BEYgHc-kjaBQWEgTUTYXi3Brerb8n7uDcgLIiMpZ_Ic0q4nXv0pNKtU8vNx7i0jx2C23mgJs_EBeAPYk3YKJmboVLqpSEk86_pb736c_a-cSDFENJ2rqvbaqnoMRi8W6Bg5nNIO-qXmMLpM-0GynZKxqwBIvtZWkpvAXp_tlZx4O-MLS8yz9Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGUrofOvtZOCmD_WLrr4PnKGr0AfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTtAU_QWyfE5CicfqAl82U273409WWgN7EoQxhIbMfwPntjuWt92GdRkRfuV-x8__pMUlzTAlPkOipehd0Ylwu-7A0Q2qQ3R8_XrjplLuplX-qLd_qE0hBi9qmDlVAmtxpkBn44zYFw_cHvZiJyY7bCqZp5IqDNJgYnEVtu-WzwvO3AGz383pjIqTQLSXq3EqoQ4SSaotvOxpaWdEtgdfK8FXlHLlQlB16LaetpAbifSbasm5h2kAhMxm41Mk3un9ew_Yfra641JBFK23zsggNbEH3R2hiBmVAWsOz0cZxX7OtASq3EnD_CbGOU4fD1i4AG7ajznMK8-trOAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_20m4JX7eaU2tO8Wab1PAHzzCgIog%26client%3Dca-pub-8019775436904435%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
be95ef3fa965c61b8a62d9b273ea9cec410c1f00b3db2a0d5685d1bafc5e0754
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 12:58:37 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=SxpeaA_E_jhcBmn_sR-_8kAISbMWmBsQgirvfnRiPmpBPbCtbbg_Q7-7lbdLQUNMRWK8b6RIqwVC1WNB0SGa9yYU3paPUEdvGMfiHGgv_mNfhFL5ulbStu1uCzUGWoo9JvjZTy9TetK0QFXkw384Y0FWa-r5MRJnjKq7pQ6lIaxEx21TT7vrxFODRvxXUpKzMUAhmJysh_vLmu4YItZ6NfwGDcG8f-1bkdZ41pbZgf0XNagRvUyZlQJ0wJWFuvwhewx8Gg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
38199966
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame E582 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:22:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
20155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 07:22:42 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame E582 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 13:56:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
82950
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Sep 2023 13:56:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E582 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693222425768293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Aug 2023 12:58:37 GMT
truncated
/ Frame E582 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d06390c96d685eb5d49156e1d4c80ba65fdfe22ed2ccb4086c2efd52676703d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame DA0F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD018By4X1AArQnJ5uylUhwtwmH_k2WQ&u=%7COKIgpqOK8Dwb11ny2PdIDNQ8CAQCXUb0OO8AeQ6dJiE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-ox6jq5uP4vOL-FhBPok8rq59LQxzJ4SYhSaOEnzVwe7cgF-ow3AEzfTVq8DR_h_nDzdht095CABhDf5goUwyubgDEqRKkmHnmYLYMsjGFcTNzfXQ8hz19EwTuPIq9MoSGd7xobcbwpYdZKRKt4rsc1lfufYsu8UswFzYGYYFZ6qHyU7nk_hYnEFmNHOc5pKuqEaokkZQ9Hyk_2ppset_wAXaRr3GOWjIgNKojhjUbyjSHqravbp5mUevzE2sUQCdcp83FOsnJ4vHrmvg_AaKP5m-FFLRPVxTkY6_rPpnp8x4Z--aJhtq5Dn2flpe1GsdhP783GiYOEY_7Aa1UjqE-CgESg8aGrMPWYTrVu_B5C5R27gUZJqh4X8OfN1wrX721YcOwIy0hEWxiMo1FJGJCDNaLFTONs7JKf1SpcPjrTNOnxKwaiAua7fG1RZdD3xxVr8WrCaHetsqPWWKeEJhsRXEN6TVmuLx_2gtZyKl94NprsAd3YZhAN088LvdHOT86Y5-TC1tYS8Igr5VXEyI2O5UqIwI3YC0Cyx11Kndt5-Ygy9WRzGE50rw1KedbQUYdIjPNClYq7eCg-SXlalaPlV_mITYgroRIASp8dCGqo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtKxrfOvtZN-mD_WLrr4PnKGr0AfJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTsAU_QeqhuMsP438mCXRHsrSdg9F6pQovIpy6bCAIrsdvwepQF27QXoQN1SBNz_2pe0hdD2qw_F7A1W9H1j1CZODl86TMs6i79Q1M333_hx7miDqEkNuWntrnDr23n9fWrq1v2z5QJ81U44Gii-Z_Z_N-CJGCfoCaOzoskPhiLbEPp9sE4qdni7Ec7nIOyjUmZv8kfmmWeYiZUPuxRwv9WllZpTMDknddmlqYtnsLYSR2IIEiQf_o794-y75r8wH_GGdGoUe7O7scGzreuHTHvdhuoTk5MS3Qc2IZe3ykZmfx_YJIJC-ppEcEqKhvpgAbs6KWm5_L3uY0BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0o8XNi2V7aHCx3hWTrVGlFa97oAQ%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Aug 2024 12:58:37 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame DA0F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD018By4X1AArQnJ5uylUhwtwmH_k2WQ&u=%7COKIgpqOK8Dwb11ny2PdIDNQ8CAQCXUb0OO8AeQ6dJiE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-ox6jq5uP4vOL-FhBPok8rq59LQxzJ4SYhSaOEnzVwe7cgF-ow3AEzfTVq8DR_h_nDzdht095CABhDf5goUwyubgDEqRKkmHnmYLYMsjGFcTNzfXQ8hz19EwTuPIq9MoSGd7xobcbwpYdZKRKt4rsc1lfufYsu8UswFzYGYYFZ6qHyU7nk_hYnEFmNHOc5pKuqEaokkZQ9Hyk_2ppset_wAXaRr3GOWjIgNKojhjUbyjSHqravbp5mUevzE2sUQCdcp83FOsnJ4vHrmvg_AaKP5m-FFLRPVxTkY6_rPpnp8x4Z--aJhtq5Dn2flpe1GsdhP783GiYOEY_7Aa1UjqE-CgESg8aGrMPWYTrVu_B5C5R27gUZJqh4X8OfN1wrX721YcOwIy0hEWxiMo1FJGJCDNaLFTONs7JKf1SpcPjrTNOnxKwaiAua7fG1RZdD3xxVr8WrCaHetsqPWWKeEJhsRXEN6TVmuLx_2gtZyKl94NprsAd3YZhAN088LvdHOT86Y5-TC1tYS8Igr5VXEyI2O5UqIwI3YC0Cyx11Kndt5-Ygy9WRzGE50rw1KedbQUYdIjPNClYq7eCg-SXlalaPlV_mITYgroRIASp8dCGqo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtKxrfOvtZN-mD_WLrr4PnKGr0AfJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTsAU_QeqhuMsP438mCXRHsrSdg9F6pQovIpy6bCAIrsdvwepQF27QXoQN1SBNz_2pe0hdD2qw_F7A1W9H1j1CZODl86TMs6i79Q1M333_hx7miDqEkNuWntrnDr23n9fWrq1v2z5QJ81U44Gii-Z_Z_N-CJGCfoCaOzoskPhiLbEPp9sE4qdni7Ec7nIOyjUmZv8kfmmWeYiZUPuxRwv9WllZpTMDknddmlqYtnsLYSR2IIEiQf_o794-y75r8wH_GGdGoUe7O7scGzreuHTHvdhuoTk5MS3Qc2IZe3ykZmfx_YJIJC-ppEcEqKhvpgAbs6KWm5_L3uY0BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0o8XNi2V7aHCx3hWTrVGlFa97oAQ%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Aug 2024 12:58:37 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame DA0F 		308 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD018By4X1AArQnJ5uylUhwtwmH_k2WQ&u=%7COKIgpqOK8Dwb11ny2PdIDNQ8CAQCXUb0OO8AeQ6dJiE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-ox6jq5uP4vOL-FhBPok8rq59LQxzJ4SYhSaOEnzVwe7cgF-ow3AEzfTVq8DR_h_nDzdht095CABhDf5goUwyubgDEqRKkmHnmYLYMsjGFcTNzfXQ8hz19EwTuPIq9MoSGd7xobcbwpYdZKRKt4rsc1lfufYsu8UswFzYGYYFZ6qHyU7nk_hYnEFmNHOc5pKuqEaokkZQ9Hyk_2ppset_wAXaRr3GOWjIgNKojhjUbyjSHqravbp5mUevzE2sUQCdcp83FOsnJ4vHrmvg_AaKP5m-FFLRPVxTkY6_rPpnp8x4Z--aJhtq5Dn2flpe1GsdhP783GiYOEY_7Aa1UjqE-CgESg8aGrMPWYTrVu_B5C5R27gUZJqh4X8OfN1wrX721YcOwIy0hEWxiMo1FJGJCDNaLFTONs7JKf1SpcPjrTNOnxKwaiAua7fG1RZdD3xxVr8WrCaHetsqPWWKeEJhsRXEN6TVmuLx_2gtZyKl94NprsAd3YZhAN088LvdHOT86Y5-TC1tYS8Igr5VXEyI2O5UqIwI3YC0Cyx11Kndt5-Ygy9WRzGE50rw1KedbQUYdIjPNClYq7eCg-SXlalaPlV_mITYgroRIASp8dCGqo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtKxrfOvtZN-mD_WLrr4PnKGr0AfJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTsAU_QeqhuMsP438mCXRHsrSdg9F6pQovIpy6bCAIrsdvwepQF27QXoQN1SBNz_2pe0hdD2qw_F7A1W9H1j1CZODl86TMs6i79Q1M333_hx7miDqEkNuWntrnDr23n9fWrq1v2z5QJ81U44Gii-Z_Z_N-CJGCfoCaOzoskPhiLbEPp9sE4qdni7Ec7nIOyjUmZv8kfmmWeYiZUPuxRwv9WllZpTMDknddmlqYtnsLYSR2IIEiQf_o794-y75r8wH_GGdGoUe7O7scGzreuHTHvdhuoTk5MS3Qc2IZe3ykZmfx_YJIJC-ppEcEqKhvpgAbs6KWm5_L3uY0BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0o8XNi2V7aHCx3hWTrVGlFa97oAQ%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 23 Aug 2024 12:58:37 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame DA0F 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD018By4X1AArQnJ5uylUhwtwmH_k2WQ&u=%7COKIgpqOK8Dwb11ny2PdIDNQ8CAQCXUb0OO8AeQ6dJiE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-ox6jq5uP4vOL-FhBPok8rq59LQxzJ4SYhSaOEnzVwe7cgF-ow3AEzfTVq8DR_h_nDzdht095CABhDf5goUwyubgDEqRKkmHnmYLYMsjGFcTNzfXQ8hz19EwTuPIq9MoSGd7xobcbwpYdZKRKt4rsc1lfufYsu8UswFzYGYYFZ6qHyU7nk_hYnEFmNHOc5pKuqEaokkZQ9Hyk_2ppset_wAXaRr3GOWjIgNKojhjUbyjSHqravbp5mUevzE2sUQCdcp83FOsnJ4vHrmvg_AaKP5m-FFLRPVxTkY6_rPpnp8x4Z--aJhtq5Dn2flpe1GsdhP783GiYOEY_7Aa1UjqE-CgESg8aGrMPWYTrVu_B5C5R27gUZJqh4X8OfN1wrX721YcOwIy0hEWxiMo1FJGJCDNaLFTONs7JKf1SpcPjrTNOnxKwaiAua7fG1RZdD3xxVr8WrCaHetsqPWWKeEJhsRXEN6TVmuLx_2gtZyKl94NprsAd3YZhAN088LvdHOT86Y5-TC1tYS8Igr5VXEyI2O5UqIwI3YC0Cyx11Kndt5-Ygy9WRzGE50rw1KedbQUYdIjPNClYq7eCg-SXlalaPlV_mITYgroRIASp8dCGqo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtKxrfOvtZN-mD_WLrr4PnKGr0AfJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTsAU_QeqhuMsP438mCXRHsrSdg9F6pQovIpy6bCAIrsdvwepQF27QXoQN1SBNz_2pe0hdD2qw_F7A1W9H1j1CZODl86TMs6i79Q1M333_hx7miDqEkNuWntrnDr23n9fWrq1v2z5QJ81U44Gii-Z_Z_N-CJGCfoCaOzoskPhiLbEPp9sE4qdni7Ec7nIOyjUmZv8kfmmWeYiZUPuxRwv9WllZpTMDknddmlqYtnsLYSR2IIEiQf_o794-y75r8wH_GGdGoUe7O7scGzreuHTHvdhuoTk5MS3Qc2IZe3ykZmfx_YJIJC-ppEcEqKhvpgAbs6KWm5_L3uY0BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0o8XNi2V7aHCx3hWTrVGlFa97oAQ%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 23 Aug 2024 12:58:37 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame DA0F 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=OpPWI3ta821y4pNrdRKgLG3PEejas5pdN28wCOB259T3gisWuSjjyqjVaCGSkjmiKJN--sLWnZmMpTeX-PzCN10jlZ7TD_rAlYVEZh5cAFoaEtM1mU1922cjCNbemBelxaSvlIiYL2wPB_yhJWdTTDeyOd4xWN5kgKifqAepiTz0_5AEZT6L-t-VaZwxcRlEi_9ekLKIBEMPdMS64MxW6zcSqmw2HUgOdqBBQ-98YKdeRQVcRjFjqtaLjUqFbKf0em3bDDrGShAAqBGMJptQFi4L99Vviei0g9N1gHuJ5LSA8AfNp0sG7jseTC54uPYtQ3r0mcChGcm31dPUtbMiiXqM2ZZ-63ji6IlLASe7epNPKD42Y4A-p-QznxH1SNTXIXJsbUsaYcO-DU7crFBmxW2A4s9o594hOw9xEPBzOshPos2QLjXUlQWkp5K1no3PB-qKHYqOvxf7iXxFDQ_Iwns6oYtUwxsqapt8OROup_cRAfKZxgQ-0fL2942SRkbd-vH3shSQu5DU-OVhOPvBi7tNnxY
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD018By4X1AArQnJ5uylUhwtwmH_k2WQ&u=%7COKIgpqOK8Dwb11ny2PdIDNQ8CAQCXUb0OO8AeQ6dJiE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-ox6jq5uP4vOL-FhBPok8rq59LQxzJ4SYhSaOEnzVwe7cgF-ow3AEzfTVq8DR_h_nDzdht095CABhDf5goUwyubgDEqRKkmHnmYLYMsjGFcTNzfXQ8hz19EwTuPIq9MoSGd7xobcbwpYdZKRKt4rsc1lfufYsu8UswFzYGYYFZ6qHyU7nk_hYnEFmNHOc5pKuqEaokkZQ9Hyk_2ppset_wAXaRr3GOWjIgNKojhjUbyjSHqravbp5mUevzE2sUQCdcp83FOsnJ4vHrmvg_AaKP5m-FFLRPVxTkY6_rPpnp8x4Z--aJhtq5Dn2flpe1GsdhP783GiYOEY_7Aa1UjqE-CgESg8aGrMPWYTrVu_B5C5R27gUZJqh4X8OfN1wrX721YcOwIy0hEWxiMo1FJGJCDNaLFTONs7JKf1SpcPjrTNOnxKwaiAua7fG1RZdD3xxVr8WrCaHetsqPWWKeEJhsRXEN6TVmuLx_2gtZyKl94NprsAd3YZhAN088LvdHOT86Y5-TC1tYS8Igr5VXEyI2O5UqIwI3YC0Cyx11Kndt5-Ygy9WRzGE50rw1KedbQUYdIjPNClYq7eCg-SXlalaPlV_mITYgroRIASp8dCGqo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtKxrfOvtZN-mD_WLrr4PnKGr0AfJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTsAU_QeqhuMsP438mCXRHsrSdg9F6pQovIpy6bCAIrsdvwepQF27QXoQN1SBNz_2pe0hdD2qw_F7A1W9H1j1CZODl86TMs6i79Q1M333_hx7miDqEkNuWntrnDr23n9fWrq1v2z5QJ81U44Gii-Z_Z_N-CJGCfoCaOzoskPhiLbEPp9sE4qdni7Ec7nIOyjUmZv8kfmmWeYiZUPuxRwv9WllZpTMDknddmlqYtnsLYSR2IIEiQf_o794-y75r8wH_GGdGoUe7O7scGzreuHTHvdhuoTk5MS3Qc2IZe3ykZmfx_YJIJC-ppEcEqKhvpgAbs6KWm5_L3uY0BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0o8XNi2V7aHCx3hWTrVGlFa97oAQ%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:58:36 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1815597
expires
Mon, 26 Jul 1997 05:00:00 GMT
9c824d622b4345ad9b7ee0c9ada375d3_image_ad_160x600.gif
static.criteo.net/design/dt/98009/4812754/ Frame DA0F 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/98009/4812754/9c824d622b4345ad9b7ee0c9ada375d3_image_ad_160x600.gif
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD018By4X1AArQnJ5uylUhwtwmH_k2WQ&u=%7COKIgpqOK8Dwb11ny2PdIDNQ8CAQCXUb0OO8AeQ6dJiE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-ox6jq5uP4vOL-FhBPok8rq59LQxzJ4SYhSaOEnzVwe7cgF-ow3AEzfTVq8DR_h_nDzdht095CABhDf5goUwyubgDEqRKkmHnmYLYMsjGFcTNzfXQ8hz19EwTuPIq9MoSGd7xobcbwpYdZKRKt4rsc1lfufYsu8UswFzYGYYFZ6qHyU7nk_hYnEFmNHOc5pKuqEaokkZQ9Hyk_2ppset_wAXaRr3GOWjIgNKojhjUbyjSHqravbp5mUevzE2sUQCdcp83FOsnJ4vHrmvg_AaKP5m-FFLRPVxTkY6_rPpnp8x4Z--aJhtq5Dn2flpe1GsdhP783GiYOEY_7Aa1UjqE-CgESg8aGrMPWYTrVu_B5C5R27gUZJqh4X8OfN1wrX721YcOwIy0hEWxiMo1FJGJCDNaLFTONs7JKf1SpcPjrTNOnxKwaiAua7fG1RZdD3xxVr8WrCaHetsqPWWKeEJhsRXEN6TVmuLx_2gtZyKl94NprsAd3YZhAN088LvdHOT86Y5-TC1tYS8Igr5VXEyI2O5UqIwI3YC0Cyx11Kndt5-Ygy9WRzGE50rw1KedbQUYdIjPNClYq7eCg-SXlalaPlV_mITYgroRIASp8dCGqo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtKxrfOvtZN-mD_WLrr4PnKGr0AfJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTsAU_QeqhuMsP438mCXRHsrSdg9F6pQovIpy6bCAIrsdvwepQF27QXoQN1SBNz_2pe0hdD2qw_F7A1W9H1j1CZODl86TMs6i79Q1M333_hx7miDqEkNuWntrnDr23n9fWrq1v2z5QJ81U44Gii-Z_Z_N-CJGCfoCaOzoskPhiLbEPp9sE4qdni7Ec7nIOyjUmZv8kfmmWeYiZUPuxRwv9WllZpTMDknddmlqYtnsLYSR2IIEiQf_o794-y75r8wH_GGdGoUe7O7scGzreuHTHvdhuoTk5MS3Qc2IZe3ykZmfx_YJIJC-ppEcEqKhvpgAbs6KWm5_L3uY0BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0o8XNi2V7aHCx3hWTrVGlFa97oAQ%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2b3a51882440c4e42dcbf66fc4a1919966bdf735b75de50117d53b79d7722461
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 29 Jun 2023 14:46:33 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"649d9949-b870"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
47216
expires
Fri, 23 Aug 2024 12:58:37 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame E984 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD02ABy4X1AArQnOli8gltXXNZ8qpkWg&u=%7COKIgpqOK8DwNxxSASp%2BqQSgBryyEjh6dp6UaJ9Tudts%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUKpu9hy7Ffnun-WE9FjbXP1W0e4y8lK96xIqJRLJoNk_R_9LZxWlB9CMmRA414eeU6CFLwxAC3u2cad6flRwHxxoSySX_crPUF2KGIvX_g1l8M2qvAzIvrtoSqDOHfh4IT6YwzGSUad4yDnsKE3dUMDir8B0WNSUp8T_7CuJTIKweX1yAl5nmCDTvsGS6sjwU5lp5KTMRIHQfHNmXJQLZkOeg2I0m6DsmB7S-9SCpmtAAAdzp7YITGJM8-pBQlyAPMBjx5mALqEcajo1Uyyzk007K_toPR1B8O_ffUxWF1JUx6WUduVOgLFsuCkSBCoZ1AipxHDWtSWAlbOhIdkdrjzji86IzLY9OTEVzoZbTrA0g_xmeZwpxmwTVUzrtdafu5o1hwJRUCaU4Dy8ndOOR4Zmn0rw2n3vkqUD9hcM9Apsb7aGkMeUKoWMPEuX-_aq4BEYgHc-kjaBQWEgTUTYXi3Brerb8n7uDcgLIiMpZ_Ic0q4nXv0pNKtU8vNx7i0jx2C23mgJs_EBeAPYk3YKJmboVLqpSEk86_pb736c_a-cSDFENJ2rqvbaqnoMRi8W6Bg5nNIO-qXmMLpM-0GynZKxqwBIvtZWkpvAXp_tlZx4O-MLS8yz9Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGUrofOvtZOCmD_WLrr4PnKGr0AfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTtAU_QWyfE5CicfqAl82U273409WWgN7EoQxhIbMfwPntjuWt92GdRkRfuV-x8__pMUlzTAlPkOipehd0Ylwu-7A0Q2qQ3R8_XrjplLuplX-qLd_qE0hBi9qmDlVAmtxpkBn44zYFw_cHvZiJyY7bCqZp5IqDNJgYnEVtu-WzwvO3AGz383pjIqTQLSXq3EqoQ4SSaotvOxpaWdEtgdfK8FXlHLlQlB16LaetpAbifSbasm5h2kAhMxm41Mk3un9ew_Yfra641JBFK23zsggNbEH3R2hiBmVAWsOz0cZxX7OtASq3EnD_CbGOU4fD1i4AG7ajznMK8-trOAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_20m4JX7eaU2tO8Wab1PAHzzCgIog%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Aug 2024 12:58:37 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame E984 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD02ABy4X1AArQnOli8gltXXNZ8qpkWg&u=%7COKIgpqOK8DwNxxSASp%2BqQSgBryyEjh6dp6UaJ9Tudts%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUKpu9hy7Ffnun-WE9FjbXP1W0e4y8lK96xIqJRLJoNk_R_9LZxWlB9CMmRA414eeU6CFLwxAC3u2cad6flRwHxxoSySX_crPUF2KGIvX_g1l8M2qvAzIvrtoSqDOHfh4IT6YwzGSUad4yDnsKE3dUMDir8B0WNSUp8T_7CuJTIKweX1yAl5nmCDTvsGS6sjwU5lp5KTMRIHQfHNmXJQLZkOeg2I0m6DsmB7S-9SCpmtAAAdzp7YITGJM8-pBQlyAPMBjx5mALqEcajo1Uyyzk007K_toPR1B8O_ffUxWF1JUx6WUduVOgLFsuCkSBCoZ1AipxHDWtSWAlbOhIdkdrjzji86IzLY9OTEVzoZbTrA0g_xmeZwpxmwTVUzrtdafu5o1hwJRUCaU4Dy8ndOOR4Zmn0rw2n3vkqUD9hcM9Apsb7aGkMeUKoWMPEuX-_aq4BEYgHc-kjaBQWEgTUTYXi3Brerb8n7uDcgLIiMpZ_Ic0q4nXv0pNKtU8vNx7i0jx2C23mgJs_EBeAPYk3YKJmboVLqpSEk86_pb736c_a-cSDFENJ2rqvbaqnoMRi8W6Bg5nNIO-qXmMLpM-0GynZKxqwBIvtZWkpvAXp_tlZx4O-MLS8yz9Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGUrofOvtZOCmD_WLrr4PnKGr0AfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTtAU_QWyfE5CicfqAl82U273409WWgN7EoQxhIbMfwPntjuWt92GdRkRfuV-x8__pMUlzTAlPkOipehd0Ylwu-7A0Q2qQ3R8_XrjplLuplX-qLd_qE0hBi9qmDlVAmtxpkBn44zYFw_cHvZiJyY7bCqZp5IqDNJgYnEVtu-WzwvO3AGz383pjIqTQLSXq3EqoQ4SSaotvOxpaWdEtgdfK8FXlHLlQlB16LaetpAbifSbasm5h2kAhMxm41Mk3un9ew_Yfra641JBFK23zsggNbEH3R2hiBmVAWsOz0cZxX7OtASq3EnD_CbGOU4fD1i4AG7ajznMK8-trOAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_20m4JX7eaU2tO8Wab1PAHzzCgIog%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Aug 2024 12:58:37 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame E984 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD02ABy4X1AArQnOli8gltXXNZ8qpkWg&u=%7COKIgpqOK8DwNxxSASp%2BqQSgBryyEjh6dp6UaJ9Tudts%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUKpu9hy7Ffnun-WE9FjbXP1W0e4y8lK96xIqJRLJoNk_R_9LZxWlB9CMmRA414eeU6CFLwxAC3u2cad6flRwHxxoSySX_crPUF2KGIvX_g1l8M2qvAzIvrtoSqDOHfh4IT6YwzGSUad4yDnsKE3dUMDir8B0WNSUp8T_7CuJTIKweX1yAl5nmCDTvsGS6sjwU5lp5KTMRIHQfHNmXJQLZkOeg2I0m6DsmB7S-9SCpmtAAAdzp7YITGJM8-pBQlyAPMBjx5mALqEcajo1Uyyzk007K_toPR1B8O_ffUxWF1JUx6WUduVOgLFsuCkSBCoZ1AipxHDWtSWAlbOhIdkdrjzji86IzLY9OTEVzoZbTrA0g_xmeZwpxmwTVUzrtdafu5o1hwJRUCaU4Dy8ndOOR4Zmn0rw2n3vkqUD9hcM9Apsb7aGkMeUKoWMPEuX-_aq4BEYgHc-kjaBQWEgTUTYXi3Brerb8n7uDcgLIiMpZ_Ic0q4nXv0pNKtU8vNx7i0jx2C23mgJs_EBeAPYk3YKJmboVLqpSEk86_pb736c_a-cSDFENJ2rqvbaqnoMRi8W6Bg5nNIO-qXmMLpM-0GynZKxqwBIvtZWkpvAXp_tlZx4O-MLS8yz9Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGUrofOvtZOCmD_WLrr4PnKGr0AfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTtAU_QWyfE5CicfqAl82U273409WWgN7EoQxhIbMfwPntjuWt92GdRkRfuV-x8__pMUlzTAlPkOipehd0Ylwu-7A0Q2qQ3R8_XrjplLuplX-qLd_qE0hBi9qmDlVAmtxpkBn44zYFw_cHvZiJyY7bCqZp5IqDNJgYnEVtu-WzwvO3AGz383pjIqTQLSXq3EqoQ4SSaotvOxpaWdEtgdfK8FXlHLlQlB16LaetpAbifSbasm5h2kAhMxm41Mk3un9ew_Yfra641JBFK23zsggNbEH3R2hiBmVAWsOz0cZxX7OtASq3EnD_CbGOU4fD1i4AG7ajznMK8-trOAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_20m4JX7eaU2tO8Wab1PAHzzCgIog%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 23 Aug 2024 12:58:37 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame E984 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD02ABy4X1AArQnOli8gltXXNZ8qpkWg&u=%7COKIgpqOK8DwNxxSASp%2BqQSgBryyEjh6dp6UaJ9Tudts%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUKpu9hy7Ffnun-WE9FjbXP1W0e4y8lK96xIqJRLJoNk_R_9LZxWlB9CMmRA414eeU6CFLwxAC3u2cad6flRwHxxoSySX_crPUF2KGIvX_g1l8M2qvAzIvrtoSqDOHfh4IT6YwzGSUad4yDnsKE3dUMDir8B0WNSUp8T_7CuJTIKweX1yAl5nmCDTvsGS6sjwU5lp5KTMRIHQfHNmXJQLZkOeg2I0m6DsmB7S-9SCpmtAAAdzp7YITGJM8-pBQlyAPMBjx5mALqEcajo1Uyyzk007K_toPR1B8O_ffUxWF1JUx6WUduVOgLFsuCkSBCoZ1AipxHDWtSWAlbOhIdkdrjzji86IzLY9OTEVzoZbTrA0g_xmeZwpxmwTVUzrtdafu5o1hwJRUCaU4Dy8ndOOR4Zmn0rw2n3vkqUD9hcM9Apsb7aGkMeUKoWMPEuX-_aq4BEYgHc-kjaBQWEgTUTYXi3Brerb8n7uDcgLIiMpZ_Ic0q4nXv0pNKtU8vNx7i0jx2C23mgJs_EBeAPYk3YKJmboVLqpSEk86_pb736c_a-cSDFENJ2rqvbaqnoMRi8W6Bg5nNIO-qXmMLpM-0GynZKxqwBIvtZWkpvAXp_tlZx4O-MLS8yz9Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGUrofOvtZOCmD_WLrr4PnKGr0AfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTtAU_QWyfE5CicfqAl82U273409WWgN7EoQxhIbMfwPntjuWt92GdRkRfuV-x8__pMUlzTAlPkOipehd0Ylwu-7A0Q2qQ3R8_XrjplLuplX-qLd_qE0hBi9qmDlVAmtxpkBn44zYFw_cHvZiJyY7bCqZp5IqDNJgYnEVtu-WzwvO3AGz383pjIqTQLSXq3EqoQ4SSaotvOxpaWdEtgdfK8FXlHLlQlB16LaetpAbifSbasm5h2kAhMxm41Mk3un9ew_Yfra641JBFK23zsggNbEH3R2hiBmVAWsOz0cZxX7OtASq3EnD_CbGOU4fD1i4AG7ajznMK8-trOAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_20m4JX7eaU2tO8Wab1PAHzzCgIog%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 23 Aug 2024 12:58:37 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame E984 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=D88yQ6byNSroO4kczgaQ2SRMW2on3vlCI_GaoVvNpCNGvsSpHWka9_8UpRE0RVimtdiQ3BOilQ7GWhaFfZtMD353_Is7C-mnYjbhZkQECoWejAxoDjLS787O-qdvZLfEAC474q0EbJ3czBCt80J8eYMedXLPGrB8whpghYVBIijNRFRBNTRDOXEwFk4nRXgR7vqkRFrVOsdfvxRuFEyIsUFIHeSe5KrnL01-Hth4au-PkrZjqO540KJnKQfEtdwC7DD9JpSfSI7PenAw0isijRyeYZxa4O4CV7lWgZlzdrxlIyUFdnP69MT8pSeKr_ThFU6oF76Z9HTGXJ2wqredfWBCx-3bEOjKGXdLh3Q5z4y5gH9y6x6hDb3xF7ftgLEiuTFs1A084iuqanGxW-bHddVow0u0h--BTQz0Byx93K38eCSRtt40PVs82hR_z1CyQx13O9rEWfzscPhQow9hYGwZXBW96g3TnfEsg-S-8IrF5cytskQdYTFYobc5Z8YsfL-BRQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD02ABy4X1AArQnOli8gltXXNZ8qpkWg&u=%7COKIgpqOK8DwNxxSASp%2BqQSgBryyEjh6dp6UaJ9Tudts%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUKpu9hy7Ffnun-WE9FjbXP1W0e4y8lK96xIqJRLJoNk_R_9LZxWlB9CMmRA414eeU6CFLwxAC3u2cad6flRwHxxoSySX_crPUF2KGIvX_g1l8M2qvAzIvrtoSqDOHfh4IT6YwzGSUad4yDnsKE3dUMDir8B0WNSUp8T_7CuJTIKweX1yAl5nmCDTvsGS6sjwU5lp5KTMRIHQfHNmXJQLZkOeg2I0m6DsmB7S-9SCpmtAAAdzp7YITGJM8-pBQlyAPMBjx5mALqEcajo1Uyyzk007K_toPR1B8O_ffUxWF1JUx6WUduVOgLFsuCkSBCoZ1AipxHDWtSWAlbOhIdkdrjzji86IzLY9OTEVzoZbTrA0g_xmeZwpxmwTVUzrtdafu5o1hwJRUCaU4Dy8ndOOR4Zmn0rw2n3vkqUD9hcM9Apsb7aGkMeUKoWMPEuX-_aq4BEYgHc-kjaBQWEgTUTYXi3Brerb8n7uDcgLIiMpZ_Ic0q4nXv0pNKtU8vNx7i0jx2C23mgJs_EBeAPYk3YKJmboVLqpSEk86_pb736c_a-cSDFENJ2rqvbaqnoMRi8W6Bg5nNIO-qXmMLpM-0GynZKxqwBIvtZWkpvAXp_tlZx4O-MLS8yz9Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGUrofOvtZOCmD_WLrr4PnKGr0AfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTtAU_QWyfE5CicfqAl82U273409WWgN7EoQxhIbMfwPntjuWt92GdRkRfuV-x8__pMUlzTAlPkOipehd0Ylwu-7A0Q2qQ3R8_XrjplLuplX-qLd_qE0hBi9qmDlVAmtxpkBn44zYFw_cHvZiJyY7bCqZp5IqDNJgYnEVtu-WzwvO3AGz383pjIqTQLSXq3EqoQ4SSaotvOxpaWdEtgdfK8FXlHLlQlB16LaetpAbifSbasm5h2kAhMxm41Mk3un9ew_Yfra641JBFK23zsggNbEH3R2hiBmVAWsOz0cZxX7OtASq3EnD_CbGOU4fD1i4AG7ajznMK8-trOAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_20m4JX7eaU2tO8Wab1PAHzzCgIog%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:58:36 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1868604
expires
Mon, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 29C4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD014By4X1AArQnF9vQPi2xnfQDdlOdg&u=%7COKIgpqOK8DzZSDHCyjSHBIxSI%2BcZJrWPVv2BNQgZ3KQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T2AWRlHZFqNLc3RoMYYFkAd1FczsaqiQzUn7j0o6i0taIPJvCpdwRANnDandhaD3VGKE09Yw3jJ5Sr9vriZr2SVL-x1d-TVFUNAHvkWpy1DK4z9Nnm6L1wJg6KIkx1bMQ4pO3IS-JJAFHz_gE8QZg8TviHJYoVqerJ-cizSn9oHO3Hqo-3Bptr6sKW58uhJX1GuYeukGOMGP6FAwlL7NC-kGZtSzsyNl92FBhHfI-RhkNWEZaPRrdEZe3eT8RI5u9fsUvJRUnoM3lM2wkNaXx9jqdk8K_ZjZqORRkYxEpVgHqIcKcDMfXODEDXumC3vnx_DG2L5OwO-M4MDfQvG_UPI7q_FHyRy4eXshfI5WGdYt27P2DhIQAKti1IA3zRQvw70FNwsxBf8X9q-wSE0x24eCp3ZNYpyaxZxe57GDQl-TxmLbvMcMX5jXhckN5wUh0y8lUNKedejZIWnF9wgWb3ASFmbKczv9hGes1r1HqYhmrXVCONMHnWmkvTNxFAzB8NrcYk_wqcrxhvYyYUGkXK3Jl7eb5f-5-2ONxO3IjfhoK8n0khY25MTVw5DyV-nmTXqfLRru4xkpXFxRwJpUQN5TZ9DQK4xbdhNd6x3UsMNn&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGTtpfOvtZN6mD_WLrr4PnKGr0AfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTsAU_Qgp2Fx5zFcE92fxC5lrz2VluAzbM3yCAGdNW-QRALZMve5ifLPGIOpNJmJk5etQpSG7ukhMsdcl7mQtseOrbONp_wJKAhTLZTXXVKho79pePoyC_YDLseNY4EwWrCz0u5RPoXnXzteReioC57-68-kVX_IuEV5y5RCavKmwVycsGCkuiYTXcTxGmfL1vVNDoBdxMUJb5nZatic2-LIqkT6Rr33uLbbMN6unrk3wBaiNe3vmRZDGQvIyCIktnjIUogzWgHm3PRoTQKN8nXchvQ_qN-OsUFGDylSHWOt_hmbZuvEm5N_CWDtjC6gAaO1LKct7KlrWKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3gjMlruJ9yz3g7oRGrmk9oi2FCZw%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Aug 2024 12:58:37 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 29C4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD014By4X1AArQnF9vQPi2xnfQDdlOdg&u=%7COKIgpqOK8DzZSDHCyjSHBIxSI%2BcZJrWPVv2BNQgZ3KQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T2AWRlHZFqNLc3RoMYYFkAd1FczsaqiQzUn7j0o6i0taIPJvCpdwRANnDandhaD3VGKE09Yw3jJ5Sr9vriZr2SVL-x1d-TVFUNAHvkWpy1DK4z9Nnm6L1wJg6KIkx1bMQ4pO3IS-JJAFHz_gE8QZg8TviHJYoVqerJ-cizSn9oHO3Hqo-3Bptr6sKW58uhJX1GuYeukGOMGP6FAwlL7NC-kGZtSzsyNl92FBhHfI-RhkNWEZaPRrdEZe3eT8RI5u9fsUvJRUnoM3lM2wkNaXx9jqdk8K_ZjZqORRkYxEpVgHqIcKcDMfXODEDXumC3vnx_DG2L5OwO-M4MDfQvG_UPI7q_FHyRy4eXshfI5WGdYt27P2DhIQAKti1IA3zRQvw70FNwsxBf8X9q-wSE0x24eCp3ZNYpyaxZxe57GDQl-TxmLbvMcMX5jXhckN5wUh0y8lUNKedejZIWnF9wgWb3ASFmbKczv9hGes1r1HqYhmrXVCONMHnWmkvTNxFAzB8NrcYk_wqcrxhvYyYUGkXK3Jl7eb5f-5-2ONxO3IjfhoK8n0khY25MTVw5DyV-nmTXqfLRru4xkpXFxRwJpUQN5TZ9DQK4xbdhNd6x3UsMNn&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGTtpfOvtZN6mD_WLrr4PnKGr0AfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTsAU_Qgp2Fx5zFcE92fxC5lrz2VluAzbM3yCAGdNW-QRALZMve5ifLPGIOpNJmJk5etQpSG7ukhMsdcl7mQtseOrbONp_wJKAhTLZTXXVKho79pePoyC_YDLseNY4EwWrCz0u5RPoXnXzteReioC57-68-kVX_IuEV5y5RCavKmwVycsGCkuiYTXcTxGmfL1vVNDoBdxMUJb5nZatic2-LIqkT6Rr33uLbbMN6unrk3wBaiNe3vmRZDGQvIyCIktnjIUogzWgHm3PRoTQKN8nXchvQ_qN-OsUFGDylSHWOt_hmbZuvEm5N_CWDtjC6gAaO1LKct7KlrWKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3gjMlruJ9yz3g7oRGrmk9oi2FCZw%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Aug 2024 12:58:37 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 29C4 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD014By4X1AArQnF9vQPi2xnfQDdlOdg&u=%7COKIgpqOK8DzZSDHCyjSHBIxSI%2BcZJrWPVv2BNQgZ3KQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T2AWRlHZFqNLc3RoMYYFkAd1FczsaqiQzUn7j0o6i0taIPJvCpdwRANnDandhaD3VGKE09Yw3jJ5Sr9vriZr2SVL-x1d-TVFUNAHvkWpy1DK4z9Nnm6L1wJg6KIkx1bMQ4pO3IS-JJAFHz_gE8QZg8TviHJYoVqerJ-cizSn9oHO3Hqo-3Bptr6sKW58uhJX1GuYeukGOMGP6FAwlL7NC-kGZtSzsyNl92FBhHfI-RhkNWEZaPRrdEZe3eT8RI5u9fsUvJRUnoM3lM2wkNaXx9jqdk8K_ZjZqORRkYxEpVgHqIcKcDMfXODEDXumC3vnx_DG2L5OwO-M4MDfQvG_UPI7q_FHyRy4eXshfI5WGdYt27P2DhIQAKti1IA3zRQvw70FNwsxBf8X9q-wSE0x24eCp3ZNYpyaxZxe57GDQl-TxmLbvMcMX5jXhckN5wUh0y8lUNKedejZIWnF9wgWb3ASFmbKczv9hGes1r1HqYhmrXVCONMHnWmkvTNxFAzB8NrcYk_wqcrxhvYyYUGkXK3Jl7eb5f-5-2ONxO3IjfhoK8n0khY25MTVw5DyV-nmTXqfLRru4xkpXFxRwJpUQN5TZ9DQK4xbdhNd6x3UsMNn&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGTtpfOvtZN6mD_WLrr4PnKGr0AfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTsAU_Qgp2Fx5zFcE92fxC5lrz2VluAzbM3yCAGdNW-QRALZMve5ifLPGIOpNJmJk5etQpSG7ukhMsdcl7mQtseOrbONp_wJKAhTLZTXXVKho79pePoyC_YDLseNY4EwWrCz0u5RPoXnXzteReioC57-68-kVX_IuEV5y5RCavKmwVycsGCkuiYTXcTxGmfL1vVNDoBdxMUJb5nZatic2-LIqkT6Rr33uLbbMN6unrk3wBaiNe3vmRZDGQvIyCIktnjIUogzWgHm3PRoTQKN8nXchvQ_qN-OsUFGDylSHWOt_hmbZuvEm5N_CWDtjC6gAaO1LKct7KlrWKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3gjMlruJ9yz3g7oRGrmk9oi2FCZw%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 23 Aug 2024 12:58:37 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 29C4 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD014By4X1AArQnF9vQPi2xnfQDdlOdg&u=%7COKIgpqOK8DzZSDHCyjSHBIxSI%2BcZJrWPVv2BNQgZ3KQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T2AWRlHZFqNLc3RoMYYFkAd1FczsaqiQzUn7j0o6i0taIPJvCpdwRANnDandhaD3VGKE09Yw3jJ5Sr9vriZr2SVL-x1d-TVFUNAHvkWpy1DK4z9Nnm6L1wJg6KIkx1bMQ4pO3IS-JJAFHz_gE8QZg8TviHJYoVqerJ-cizSn9oHO3Hqo-3Bptr6sKW58uhJX1GuYeukGOMGP6FAwlL7NC-kGZtSzsyNl92FBhHfI-RhkNWEZaPRrdEZe3eT8RI5u9fsUvJRUnoM3lM2wkNaXx9jqdk8K_ZjZqORRkYxEpVgHqIcKcDMfXODEDXumC3vnx_DG2L5OwO-M4MDfQvG_UPI7q_FHyRy4eXshfI5WGdYt27P2DhIQAKti1IA3zRQvw70FNwsxBf8X9q-wSE0x24eCp3ZNYpyaxZxe57GDQl-TxmLbvMcMX5jXhckN5wUh0y8lUNKedejZIWnF9wgWb3ASFmbKczv9hGes1r1HqYhmrXVCONMHnWmkvTNxFAzB8NrcYk_wqcrxhvYyYUGkXK3Jl7eb5f-5-2ONxO3IjfhoK8n0khY25MTVw5DyV-nmTXqfLRru4xkpXFxRwJpUQN5TZ9DQK4xbdhNd6x3UsMNn&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGTtpfOvtZN6mD_WLrr4PnKGr0AfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTsAU_Qgp2Fx5zFcE92fxC5lrz2VluAzbM3yCAGdNW-QRALZMve5ifLPGIOpNJmJk5etQpSG7ukhMsdcl7mQtseOrbONp_wJKAhTLZTXXVKho79pePoyC_YDLseNY4EwWrCz0u5RPoXnXzteReioC57-68-kVX_IuEV5y5RCavKmwVycsGCkuiYTXcTxGmfL1vVNDoBdxMUJb5nZatic2-LIqkT6Rr33uLbbMN6unrk3wBaiNe3vmRZDGQvIyCIktnjIUogzWgHm3PRoTQKN8nXchvQ_qN-OsUFGDylSHWOt_hmbZuvEm5N_CWDtjC6gAaO1LKct7KlrWKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3gjMlruJ9yz3g7oRGrmk9oi2FCZw%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 23 Aug 2024 12:58:37 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 29C4 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=U7dTOCK5YaJiRvPhYQ1d0XoAGrolu_sshBnqFyLqfa4zC1PXxVwTybYiK5agCLUDkE0Vz3MdfU_UHTuf_P03KNiTRt5ypgEZGYAnZLB0UUB5b8C0jqBHAPHsYNveQAXRr_MPPbaeNy8cbPrRLf_2OKB43wGC1aS8SGOnERgyakLCPSzPnjV-g7d2DVvr_FzI5jL-OUvPYbolFKw9-I10i_6YR5dc6Wt7v_513575ecnawzMPdBDnF0kTVSO5dfSPKLRWD6noosRkVdpolHRzRnG25UY1ko0_CVB8ETyJ1bVbg_BV2lcKfRj7Xl5-yZCCI22mzqOjWQOoASldEk_Wtg1ztUAY3mdgzNta9gK5Hd40ccMkaFrG5BLoJLZ_o_DJhySkmwhc-Bq1wnRTpjCfImAdK0gPhCkM28p-3eAzgLFVaGeS9in9WVAg0EnGFPNBUVzMyP2H61cBiaCd2dW2KaCK_C9FmhTPSplf1Z90Kq8T3NPLmJw18mqgKZfeFCZxp1RrWw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD014By4X1AArQnF9vQPi2xnfQDdlOdg&u=%7COKIgpqOK8DzZSDHCyjSHBIxSI%2BcZJrWPVv2BNQgZ3KQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T2AWRlHZFqNLc3RoMYYFkAd1FczsaqiQzUn7j0o6i0taIPJvCpdwRANnDandhaD3VGKE09Yw3jJ5Sr9vriZr2SVL-x1d-TVFUNAHvkWpy1DK4z9Nnm6L1wJg6KIkx1bMQ4pO3IS-JJAFHz_gE8QZg8TviHJYoVqerJ-cizSn9oHO3Hqo-3Bptr6sKW58uhJX1GuYeukGOMGP6FAwlL7NC-kGZtSzsyNl92FBhHfI-RhkNWEZaPRrdEZe3eT8RI5u9fsUvJRUnoM3lM2wkNaXx9jqdk8K_ZjZqORRkYxEpVgHqIcKcDMfXODEDXumC3vnx_DG2L5OwO-M4MDfQvG_UPI7q_FHyRy4eXshfI5WGdYt27P2DhIQAKti1IA3zRQvw70FNwsxBf8X9q-wSE0x24eCp3ZNYpyaxZxe57GDQl-TxmLbvMcMX5jXhckN5wUh0y8lUNKedejZIWnF9wgWb3ASFmbKczv9hGes1r1HqYhmrXVCONMHnWmkvTNxFAzB8NrcYk_wqcrxhvYyYUGkXK3Jl7eb5f-5-2ONxO3IjfhoK8n0khY25MTVw5DyV-nmTXqfLRru4xkpXFxRwJpUQN5TZ9DQK4xbdhNd6x3UsMNn&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGTtpfOvtZN6mD_WLrr4PnKGr0AfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTsAU_Qgp2Fx5zFcE92fxC5lrz2VluAzbM3yCAGdNW-QRALZMve5ifLPGIOpNJmJk5etQpSG7ukhMsdcl7mQtseOrbONp_wJKAhTLZTXXVKho79pePoyC_YDLseNY4EwWrCz0u5RPoXnXzteReioC57-68-kVX_IuEV5y5RCavKmwVycsGCkuiYTXcTxGmfL1vVNDoBdxMUJb5nZatic2-LIqkT6Rr33uLbbMN6unrk3wBaiNe3vmRZDGQvIyCIktnjIUogzWgHm3PRoTQKN8nXchvQ_qN-OsUFGDylSHWOt_hmbZuvEm5N_CWDtjC6gAaO1LKct7KlrWKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3gjMlruJ9yz3g7oRGrmk9oi2FCZw%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:58:37 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1850365
expires
Mon, 26 Jul 1997 05:00:00 GMT
all
csm.eu.criteo.net/ Frame DA0F 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=VhOn6g_E_jhcBmn_8i_g1TL6DoBZnXRQbjHgZFZ_lTVBEhig9w8kNsko7Da1kVHJuQmrq7lsvsf8ug870yABjFoyZuQA0lKeux-awYWcNO7VYpIPB7LQeX2vIO29Y8EZjir_zrmpaR_0J5T8mFjmFZKoP2C3pPx2IAfkhG7vqNyieiifJncRuD_HauihegT3jeh0qzLMDkaQEnVrTV1vlBiENSNN6SZTKRs8DZJ-WzsmdQZmiin_iDDVV1eLBpx_2a4lWw&sds=2&rev=88100&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD018By4X1AArQnJ5uylUhwtwmH_k2WQ&u=%7COKIgpqOK8Dwb11ny2PdIDNQ8CAQCXUb0OO8AeQ6dJiE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-ox6jq5uP4vOL-FhBPok8rq59LQxzJ4SYhSaOEnzVwe7cgF-ow3AEzfTVq8DR_h_nDzdht095CABhDf5goUwyubgDEqRKkmHnmYLYMsjGFcTNzfXQ8hz19EwTuPIq9MoSGd7xobcbwpYdZKRKt4rsc1lfufYsu8UswFzYGYYFZ6qHyU7nk_hYnEFmNHOc5pKuqEaokkZQ9Hyk_2ppset_wAXaRr3GOWjIgNKojhjUbyjSHqravbp5mUevzE2sUQCdcp83FOsnJ4vHrmvg_AaKP5m-FFLRPVxTkY6_rPpnp8x4Z--aJhtq5Dn2flpe1GsdhP783GiYOEY_7Aa1UjqE-CgESg8aGrMPWYTrVu_B5C5R27gUZJqh4X8OfN1wrX721YcOwIy0hEWxiMo1FJGJCDNaLFTONs7JKf1SpcPjrTNOnxKwaiAua7fG1RZdD3xxVr8WrCaHetsqPWWKeEJhsRXEN6TVmuLx_2gtZyKl94NprsAd3YZhAN088LvdHOT86Y5-TC1tYS8Igr5VXEyI2O5UqIwI3YC0Cyx11Kndt5-Ygy9WRzGE50rw1KedbQUYdIjPNClYq7eCg-SXlalaPlV_mITYgroRIASp8dCGqo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtKxrfOvtZN-mD_WLrr4PnKGr0AfJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTsAU_QeqhuMsP438mCXRHsrSdg9F6pQovIpy6bCAIrsdvwepQF27QXoQN1SBNz_2pe0hdD2qw_F7A1W9H1j1CZODl86TMs6i79Q1M333_hx7miDqEkNuWntrnDr23n9fWrq1v2z5QJ81U44Gii-Z_Z_N-CJGCfoCaOzoskPhiLbEPp9sE4qdni7Ec7nIOyjUmZv8kfmmWeYiZUPuxRwv9WllZpTMDknddmlqYtnsLYSR2IIEiQf_o794-y75r8wH_GGdGoUe7O7scGzreuHTHvdhuoTk5MS3Qc2IZe3ykZmfx_YJIJC-ppEcEqKhvpgAbs6KWm5_L3uY0BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0o8XNi2V7aHCx3hWTrVGlFa97oAQ%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 29 Aug 2023 12:58:36 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame DA0F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD018By4X1AArQnJ5uylUhwtwmH_k2WQ&u=%7COKIgpqOK8Dwb11ny2PdIDNQ8CAQCXUb0OO8AeQ6dJiE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-ox6jq5uP4vOL-FhBPok8rq59LQxzJ4SYhSaOEnzVwe7cgF-ow3AEzfTVq8DR_h_nDzdht095CABhDf5goUwyubgDEqRKkmHnmYLYMsjGFcTNzfXQ8hz19EwTuPIq9MoSGd7xobcbwpYdZKRKt4rsc1lfufYsu8UswFzYGYYFZ6qHyU7nk_hYnEFmNHOc5pKuqEaokkZQ9Hyk_2ppset_wAXaRr3GOWjIgNKojhjUbyjSHqravbp5mUevzE2sUQCdcp83FOsnJ4vHrmvg_AaKP5m-FFLRPVxTkY6_rPpnp8x4Z--aJhtq5Dn2flpe1GsdhP783GiYOEY_7Aa1UjqE-CgESg8aGrMPWYTrVu_B5C5R27gUZJqh4X8OfN1wrX721YcOwIy0hEWxiMo1FJGJCDNaLFTONs7JKf1SpcPjrTNOnxKwaiAua7fG1RZdD3xxVr8WrCaHetsqPWWKeEJhsRXEN6TVmuLx_2gtZyKl94NprsAd3YZhAN088LvdHOT86Y5-TC1tYS8Igr5VXEyI2O5UqIwI3YC0Cyx11Kndt5-Ygy9WRzGE50rw1KedbQUYdIjPNClYq7eCg-SXlalaPlV_mITYgroRIASp8dCGqo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtKxrfOvtZN-mD_WLrr4PnKGr0AfJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTsAU_QeqhuMsP438mCXRHsrSdg9F6pQovIpy6bCAIrsdvwepQF27QXoQN1SBNz_2pe0hdD2qw_F7A1W9H1j1CZODl86TMs6i79Q1M333_hx7miDqEkNuWntrnDr23n9fWrq1v2z5QJ81U44Gii-Z_Z_N-CJGCfoCaOzoskPhiLbEPp9sE4qdni7Ec7nIOyjUmZv8kfmmWeYiZUPuxRwv9WllZpTMDknddmlqYtnsLYSR2IIEiQf_o794-y75r8wH_GGdGoUe7O7scGzreuHTHvdhuoTk5MS3Qc2IZe3ykZmfx_YJIJC-ppEcEqKhvpgAbs6KWm5_L3uY0BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0o8XNi2V7aHCx3hWTrVGlFa97oAQ%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Aug 2024 12:58:37 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame DA0F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD018By4X1AArQnJ5uylUhwtwmH_k2WQ&u=%7COKIgpqOK8Dwb11ny2PdIDNQ8CAQCXUb0OO8AeQ6dJiE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-ox6jq5uP4vOL-FhBPok8rq59LQxzJ4SYhSaOEnzVwe7cgF-ow3AEzfTVq8DR_h_nDzdht095CABhDf5goUwyubgDEqRKkmHnmYLYMsjGFcTNzfXQ8hz19EwTuPIq9MoSGd7xobcbwpYdZKRKt4rsc1lfufYsu8UswFzYGYYFZ6qHyU7nk_hYnEFmNHOc5pKuqEaokkZQ9Hyk_2ppset_wAXaRr3GOWjIgNKojhjUbyjSHqravbp5mUevzE2sUQCdcp83FOsnJ4vHrmvg_AaKP5m-FFLRPVxTkY6_rPpnp8x4Z--aJhtq5Dn2flpe1GsdhP783GiYOEY_7Aa1UjqE-CgESg8aGrMPWYTrVu_B5C5R27gUZJqh4X8OfN1wrX721YcOwIy0hEWxiMo1FJGJCDNaLFTONs7JKf1SpcPjrTNOnxKwaiAua7fG1RZdD3xxVr8WrCaHetsqPWWKeEJhsRXEN6TVmuLx_2gtZyKl94NprsAd3YZhAN088LvdHOT86Y5-TC1tYS8Igr5VXEyI2O5UqIwI3YC0Cyx11Kndt5-Ygy9WRzGE50rw1KedbQUYdIjPNClYq7eCg-SXlalaPlV_mITYgroRIASp8dCGqo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtKxrfOvtZN-mD_WLrr4PnKGr0AfJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTsAU_QeqhuMsP438mCXRHsrSdg9F6pQovIpy6bCAIrsdvwepQF27QXoQN1SBNz_2pe0hdD2qw_F7A1W9H1j1CZODl86TMs6i79Q1M333_hx7miDqEkNuWntrnDr23n9fWrq1v2z5QJ81U44Gii-Z_Z_N-CJGCfoCaOzoskPhiLbEPp9sE4qdni7Ec7nIOyjUmZv8kfmmWeYiZUPuxRwv9WllZpTMDknddmlqYtnsLYSR2IIEiQf_o794-y75r8wH_GGdGoUe7O7scGzreuHTHvdhuoTk5MS3Qc2IZe3ykZmfx_YJIJC-ppEcEqKhvpgAbs6KWm5_L3uY0BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0o8XNi2V7aHCx3hWTrVGlFa97oAQ%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Aug 2024 12:58:37 GMT
animejs.js
static.criteo.net/animejs/ Frame E984 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD02ABy4X1AArQnOli8gltXXNZ8qpkWg&u=%7COKIgpqOK8DwNxxSASp%2BqQSgBryyEjh6dp6UaJ9Tudts%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUKpu9hy7Ffnun-WE9FjbXP1W0e4y8lK96xIqJRLJoNk_R_9LZxWlB9CMmRA414eeU6CFLwxAC3u2cad6flRwHxxoSySX_crPUF2KGIvX_g1l8M2qvAzIvrtoSqDOHfh4IT6YwzGSUad4yDnsKE3dUMDir8B0WNSUp8T_7CuJTIKweX1yAl5nmCDTvsGS6sjwU5lp5KTMRIHQfHNmXJQLZkOeg2I0m6DsmB7S-9SCpmtAAAdzp7YITGJM8-pBQlyAPMBjx5mALqEcajo1Uyyzk007K_toPR1B8O_ffUxWF1JUx6WUduVOgLFsuCkSBCoZ1AipxHDWtSWAlbOhIdkdrjzji86IzLY9OTEVzoZbTrA0g_xmeZwpxmwTVUzrtdafu5o1hwJRUCaU4Dy8ndOOR4Zmn0rw2n3vkqUD9hcM9Apsb7aGkMeUKoWMPEuX-_aq4BEYgHc-kjaBQWEgTUTYXi3Brerb8n7uDcgLIiMpZ_Ic0q4nXv0pNKtU8vNx7i0jx2C23mgJs_EBeAPYk3YKJmboVLqpSEk86_pb736c_a-cSDFENJ2rqvbaqnoMRi8W6Bg5nNIO-qXmMLpM-0GynZKxqwBIvtZWkpvAXp_tlZx4O-MLS8yz9Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGUrofOvtZOCmD_WLrr4PnKGr0AfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTtAU_QWyfE5CicfqAl82U273409WWgN7EoQxhIbMfwPntjuWt92GdRkRfuV-x8__pMUlzTAlPkOipehd0Ylwu-7A0Q2qQ3R8_XrjplLuplX-qLd_qE0hBi9qmDlVAmtxpkBn44zYFw_cHvZiJyY7bCqZp5IqDNJgYnEVtu-WzwvO3AGz383pjIqTQLSXq3EqoQ4SSaotvOxpaWdEtgdfK8FXlHLlQlB16LaetpAbifSbasm5h2kAhMxm41Mk3un9ew_Yfra641JBFK23zsggNbEH3R2hiBmVAWsOz0cZxX7OtASq3EnD_CbGOU4fD1i4AG7ajznMK8-trOAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_20m4JX7eaU2tO8Wab1PAHzzCgIog%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Aug 2024 12:58:37 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 29C4 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD014By4X1AArQnF9vQPi2xnfQDdlOdg&u=%7COKIgpqOK8DzZSDHCyjSHBIxSI%2BcZJrWPVv2BNQgZ3KQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T2AWRlHZFqNLc3RoMYYFkAd1FczsaqiQzUn7j0o6i0taIPJvCpdwRANnDandhaD3VGKE09Yw3jJ5Sr9vriZr2SVL-x1d-TVFUNAHvkWpy1DK4z9Nnm6L1wJg6KIkx1bMQ4pO3IS-JJAFHz_gE8QZg8TviHJYoVqerJ-cizSn9oHO3Hqo-3Bptr6sKW58uhJX1GuYeukGOMGP6FAwlL7NC-kGZtSzsyNl92FBhHfI-RhkNWEZaPRrdEZe3eT8RI5u9fsUvJRUnoM3lM2wkNaXx9jqdk8K_ZjZqORRkYxEpVgHqIcKcDMfXODEDXumC3vnx_DG2L5OwO-M4MDfQvG_UPI7q_FHyRy4eXshfI5WGdYt27P2DhIQAKti1IA3zRQvw70FNwsxBf8X9q-wSE0x24eCp3ZNYpyaxZxe57GDQl-TxmLbvMcMX5jXhckN5wUh0y8lUNKedejZIWnF9wgWb3ASFmbKczv9hGes1r1HqYhmrXVCONMHnWmkvTNxFAzB8NrcYk_wqcrxhvYyYUGkXK3Jl7eb5f-5-2ONxO3IjfhoK8n0khY25MTVw5DyV-nmTXqfLRru4xkpXFxRwJpUQN5TZ9DQK4xbdhNd6x3UsMNn&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGTtpfOvtZN6mD_WLrr4PnKGr0AfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTsAU_Qgp2Fx5zFcE92fxC5lrz2VluAzbM3yCAGdNW-QRALZMve5ifLPGIOpNJmJk5etQpSG7ukhMsdcl7mQtseOrbONp_wJKAhTLZTXXVKho79pePoyC_YDLseNY4EwWrCz0u5RPoXnXzteReioC57-68-kVX_IuEV5y5RCavKmwVycsGCkuiYTXcTxGmfL1vVNDoBdxMUJb5nZatic2-LIqkT6Rr33uLbbMN6unrk3wBaiNe3vmRZDGQvIyCIktnjIUogzWgHm3PRoTQKN8nXchvQ_qN-OsUFGDylSHWOt_hmbZuvEm5N_CWDtjC6gAaO1LKct7KlrWKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3gjMlruJ9yz3g7oRGrmk9oi2FCZw%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1105328
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4418
last-modified
Thu, 22 Jun 2023 11:22:44 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942f04-1142"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=huz%2BkF59N0XE0GKlwNP2iZ9dNIACBIw8aJxM%2B0k70bdTAxPYQnKuDUYICX%2Fn3fBPBpgXwXMVmS0TPznExp3pxo%2FuZXZSchX3RvhIYZ%2Bl7%2FIivuhVdfL8lAnlUKcqzTBgiSFTJLFC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7fe4f7705ff76955-FRA
expires
Sun, 18 Aug 2024 12:58:37 GMT
animejs.js
static.criteo.net/animejs/ Frame 29C4 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD014By4X1AArQnF9vQPi2xnfQDdlOdg&u=%7COKIgpqOK8DzZSDHCyjSHBIxSI%2BcZJrWPVv2BNQgZ3KQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T2AWRlHZFqNLc3RoMYYFkAd1FczsaqiQzUn7j0o6i0taIPJvCpdwRANnDandhaD3VGKE09Yw3jJ5Sr9vriZr2SVL-x1d-TVFUNAHvkWpy1DK4z9Nnm6L1wJg6KIkx1bMQ4pO3IS-JJAFHz_gE8QZg8TviHJYoVqerJ-cizSn9oHO3Hqo-3Bptr6sKW58uhJX1GuYeukGOMGP6FAwlL7NC-kGZtSzsyNl92FBhHfI-RhkNWEZaPRrdEZe3eT8RI5u9fsUvJRUnoM3lM2wkNaXx9jqdk8K_ZjZqORRkYxEpVgHqIcKcDMfXODEDXumC3vnx_DG2L5OwO-M4MDfQvG_UPI7q_FHyRy4eXshfI5WGdYt27P2DhIQAKti1IA3zRQvw70FNwsxBf8X9q-wSE0x24eCp3ZNYpyaxZxe57GDQl-TxmLbvMcMX5jXhckN5wUh0y8lUNKedejZIWnF9wgWb3ASFmbKczv9hGes1r1HqYhmrXVCONMHnWmkvTNxFAzB8NrcYk_wqcrxhvYyYUGkXK3Jl7eb5f-5-2ONxO3IjfhoK8n0khY25MTVw5DyV-nmTXqfLRru4xkpXFxRwJpUQN5TZ9DQK4xbdhNd6x3UsMNn&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGTtpfOvtZN6mD_WLrr4PnKGr0AfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTsAU_Qgp2Fx5zFcE92fxC5lrz2VluAzbM3yCAGdNW-QRALZMve5ifLPGIOpNJmJk5etQpSG7ukhMsdcl7mQtseOrbONp_wJKAhTLZTXXVKho79pePoyC_YDLseNY4EwWrCz0u5RPoXnXzteReioC57-68-kVX_IuEV5y5RCavKmwVycsGCkuiYTXcTxGmfL1vVNDoBdxMUJb5nZatic2-LIqkT6Rr33uLbbMN6unrk3wBaiNe3vmRZDGQvIyCIktnjIUogzWgHm3PRoTQKN8nXchvQ_qN-OsUFGDylSHWOt_hmbZuvEm5N_CWDtjC6gAaO1LKct7KlrWKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3gjMlruJ9yz3g7oRGrmk9oi2FCZw%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Aug 2024 12:58:37 GMT
img
imageproxy.eu.criteo.net/img/ Frame E984 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=244&m=0&partner=100829&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F100829%2F230107%2F71b4977a54894ba9afd2e3de35efa73f_500x500.png&v=3&w=196&s=_9d2AJWJE-7Mofb8czhgU47z
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD02ABy4X1AArQnOli8gltXXNZ8qpkWg&u=%7COKIgpqOK8DwNxxSASp%2BqQSgBryyEjh6dp6UaJ9Tudts%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUKpu9hy7Ffnun-WE9FjbXP1W0e4y8lK96xIqJRLJoNk_R_9LZxWlB9CMmRA414eeU6CFLwxAC3u2cad6flRwHxxoSySX_crPUF2KGIvX_g1l8M2qvAzIvrtoSqDOHfh4IT6YwzGSUad4yDnsKE3dUMDir8B0WNSUp8T_7CuJTIKweX1yAl5nmCDTvsGS6sjwU5lp5KTMRIHQfHNmXJQLZkOeg2I0m6DsmB7S-9SCpmtAAAdzp7YITGJM8-pBQlyAPMBjx5mALqEcajo1Uyyzk007K_toPR1B8O_ffUxWF1JUx6WUduVOgLFsuCkSBCoZ1AipxHDWtSWAlbOhIdkdrjzji86IzLY9OTEVzoZbTrA0g_xmeZwpxmwTVUzrtdafu5o1hwJRUCaU4Dy8ndOOR4Zmn0rw2n3vkqUD9hcM9Apsb7aGkMeUKoWMPEuX-_aq4BEYgHc-kjaBQWEgTUTYXi3Brerb8n7uDcgLIiMpZ_Ic0q4nXv0pNKtU8vNx7i0jx2C23mgJs_EBeAPYk3YKJmboVLqpSEk86_pb736c_a-cSDFENJ2rqvbaqnoMRi8W6Bg5nNIO-qXmMLpM-0GynZKxqwBIvtZWkpvAXp_tlZx4O-MLS8yz9Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGUrofOvtZOCmD_WLrr4PnKGr0AfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTtAU_QWyfE5CicfqAl82U273409WWgN7EoQxhIbMfwPntjuWt92GdRkRfuV-x8__pMUlzTAlPkOipehd0Ylwu-7A0Q2qQ3R8_XrjplLuplX-qLd_qE0hBi9qmDlVAmtxpkBn44zYFw_cHvZiJyY7bCqZp5IqDNJgYnEVtu-WzwvO3AGz383pjIqTQLSXq3EqoQ4SSaotvOxpaWdEtgdfK8FXlHLlQlB16LaetpAbifSbasm5h2kAhMxm41Mk3un9ew_Yfra641JBFK23zsggNbEH3R2hiBmVAWsOz0cZxX7OtASq3EnD_CbGOU4fD1i4AG7ajznMK8-trOAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_20m4JX7eaU2tO8Wab1PAHzzCgIog%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.19 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
42986d96f95240f56b65d73b4867947fc7111ffcea44c1fd3093f3a1052778f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
7887
expires
Mon, 29 Jul 2024 16:55:24 GMT
img
imageproxy.eu.criteo.net/img/ Frame E984 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=100829&q=80&r=0&u=https%3A%2F%2Fwww.geekom.de%2Fwp-content%2Fuploads%2F2023%2F04%2F10-IN-1-USB-HUB-GEEKOM.webp&v=3&w=800&s=GR0uJEe_8oxW4jeFTOjORHkW&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD02ABy4X1AArQnOli8gltXXNZ8qpkWg&u=%7COKIgpqOK8DwNxxSASp%2BqQSgBryyEjh6dp6UaJ9Tudts%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUKpu9hy7Ffnun-WE9FjbXP1W0e4y8lK96xIqJRLJoNk_R_9LZxWlB9CMmRA414eeU6CFLwxAC3u2cad6flRwHxxoSySX_crPUF2KGIvX_g1l8M2qvAzIvrtoSqDOHfh4IT6YwzGSUad4yDnsKE3dUMDir8B0WNSUp8T_7CuJTIKweX1yAl5nmCDTvsGS6sjwU5lp5KTMRIHQfHNmXJQLZkOeg2I0m6DsmB7S-9SCpmtAAAdzp7YITGJM8-pBQlyAPMBjx5mALqEcajo1Uyyzk007K_toPR1B8O_ffUxWF1JUx6WUduVOgLFsuCkSBCoZ1AipxHDWtSWAlbOhIdkdrjzji86IzLY9OTEVzoZbTrA0g_xmeZwpxmwTVUzrtdafu5o1hwJRUCaU4Dy8ndOOR4Zmn0rw2n3vkqUD9hcM9Apsb7aGkMeUKoWMPEuX-_aq4BEYgHc-kjaBQWEgTUTYXi3Brerb8n7uDcgLIiMpZ_Ic0q4nXv0pNKtU8vNx7i0jx2C23mgJs_EBeAPYk3YKJmboVLqpSEk86_pb736c_a-cSDFENJ2rqvbaqnoMRi8W6Bg5nNIO-qXmMLpM-0GynZKxqwBIvtZWkpvAXp_tlZx4O-MLS8yz9Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGUrofOvtZOCmD_WLrr4PnKGr0AfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTtAU_QWyfE5CicfqAl82U273409WWgN7EoQxhIbMfwPntjuWt92GdRkRfuV-x8__pMUlzTAlPkOipehd0Ylwu-7A0Q2qQ3R8_XrjplLuplX-qLd_qE0hBi9qmDlVAmtxpkBn44zYFw_cHvZiJyY7bCqZp5IqDNJgYnEVtu-WzwvO3AGz383pjIqTQLSXq3EqoQ4SSaotvOxpaWdEtgdfK8FXlHLlQlB16LaetpAbifSbasm5h2kAhMxm41Mk3un9ew_Yfra641JBFK23zsggNbEH3R2hiBmVAWsOz0cZxX7OtASq3EnD_CbGOU4fD1i4AG7ajznMK8-trOAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_20m4JX7eaU2tO8Wab1PAHzzCgIog%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.19 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08b9636b6775125253e8c852c70e1e86af7d3f18472e95ebcbd5213cf5da7a13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=3600
content-length
6114
expires
Tue, 29 Aug 2023 13:12:51 GMT
all
csm.eu.criteo.net/ Frame E984 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=SxpeaA_E_jhcBmn_sR-_8kAISbMWmBsQgirvfnRiPmpBPbCtbbg_Q7-7lbdLQUNMRWK8b6RIqwVC1WNB0SGa9yYU3paPUEdvGMfiHGgv_mNfhFL5ulbStu1uCzUGWoo9JvjZTy9TetK0QFXkw384Y0FWa-r5MRJnjKq7pQ6lIaxEx21TT7vrxFODRvxXUpKzMUAhmJysh_vLmu4YItZ6NfwGDcG8f-1bkdZ41pbZgf0XNagRvUyZlQJ0wJWFuvwhewx8Gg&sds=2&rev=88100&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD02ABy4X1AArQnOli8gltXXNZ8qpkWg&u=%7COKIgpqOK8DwNxxSASp%2BqQSgBryyEjh6dp6UaJ9Tudts%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUKpu9hy7Ffnun-WE9FjbXP1W0e4y8lK96xIqJRLJoNk_R_9LZxWlB9CMmRA414eeU6CFLwxAC3u2cad6flRwHxxoSySX_crPUF2KGIvX_g1l8M2qvAzIvrtoSqDOHfh4IT6YwzGSUad4yDnsKE3dUMDir8B0WNSUp8T_7CuJTIKweX1yAl5nmCDTvsGS6sjwU5lp5KTMRIHQfHNmXJQLZkOeg2I0m6DsmB7S-9SCpmtAAAdzp7YITGJM8-pBQlyAPMBjx5mALqEcajo1Uyyzk007K_toPR1B8O_ffUxWF1JUx6WUduVOgLFsuCkSBCoZ1AipxHDWtSWAlbOhIdkdrjzji86IzLY9OTEVzoZbTrA0g_xmeZwpxmwTVUzrtdafu5o1hwJRUCaU4Dy8ndOOR4Zmn0rw2n3vkqUD9hcM9Apsb7aGkMeUKoWMPEuX-_aq4BEYgHc-kjaBQWEgTUTYXi3Brerb8n7uDcgLIiMpZ_Ic0q4nXv0pNKtU8vNx7i0jx2C23mgJs_EBeAPYk3YKJmboVLqpSEk86_pb736c_a-cSDFENJ2rqvbaqnoMRi8W6Bg5nNIO-qXmMLpM-0GynZKxqwBIvtZWkpvAXp_tlZx4O-MLS8yz9Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGUrofOvtZOCmD_WLrr4PnKGr0AfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTtAU_QWyfE5CicfqAl82U273409WWgN7EoQxhIbMfwPntjuWt92GdRkRfuV-x8__pMUlzTAlPkOipehd0Ylwu-7A0Q2qQ3R8_XrjplLuplX-qLd_qE0hBi9qmDlVAmtxpkBn44zYFw_cHvZiJyY7bCqZp5IqDNJgYnEVtu-WzwvO3AGz383pjIqTQLSXq3EqoQ4SSaotvOxpaWdEtgdfK8FXlHLlQlB16LaetpAbifSbasm5h2kAhMxm41Mk3un9ew_Yfra641JBFK23zsggNbEH3R2hiBmVAWsOz0cZxX7OtASq3EnD_CbGOU4fD1i4AG7ajznMK8-trOAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_20m4JX7eaU2tO8Wab1PAHzzCgIog%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 29 Aug 2023 12:58:36 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame E984 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD02ABy4X1AArQnOli8gltXXNZ8qpkWg&u=%7COKIgpqOK8DwNxxSASp%2BqQSgBryyEjh6dp6UaJ9Tudts%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUKpu9hy7Ffnun-WE9FjbXP1W0e4y8lK96xIqJRLJoNk_R_9LZxWlB9CMmRA414eeU6CFLwxAC3u2cad6flRwHxxoSySX_crPUF2KGIvX_g1l8M2qvAzIvrtoSqDOHfh4IT6YwzGSUad4yDnsKE3dUMDir8B0WNSUp8T_7CuJTIKweX1yAl5nmCDTvsGS6sjwU5lp5KTMRIHQfHNmXJQLZkOeg2I0m6DsmB7S-9SCpmtAAAdzp7YITGJM8-pBQlyAPMBjx5mALqEcajo1Uyyzk007K_toPR1B8O_ffUxWF1JUx6WUduVOgLFsuCkSBCoZ1AipxHDWtSWAlbOhIdkdrjzji86IzLY9OTEVzoZbTrA0g_xmeZwpxmwTVUzrtdafu5o1hwJRUCaU4Dy8ndOOR4Zmn0rw2n3vkqUD9hcM9Apsb7aGkMeUKoWMPEuX-_aq4BEYgHc-kjaBQWEgTUTYXi3Brerb8n7uDcgLIiMpZ_Ic0q4nXv0pNKtU8vNx7i0jx2C23mgJs_EBeAPYk3YKJmboVLqpSEk86_pb736c_a-cSDFENJ2rqvbaqnoMRi8W6Bg5nNIO-qXmMLpM-0GynZKxqwBIvtZWkpvAXp_tlZx4O-MLS8yz9Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGUrofOvtZOCmD_WLrr4PnKGr0AfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTtAU_QWyfE5CicfqAl82U273409WWgN7EoQxhIbMfwPntjuWt92GdRkRfuV-x8__pMUlzTAlPkOipehd0Ylwu-7A0Q2qQ3R8_XrjplLuplX-qLd_qE0hBi9qmDlVAmtxpkBn44zYFw_cHvZiJyY7bCqZp5IqDNJgYnEVtu-WzwvO3AGz383pjIqTQLSXq3EqoQ4SSaotvOxpaWdEtgdfK8FXlHLlQlB16LaetpAbifSbasm5h2kAhMxm41Mk3un9ew_Yfra641JBFK23zsggNbEH3R2hiBmVAWsOz0cZxX7OtASq3EnD_CbGOU4fD1i4AG7ajznMK8-trOAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_20m4JX7eaU2tO8Wab1PAHzzCgIog%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Aug 2024 12:58:37 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame E984 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD02ABy4X1AArQnOli8gltXXNZ8qpkWg&u=%7COKIgpqOK8DwNxxSASp%2BqQSgBryyEjh6dp6UaJ9Tudts%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUKpu9hy7Ffnun-WE9FjbXP1W0e4y8lK96xIqJRLJoNk_R_9LZxWlB9CMmRA414eeU6CFLwxAC3u2cad6flRwHxxoSySX_crPUF2KGIvX_g1l8M2qvAzIvrtoSqDOHfh4IT6YwzGSUad4yDnsKE3dUMDir8B0WNSUp8T_7CuJTIKweX1yAl5nmCDTvsGS6sjwU5lp5KTMRIHQfHNmXJQLZkOeg2I0m6DsmB7S-9SCpmtAAAdzp7YITGJM8-pBQlyAPMBjx5mALqEcajo1Uyyzk007K_toPR1B8O_ffUxWF1JUx6WUduVOgLFsuCkSBCoZ1AipxHDWtSWAlbOhIdkdrjzji86IzLY9OTEVzoZbTrA0g_xmeZwpxmwTVUzrtdafu5o1hwJRUCaU4Dy8ndOOR4Zmn0rw2n3vkqUD9hcM9Apsb7aGkMeUKoWMPEuX-_aq4BEYgHc-kjaBQWEgTUTYXi3Brerb8n7uDcgLIiMpZ_Ic0q4nXv0pNKtU8vNx7i0jx2C23mgJs_EBeAPYk3YKJmboVLqpSEk86_pb736c_a-cSDFENJ2rqvbaqnoMRi8W6Bg5nNIO-qXmMLpM-0GynZKxqwBIvtZWkpvAXp_tlZx4O-MLS8yz9Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGUrofOvtZOCmD_WLrr4PnKGr0AfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTtAU_QWyfE5CicfqAl82U273409WWgN7EoQxhIbMfwPntjuWt92GdRkRfuV-x8__pMUlzTAlPkOipehd0Ylwu-7A0Q2qQ3R8_XrjplLuplX-qLd_qE0hBi9qmDlVAmtxpkBn44zYFw_cHvZiJyY7bCqZp5IqDNJgYnEVtu-WzwvO3AGz383pjIqTQLSXq3EqoQ4SSaotvOxpaWdEtgdfK8FXlHLlQlB16LaetpAbifSbasm5h2kAhMxm41Mk3un9ew_Yfra641JBFK23zsggNbEH3R2hiBmVAWsOz0cZxX7OtASq3EnD_CbGOU4fD1i4AG7ajznMK8-trOAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_20m4JX7eaU2tO8Wab1PAHzzCgIog%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Aug 2024 12:58:37 GMT
all
csm.eu.criteo.net/ Frame 29C4 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=j635Gw_E_jhcBmn_MYzyrQ4hRfsqnllbeOUu1eUYpouWYnGUGIqY2Y6PmXJSiWMRpESk7KqfvndcPmOObh3i--TdrGpvFzhKy-BErHcOHb28Ow5ckYf_ox1hHzJflWPYYHxzObVjridbmbdJN8YHArOVEKc98GVXErGMGG7NAEAx2scXBIBQIDP1wo0nk852qa9btu4krp6-72ayiCvyvZH48Z5oXAGBAnd2HmnAN_5Li9QR-MCYqat_gbkhNAwe3I0cWQ&sds=2&rev=88100&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD014By4X1AArQnF9vQPi2xnfQDdlOdg&u=%7COKIgpqOK8DzZSDHCyjSHBIxSI%2BcZJrWPVv2BNQgZ3KQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T2AWRlHZFqNLc3RoMYYFkAd1FczsaqiQzUn7j0o6i0taIPJvCpdwRANnDandhaD3VGKE09Yw3jJ5Sr9vriZr2SVL-x1d-TVFUNAHvkWpy1DK4z9Nnm6L1wJg6KIkx1bMQ4pO3IS-JJAFHz_gE8QZg8TviHJYoVqerJ-cizSn9oHO3Hqo-3Bptr6sKW58uhJX1GuYeukGOMGP6FAwlL7NC-kGZtSzsyNl92FBhHfI-RhkNWEZaPRrdEZe3eT8RI5u9fsUvJRUnoM3lM2wkNaXx9jqdk8K_ZjZqORRkYxEpVgHqIcKcDMfXODEDXumC3vnx_DG2L5OwO-M4MDfQvG_UPI7q_FHyRy4eXshfI5WGdYt27P2DhIQAKti1IA3zRQvw70FNwsxBf8X9q-wSE0x24eCp3ZNYpyaxZxe57GDQl-TxmLbvMcMX5jXhckN5wUh0y8lUNKedejZIWnF9wgWb3ASFmbKczv9hGes1r1HqYhmrXVCONMHnWmkvTNxFAzB8NrcYk_wqcrxhvYyYUGkXK3Jl7eb5f-5-2ONxO3IjfhoK8n0khY25MTVw5DyV-nmTXqfLRru4xkpXFxRwJpUQN5TZ9DQK4xbdhNd6x3UsMNn&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGTtpfOvtZN6mD_WLrr4PnKGr0AfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTsAU_Qgp2Fx5zFcE92fxC5lrz2VluAzbM3yCAGdNW-QRALZMve5ifLPGIOpNJmJk5etQpSG7ukhMsdcl7mQtseOrbONp_wJKAhTLZTXXVKho79pePoyC_YDLseNY4EwWrCz0u5RPoXnXzteReioC57-68-kVX_IuEV5y5RCavKmwVycsGCkuiYTXcTxGmfL1vVNDoBdxMUJb5nZatic2-LIqkT6Rr33uLbbMN6unrk3wBaiNe3vmRZDGQvIyCIktnjIUogzWgHm3PRoTQKN8nXchvQ_qN-OsUFGDylSHWOt_hmbZuvEm5N_CWDtjC6gAaO1LKct7KlrWKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3gjMlruJ9yz3g7oRGrmk9oi2FCZw%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 29 Aug 2023 12:58:37 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 29C4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD014By4X1AArQnF9vQPi2xnfQDdlOdg&u=%7COKIgpqOK8DzZSDHCyjSHBIxSI%2BcZJrWPVv2BNQgZ3KQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T2AWRlHZFqNLc3RoMYYFkAd1FczsaqiQzUn7j0o6i0taIPJvCpdwRANnDandhaD3VGKE09Yw3jJ5Sr9vriZr2SVL-x1d-TVFUNAHvkWpy1DK4z9Nnm6L1wJg6KIkx1bMQ4pO3IS-JJAFHz_gE8QZg8TviHJYoVqerJ-cizSn9oHO3Hqo-3Bptr6sKW58uhJX1GuYeukGOMGP6FAwlL7NC-kGZtSzsyNl92FBhHfI-RhkNWEZaPRrdEZe3eT8RI5u9fsUvJRUnoM3lM2wkNaXx9jqdk8K_ZjZqORRkYxEpVgHqIcKcDMfXODEDXumC3vnx_DG2L5OwO-M4MDfQvG_UPI7q_FHyRy4eXshfI5WGdYt27P2DhIQAKti1IA3zRQvw70FNwsxBf8X9q-wSE0x24eCp3ZNYpyaxZxe57GDQl-TxmLbvMcMX5jXhckN5wUh0y8lUNKedejZIWnF9wgWb3ASFmbKczv9hGes1r1HqYhmrXVCONMHnWmkvTNxFAzB8NrcYk_wqcrxhvYyYUGkXK3Jl7eb5f-5-2ONxO3IjfhoK8n0khY25MTVw5DyV-nmTXqfLRru4xkpXFxRwJpUQN5TZ9DQK4xbdhNd6x3UsMNn&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGTtpfOvtZN6mD_WLrr4PnKGr0AfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTsAU_Qgp2Fx5zFcE92fxC5lrz2VluAzbM3yCAGdNW-QRALZMve5ifLPGIOpNJmJk5etQpSG7ukhMsdcl7mQtseOrbONp_wJKAhTLZTXXVKho79pePoyC_YDLseNY4EwWrCz0u5RPoXnXzteReioC57-68-kVX_IuEV5y5RCavKmwVycsGCkuiYTXcTxGmfL1vVNDoBdxMUJb5nZatic2-LIqkT6Rr33uLbbMN6unrk3wBaiNe3vmRZDGQvIyCIktnjIUogzWgHm3PRoTQKN8nXchvQ_qN-OsUFGDylSHWOt_hmbZuvEm5N_CWDtjC6gAaO1LKct7KlrWKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3gjMlruJ9yz3g7oRGrmk9oi2FCZw%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Aug 2024 12:58:37 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 29C4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD014By4X1AArQnF9vQPi2xnfQDdlOdg&u=%7COKIgpqOK8DzZSDHCyjSHBIxSI%2BcZJrWPVv2BNQgZ3KQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T2AWRlHZFqNLc3RoMYYFkAd1FczsaqiQzUn7j0o6i0taIPJvCpdwRANnDandhaD3VGKE09Yw3jJ5Sr9vriZr2SVL-x1d-TVFUNAHvkWpy1DK4z9Nnm6L1wJg6KIkx1bMQ4pO3IS-JJAFHz_gE8QZg8TviHJYoVqerJ-cizSn9oHO3Hqo-3Bptr6sKW58uhJX1GuYeukGOMGP6FAwlL7NC-kGZtSzsyNl92FBhHfI-RhkNWEZaPRrdEZe3eT8RI5u9fsUvJRUnoM3lM2wkNaXx9jqdk8K_ZjZqORRkYxEpVgHqIcKcDMfXODEDXumC3vnx_DG2L5OwO-M4MDfQvG_UPI7q_FHyRy4eXshfI5WGdYt27P2DhIQAKti1IA3zRQvw70FNwsxBf8X9q-wSE0x24eCp3ZNYpyaxZxe57GDQl-TxmLbvMcMX5jXhckN5wUh0y8lUNKedejZIWnF9wgWb3ASFmbKczv9hGes1r1HqYhmrXVCONMHnWmkvTNxFAzB8NrcYk_wqcrxhvYyYUGkXK3Jl7eb5f-5-2ONxO3IjfhoK8n0khY25MTVw5DyV-nmTXqfLRru4xkpXFxRwJpUQN5TZ9DQK4xbdhNd6x3UsMNn&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGTtpfOvtZN6mD_WLrr4PnKGr0AfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTsAU_Qgp2Fx5zFcE92fxC5lrz2VluAzbM3yCAGdNW-QRALZMve5ifLPGIOpNJmJk5etQpSG7ukhMsdcl7mQtseOrbONp_wJKAhTLZTXXVKho79pePoyC_YDLseNY4EwWrCz0u5RPoXnXzteReioC57-68-kVX_IuEV5y5RCavKmwVycsGCkuiYTXcTxGmfL1vVNDoBdxMUJb5nZatic2-LIqkT6Rr33uLbbMN6unrk3wBaiNe3vmRZDGQvIyCIktnjIUogzWgHm3PRoTQKN8nXchvQ_qN-OsUFGDylSHWOt_hmbZuvEm5N_CWDtjC6gAaO1LKct7KlrWKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3gjMlruJ9yz3g7oRGrmk9oi2FCZw%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Aug 2024 12:58:37 GMT
/
covivado.club/clickunder/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://covivado.club/clickunder/?sid=51515&rand=0.554756167419564
Requested by
Host: www.gl5.ru
URL: https://www.gl5.ru/s/splin/splin-proch-iz-moej-golovy.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.172.68.122 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde1469.fornex.org
Software
nginx /
Resource Hash
ea54cce26e1f34a30aa98a0f6ef7b4115f2f38ea3a19aae2e08934eef69bda82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type
application/javascript; charset=utf-8
pragma
no-cache
date
Tue, 29 Aug 2023 12:58:37 GMT
strict-transport-security
max-age=31536000;
cache-control
max-age=0, no-cache, no-store, must-revalidate
server
nginx
expires
-1
2x2.png
v.alfasrv.com/stats/ 		95 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v.alfasrv.com/stats/2x2.png?s=12943&a=fallback&k1=1&k2=1&e=i&t=p&c=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.201.179.252 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:58:37 GMT
Last-Modified
Tuesday, 29-Aug-2023 12:58:37 GMT
Server
nginx/1.14.1
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
95
1x1.png
s.alfasrv.com/events/ 		95 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.alfasrv.com/events/1x1.png?s=12943&a=fallback&k1=1&k2=1&e=i&t=p&c=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
130.193.42.23 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gl5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
server
nginx/1.20.0
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
no-cache,no-store
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-Original-Referer
content-length
95
expires
Tue, 01 Jan 1980 1:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 6E3C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8019775436904435&output=html&h=280&adk=1822737079&adf=2561986437&pi=t.aa~a.190590905~i.22~rp.4&w=650&fwrn=4&fwrnh=100&lmt=1693306716&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6438916086&ad_type=text_image&format=650x280&url=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&fwr=0&pra=3&rh=163&rw=650&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693313916939&bpp=1&bdt=1311&idt=1&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43982642264460c1-228c96375fde00e4%3AT%3D1693313916%3ART%3D1693313916%3AS%3DALNI_Mb8i3KqdI5_wL-vU269pnFu5FSH_Q&gpic=UID%3D00000c69cb4acb82%3AT%3D1693313916%3ART%3D1693313916%3AS%3DALNI_MZIfp-AZEdkamDtCF-9yGfnG2rp7Q&prev_fmts=0x0%2C650x280&nras=2&correlator=6827183342517&frm=20&pv=1&ga_vid=398317794.1693313916&ga_sid=1693313916&ga_hid=1687589857&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=1266&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077444%2C42531706%2C44795922%2C31077389%2C21065724&oid=2&pvsid=706724022780221&tmod=47055246&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=nGDVMn2K7F&p=https%3A//www.gl5.ru&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:22:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
20155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 07:22:42 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 6E3C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8019775436904435&output=html&h=280&adk=1822737079&adf=2561986437&pi=t.aa~a.190590905~i.22~rp.4&w=650&fwrn=4&fwrnh=100&lmt=1693306716&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6438916086&ad_type=text_image&format=650x280&url=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&fwr=0&pra=3&rh=163&rw=650&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693313916939&bpp=1&bdt=1311&idt=1&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43982642264460c1-228c96375fde00e4%3AT%3D1693313916%3ART%3D1693313916%3AS%3DALNI_Mb8i3KqdI5_wL-vU269pnFu5FSH_Q&gpic=UID%3D00000c69cb4acb82%3AT%3D1693313916%3ART%3D1693313916%3AS%3DALNI_MZIfp-AZEdkamDtCF-9yGfnG2rp7Q&prev_fmts=0x0%2C650x280&nras=2&correlator=6827183342517&frm=20&pv=1&ga_vid=398317794.1693313916&ga_sid=1693313916&ga_hid=1687589857&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=1266&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077444%2C42531706%2C44795922%2C31077389%2C21065724&oid=2&pvsid=706724022780221&tmod=47055246&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=nGDVMn2K7F&p=https%3A//www.gl5.ru&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 13:56:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
82950
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Sep 2023 13:56:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6E3C 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8019775436904435&output=html&h=280&adk=1822737079&adf=2561986437&pi=t.aa~a.190590905~i.22~rp.4&w=650&fwrn=4&fwrnh=100&lmt=1693306716&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6438916086&ad_type=text_image&format=650x280&url=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&fwr=0&pra=3&rh=163&rw=650&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693313916939&bpp=1&bdt=1311&idt=1&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43982642264460c1-228c96375fde00e4%3AT%3D1693313916%3ART%3D1693313916%3AS%3DALNI_Mb8i3KqdI5_wL-vU269pnFu5FSH_Q&gpic=UID%3D00000c69cb4acb82%3AT%3D1693313916%3ART%3D1693313916%3AS%3DALNI_MZIfp-AZEdkamDtCF-9yGfnG2rp7Q&prev_fmts=0x0%2C650x280&nras=2&correlator=6827183342517&frm=20&pv=1&ga_vid=398317794.1693313916&ga_sid=1693313916&ga_hid=1687589857&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=1266&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077444%2C42531706%2C44795922%2C31077389%2C21065724&oid=2&pvsid=706724022780221&tmod=47055246&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=nGDVMn2K7F&p=https%3A//www.gl5.ru&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693222425768293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Aug 2023 12:58:37 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 3C08 		145 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfQAAa0AKwQADAArJvz3HYqc_dlvGQjjJ8w&u=%7CZv5iWoJ9thCuTL83xBPIC3x8kJE%2B%2FU6ZVHEpi8aOTVs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUZvkb7Wl-VYDq7jFMw4QK-Jm3uRjxMDExV9A4B_9uc1S6Be9z-_Dqf-iTgGrtWILeL97lKHH1yLDJfDDqVjvOlHJ_uo95xbjQeWOgNVhhmfu-1raFwmgFCln2eoGJ_hCD6AtGGjV7ArJgPZKFBfuizbPr6iKtCeoYesImNuVTWQ6QoobreOKJT1Vo0aQHJjagcdgk5nl36XPFQ5aqcpzVOQcZnZFST8vaX_QqAvzE0dVLUU3jss-0OqO-o9_Jo7YTAXN1fb7WxXd2bQH36foxac7FJdKGE0WecYlOMZtCOBx-nNMKUT_eXgwNS3YRvP-K_ijbt7zshWg1yvTNCPxYPY9BxgvVtlPCQ_gsIsVZcozd_tNG0Wb5T5zqA8WAoJKZLzhZLm9ZmTiesClu3nqxR0lpnVtsMPdTiLUbYuoormqkiqyc_lFek00iy1IpG2NcqaSFwMf6XFxnHMIUg1ZA8vmlTu5cQdNZAKIpaf3yLuPnefXM6pg-AsjeWWwwpwHKiBjDLtWNHkiXCeW-W1rfUEnIIHsnKfsMqYY5p0UbGbz-JfysNLiud3z9yOON8HTJT7nr8dy56nW4HV-feRAk3Eek3YsVbZ-YthiZWH2eUAnnQtOULCfXU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCskEPfevtZMDWAYOAhAa_k6u4Csme0rFczeGS93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItODAxOTc3NTQzNjkwNDQzNcgBCakCocLwQvsnsj6oAwHIAwKqBPIBT9B9BoOrMdvMJLT_y_5K_g-kaSK1aRtI8dg0icGoW-XzxEfty8fJqyE_t7kSaXI80q2mqTp_5EyRNqp03oiZ2l0DKRrFXDPM2doePyQehCD6FIrzmmy7W4HUqjFl-MIqEssYMoeInQutzy159cXIDGj1FxYeZE_4kXkodyTdGTmsTLMXESsUkfvIjW1eSO-1Q6ua1mqfeTckoVfR9yNPBzHWSRPRmKWHo_mCcL_RYiDJiaP-53mEO5MLFwLZBjPPBdW4V-oUWse-bSa7ppXk05im5fpdgTHLgXdiBNmg7YLasXA4oNDZrmO7Ku4rH83VZfSABo7Uspy3sqWtYqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ryc557n86Nf4Z6s4IGKxRC5sI0g%26client%3Dca-pub-8019775436904435%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8019775436904435&output=html&h=280&adk=1822737079&adf=2561986437&pi=t.aa~a.190590905~i.22~rp.4&w=650&fwrn=4&fwrnh=100&lmt=1693306716&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6438916086&ad_type=text_image&format=650x280&url=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&fwr=0&pra=3&rh=163&rw=650&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693313916939&bpp=1&bdt=1311&idt=1&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43982642264460c1-228c96375fde00e4%3AT%3D1693313916%3ART%3D1693313916%3AS%3DALNI_Mb8i3KqdI5_wL-vU269pnFu5FSH_Q&gpic=UID%3D00000c69cb4acb82%3AT%3D1693313916%3ART%3D1693313916%3AS%3DALNI_MZIfp-AZEdkamDtCF-9yGfnG2rp7Q&prev_fmts=0x0%2C650x280&nras=2&correlator=6827183342517&frm=20&pv=1&ga_vid=398317794.1693313916&ga_sid=1693313916&ga_hid=1687589857&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=1266&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077444%2C42531706%2C44795922%2C31077389%2C21065724&oid=2&pvsid=706724022780221&tmod=47055246&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=nGDVMn2K7F&p=https%3A//www.gl5.ru&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
fd636bee19d500e7c91b5308c1d30a1d1fbf148809e49c984557377ad01f09d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 12:58:36 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=zoYsSA_E_jhcBmn_Yif7bE4KnhSmIpFPlT5X7mXyrFs_aT1AGwdj10ycI8v5qdHAN-QMzMCISID8WduqaLG9xOz5Fo-dSZdvIj6iNZ6Fa7cNF4xzDYrrFOjGyn38kH5wuTH0ihfVTUuRwJOCRueUX9ka5E4w7hjbMnWmAJsR3jX5oholqr4BgWY-61XPTaDecxNsjvSmyPZSjWNJY5Oquk--S8-gLVt_14Xlvwt44pAYSrtk-Kr4vUhiuWacf6TOB33dlQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
45051689
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 15C6 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8019775436904435&output=html&h=280&adk=1822737079&adf=2561986437&pi=t.aa~a.190590905~i.22~rp.4&w=650&fwrn=4&fwrnh=100&lmt=1693306716&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6438916086&ad_type=text_image&format=650x280&url=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&fwr=0&pra=3&rh=163&rw=650&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693313916939&bpp=1&bdt=1311&idt=1&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43982642264460c1-228c96375fde00e4%3AT%3D1693313916%3ART%3D1693313916%3AS%3DALNI_Mb8i3KqdI5_wL-vU269pnFu5FSH_Q&gpic=UID%3D00000c69cb4acb82%3AT%3D1693313916%3ART%3D1693313916%3AS%3DALNI_MZIfp-AZEdkamDtCF-9yGfnG2rp7Q&prev_fmts=0x0%2C650x280&nras=2&correlator=6827183342517&frm=20&pv=1&ga_vid=398317794.1693313916&ga_sid=1693313916&ga_hid=1687589857&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=1266&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077444%2C42531706%2C44795922%2C31077389%2C21065724&oid=2&pvsid=706724022780221&tmod=47055246&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=nGDVMn2K7F&p=https%3A//www.gl5.ru&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
6278
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 11:13:59 GMT
etag
48472445140208031
expires
Wed, 30 Aug 2023 11:13:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6E3C 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
16da451514d981f134c7ee9113548fbde5db4aad710d29a48f0eef2fdf2b42d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/png
403d3864d4f545aeb1484932bb4ec84c_taz_500_a.woff
static.criteo.net/design/dt/ Frame 29C4 		65 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/403d3864d4f545aeb1484932bb4ec84c_taz_500_a.woff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3f0133a51dbe2306a5d32fbc64643af6fc2503036a2ebec0e61b377d6e60ae75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 30 May 2018 09:59:25 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5b0e75fd-10316"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Aug 2024 12:58:37 GMT
pixel
cm.g.doubleclick.net/ Frame 15C6
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENZZlJKwhVB1OAXIsvEDC0U&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENZZlJKwhVB1OAXIsvEDC0U&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NTBKR0RQMGcxUUFZaU41&google_gid=CAESENZZlJKwhVB1OAXIsvEDC0U&google_cver=1&google_push=AXcoOmQzdydJWiV04EpcMJ7ZlO-7jDNGEqaiOwRChODD5sl...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NTBKR0RQMGcxUUFZaU41&google_gid=CAESENZZlJKwhVB1OAXIsvEDC0U&google_cver=1&google_push=AXcoOmQzdydJWiV04EpcMJ7ZlO-7jDNGEqaiOwRChODD5slvYGN_3HjAU4ZeYo0plh6CLOy7WNPUNXfl8czU2bsybHehD1bXpP-2XWM8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8019775436904435&output=html&h=280&adk=1822737079&adf=2561986437&pi=t.aa~a.190590905~i.22~rp.4&w=650&fwrn=4&fwrnh=100&lmt=1693306716&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6438916086&ad_type=text_image&format=650x280&url=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&fwr=0&pra=3&rh=163&rw=650&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693313916939&bpp=1&bdt=1311&idt=1&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43982642264460c1-228c96375fde00e4%3AT%3D1693313916%3ART%3D1693313916%3AS%3DALNI_Mb8i3KqdI5_wL-vU269pnFu5FSH_Q&gpic=UID%3D00000c69cb4acb82%3AT%3D1693313916%3ART%3D1693313916%3AS%3DALNI_MZIfp-AZEdkamDtCF-9yGfnG2rp7Q&prev_fmts=0x0%2C650x280&nras=2&correlator=6827183342517&frm=20&pv=1&ga_vid=398317794.1693313916&ga_sid=1693313916&ga_hid=1687589857&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=1266&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077444%2C42531706%2C44795922%2C31077389%2C21065724&oid=2&pvsid=706724022780221&tmod=47055246&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=nGDVMn2K7F&p=https%3A//www.gl5.ru&dtd=5
Protocol
H2
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:58:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 29 Aug 2023 12:58:37 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0546ea729b64acd63@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NTBKR0RQMGcxUUFZaU41&google_gid=CAESENZZlJKwhVB1OAXIsvEDC0U&google_cver=1&google_push=AXcoOmQzdydJWiV04EpcMJ7ZlO-7jDNGEqaiOwRChODD5slvYGN_3HjAU4ZeYo0plh6CLOy7WNPUNXfl8czU2bsybHehD1bXpP-2XWM8
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 15C6
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEFUzBpDuPtC7bLM1HOaM51I&google_cver=1&google_push=AXcoOmSmriK8cVh4s6b8ms0OCkKLICP6XbWKvKdSrMMg9-TT-VEWcBuG6NgZPHvJmgjsBOgyfaEeWAXA84ZQZCtbvT64kPMewvVS1...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFUzBpDuPtC7bLM1HOaM51I&google_cver=1&google_push=AXcoOmSmriK8cVh4s6b8ms0OCkKLICP6XbWKvKdSrMMg9-TT-VEWcBuG6NgZPHvJmgjsBOgyfaEeWAXA84ZQZCtbvT64kPMewvV...
43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFUzBpDuPtC7bLM1HOaM51I&google_cver=1&google_push=AXcoOmSmriK8cVh4s6b8ms0OCkKLICP6XbWKvKdSrMMg9-TT-VEWcBuG6NgZPHvJmgjsBOgyfaEeWAXA84ZQZCtbvT64kPMewvVS1DDw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSmriK8cVh4s6b8ms0OCkKLICP6XbWKvKdSrMMg9-TT-VEWcBuG6NgZPHvJmgjsBOgyfaEeWAXA84ZQZCtbvT64kPMewvVS1DDw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8019775436904435&output=html&h=280&adk=1822737079&adf=2561986437&pi=t.aa~a.190590905~i.22~rp.4&w=650&fwrn=4&fwrnh=100&lmt=1693306716&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6438916086&ad_type=text_image&format=650x280&url=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&fwr=0&pra=3&rh=163&rw=650&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693313916939&bpp=1&bdt=1311&idt=1&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43982642264460c1-228c96375fde00e4%3AT%3D1693313916%3ART%3D1693313916%3AS%3DALNI_Mb8i3KqdI5_wL-vU269pnFu5FSH_Q&gpic=UID%3D00000c69cb4acb82%3AT%3D1693313916%3ART%3D1693313916%3AS%3DALNI_MZIfp-AZEdkamDtCF-9yGfnG2rp7Q&prev_fmts=0x0%2C650x280&nras=2&correlator=6827183342517&frm=20&pv=1&ga_vid=398317794.1693313916&ga_sid=1693313916&ga_hid=1687589857&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=1266&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077444%2C42531706%2C44795922%2C31077389%2C21065724&oid=2&pvsid=706724022780221&tmod=47055246&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=nGDVMn2K7F&p=https%3A//www.gl5.ru&dtd=5
Protocol
H2
Server
104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:58:37 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7fe4f7723cc391e3-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:58:37 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
177
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFUzBpDuPtC7bLM1HOaM51I&google_cver=1&google_push=AXcoOmSmriK8cVh4s6b8ms0OCkKLICP6XbWKvKdSrMMg9-TT-VEWcBuG6NgZPHvJmgjsBOgyfaEeWAXA84ZQZCtbvT64kPMewvVS1DDw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSmriK8cVh4s6b8ms0OCkKLICP6XbWKvKdSrMMg9-TT-VEWcBuG6NgZPHvJmgjsBOgyfaEeWAXA84ZQZCtbvT64kPMewvVS1DDw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7fe4f7710b6091e3-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 15C6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEBUIv1eM1wpbximChCi_lc&google_push=AXcoOmRiRJgXteV6kRtq9ku2tzA6emgK3UnMZ9nj2Q8VWNAllHjcoisnXT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEBUIv1eM1wpbximChCi_lc&google_push=AXcoOmRiRJgXteV6kRtq9ku2tzA6emgK3UnMZ9nj2Q8VWNAllHjcoisnXTtRBvUfeiANtnXXuByVQQ_vk9Q4YrQNd93tOkx_0Fs7-ro
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:58:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230139-FRA
pragma
no-cache
date
Tue, 29 Aug 2023 12:58:37 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1693313918.613313,VS0,VE185
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEBUIv1eM1wpbximChCi_lc&google_push=AXcoOmRiRJgXteV6kRtq9ku2tzA6emgK3UnMZ9nj2Q8VWNAllHjcoisnXTtRBvUfeiANtnXXuByVQQ_vk9Q4YrQNd93tOkx_0Fs7-ro
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
google
match.adsrvr.org/track/cmf/ Frame 15C6 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEE7Yk3DKMTLpO7rUe2Z5eOc&google_cver=1&google_push=AXcoOmSFGJopTiCxYmB1Dm5Ay6P8PN-q96ReOffmi093f9eJENGJIyJxCMUwdQc600Bwft2YbHThbsbwmq5eJBgpIuA_v87aplmS7bMK
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8019775436904435&output=html&h=280&adk=1822737079&adf=2561986437&pi=t.aa~a.190590905~i.22~rp.4&w=650&fwrn=4&fwrnh=100&lmt=1693306716&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6438916086&ad_type=text_image&format=650x280&url=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&fwr=0&pra=3&rh=163&rw=650&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693313916939&bpp=1&bdt=1311&idt=1&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43982642264460c1-228c96375fde00e4%3AT%3D1693313916%3ART%3D1693313916%3AS%3DALNI_Mb8i3KqdI5_wL-vU269pnFu5FSH_Q&gpic=UID%3D00000c69cb4acb82%3AT%3D1693313916%3ART%3D1693313916%3AS%3DALNI_MZIfp-AZEdkamDtCF-9yGfnG2rp7Q&prev_fmts=0x0%2C650x280&nras=2&correlator=6827183342517&frm=20&pv=1&ga_vid=398317794.1693313916&ga_sid=1693313916&ga_hid=1687589857&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=1266&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077444%2C42531706%2C44795922%2C31077389%2C21065724&oid=2&pvsid=706724022780221&tmod=47055246&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=nGDVMn2K7F&p=https%3A//www.gl5.ru&dtd=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 29 Aug 2023 12:58:37 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 15C6 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEPhCr9iydB8J3giY1lNrszc&google_cver=1&google_push=AXcoOmRWy6lv6qcBfgORf2kV6TmXqbNtTDP6F0DzspnwVjUw33Ey--ZTaB4nAguENyqzPlPSntwypalXEr5hvaBn1zV8qlCOPudW4n4R
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8019775436904435&output=html&h=280&adk=1822737079&adf=2561986437&pi=t.aa~a.190590905~i.22~rp.4&w=650&fwrn=4&fwrnh=100&lmt=1693306716&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6438916086&ad_type=text_image&format=650x280&url=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&fwr=0&pra=3&rh=163&rw=650&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693313916939&bpp=1&bdt=1311&idt=1&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43982642264460c1-228c96375fde00e4%3AT%3D1693313916%3ART%3D1693313916%3AS%3DALNI_Mb8i3KqdI5_wL-vU269pnFu5FSH_Q&gpic=UID%3D00000c69cb4acb82%3AT%3D1693313916%3ART%3D1693313916%3AS%3DALNI_MZIfp-AZEdkamDtCF-9yGfnG2rp7Q&prev_fmts=0x0%2C650x280&nras=2&correlator=6827183342517&frm=20&pv=1&ga_vid=398317794.1693313916&ga_sid=1693313916&ga_hid=1687589857&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=1266&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077444%2C42531706%2C44795922%2C31077389%2C21065724&oid=2&pvsid=706724022780221&tmod=47055246&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=nGDVMn2K7F&p=https%3A//www.gl5.ru&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 15C6
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESENI8jKDIDu6nm7PA10ckFfo&google_cver=1&google_push=AXcoOmSppYPfk4uzlwd9-wIb5b380UlV5lHXbWp96YcbSzVFFCR3jHtMcldtNzHD2Y7go5N4g0C0SQbBXINIYpEp...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=DbeHhmCATSaYMBxg0_-24A2&google_push=AXcoOmSppYPfk4uzlwd9-wIb5b380UlV5lHXbWp96YcbSzVFFCR3jHtMcldtNzHD2Y7go5N4g0C0SQbBXINIYpEpAOvYU96iTr68H89P
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=DbeHhmCATSaYMBxg0_-24A2&google_push=AXcoOmSppYPfk4uzlwd9-wIb5b380UlV5lHXbWp96YcbSzVFFCR3jHtMcldtNzHD2Y7go5N4g0C0SQbBXINIYpEpAOvYU96iTr68H89P
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8019775436904435&output=html&h=280&adk=1822737079&adf=2561986437&pi=t.aa~a.190590905~i.22~rp.4&w=650&fwrn=4&fwrnh=100&lmt=1693306716&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6438916086&ad_type=text_image&format=650x280&url=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&fwr=0&pra=3&rh=163&rw=650&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693313916939&bpp=1&bdt=1311&idt=1&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43982642264460c1-228c96375fde00e4%3AT%3D1693313916%3ART%3D1693313916%3AS%3DALNI_Mb8i3KqdI5_wL-vU269pnFu5FSH_Q&gpic=UID%3D00000c69cb4acb82%3AT%3D1693313916%3ART%3D1693313916%3AS%3DALNI_MZIfp-AZEdkamDtCF-9yGfnG2rp7Q&prev_fmts=0x0%2C650x280&nras=2&correlator=6827183342517&frm=20&pv=1&ga_vid=398317794.1693313916&ga_sid=1693313916&ga_hid=1687589857&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=1266&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077444%2C42531706%2C44795922%2C31077389%2C21065724&oid=2&pvsid=706724022780221&tmod=47055246&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=nGDVMn2K7F&p=https%3A//www.gl5.ru&dtd=5
Protocol
H2
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:58:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 29 Aug 2023 12:58:37 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=DbeHhmCATSaYMBxg0_-24A2&google_push=AXcoOmSppYPfk4uzlwd9-wIb5b380UlV5lHXbWp96YcbSzVFFCR3jHtMcldtNzHD2Y7go5N4g0C0SQbBXINIYpEpAOvYU96iTr68H89P
x-host
tde-deliveryengine-production-684d5dc7fc-mgnw2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 15C6
Redirect Chain
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEGlxxAPyQz-tKe7ZEXWo3R0&google_cver=1&google_push=AXcoOmQQqAEdADPFA7SMb2KBnwP8Qx3g_FWO0r-CMjwhVDHvrCe9OCOsGy5EYMJDFR...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQQqAEdADPFA7SMb2KBnwP8Qx3g_FWO0r-CMjwhVDHvrCe9OCOsGy5EYMJDFR-L-dqjBWR3t0djBruMgELQniljNWJa5GFuz1RrsA&google_...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQQqAEdADPFA7SMb2KBnwP8Qx3g_FWO0r-CMjwhVDHvrCe9OCOsGy5EYMJDFR-L-dqjBWR3t0djBruMgELQniljNWJa5GFuz1RrsA&google_hm=tsXLE0DhQUWfUQ4uQijsgLg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8019775436904435&output=html&h=280&adk=1822737079&adf=2561986437&pi=t.aa~a.190590905~i.22~rp.4&w=650&fwrn=4&fwrnh=100&lmt=1693306716&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6438916086&ad_type=text_image&format=650x280&url=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&fwr=0&pra=3&rh=163&rw=650&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693313916939&bpp=1&bdt=1311&idt=1&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43982642264460c1-228c96375fde00e4%3AT%3D1693313916%3ART%3D1693313916%3AS%3DALNI_Mb8i3KqdI5_wL-vU269pnFu5FSH_Q&gpic=UID%3D00000c69cb4acb82%3AT%3D1693313916%3ART%3D1693313916%3AS%3DALNI_MZIfp-AZEdkamDtCF-9yGfnG2rp7Q&prev_fmts=0x0%2C650x280&nras=2&correlator=6827183342517&frm=20&pv=1&ga_vid=398317794.1693313916&ga_sid=1693313916&ga_hid=1687589857&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=1266&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077444%2C42531706%2C44795922%2C31077389%2C21065724&oid=2&pvsid=706724022780221&tmod=47055246&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=nGDVMn2K7F&p=https%3A//www.gl5.ru&dtd=5
Protocol
H2
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:58:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:58:37 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQQqAEdADPFA7SMb2KBnwP8Qx3g_FWO0r-CMjwhVDHvrCe9OCOsGy5EYMJDFR-L-dqjBWR3t0djBruMgELQniljNWJa5GFuz1RrsA&google_hm=tsXLE0DhQUWfUQ4uQijsgLg
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 15C6 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LNs0btrZyBQJB9HBZOsCWJwRzaLgioaiNYXoVNiAAxU5LQ5PV7z2weQ8p8e7nmniYL1ssy8g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8019775436904435&output=html&h=280&adk=1822737079&adf=2561986437&pi=t.aa~a.190590905~i.22~rp.4&w=650&fwrn=4&fwrnh=100&lmt=1693306716&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6438916086&ad_type=text_image&format=650x280&url=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&fwr=0&pra=3&rh=163&rw=650&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693313916939&bpp=1&bdt=1311&idt=1&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43982642264460c1-228c96375fde00e4%3AT%3D1693313916%3ART%3D1693313916%3AS%3DALNI_Mb8i3KqdI5_wL-vU269pnFu5FSH_Q&gpic=UID%3D00000c69cb4acb82%3AT%3D1693313916%3ART%3D1693313916%3AS%3DALNI_MZIfp-AZEdkamDtCF-9yGfnG2rp7Q&prev_fmts=0x0%2C650x280&nras=2&correlator=6827183342517&frm=20&pv=1&ga_vid=398317794.1693313916&ga_sid=1693313916&ga_hid=1687589857&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=1266&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077444%2C42531706%2C44795922%2C31077389%2C21065724&oid=2&pvsid=706724022780221&tmod=47055246&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=nGDVMn2K7F&p=https%3A//www.gl5.ru&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
b6b3e0c60292f95cad3abaf272f459f8-31504-0.1326562812711929.json
covivado.club/vast/ 		149 B
640 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://covivado.club/vast/b6b3e0c60292f95cad3abaf272f459f8-31504-0.1326562812711929.json?bid=0
Requested by
Host: covivado.club
URL: https://covivado.club/clickunder/?sid=51515&rand=0.554756167419564
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.172.68.122 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde1469.fornex.org
Software
nginx /
Resource Hash
c23989be3dce6c063aa905e21899f4030246e3f9821d0f93db79e581d0d8c883
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept
application/json
Referer
https://www.gl5.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache, no-cache
date
Tue, 29 Aug 2023 12:58:37 GMT
strict-transport-security
max-age=31536000;
server
nginx
access-control-max-age
86400
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gl5.ru
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Thu, 19 Nov 1981 08:52:00 GMT, -1
truncated
/ Frame C03D 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
848cd3f624541418d7f7e8224ad119331243dbc9c374d9142ae4b03ea860c277

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame C03D 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CyW29fOvtZN-mD_WLrr4PnKGr0AfJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTpAU_QeqhuMsP438mCXRHsrSdg9F6pQovIpy6bCAIrsdvwepQF27QXoQN1SBNz_2pe0hdD2qw_F7A1W9H1j1CZODl86TMs6i79Q1M333_hx7miDqEkNuWntrnDr23n9fWrq1v2z5QJ81U44Gii-Z_Z_N-CJGCfoCaOzoskPhiLbEPp9sE4qdni7Ec7nIOyjUmZv8kfmmWeYiZUPuxRwv9WllZpTMDknddmlqYtnsLYSR2IIEiQf_o794-y75r8wH_GGdGoUazMz1WBQSu9oq371cuV6LZFX36q0qhGXZ3RpFqN34wlE2_DldKVgAbs6KWm5_L3uY0BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTgwMTk3NzU0MzY5MDQ0MzUYAA&sigh=xtGyjP98hzk&uach_m=[UACH]&cid=CAQSGwBpAlJWzrM628dsm0vZqyzNEw7MYtyfDtsNEBgB&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 29 Aug 2023 12:58:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame C03D 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kIqLFdyBMKAB2ASdg2ICAgAAAO0qsYfxdyATEHvr7WQZlJSjUWv3MgZpAAASAAAKCkFRVUJEd0VCRHc&wp=ZO3rfAAD018By4X1AArQnJ5uylUhwtwmH_k2WQ&cbvp=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
167726
server
Kestrel
content-length
0
adview
googleads.g.doubleclick.net/pagead/ Frame 6E3C 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C-8RcfevtZMDWAYOAhAa_k6u4Csme0rFczeGS93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItODAxOTc3NTQzNjkwNDQzNcgBCakCocLwQvsnsj6oAwHIAwKqBO8BT9B9BoOrMdvMJLT_y_5K_g-kaSK1aRtI8dg0icGoW-XzxEfty8fJqyE_t7kSaXI80q2mqTp_5EyRNqp03oiZ2l0DKRrFXDPM2doePyQehCD6FIrzmmy7W4HUqjFl-MIqEssYMoeInQutzy159cXIDGj1FxYeZE_4kXkodyTdGTmsTLMXESsUkfvIjW1eSO-1Q6ua1mqfeTckoVfR9yNPBzHWSRPRmKWHo_mCcL_RYiDJiaP-53mEO5MLFwLZBjPPBdW4V-oUWse-LySaNBJrT4sZee7-UQxteX52Dm-qw5pYBbgFBiJmsE-jr0SvDHKABo7Uspy3sqWtYqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi04MDE5Nzc1NDM2OTA0NDM1GAA&sigh=yziqyvYorEw&uach_m=[UACH]&cid=CAQSOwBpAlJWRcUrq2u0P4vDotDW5irwmjc_ZEhDV4JQZC_mv15ZU1oN_jZbpmjMiYy_idoksOQf2jqno1d0GAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8019775436904435&output=html&h=280&adk=1822737079&adf=2561986437&pi=t.aa~a.190590905~i.22~rp.4&w=650&fwrn=4&fwrnh=100&lmt=1693306716&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6438916086&ad_type=text_image&format=650x280&url=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&fwr=0&pra=3&rh=163&rw=650&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693313916939&bpp=1&bdt=1311&idt=1&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43982642264460c1-228c96375fde00e4%3AT%3D1693313916%3ART%3D1693313916%3AS%3DALNI_Mb8i3KqdI5_wL-vU269pnFu5FSH_Q&gpic=UID%3D00000c69cb4acb82%3AT%3D1693313916%3ART%3D1693313916%3AS%3DALNI_MZIfp-AZEdkamDtCF-9yGfnG2rp7Q&prev_fmts=0x0%2C650x280&nras=2&correlator=6827183342517&frm=20&pv=1&ga_vid=398317794.1693313916&ga_sid=1693313916&ga_hid=1687589857&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=1266&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077444%2C42531706%2C44795922%2C31077389%2C21065724&oid=2&pvsid=706724022780221&tmod=47055246&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=nGDVMn2K7F&p=https%3A//www.gl5.ru&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8019775436904435&output=html&h=280&adk=1822737079&adf=2561986437&pi=t.aa~a.190590905~i.22~rp.4&w=650&fwrn=4&fwrnh=100&lmt=1693306716&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6438916086&ad_type=text_image&format=650x280&url=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&fwr=0&pra=3&rh=163&rw=650&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693313916939&bpp=1&bdt=1311&idt=1&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43982642264460c1-228c96375fde00e4%3AT%3D1693313916%3ART%3D1693313916%3AS%3DALNI_Mb8i3KqdI5_wL-vU269pnFu5FSH_Q&gpic=UID%3D00000c69cb4acb82%3AT%3D1693313916%3ART%3D1693313916%3AS%3DALNI_MZIfp-AZEdkamDtCF-9yGfnG2rp7Q&prev_fmts=0x0%2C650x280&nras=2&correlator=6827183342517&frm=20&pv=1&ga_vid=398317794.1693313916&ga_sid=1693313916&ga_hid=1687589857&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=1266&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077444%2C42531706%2C44795922%2C31077389%2C21065724&oid=2&pvsid=706724022780221&tmod=47055246&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=nGDVMn2K7F&p=https%3A//www.gl5.ru&dtd=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 29 Aug 2023 12:58:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 6E3C 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kILKFsz6RIoFmAKdg2ICAgAAAO0qsYfxdyATEHzr7WTk-3T3KehXsWgdAAASAAAKCkFRVUJBUUVCQVE&wp=ZO3rfQAAa0AKwQADAArJvz3HYqc_dlvGQjjJ8w&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8019775436904435&output=html&h=280&adk=1822737079&adf=2561986437&pi=t.aa~a.190590905~i.22~rp.4&w=650&fwrn=4&fwrnh=100&lmt=1693306716&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6438916086&ad_type=text_image&format=650x280&url=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&fwr=0&pra=3&rh=163&rw=650&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693313916939&bpp=1&bdt=1311&idt=1&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43982642264460c1-228c96375fde00e4%3AT%3D1693313916%3ART%3D1693313916%3AS%3DALNI_Mb8i3KqdI5_wL-vU269pnFu5FSH_Q&gpic=UID%3D00000c69cb4acb82%3AT%3D1693313916%3ART%3D1693313916%3AS%3DALNI_MZIfp-AZEdkamDtCF-9yGfnG2rp7Q&prev_fmts=0x0%2C650x280&nras=2&correlator=6827183342517&frm=20&pv=1&ga_vid=398317794.1693313916&ga_sid=1693313916&ga_hid=1687589857&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=1266&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077444%2C42531706%2C44795922%2C31077389%2C21065724&oid=2&pvsid=706724022780221&tmod=47055246&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=nGDVMn2K7F&p=https%3A//www.gl5.ru&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
173164
server
Kestrel
content-length
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame 3C08 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfQAAa0AKwQADAArJvz3HYqc_dlvGQjjJ8w&u=%7CZv5iWoJ9thCuTL83xBPIC3x8kJE%2B%2FU6ZVHEpi8aOTVs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUZvkb7Wl-VYDq7jFMw4QK-Jm3uRjxMDExV9A4B_9uc1S6Be9z-_Dqf-iTgGrtWILeL97lKHH1yLDJfDDqVjvOlHJ_uo95xbjQeWOgNVhhmfu-1raFwmgFCln2eoGJ_hCD6AtGGjV7ArJgPZKFBfuizbPr6iKtCeoYesImNuVTWQ6QoobreOKJT1Vo0aQHJjagcdgk5nl36XPFQ5aqcpzVOQcZnZFST8vaX_QqAvzE0dVLUU3jss-0OqO-o9_Jo7YTAXN1fb7WxXd2bQH36foxac7FJdKGE0WecYlOMZtCOBx-nNMKUT_eXgwNS3YRvP-K_ijbt7zshWg1yvTNCPxYPY9BxgvVtlPCQ_gsIsVZcozd_tNG0Wb5T5zqA8WAoJKZLzhZLm9ZmTiesClu3nqxR0lpnVtsMPdTiLUbYuoormqkiqyc_lFek00iy1IpG2NcqaSFwMf6XFxnHMIUg1ZA8vmlTu5cQdNZAKIpaf3yLuPnefXM6pg-AsjeWWwwpwHKiBjDLtWNHkiXCeW-W1rfUEnIIHsnKfsMqYY5p0UbGbz-JfysNLiud3z9yOON8HTJT7nr8dy56nW4HV-feRAk3Eek3YsVbZ-YthiZWH2eUAnnQtOULCfXU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCskEPfevtZMDWAYOAhAa_k6u4Csme0rFczeGS93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItODAxOTc3NTQzNjkwNDQzNcgBCakCocLwQvsnsj6oAwHIAwKqBPIBT9B9BoOrMdvMJLT_y_5K_g-kaSK1aRtI8dg0icGoW-XzxEfty8fJqyE_t7kSaXI80q2mqTp_5EyRNqp03oiZ2l0DKRrFXDPM2doePyQehCD6FIrzmmy7W4HUqjFl-MIqEssYMoeInQutzy159cXIDGj1FxYeZE_4kXkodyTdGTmsTLMXESsUkfvIjW1eSO-1Q6ua1mqfeTckoVfR9yNPBzHWSRPRmKWHo_mCcL_RYiDJiaP-53mEO5MLFwLZBjPPBdW4V-oUWse-bSa7ppXk05im5fpdgTHLgXdiBNmg7YLasXA4oNDZrmO7Ku4rH83VZfSABo7Uspy3sqWtYqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ryc557n86Nf4Z6s4IGKxRC5sI0g%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Aug 2024 12:58:37 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 3C08 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfQAAa0AKwQADAArJvz3HYqc_dlvGQjjJ8w&u=%7CZv5iWoJ9thCuTL83xBPIC3x8kJE%2B%2FU6ZVHEpi8aOTVs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUZvkb7Wl-VYDq7jFMw4QK-Jm3uRjxMDExV9A4B_9uc1S6Be9z-_Dqf-iTgGrtWILeL97lKHH1yLDJfDDqVjvOlHJ_uo95xbjQeWOgNVhhmfu-1raFwmgFCln2eoGJ_hCD6AtGGjV7ArJgPZKFBfuizbPr6iKtCeoYesImNuVTWQ6QoobreOKJT1Vo0aQHJjagcdgk5nl36XPFQ5aqcpzVOQcZnZFST8vaX_QqAvzE0dVLUU3jss-0OqO-o9_Jo7YTAXN1fb7WxXd2bQH36foxac7FJdKGE0WecYlOMZtCOBx-nNMKUT_eXgwNS3YRvP-K_ijbt7zshWg1yvTNCPxYPY9BxgvVtlPCQ_gsIsVZcozd_tNG0Wb5T5zqA8WAoJKZLzhZLm9ZmTiesClu3nqxR0lpnVtsMPdTiLUbYuoormqkiqyc_lFek00iy1IpG2NcqaSFwMf6XFxnHMIUg1ZA8vmlTu5cQdNZAKIpaf3yLuPnefXM6pg-AsjeWWwwpwHKiBjDLtWNHkiXCeW-W1rfUEnIIHsnKfsMqYY5p0UbGbz-JfysNLiud3z9yOON8HTJT7nr8dy56nW4HV-feRAk3Eek3YsVbZ-YthiZWH2eUAnnQtOULCfXU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCskEPfevtZMDWAYOAhAa_k6u4Csme0rFczeGS93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItODAxOTc3NTQzNjkwNDQzNcgBCakCocLwQvsnsj6oAwHIAwKqBPIBT9B9BoOrMdvMJLT_y_5K_g-kaSK1aRtI8dg0icGoW-XzxEfty8fJqyE_t7kSaXI80q2mqTp_5EyRNqp03oiZ2l0DKRrFXDPM2doePyQehCD6FIrzmmy7W4HUqjFl-MIqEssYMoeInQutzy159cXIDGj1FxYeZE_4kXkodyTdGTmsTLMXESsUkfvIjW1eSO-1Q6ua1mqfeTckoVfR9yNPBzHWSRPRmKWHo_mCcL_RYiDJiaP-53mEO5MLFwLZBjPPBdW4V-oUWse-bSa7ppXk05im5fpdgTHLgXdiBNmg7YLasXA4oNDZrmO7Ku4rH83VZfSABo7Uspy3sqWtYqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ryc557n86Nf4Z6s4IGKxRC5sI0g%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Aug 2024 12:58:37 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 3C08 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfQAAa0AKwQADAArJvz3HYqc_dlvGQjjJ8w&u=%7CZv5iWoJ9thCuTL83xBPIC3x8kJE%2B%2FU6ZVHEpi8aOTVs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUZvkb7Wl-VYDq7jFMw4QK-Jm3uRjxMDExV9A4B_9uc1S6Be9z-_Dqf-iTgGrtWILeL97lKHH1yLDJfDDqVjvOlHJ_uo95xbjQeWOgNVhhmfu-1raFwmgFCln2eoGJ_hCD6AtGGjV7ArJgPZKFBfuizbPr6iKtCeoYesImNuVTWQ6QoobreOKJT1Vo0aQHJjagcdgk5nl36XPFQ5aqcpzVOQcZnZFST8vaX_QqAvzE0dVLUU3jss-0OqO-o9_Jo7YTAXN1fb7WxXd2bQH36foxac7FJdKGE0WecYlOMZtCOBx-nNMKUT_eXgwNS3YRvP-K_ijbt7zshWg1yvTNCPxYPY9BxgvVtlPCQ_gsIsVZcozd_tNG0Wb5T5zqA8WAoJKZLzhZLm9ZmTiesClu3nqxR0lpnVtsMPdTiLUbYuoormqkiqyc_lFek00iy1IpG2NcqaSFwMf6XFxnHMIUg1ZA8vmlTu5cQdNZAKIpaf3yLuPnefXM6pg-AsjeWWwwpwHKiBjDLtWNHkiXCeW-W1rfUEnIIHsnKfsMqYY5p0UbGbz-JfysNLiud3z9yOON8HTJT7nr8dy56nW4HV-feRAk3Eek3YsVbZ-YthiZWH2eUAnnQtOULCfXU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCskEPfevtZMDWAYOAhAa_k6u4Csme0rFczeGS93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItODAxOTc3NTQzNjkwNDQzNcgBCakCocLwQvsnsj6oAwHIAwKqBPIBT9B9BoOrMdvMJLT_y_5K_g-kaSK1aRtI8dg0icGoW-XzxEfty8fJqyE_t7kSaXI80q2mqTp_5EyRNqp03oiZ2l0DKRrFXDPM2doePyQehCD6FIrzmmy7W4HUqjFl-MIqEssYMoeInQutzy159cXIDGj1FxYeZE_4kXkodyTdGTmsTLMXESsUkfvIjW1eSO-1Q6ua1mqfeTckoVfR9yNPBzHWSRPRmKWHo_mCcL_RYiDJiaP-53mEO5MLFwLZBjPPBdW4V-oUWse-bSa7ppXk05im5fpdgTHLgXdiBNmg7YLasXA4oNDZrmO7Ku4rH83VZfSABo7Uspy3sqWtYqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ryc557n86Nf4Z6s4IGKxRC5sI0g%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 23 Aug 2024 12:58:37 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 3C08 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfQAAa0AKwQADAArJvz3HYqc_dlvGQjjJ8w&u=%7CZv5iWoJ9thCuTL83xBPIC3x8kJE%2B%2FU6ZVHEpi8aOTVs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUZvkb7Wl-VYDq7jFMw4QK-Jm3uRjxMDExV9A4B_9uc1S6Be9z-_Dqf-iTgGrtWILeL97lKHH1yLDJfDDqVjvOlHJ_uo95xbjQeWOgNVhhmfu-1raFwmgFCln2eoGJ_hCD6AtGGjV7ArJgPZKFBfuizbPr6iKtCeoYesImNuVTWQ6QoobreOKJT1Vo0aQHJjagcdgk5nl36XPFQ5aqcpzVOQcZnZFST8vaX_QqAvzE0dVLUU3jss-0OqO-o9_Jo7YTAXN1fb7WxXd2bQH36foxac7FJdKGE0WecYlOMZtCOBx-nNMKUT_eXgwNS3YRvP-K_ijbt7zshWg1yvTNCPxYPY9BxgvVtlPCQ_gsIsVZcozd_tNG0Wb5T5zqA8WAoJKZLzhZLm9ZmTiesClu3nqxR0lpnVtsMPdTiLUbYuoormqkiqyc_lFek00iy1IpG2NcqaSFwMf6XFxnHMIUg1ZA8vmlTu5cQdNZAKIpaf3yLuPnefXM6pg-AsjeWWwwpwHKiBjDLtWNHkiXCeW-W1rfUEnIIHsnKfsMqYY5p0UbGbz-JfysNLiud3z9yOON8HTJT7nr8dy56nW4HV-feRAk3Eek3YsVbZ-YthiZWH2eUAnnQtOULCfXU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCskEPfevtZMDWAYOAhAa_k6u4Csme0rFczeGS93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItODAxOTc3NTQzNjkwNDQzNcgBCakCocLwQvsnsj6oAwHIAwKqBPIBT9B9BoOrMdvMJLT_y_5K_g-kaSK1aRtI8dg0icGoW-XzxEfty8fJqyE_t7kSaXI80q2mqTp_5EyRNqp03oiZ2l0DKRrFXDPM2doePyQehCD6FIrzmmy7W4HUqjFl-MIqEssYMoeInQutzy159cXIDGj1FxYeZE_4kXkodyTdGTmsTLMXESsUkfvIjW1eSO-1Q6ua1mqfeTckoVfR9yNPBzHWSRPRmKWHo_mCcL_RYiDJiaP-53mEO5MLFwLZBjPPBdW4V-oUWse-bSa7ppXk05im5fpdgTHLgXdiBNmg7YLasXA4oNDZrmO7Ku4rH83VZfSABo7Uspy3sqWtYqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ryc557n86Nf4Z6s4IGKxRC5sI0g%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 23 Aug 2024 12:58:37 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 3C08 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=wDdllCK5YaJiRvPhYQ1d0XoAGrr113EJ9oNLKjnWHOgu5mMaYxxoGaolX5CA6_fpTgsA9o9agbS9qud8MkRF6sBmcNSxs0kKgMZeAl-60hOcjxXklYkH67NjhkbctoQo0R9rLCfkr3laQf4pRZd0GdgB1mqgEyS07L-oeRHK7YZyeNGi3kUOHrJlp5Kr4rnjPXnwa9Ts6_wH3OpDz-5wAA5UIKLbRgS1KO_0_EHJiOZSngh2fbVHuk_VIIJCOZ9stFWBRvOnUv6LH-sVpKpD1zPLSlFghllvokGzRtwdp9kyUXmmTSb1vfasw0dUtWwnfCip0gBU062WlAkCODxkIBhbDv3Nfsw4Ae7MMg8f8v1Yze057j_obS_0nhcpo3WjBSAdeweLga4I9nwleUeGO7U5M5NXvzLnKIinPsz70WvlI9rnoqSDOAhLxGZgXi7Y3HHbtVJnZquJH-m-9bt_W9ICWPrAYdTigq8gkkWXT4OMoG4uSXZf38Abkc6tuvXOhnC6og
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfQAAa0AKwQADAArJvz3HYqc_dlvGQjjJ8w&u=%7CZv5iWoJ9thCuTL83xBPIC3x8kJE%2B%2FU6ZVHEpi8aOTVs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUZvkb7Wl-VYDq7jFMw4QK-Jm3uRjxMDExV9A4B_9uc1S6Be9z-_Dqf-iTgGrtWILeL97lKHH1yLDJfDDqVjvOlHJ_uo95xbjQeWOgNVhhmfu-1raFwmgFCln2eoGJ_hCD6AtGGjV7ArJgPZKFBfuizbPr6iKtCeoYesImNuVTWQ6QoobreOKJT1Vo0aQHJjagcdgk5nl36XPFQ5aqcpzVOQcZnZFST8vaX_QqAvzE0dVLUU3jss-0OqO-o9_Jo7YTAXN1fb7WxXd2bQH36foxac7FJdKGE0WecYlOMZtCOBx-nNMKUT_eXgwNS3YRvP-K_ijbt7zshWg1yvTNCPxYPY9BxgvVtlPCQ_gsIsVZcozd_tNG0Wb5T5zqA8WAoJKZLzhZLm9ZmTiesClu3nqxR0lpnVtsMPdTiLUbYuoormqkiqyc_lFek00iy1IpG2NcqaSFwMf6XFxnHMIUg1ZA8vmlTu5cQdNZAKIpaf3yLuPnefXM6pg-AsjeWWwwpwHKiBjDLtWNHkiXCeW-W1rfUEnIIHsnKfsMqYY5p0UbGbz-JfysNLiud3z9yOON8HTJT7nr8dy56nW4HV-feRAk3Eek3YsVbZ-YthiZWH2eUAnnQtOULCfXU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCskEPfevtZMDWAYOAhAa_k6u4Csme0rFczeGS93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItODAxOTc3NTQzNjkwNDQzNcgBCakCocLwQvsnsj6oAwHIAwKqBPIBT9B9BoOrMdvMJLT_y_5K_g-kaSK1aRtI8dg0icGoW-XzxEfty8fJqyE_t7kSaXI80q2mqTp_5EyRNqp03oiZ2l0DKRrFXDPM2doePyQehCD6FIrzmmy7W4HUqjFl-MIqEssYMoeInQutzy159cXIDGj1FxYeZE_4kXkodyTdGTmsTLMXESsUkfvIjW1eSO-1Q6ua1mqfeTckoVfR9yNPBzHWSRPRmKWHo_mCcL_RYiDJiaP-53mEO5MLFwLZBjPPBdW4V-oUWse-bSa7ppXk05im5fpdgTHLgXdiBNmg7YLasXA4oNDZrmO7Ku4rH83VZfSABo7Uspy3sqWtYqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ryc557n86Nf4Z6s4IGKxRC5sI0g%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:58:37 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2050419
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 3C08 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfQAAa0AKwQADAArJvz3HYqc_dlvGQjjJ8w&u=%7CZv5iWoJ9thCuTL83xBPIC3x8kJE%2B%2FU6ZVHEpi8aOTVs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUZvkb7Wl-VYDq7jFMw4QK-Jm3uRjxMDExV9A4B_9uc1S6Be9z-_Dqf-iTgGrtWILeL97lKHH1yLDJfDDqVjvOlHJ_uo95xbjQeWOgNVhhmfu-1raFwmgFCln2eoGJ_hCD6AtGGjV7ArJgPZKFBfuizbPr6iKtCeoYesImNuVTWQ6QoobreOKJT1Vo0aQHJjagcdgk5nl36XPFQ5aqcpzVOQcZnZFST8vaX_QqAvzE0dVLUU3jss-0OqO-o9_Jo7YTAXN1fb7WxXd2bQH36foxac7FJdKGE0WecYlOMZtCOBx-nNMKUT_eXgwNS3YRvP-K_ijbt7zshWg1yvTNCPxYPY9BxgvVtlPCQ_gsIsVZcozd_tNG0Wb5T5zqA8WAoJKZLzhZLm9ZmTiesClu3nqxR0lpnVtsMPdTiLUbYuoormqkiqyc_lFek00iy1IpG2NcqaSFwMf6XFxnHMIUg1ZA8vmlTu5cQdNZAKIpaf3yLuPnefXM6pg-AsjeWWwwpwHKiBjDLtWNHkiXCeW-W1rfUEnIIHsnKfsMqYY5p0UbGbz-JfysNLiud3z9yOON8HTJT7nr8dy56nW4HV-feRAk3Eek3YsVbZ-YthiZWH2eUAnnQtOULCfXU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCskEPfevtZMDWAYOAhAa_k6u4Csme0rFczeGS93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItODAxOTc3NTQzNjkwNDQzNcgBCakCocLwQvsnsj6oAwHIAwKqBPIBT9B9BoOrMdvMJLT_y_5K_g-kaSK1aRtI8dg0icGoW-XzxEfty8fJqyE_t7kSaXI80q2mqTp_5EyRNqp03oiZ2l0DKRrFXDPM2doePyQehCD6FIrzmmy7W4HUqjFl-MIqEssYMoeInQutzy159cXIDGj1FxYeZE_4kXkodyTdGTmsTLMXESsUkfvIjW1eSO-1Q6ua1mqfeTckoVfR9yNPBzHWSRPRmKWHo_mCcL_RYiDJiaP-53mEO5MLFwLZBjPPBdW4V-oUWse-bSa7ppXk05im5fpdgTHLgXdiBNmg7YLasXA4oNDZrmO7Ku4rH83VZfSABo7Uspy3sqWtYqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ryc557n86Nf4Z6s4IGKxRC5sI0g%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1105328
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4418
last-modified
Thu, 22 Jun 2023 11:22:44 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942f04-1142"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2BKfAWwdbieUHuNIXvg4QPqgoyOiJGvI3jo79E%2B9drAdYFL8r28TguRsZGYPnd2KmBiAMvWMFM%2FUAOi6Tj4sVqzgGtmA9t72b3ipce7juHq0dtxpvQ5prxIQkeyPvOkp83h2ky%2Fi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7fe4f77108be6955-FRA
expires
Sun, 18 Aug 2024 12:58:37 GMT
animejs.js
static.criteo.net/animejs/ Frame 3C08 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfQAAa0AKwQADAArJvz3HYqc_dlvGQjjJ8w&u=%7CZv5iWoJ9thCuTL83xBPIC3x8kJE%2B%2FU6ZVHEpi8aOTVs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUZvkb7Wl-VYDq7jFMw4QK-Jm3uRjxMDExV9A4B_9uc1S6Be9z-_Dqf-iTgGrtWILeL97lKHH1yLDJfDDqVjvOlHJ_uo95xbjQeWOgNVhhmfu-1raFwmgFCln2eoGJ_hCD6AtGGjV7ArJgPZKFBfuizbPr6iKtCeoYesImNuVTWQ6QoobreOKJT1Vo0aQHJjagcdgk5nl36XPFQ5aqcpzVOQcZnZFST8vaX_QqAvzE0dVLUU3jss-0OqO-o9_Jo7YTAXN1fb7WxXd2bQH36foxac7FJdKGE0WecYlOMZtCOBx-nNMKUT_eXgwNS3YRvP-K_ijbt7zshWg1yvTNCPxYPY9BxgvVtlPCQ_gsIsVZcozd_tNG0Wb5T5zqA8WAoJKZLzhZLm9ZmTiesClu3nqxR0lpnVtsMPdTiLUbYuoormqkiqyc_lFek00iy1IpG2NcqaSFwMf6XFxnHMIUg1ZA8vmlTu5cQdNZAKIpaf3yLuPnefXM6pg-AsjeWWwwpwHKiBjDLtWNHkiXCeW-W1rfUEnIIHsnKfsMqYY5p0UbGbz-JfysNLiud3z9yOON8HTJT7nr8dy56nW4HV-feRAk3Eek3YsVbZ-YthiZWH2eUAnnQtOULCfXU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCskEPfevtZMDWAYOAhAa_k6u4Csme0rFczeGS93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItODAxOTc3NTQzNjkwNDQzNcgBCakCocLwQvsnsj6oAwHIAwKqBPIBT9B9BoOrMdvMJLT_y_5K_g-kaSK1aRtI8dg0icGoW-XzxEfty8fJqyE_t7kSaXI80q2mqTp_5EyRNqp03oiZ2l0DKRrFXDPM2doePyQehCD6FIrzmmy7W4HUqjFl-MIqEssYMoeInQutzy159cXIDGj1FxYeZE_4kXkodyTdGTmsTLMXESsUkfvIjW1eSO-1Q6ua1mqfeTckoVfR9yNPBzHWSRPRmKWHo_mCcL_RYiDJiaP-53mEO5MLFwLZBjPPBdW4V-oUWse-bSa7ppXk05im5fpdgTHLgXdiBNmg7YLasXA4oNDZrmO7Ku4rH83VZfSABo7Uspy3sqWtYqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ryc557n86Nf4Z6s4IGKxRC5sI0g%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Aug 2024 12:58:37 GMT
d65a37834aea45f3b2f89ed6973b410b_taz_800_a.woff
static.criteo.net/design/dt/ Frame 3C08 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/d65a37834aea45f3b2f89ed6973b410b_taz_800_a.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfQAAa0AKwQADAArJvz3HYqc_dlvGQjjJ8w&u=%7CZv5iWoJ9thCuTL83xBPIC3x8kJE%2B%2FU6ZVHEpi8aOTVs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUZvkb7Wl-VYDq7jFMw4QK-Jm3uRjxMDExV9A4B_9uc1S6Be9z-_Dqf-iTgGrtWILeL97lKHH1yLDJfDDqVjvOlHJ_uo95xbjQeWOgNVhhmfu-1raFwmgFCln2eoGJ_hCD6AtGGjV7ArJgPZKFBfuizbPr6iKtCeoYesImNuVTWQ6QoobreOKJT1Vo0aQHJjagcdgk5nl36XPFQ5aqcpzVOQcZnZFST8vaX_QqAvzE0dVLUU3jss-0OqO-o9_Jo7YTAXN1fb7WxXd2bQH36foxac7FJdKGE0WecYlOMZtCOBx-nNMKUT_eXgwNS3YRvP-K_ijbt7zshWg1yvTNCPxYPY9BxgvVtlPCQ_gsIsVZcozd_tNG0Wb5T5zqA8WAoJKZLzhZLm9ZmTiesClu3nqxR0lpnVtsMPdTiLUbYuoormqkiqyc_lFek00iy1IpG2NcqaSFwMf6XFxnHMIUg1ZA8vmlTu5cQdNZAKIpaf3yLuPnefXM6pg-AsjeWWwwpwHKiBjDLtWNHkiXCeW-W1rfUEnIIHsnKfsMqYY5p0UbGbz-JfysNLiud3z9yOON8HTJT7nr8dy56nW4HV-feRAk3Eek3YsVbZ-YthiZWH2eUAnnQtOULCfXU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCskEPfevtZMDWAYOAhAa_k6u4Csme0rFczeGS93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItODAxOTc3NTQzNjkwNDQzNcgBCakCocLwQvsnsj6oAwHIAwKqBPIBT9B9BoOrMdvMJLT_y_5K_g-kaSK1aRtI8dg0icGoW-XzxEfty8fJqyE_t7kSaXI80q2mqTp_5EyRNqp03oiZ2l0DKRrFXDPM2doePyQehCD6FIrzmmy7W4HUqjFl-MIqEssYMoeInQutzy159cXIDGj1FxYeZE_4kXkodyTdGTmsTLMXESsUkfvIjW1eSO-1Q6ua1mqfeTckoVfR9yNPBzHWSRPRmKWHo_mCcL_RYiDJiaP-53mEO5MLFwLZBjPPBdW4V-oUWse-bSa7ppXk05im5fpdgTHLgXdiBNmg7YLasXA4oNDZrmO7Ku4rH83VZfSABo7Uspy3sqWtYqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ryc557n86Nf4Z6s4IGKxRC5sI0g%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
91c32cf62c2a7ec7bc63bd4354823f66812d56d2323a5298eac81e5b969811c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 30 May 2018 09:59:25 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5b0e75fd-e98d"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Aug 2024 12:58:37 GMT
d9f6971a4f3d47b6be08a8b55e632b93_taz_700_a.woff
static.criteo.net/design/dt/ Frame 3C08 		55 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/d9f6971a4f3d47b6be08a8b55e632b93_taz_700_a.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfQAAa0AKwQADAArJvz3HYqc_dlvGQjjJ8w&u=%7CZv5iWoJ9thCuTL83xBPIC3x8kJE%2B%2FU6ZVHEpi8aOTVs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUZvkb7Wl-VYDq7jFMw4QK-Jm3uRjxMDExV9A4B_9uc1S6Be9z-_Dqf-iTgGrtWILeL97lKHH1yLDJfDDqVjvOlHJ_uo95xbjQeWOgNVhhmfu-1raFwmgFCln2eoGJ_hCD6AtGGjV7ArJgPZKFBfuizbPr6iKtCeoYesImNuVTWQ6QoobreOKJT1Vo0aQHJjagcdgk5nl36XPFQ5aqcpzVOQcZnZFST8vaX_QqAvzE0dVLUU3jss-0OqO-o9_Jo7YTAXN1fb7WxXd2bQH36foxac7FJdKGE0WecYlOMZtCOBx-nNMKUT_eXgwNS3YRvP-K_ijbt7zshWg1yvTNCPxYPY9BxgvVtlPCQ_gsIsVZcozd_tNG0Wb5T5zqA8WAoJKZLzhZLm9ZmTiesClu3nqxR0lpnVtsMPdTiLUbYuoormqkiqyc_lFek00iy1IpG2NcqaSFwMf6XFxnHMIUg1ZA8vmlTu5cQdNZAKIpaf3yLuPnefXM6pg-AsjeWWwwpwHKiBjDLtWNHkiXCeW-W1rfUEnIIHsnKfsMqYY5p0UbGbz-JfysNLiud3z9yOON8HTJT7nr8dy56nW4HV-feRAk3Eek3YsVbZ-YthiZWH2eUAnnQtOULCfXU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCskEPfevtZMDWAYOAhAa_k6u4Csme0rFczeGS93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItODAxOTc3NTQzNjkwNDQzNcgBCakCocLwQvsnsj6oAwHIAwKqBPIBT9B9BoOrMdvMJLT_y_5K_g-kaSK1aRtI8dg0icGoW-XzxEfty8fJqyE_t7kSaXI80q2mqTp_5EyRNqp03oiZ2l0DKRrFXDPM2doePyQehCD6FIrzmmy7W4HUqjFl-MIqEssYMoeInQutzy159cXIDGj1FxYeZE_4kXkodyTdGTmsTLMXESsUkfvIjW1eSO-1Q6ua1mqfeTckoVfR9yNPBzHWSRPRmKWHo_mCcL_RYiDJiaP-53mEO5MLFwLZBjPPBdW4V-oUWse-bSa7ppXk05im5fpdgTHLgXdiBNmg7YLasXA4oNDZrmO7Ku4rH83VZfSABo7Uspy3sqWtYqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ryc557n86Nf4Z6s4IGKxRC5sI0g%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
114b07db8be817bfb1f20e07ac98d9500c7ed50146512c32c102f41309437b13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 30 May 2018 09:59:25 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5b0e75fd-daf9"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Aug 2024 12:58:37 GMT
403d3864d4f545aeb1484932bb4ec84c_taz_500_a.woff
static.criteo.net/design/dt/ Frame 3C08 		65 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/403d3864d4f545aeb1484932bb4ec84c_taz_500_a.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfQAAa0AKwQADAArJvz3HYqc_dlvGQjjJ8w&u=%7CZv5iWoJ9thCuTL83xBPIC3x8kJE%2B%2FU6ZVHEpi8aOTVs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUZvkb7Wl-VYDq7jFMw4QK-Jm3uRjxMDExV9A4B_9uc1S6Be9z-_Dqf-iTgGrtWILeL97lKHH1yLDJfDDqVjvOlHJ_uo95xbjQeWOgNVhhmfu-1raFwmgFCln2eoGJ_hCD6AtGGjV7ArJgPZKFBfuizbPr6iKtCeoYesImNuVTWQ6QoobreOKJT1Vo0aQHJjagcdgk5nl36XPFQ5aqcpzVOQcZnZFST8vaX_QqAvzE0dVLUU3jss-0OqO-o9_Jo7YTAXN1fb7WxXd2bQH36foxac7FJdKGE0WecYlOMZtCOBx-nNMKUT_eXgwNS3YRvP-K_ijbt7zshWg1yvTNCPxYPY9BxgvVtlPCQ_gsIsVZcozd_tNG0Wb5T5zqA8WAoJKZLzhZLm9ZmTiesClu3nqxR0lpnVtsMPdTiLUbYuoormqkiqyc_lFek00iy1IpG2NcqaSFwMf6XFxnHMIUg1ZA8vmlTu5cQdNZAKIpaf3yLuPnefXM6pg-AsjeWWwwpwHKiBjDLtWNHkiXCeW-W1rfUEnIIHsnKfsMqYY5p0UbGbz-JfysNLiud3z9yOON8HTJT7nr8dy56nW4HV-feRAk3Eek3YsVbZ-YthiZWH2eUAnnQtOULCfXU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCskEPfevtZMDWAYOAhAa_k6u4Csme0rFczeGS93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItODAxOTc3NTQzNjkwNDQzNcgBCakCocLwQvsnsj6oAwHIAwKqBPIBT9B9BoOrMdvMJLT_y_5K_g-kaSK1aRtI8dg0icGoW-XzxEfty8fJqyE_t7kSaXI80q2mqTp_5EyRNqp03oiZ2l0DKRrFXDPM2doePyQehCD6FIrzmmy7W4HUqjFl-MIqEssYMoeInQutzy159cXIDGj1FxYeZE_4kXkodyTdGTmsTLMXESsUkfvIjW1eSO-1Q6ua1mqfeTckoVfR9yNPBzHWSRPRmKWHo_mCcL_RYiDJiaP-53mEO5MLFwLZBjPPBdW4V-oUWse-bSa7ppXk05im5fpdgTHLgXdiBNmg7YLasXA4oNDZrmO7Ku4rH83VZfSABo7Uspy3sqWtYqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ryc557n86Nf4Z6s4IGKxRC5sI0g%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3f0133a51dbe2306a5d32fbc64643af6fc2503036a2ebec0e61b377d6e60ae75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 30 May 2018 09:59:25 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5b0e75fd-10316"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Aug 2024 12:58:37 GMT
img
imageproxy.eu.criteo.net/img/ Frame 3C08 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=49788&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F49788%2F180606%2Fd2747e8bfc464c829e15f92f21b511fc_logo_n_horizontal_ligh_rollover_bauh.jpg&v=3&w=346&s=lTZIA7WVQGbIKbraTYfX56ZV
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfQAAa0AKwQADAArJvz3HYqc_dlvGQjjJ8w&u=%7CZv5iWoJ9thCuTL83xBPIC3x8kJE%2B%2FU6ZVHEpi8aOTVs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUZvkb7Wl-VYDq7jFMw4QK-Jm3uRjxMDExV9A4B_9uc1S6Be9z-_Dqf-iTgGrtWILeL97lKHH1yLDJfDDqVjvOlHJ_uo95xbjQeWOgNVhhmfu-1raFwmgFCln2eoGJ_hCD6AtGGjV7ArJgPZKFBfuizbPr6iKtCeoYesImNuVTWQ6QoobreOKJT1Vo0aQHJjagcdgk5nl36XPFQ5aqcpzVOQcZnZFST8vaX_QqAvzE0dVLUU3jss-0OqO-o9_Jo7YTAXN1fb7WxXd2bQH36foxac7FJdKGE0WecYlOMZtCOBx-nNMKUT_eXgwNS3YRvP-K_ijbt7zshWg1yvTNCPxYPY9BxgvVtlPCQ_gsIsVZcozd_tNG0Wb5T5zqA8WAoJKZLzhZLm9ZmTiesClu3nqxR0lpnVtsMPdTiLUbYuoormqkiqyc_lFek00iy1IpG2NcqaSFwMf6XFxnHMIUg1ZA8vmlTu5cQdNZAKIpaf3yLuPnefXM6pg-AsjeWWwwpwHKiBjDLtWNHkiXCeW-W1rfUEnIIHsnKfsMqYY5p0UbGbz-JfysNLiud3z9yOON8HTJT7nr8dy56nW4HV-feRAk3Eek3YsVbZ-YthiZWH2eUAnnQtOULCfXU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCskEPfevtZMDWAYOAhAa_k6u4Csme0rFczeGS93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItODAxOTc3NTQzNjkwNDQzNcgBCakCocLwQvsnsj6oAwHIAwKqBPIBT9B9BoOrMdvMJLT_y_5K_g-kaSK1aRtI8dg0icGoW-XzxEfty8fJqyE_t7kSaXI80q2mqTp_5EyRNqp03oiZ2l0DKRrFXDPM2doePyQehCD6FIrzmmy7W4HUqjFl-MIqEssYMoeInQutzy159cXIDGj1FxYeZE_4kXkodyTdGTmsTLMXESsUkfvIjW1eSO-1Q6ua1mqfeTckoVfR9yNPBzHWSRPRmKWHo_mCcL_RYiDJiaP-53mEO5MLFwLZBjPPBdW4V-oUWse-bSa7ppXk05im5fpdgTHLgXdiBNmg7YLasXA4oNDZrmO7Ku4rH83VZfSABo7Uspy3sqWtYqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ryc557n86Nf4Z6s4IGKxRC5sI0g%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.19 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0e937dbbcc6ac86d5eea66d1c88c0a4d73d48a0b1ebdabd7c76bf0aab271a0c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
4506
expires
Thu, 01 Aug 2024 10:14:05 GMT
img
imageproxy.eu.criteo.net/img/ Frame 3C08 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49788&q=80&r=0&u=https%3A%2F%2Fmedia.cdn.bauhaus%2Fm%2F280864%2F12.jpg&v=3&w=800&s=zoWrEVJl66K_vAO4oJB7Zurn&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfQAAa0AKwQADAArJvz3HYqc_dlvGQjjJ8w&u=%7CZv5iWoJ9thCuTL83xBPIC3x8kJE%2B%2FU6ZVHEpi8aOTVs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUZvkb7Wl-VYDq7jFMw4QK-Jm3uRjxMDExV9A4B_9uc1S6Be9z-_Dqf-iTgGrtWILeL97lKHH1yLDJfDDqVjvOlHJ_uo95xbjQeWOgNVhhmfu-1raFwmgFCln2eoGJ_hCD6AtGGjV7ArJgPZKFBfuizbPr6iKtCeoYesImNuVTWQ6QoobreOKJT1Vo0aQHJjagcdgk5nl36XPFQ5aqcpzVOQcZnZFST8vaX_QqAvzE0dVLUU3jss-0OqO-o9_Jo7YTAXN1fb7WxXd2bQH36foxac7FJdKGE0WecYlOMZtCOBx-nNMKUT_eXgwNS3YRvP-K_ijbt7zshWg1yvTNCPxYPY9BxgvVtlPCQ_gsIsVZcozd_tNG0Wb5T5zqA8WAoJKZLzhZLm9ZmTiesClu3nqxR0lpnVtsMPdTiLUbYuoormqkiqyc_lFek00iy1IpG2NcqaSFwMf6XFxnHMIUg1ZA8vmlTu5cQdNZAKIpaf3yLuPnefXM6pg-AsjeWWwwpwHKiBjDLtWNHkiXCeW-W1rfUEnIIHsnKfsMqYY5p0UbGbz-JfysNLiud3z9yOON8HTJT7nr8dy56nW4HV-feRAk3Eek3YsVbZ-YthiZWH2eUAnnQtOULCfXU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCskEPfevtZMDWAYOAhAa_k6u4Csme0rFczeGS93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItODAxOTc3NTQzNjkwNDQzNcgBCakCocLwQvsnsj6oAwHIAwKqBPIBT9B9BoOrMdvMJLT_y_5K_g-kaSK1aRtI8dg0icGoW-XzxEfty8fJqyE_t7kSaXI80q2mqTp_5EyRNqp03oiZ2l0DKRrFXDPM2doePyQehCD6FIrzmmy7W4HUqjFl-MIqEssYMoeInQutzy159cXIDGj1FxYeZE_4kXkodyTdGTmsTLMXESsUkfvIjW1eSO-1Q6ua1mqfeTckoVfR9yNPBzHWSRPRmKWHo_mCcL_RYiDJiaP-53mEO5MLFwLZBjPPBdW4V-oUWse-bSa7ppXk05im5fpdgTHLgXdiBNmg7YLasXA4oNDZrmO7Ku4rH83VZfSABo7Uspy3sqWtYqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ryc557n86Nf4Z6s4IGKxRC5sI0g%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.19 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aef494577cb590c1ea671aba8b90e4cdeaae593e5132ba55f7434131586fdb08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=600000
content-length
17822
expires
Fri, 01 Sep 2023 14:58:08 GMT
img
imageproxy.eu.criteo.net/img/ Frame 3C08 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49788&q=80&r=0&u=https%3A%2F%2Fmedia.cdn.bauhaus%2Fm%2F1466515-4%2F12.jpg&v=3&w=800&s=WZGhTXKWXkHCIIu0w5gGKI4a&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfQAAa0AKwQADAArJvz3HYqc_dlvGQjjJ8w&u=%7CZv5iWoJ9thCuTL83xBPIC3x8kJE%2B%2FU6ZVHEpi8aOTVs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUZvkb7Wl-VYDq7jFMw4QK-Jm3uRjxMDExV9A4B_9uc1S6Be9z-_Dqf-iTgGrtWILeL97lKHH1yLDJfDDqVjvOlHJ_uo95xbjQeWOgNVhhmfu-1raFwmgFCln2eoGJ_hCD6AtGGjV7ArJgPZKFBfuizbPr6iKtCeoYesImNuVTWQ6QoobreOKJT1Vo0aQHJjagcdgk5nl36XPFQ5aqcpzVOQcZnZFST8vaX_QqAvzE0dVLUU3jss-0OqO-o9_Jo7YTAXN1fb7WxXd2bQH36foxac7FJdKGE0WecYlOMZtCOBx-nNMKUT_eXgwNS3YRvP-K_ijbt7zshWg1yvTNCPxYPY9BxgvVtlPCQ_gsIsVZcozd_tNG0Wb5T5zqA8WAoJKZLzhZLm9ZmTiesClu3nqxR0lpnVtsMPdTiLUbYuoormqkiqyc_lFek00iy1IpG2NcqaSFwMf6XFxnHMIUg1ZA8vmlTu5cQdNZAKIpaf3yLuPnefXM6pg-AsjeWWwwpwHKiBjDLtWNHkiXCeW-W1rfUEnIIHsnKfsMqYY5p0UbGbz-JfysNLiud3z9yOON8HTJT7nr8dy56nW4HV-feRAk3Eek3YsVbZ-YthiZWH2eUAnnQtOULCfXU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCskEPfevtZMDWAYOAhAa_k6u4Csme0rFczeGS93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItODAxOTc3NTQzNjkwNDQzNcgBCakCocLwQvsnsj6oAwHIAwKqBPIBT9B9BoOrMdvMJLT_y_5K_g-kaSK1aRtI8dg0icGoW-XzxEfty8fJqyE_t7kSaXI80q2mqTp_5EyRNqp03oiZ2l0DKRrFXDPM2doePyQehCD6FIrzmmy7W4HUqjFl-MIqEssYMoeInQutzy159cXIDGj1FxYeZE_4kXkodyTdGTmsTLMXESsUkfvIjW1eSO-1Q6ua1mqfeTckoVfR9yNPBzHWSRPRmKWHo_mCcL_RYiDJiaP-53mEO5MLFwLZBjPPBdW4V-oUWse-bSa7ppXk05im5fpdgTHLgXdiBNmg7YLasXA4oNDZrmO7Ku4rH83VZfSABo7Uspy3sqWtYqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ryc557n86Nf4Z6s4IGKxRC5sI0g%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.19 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7ac84433abe8e18afc6bb35ab0c684b5c30d8d1694403b80eaab632e4f4ab341
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=600000
content-length
9092
expires
Wed, 30 Aug 2023 12:21:33 GMT
img
imageproxy.eu.criteo.net/img/ Frame 3C08 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49788&q=80&r=0&u=https%3A%2F%2Fmedia.cdn.bauhaus%2Fm%2F1435432%2F12.jpg&v=3&w=800&s=6Uejg4ZhLWh3Cd0ObJOX43IK&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfQAAa0AKwQADAArJvz3HYqc_dlvGQjjJ8w&u=%7CZv5iWoJ9thCuTL83xBPIC3x8kJE%2B%2FU6ZVHEpi8aOTVs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUZvkb7Wl-VYDq7jFMw4QK-Jm3uRjxMDExV9A4B_9uc1S6Be9z-_Dqf-iTgGrtWILeL97lKHH1yLDJfDDqVjvOlHJ_uo95xbjQeWOgNVhhmfu-1raFwmgFCln2eoGJ_hCD6AtGGjV7ArJgPZKFBfuizbPr6iKtCeoYesImNuVTWQ6QoobreOKJT1Vo0aQHJjagcdgk5nl36XPFQ5aqcpzVOQcZnZFST8vaX_QqAvzE0dVLUU3jss-0OqO-o9_Jo7YTAXN1fb7WxXd2bQH36foxac7FJdKGE0WecYlOMZtCOBx-nNMKUT_eXgwNS3YRvP-K_ijbt7zshWg1yvTNCPxYPY9BxgvVtlPCQ_gsIsVZcozd_tNG0Wb5T5zqA8WAoJKZLzhZLm9ZmTiesClu3nqxR0lpnVtsMPdTiLUbYuoormqkiqyc_lFek00iy1IpG2NcqaSFwMf6XFxnHMIUg1ZA8vmlTu5cQdNZAKIpaf3yLuPnefXM6pg-AsjeWWwwpwHKiBjDLtWNHkiXCeW-W1rfUEnIIHsnKfsMqYY5p0UbGbz-JfysNLiud3z9yOON8HTJT7nr8dy56nW4HV-feRAk3Eek3YsVbZ-YthiZWH2eUAnnQtOULCfXU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCskEPfevtZMDWAYOAhAa_k6u4Csme0rFczeGS93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItODAxOTc3NTQzNjkwNDQzNcgBCakCocLwQvsnsj6oAwHIAwKqBPIBT9B9BoOrMdvMJLT_y_5K_g-kaSK1aRtI8dg0icGoW-XzxEfty8fJqyE_t7kSaXI80q2mqTp_5EyRNqp03oiZ2l0DKRrFXDPM2doePyQehCD6FIrzmmy7W4HUqjFl-MIqEssYMoeInQutzy159cXIDGj1FxYeZE_4kXkodyTdGTmsTLMXESsUkfvIjW1eSO-1Q6ua1mqfeTckoVfR9yNPBzHWSRPRmKWHo_mCcL_RYiDJiaP-53mEO5MLFwLZBjPPBdW4V-oUWse-bSa7ppXk05im5fpdgTHLgXdiBNmg7YLasXA4oNDZrmO7Ku4rH83VZfSABo7Uspy3sqWtYqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ryc557n86Nf4Z6s4IGKxRC5sI0g%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.19 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f8838236c44c8badcce02aaa1ee4b02f1facd4af1df8de3779dc011c4f072047
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=600000
content-length
57860
expires
Wed, 30 Aug 2023 22:52:53 GMT
img
imageproxy.eu.criteo.net/img/ Frame 3C08 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49788&q=80&r=0&u=https%3A%2F%2Fmedia.cdn.bauhaus%2Fm%2F141755%2F12.jpg&v=3&w=800&s=fdakkRsVOtGezVMflK9tjsO-&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfQAAa0AKwQADAArJvz3HYqc_dlvGQjjJ8w&u=%7CZv5iWoJ9thCuTL83xBPIC3x8kJE%2B%2FU6ZVHEpi8aOTVs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUZvkb7Wl-VYDq7jFMw4QK-Jm3uRjxMDExV9A4B_9uc1S6Be9z-_Dqf-iTgGrtWILeL97lKHH1yLDJfDDqVjvOlHJ_uo95xbjQeWOgNVhhmfu-1raFwmgFCln2eoGJ_hCD6AtGGjV7ArJgPZKFBfuizbPr6iKtCeoYesImNuVTWQ6QoobreOKJT1Vo0aQHJjagcdgk5nl36XPFQ5aqcpzVOQcZnZFST8vaX_QqAvzE0dVLUU3jss-0OqO-o9_Jo7YTAXN1fb7WxXd2bQH36foxac7FJdKGE0WecYlOMZtCOBx-nNMKUT_eXgwNS3YRvP-K_ijbt7zshWg1yvTNCPxYPY9BxgvVtlPCQ_gsIsVZcozd_tNG0Wb5T5zqA8WAoJKZLzhZLm9ZmTiesClu3nqxR0lpnVtsMPdTiLUbYuoormqkiqyc_lFek00iy1IpG2NcqaSFwMf6XFxnHMIUg1ZA8vmlTu5cQdNZAKIpaf3yLuPnefXM6pg-AsjeWWwwpwHKiBjDLtWNHkiXCeW-W1rfUEnIIHsnKfsMqYY5p0UbGbz-JfysNLiud3z9yOON8HTJT7nr8dy56nW4HV-feRAk3Eek3YsVbZ-YthiZWH2eUAnnQtOULCfXU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCskEPfevtZMDWAYOAhAa_k6u4Csme0rFczeGS93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItODAxOTc3NTQzNjkwNDQzNcgBCakCocLwQvsnsj6oAwHIAwKqBPIBT9B9BoOrMdvMJLT_y_5K_g-kaSK1aRtI8dg0icGoW-XzxEfty8fJqyE_t7kSaXI80q2mqTp_5EyRNqp03oiZ2l0DKRrFXDPM2doePyQehCD6FIrzmmy7W4HUqjFl-MIqEssYMoeInQutzy159cXIDGj1FxYeZE_4kXkodyTdGTmsTLMXESsUkfvIjW1eSO-1Q6ua1mqfeTckoVfR9yNPBzHWSRPRmKWHo_mCcL_RYiDJiaP-53mEO5MLFwLZBjPPBdW4V-oUWse-bSa7ppXk05im5fpdgTHLgXdiBNmg7YLasXA4oNDZrmO7Ku4rH83VZfSABo7Uspy3sqWtYqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ryc557n86Nf4Z6s4IGKxRC5sI0g%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.19 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
72e94580139e97dcbe740d85e161ed291419dde0cbcfde4189a20b20f8e5717a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=600000
content-length
7652
expires
Wed, 30 Aug 2023 01:14:37 GMT
all
csm.eu.criteo.net/ Frame 3C08 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=zoYsSA_E_jhcBmn_Yif7bE4KnhSmIpFPlT5X7mXyrFs_aT1AGwdj10ycI8v5qdHAN-QMzMCISID8WduqaLG9xOz5Fo-dSZdvIj6iNZ6Fa7cNF4xzDYrrFOjGyn38kH5wuTH0ihfVTUuRwJOCRueUX9ka5E4w7hjbMnWmAJsR3jX5oholqr4BgWY-61XPTaDecxNsjvSmyPZSjWNJY5Oquk--S8-gLVt_14Xlvwt44pAYSrtk-Kr4vUhiuWacf6TOB33dlQ&sds=2&rev=88100&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfQAAa0AKwQADAArJvz3HYqc_dlvGQjjJ8w&u=%7CZv5iWoJ9thCuTL83xBPIC3x8kJE%2B%2FU6ZVHEpi8aOTVs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUZvkb7Wl-VYDq7jFMw4QK-Jm3uRjxMDExV9A4B_9uc1S6Be9z-_Dqf-iTgGrtWILeL97lKHH1yLDJfDDqVjvOlHJ_uo95xbjQeWOgNVhhmfu-1raFwmgFCln2eoGJ_hCD6AtGGjV7ArJgPZKFBfuizbPr6iKtCeoYesImNuVTWQ6QoobreOKJT1Vo0aQHJjagcdgk5nl36XPFQ5aqcpzVOQcZnZFST8vaX_QqAvzE0dVLUU3jss-0OqO-o9_Jo7YTAXN1fb7WxXd2bQH36foxac7FJdKGE0WecYlOMZtCOBx-nNMKUT_eXgwNS3YRvP-K_ijbt7zshWg1yvTNCPxYPY9BxgvVtlPCQ_gsIsVZcozd_tNG0Wb5T5zqA8WAoJKZLzhZLm9ZmTiesClu3nqxR0lpnVtsMPdTiLUbYuoormqkiqyc_lFek00iy1IpG2NcqaSFwMf6XFxnHMIUg1ZA8vmlTu5cQdNZAKIpaf3yLuPnefXM6pg-AsjeWWwwpwHKiBjDLtWNHkiXCeW-W1rfUEnIIHsnKfsMqYY5p0UbGbz-JfysNLiud3z9yOON8HTJT7nr8dy56nW4HV-feRAk3Eek3YsVbZ-YthiZWH2eUAnnQtOULCfXU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCskEPfevtZMDWAYOAhAa_k6u4Csme0rFczeGS93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItODAxOTc3NTQzNjkwNDQzNcgBCakCocLwQvsnsj6oAwHIAwKqBPIBT9B9BoOrMdvMJLT_y_5K_g-kaSK1aRtI8dg0icGoW-XzxEfty8fJqyE_t7kSaXI80q2mqTp_5EyRNqp03oiZ2l0DKRrFXDPM2doePyQehCD6FIrzmmy7W4HUqjFl-MIqEssYMoeInQutzy159cXIDGj1FxYeZE_4kXkodyTdGTmsTLMXESsUkfvIjW1eSO-1Q6ua1mqfeTckoVfR9yNPBzHWSRPRmKWHo_mCcL_RYiDJiaP-53mEO5MLFwLZBjPPBdW4V-oUWse-bSa7ppXk05im5fpdgTHLgXdiBNmg7YLasXA4oNDZrmO7Ku4rH83VZfSABo7Uspy3sqWtYqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ryc557n86Nf4Z6s4IGKxRC5sI0g%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 29 Aug 2023 12:58:37 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3C08 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfQAAa0AKwQADAArJvz3HYqc_dlvGQjjJ8w&u=%7CZv5iWoJ9thCuTL83xBPIC3x8kJE%2B%2FU6ZVHEpi8aOTVs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUZvkb7Wl-VYDq7jFMw4QK-Jm3uRjxMDExV9A4B_9uc1S6Be9z-_Dqf-iTgGrtWILeL97lKHH1yLDJfDDqVjvOlHJ_uo95xbjQeWOgNVhhmfu-1raFwmgFCln2eoGJ_hCD6AtGGjV7ArJgPZKFBfuizbPr6iKtCeoYesImNuVTWQ6QoobreOKJT1Vo0aQHJjagcdgk5nl36XPFQ5aqcpzVOQcZnZFST8vaX_QqAvzE0dVLUU3jss-0OqO-o9_Jo7YTAXN1fb7WxXd2bQH36foxac7FJdKGE0WecYlOMZtCOBx-nNMKUT_eXgwNS3YRvP-K_ijbt7zshWg1yvTNCPxYPY9BxgvVtlPCQ_gsIsVZcozd_tNG0Wb5T5zqA8WAoJKZLzhZLm9ZmTiesClu3nqxR0lpnVtsMPdTiLUbYuoormqkiqyc_lFek00iy1IpG2NcqaSFwMf6XFxnHMIUg1ZA8vmlTu5cQdNZAKIpaf3yLuPnefXM6pg-AsjeWWwwpwHKiBjDLtWNHkiXCeW-W1rfUEnIIHsnKfsMqYY5p0UbGbz-JfysNLiud3z9yOON8HTJT7nr8dy56nW4HV-feRAk3Eek3YsVbZ-YthiZWH2eUAnnQtOULCfXU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCskEPfevtZMDWAYOAhAa_k6u4Csme0rFczeGS93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItODAxOTc3NTQzNjkwNDQzNcgBCakCocLwQvsnsj6oAwHIAwKqBPIBT9B9BoOrMdvMJLT_y_5K_g-kaSK1aRtI8dg0icGoW-XzxEfty8fJqyE_t7kSaXI80q2mqTp_5EyRNqp03oiZ2l0DKRrFXDPM2doePyQehCD6FIrzmmy7W4HUqjFl-MIqEssYMoeInQutzy159cXIDGj1FxYeZE_4kXkodyTdGTmsTLMXESsUkfvIjW1eSO-1Q6ua1mqfeTckoVfR9yNPBzHWSRPRmKWHo_mCcL_RYiDJiaP-53mEO5MLFwLZBjPPBdW4V-oUWse-bSa7ppXk05im5fpdgTHLgXdiBNmg7YLasXA4oNDZrmO7Ku4rH83VZfSABo7Uspy3sqWtYqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ryc557n86Nf4Z6s4IGKxRC5sI0g%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Aug 2024 12:58:37 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 3C08 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfQAAa0AKwQADAArJvz3HYqc_dlvGQjjJ8w&u=%7CZv5iWoJ9thCuTL83xBPIC3x8kJE%2B%2FU6ZVHEpi8aOTVs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUZvkb7Wl-VYDq7jFMw4QK-Jm3uRjxMDExV9A4B_9uc1S6Be9z-_Dqf-iTgGrtWILeL97lKHH1yLDJfDDqVjvOlHJ_uo95xbjQeWOgNVhhmfu-1raFwmgFCln2eoGJ_hCD6AtGGjV7ArJgPZKFBfuizbPr6iKtCeoYesImNuVTWQ6QoobreOKJT1Vo0aQHJjagcdgk5nl36XPFQ5aqcpzVOQcZnZFST8vaX_QqAvzE0dVLUU3jss-0OqO-o9_Jo7YTAXN1fb7WxXd2bQH36foxac7FJdKGE0WecYlOMZtCOBx-nNMKUT_eXgwNS3YRvP-K_ijbt7zshWg1yvTNCPxYPY9BxgvVtlPCQ_gsIsVZcozd_tNG0Wb5T5zqA8WAoJKZLzhZLm9ZmTiesClu3nqxR0lpnVtsMPdTiLUbYuoormqkiqyc_lFek00iy1IpG2NcqaSFwMf6XFxnHMIUg1ZA8vmlTu5cQdNZAKIpaf3yLuPnefXM6pg-AsjeWWwwpwHKiBjDLtWNHkiXCeW-W1rfUEnIIHsnKfsMqYY5p0UbGbz-JfysNLiud3z9yOON8HTJT7nr8dy56nW4HV-feRAk3Eek3YsVbZ-YthiZWH2eUAnnQtOULCfXU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCskEPfevtZMDWAYOAhAa_k6u4Csme0rFczeGS93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItODAxOTc3NTQzNjkwNDQzNcgBCakCocLwQvsnsj6oAwHIAwKqBPIBT9B9BoOrMdvMJLT_y_5K_g-kaSK1aRtI8dg0icGoW-XzxEfty8fJqyE_t7kSaXI80q2mqTp_5EyRNqp03oiZ2l0DKRrFXDPM2doePyQehCD6FIrzmmy7W4HUqjFl-MIqEssYMoeInQutzy159cXIDGj1FxYeZE_4kXkodyTdGTmsTLMXESsUkfvIjW1eSO-1Q6ua1mqfeTckoVfR9yNPBzHWSRPRmKWHo_mCcL_RYiDJiaP-53mEO5MLFwLZBjPPBdW4V-oUWse-bSa7ppXk05im5fpdgTHLgXdiBNmg7YLasXA4oNDZrmO7Ku4rH83VZfSABo7Uspy3sqWtYqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ryc557n86Nf4Z6s4IGKxRC5sI0g%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Aug 2024 12:58:37 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame E582 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cz-5_fOvtZOCmD_WLrr4PnKGr0AfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTqAU_QWyfE5CicfqAl82U273409WWgN7EoQxhIbMfwPntjuWt92GdRkRfuV-x8__pMUlzTAlPkOipehd0Ylwu-7A0Q2qQ3R8_XrjplLuplX-qLd_qE0hBi9qmDlVAmtxpkBn44zYFw_cHvZiJyY7bCqZp5IqDNJgYnEVtu-WzwvO3AGz383pjIqTQLSXq3EqoQ4SSaotvOxpaWdEtgdfK8FXlHLlQlB16LaetpAbifSbasm5h2kAhMxm41Mk3un9ew_Yfra653JjDYXPNwkbzHBN4B5755kEQcBubaaR7jJNbmuBLasCdHxueHXoAG7ajznMK8-trOAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi04MDE5Nzc1NDM2OTA0NDM1GAA&sigh=t-g2LkPmgPs&uach_m=[UACH]&cid=CAQSGwBpAlJWzrM628dsm0vZqyzNEw7MYtyfDtsNEBgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 29 Aug 2023 12:58:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame E582 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kKDQFcz6RO0HfJ2DYgICAAAA7Sqxh_F3IBMQfOvtZPJrLwD5N_hpsQwAABIAAAoKQVFVQkR3RUJEdw&wp=ZO3rfAAD02ABy4X1AArQnOli8gltXXNZ8qpkWg&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:58:37 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
159788
server
Kestrel
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame E582 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstFzZ6NpOJhUaOQ4Wi76YkOo0LsFzYDZWJhap0fLGBhAMfdpZievl17gSVwmT4gYgKWgW6V5aK_SRPo0JveoF7for2EwIocMHFRT38&sig=Cg0ArKJSzGMSgmRK6vMWEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=84,766,1000,1054,1085&tos=84,682,234,54,31&v=20230828&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693313917064&rpt=267&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:58:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame E984 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=SxpeaA_E_jhcBmn_sR-_8kAISbMWmBsQgirvfnRiPmpBPbCtbbg_Q7-7lbdLQUNMRWK8b6RIqwVC1WNB0SGa9yYU3paPUEdvGMfiHGgv_mNfhFL5ulbStu1uCzUGWoo9JvjZTy9TetK0QFXkw384Y0FWa-r5MRJnjKq7pQ6lIaxEx21TT7vrxFODRvxXUpKzMUAhmJysh_vLmu4YItZ6NfwGDcG8f-1bkdZ41pbZgf0XNagRvUyZlQJ0wJWFuvwhewx8Gg&sds=2&rev=88100&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD02ABy4X1AArQnOli8gltXXNZ8qpkWg&u=%7COKIgpqOK8DwNxxSASp%2BqQSgBryyEjh6dp6UaJ9Tudts%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUKpu9hy7Ffnun-WE9FjbXP1W0e4y8lK96xIqJRLJoNk_R_9LZxWlB9CMmRA414eeU6CFLwxAC3u2cad6flRwHxxoSySX_crPUF2KGIvX_g1l8M2qvAzIvrtoSqDOHfh4IT6YwzGSUad4yDnsKE3dUMDir8B0WNSUp8T_7CuJTIKweX1yAl5nmCDTvsGS6sjwU5lp5KTMRIHQfHNmXJQLZkOeg2I0m6DsmB7S-9SCpmtAAAdzp7YITGJM8-pBQlyAPMBjx5mALqEcajo1Uyyzk007K_toPR1B8O_ffUxWF1JUx6WUduVOgLFsuCkSBCoZ1AipxHDWtSWAlbOhIdkdrjzji86IzLY9OTEVzoZbTrA0g_xmeZwpxmwTVUzrtdafu5o1hwJRUCaU4Dy8ndOOR4Zmn0rw2n3vkqUD9hcM9Apsb7aGkMeUKoWMPEuX-_aq4BEYgHc-kjaBQWEgTUTYXi3Brerb8n7uDcgLIiMpZ_Ic0q4nXv0pNKtU8vNx7i0jx2C23mgJs_EBeAPYk3YKJmboVLqpSEk86_pb736c_a-cSDFENJ2rqvbaqnoMRi8W6Bg5nNIO-qXmMLpM-0GynZKxqwBIvtZWkpvAXp_tlZx4O-MLS8yz9Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGUrofOvtZOCmD_WLrr4PnKGr0AfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTtAU_QWyfE5CicfqAl82U273409WWgN7EoQxhIbMfwPntjuWt92GdRkRfuV-x8__pMUlzTAlPkOipehd0Ylwu-7A0Q2qQ3R8_XrjplLuplX-qLd_qE0hBi9qmDlVAmtxpkBn44zYFw_cHvZiJyY7bCqZp5IqDNJgYnEVtu-WzwvO3AGz383pjIqTQLSXq3EqoQ4SSaotvOxpaWdEtgdfK8FXlHLlQlB16LaetpAbifSbasm5h2kAhMxm41Mk3un9ew_Yfra641JBFK23zsggNbEH3R2hiBmVAWsOz0cZxX7OtASq3EnD_CbGOU4fD1i4AG7ajznMK8-trOAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_20m4JX7eaU2tO8Wab1PAHzzCgIog%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 29 Aug 2023 12:58:38 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
all
csm.eu.criteo.net/ Frame DA0F 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=VhOn6g_E_jhcBmn_8i_g1TL6DoBZnXRQbjHgZFZ_lTVBEhig9w8kNsko7Da1kVHJuQmrq7lsvsf8ug870yABjFoyZuQA0lKeux-awYWcNO7VYpIPB7LQeX2vIO29Y8EZjir_zrmpaR_0J5T8mFjmFZKoP2C3pPx2IAfkhG7vqNyieiifJncRuD_HauihegT3jeh0qzLMDkaQEnVrTV1vlBiENSNN6SZTKRs8DZJ-WzsmdQZmiin_iDDVV1eLBpx_2a4lWw&sds=2&rev=88100&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3rfAAD018By4X1AArQnJ5uylUhwtwmH_k2WQ&u=%7COKIgpqOK8Dwb11ny2PdIDNQ8CAQCXUb0OO8AeQ6dJiE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-ox6jq5uP4vOL-FhBPok8rq59LQxzJ4SYhSaOEnzVwe7cgF-ow3AEzfTVq8DR_h_nDzdht095CABhDf5goUwyubgDEqRKkmHnmYLYMsjGFcTNzfXQ8hz19EwTuPIq9MoSGd7xobcbwpYdZKRKt4rsc1lfufYsu8UswFzYGYYFZ6qHyU7nk_hYnEFmNHOc5pKuqEaokkZQ9Hyk_2ppset_wAXaRr3GOWjIgNKojhjUbyjSHqravbp5mUevzE2sUQCdcp83FOsnJ4vHrmvg_AaKP5m-FFLRPVxTkY6_rPpnp8x4Z--aJhtq5Dn2flpe1GsdhP783GiYOEY_7Aa1UjqE-CgESg8aGrMPWYTrVu_B5C5R27gUZJqh4X8OfN1wrX721YcOwIy0hEWxiMo1FJGJCDNaLFTONs7JKf1SpcPjrTNOnxKwaiAua7fG1RZdD3xxVr8WrCaHetsqPWWKeEJhsRXEN6TVmuLx_2gtZyKl94NprsAd3YZhAN088LvdHOT86Y5-TC1tYS8Igr5VXEyI2O5UqIwI3YC0Cyx11Kndt5-Ygy9WRzGE50rw1KedbQUYdIjPNClYq7eCg-SXlalaPlV_mITYgroRIASp8dCGqo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtKxrfOvtZN-mD_WLrr4PnKGr0AfJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTgwMTk3NzU0MzY5MDQ0MzXIAQmpAoGKgnl1I7I-qAMByAMCqgTsAU_QeqhuMsP438mCXRHsrSdg9F6pQovIpy6bCAIrsdvwepQF27QXoQN1SBNz_2pe0hdD2qw_F7A1W9H1j1CZODl86TMs6i79Q1M333_hx7miDqEkNuWntrnDr23n9fWrq1v2z5QJ81U44Gii-Z_Z_N-CJGCfoCaOzoskPhiLbEPp9sE4qdni7Ec7nIOyjUmZv8kfmmWeYiZUPuxRwv9WllZpTMDknddmlqYtnsLYSR2IIEiQf_o794-y75r8wH_GGdGoUe7O7scGzreuHTHvdhuoTk5MS3Qc2IZe3ykZmfx_YJIJC-ppEcEqKhvpgAbs6KWm5_L3uY0BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0o8XNi2V7aHCx3hWTrVGlFa97oAQ%26client%3Dca-pub-8019775436904435%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 29 Aug 2023 12:58:37 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame C03D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuia1mrT1ZXhmEXH3z8NyNNiNMqIhOjcFAL3NBOdtHubx3PavKnY5Is2lmykCLZHC_kRz-c3-n0MUyL52_VRZJRO6sjHvsKDDeglLw&sig=Cg0ArKJSzBW4g3_indp9EAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230828&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693313917121&rpt=191&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:58:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
69086140
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/69086140?wv-part=1&wmode=0&wv-hit=434852524&page-url=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&rn=741738055&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1693313920%3Aw%3A1600x1200%3Av%3A1094%3Az%3A120%3Ai%3A20230829145840%3Au%3A1693313916741355537%3Avf%3Aeygqx1x5sixaiiugyrqh3hb%3Ast%3A1693313920&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gl5.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:58:40 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 29-Aug-2023 12:58:40 GMT
content-type
image/gif
access-control-allow-origin
https://www.gl5.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 29-Aug-2023 12:58:40 GMT
69086140
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/69086140?wv-part=1&wmode=0&wv-hit=434852524&page-url=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&rn=1036033406&wv-type=3&browser-info=we%3A1%3Aet%3A1693313921%3Aw%3A1600x1200%3Av%3A1094%3Az%3A120%3Ai%3A20230829145840%3Au%3A1693313916741355537%3Avf%3Aeygqx1x5sixaiiugyrqh3hb%3Ast%3A1693313921&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gl5.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:58:40 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 29-Aug-2023 12:58:40 GMT
content-type
image/gif
access-control-allow-origin
https://www.gl5.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 29-Aug-2023 12:58:40 GMT
69086140
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/69086140?wv-part=2&wmode=0&wv-hit=434852524&page-url=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&rn=231346973&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1693313922%3Aw%3A1600x1200%3Av%3A1094%3Az%3A120%3Ai%3A20230829145841%3Au%3A1693313916741355537%3Avf%3Aeygqx1x5sixaiiugyrqh3hb%3Ast%3A1693313922&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gl5.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:58:41 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 29-Aug-2023 12:58:41 GMT
content-type
image/gif
access-control-allow-origin
https://www.gl5.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 29-Aug-2023 12:58:41 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8019775436904435&output=html&h=280&slotname=8728295789&adk=601693685&adf=1831963675&pi=t.ma~as.8728295789&w=650&fwrn=4&fwrnh=100&lmt=1693306716&rafmt=1&format=650x280&url=https%3A%2F%2Fwww.gl5.ru%2Fs%2Fsplin%2Fsplin-proch-iz-moej-golovy.html&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693313915947&bpp=2&bdt=319&idt=217&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6827183342517&frm=20&pv=1&ga_vid=398317794.1693313916&ga_sid=1693313916&ga_hid=1687589857&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077444%2C42531706%2C44795922%2C31077389%2C21065724&oid=2&pvsid=706724022780221&tmod=661182444&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IYuWfyKmBW&p=https%3A//www.gl5.ru&dtd=221

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| documentPictureInPicture object| __cfQR function| addLink object| adsbygoogle object| amplified object| __gcse object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| parcelRequireb4ef object| regeneratorRuntime function| tonefuseErrorLogging object| amplified_utils object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol object| alfadart object| alfadartPbjs function| sleep string| GoogleAnalyticsObject function| ga function| ym boolean| __cfRLUnblockHandlers function| $ function| jQuery function| insertLink object| currentMousePos object| gaplugins object| gaGlobal object| gaData object| dataLayer function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| tonefuseSoundwave object| google_tag_manager object| googletag object| GoogleGcLKhOms object| recaptcha object| closure_lm_317954 object| Ya object| yaCounter69086140 number| currentFrame number| refreshInterval number| maxAdRefreshCount object| weboCtx function| WeboCtx object| _old_weboCtx object| xhr object| alfadartPbjsChunk object| _pbjsGlobals object| google_llp object| google_image_requests string| hts function| _0x3232 function| _0x13fb string| ms_cu_started number| time string| ms_cu_transparent number| ms_cu_timeout string| ms_cu_logactive string| ms_cu_allactions

65 Cookies

Domain/Path Name / Value
.gl5.ru/ Name: _ga
Value: GA1.2.398317794.1693313916
.gl5.ru/ Name: _gid
Value: GA1.2.58916085.1693313916
.gl5.ru/ Name: _gat
Value: 1
.gl5.ru/ Name: __gads
Value: ID=43982642264460c1-228c96375fde00e4:T=1693313916:RT=1693313916:S=ALNI_Mb8i3KqdI5_wL-vU269pnFu5FSH_Q
.gl5.ru/ Name: __gpi
Value: UID=00000c69cb4acb82:T=1693313916:RT=1693313916:S=ALNI_MZIfp-AZEdkamDtCF-9yGfnG2rp7Q
.gl5.ru/ Name: _ga_M11H97QCLH
Value: GS1.2.1693313916.1.0.1693313916.60.0.0
.gl5.ru/ Name: _ym_uid
Value: 1693313916741355537
.gl5.ru/ Name: _ym_d
Value: 1693313916
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 3693191346fake
.gl5.ru/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3612558408fake
www.gl5.ru/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.gl5.ru/ Name: "_pubcid"
Value: 50f64e67-2db3-4ccd-a0c8-50bd133390d8
.alfasense.com/ Name: uuid
Value: b0230f6f-2bb8-43c5-afe6-8c00d9a534ec
mc.yandex.com/ Name: yabs-sid
Value: 431467421693313916
.yandex.com/ Name: i
Value: 69kjdADss/trIOfTNofB/lW9g11E30tCGcGoq3QGlLe9AD7I9TCvzptV3kNjYLfF9OwU/GGy11QTn8kw6/fIlV0KYlc=
.yandex.com/ Name: yandexuid
Value: 5947268551693313916
.yandex.com/ Name: yuidss
Value: 5947268551693313916
.yandex.com/ Name: ymex
Value: 1724849916.yrts.1693313916#1724849916.yrtsi.1693313916
.yandex.com/ Name: bh
Value: KgI/MA==
.uuidksinc.net/ Name: jcsuuid
Value: jg8biU3L5gyx2P4aO42n
.utraff.com/ Name: preutid
Value: 1
.agency2.ru/ Name: uuid
Value: 7574fdef-0c58-4bf8-8c08-e0b5ef4c937d
.bidvol.com/ Name: bvuid
Value: a5x4vrnqr5
kimberlite.io/ Name: u
Value: ZO3rfGe-x-s~n0ER2kECqq9GEZcE3CHwUh1ucak
www.gl5.ru/ Name: stableid
Value: none
www.gl5.ru/ Name: stableid_cd
Value: 1693313916924
.bumlam.com/ Name: suuid3
Value: IiRjNDlkMmE0YS00NjZiLTExZWUtODZlMC0wMDI1OTBjMDY0N2M*
www.gl5.ru/ Name: adrcid
Value: Aozj0BUbIzH0bA_EHSrKfMQ
www.gl5.ru/ Name: adrcid_cd
Value: 1693313916955
.acint.net/ Name: test_cookie
Value: CheckForPermission
.acint.net/ Name: aid
Value: fwAAAWTt63wLfAOOUD3xAkMSM5c0x515+QAdp6xnvuELdOt5
.adriver.ru/ Name: cid
Value: Aa4lK5OIxz_g3ifoAhsxMCg
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.acint.net/ Name: cSyncDp14v4
Value: 1693313916
.betweendigital.com/ Name: tuuid
Value: f8511940-deaf-52f1-9c68-3ccbf885d7b7
.betweendigital.com/ Name: ut
Value: ZO3rfQAALuBtrMsAPdW8sxKQBKDz-qkrCssp4g==
.otm-r.com/ Name: mpid
Value: NjRlZGViN2QwYTkxM2NhMA==
.aidata.io/ Name: __upin
Value: v69YPutGlUQguiqp+xpFug
.aidata.io/ Name: __upints
Value: 1693313917
.adsource.tech/ Name: adpreudid
Value: 1
.upravel.com/ Name: session_tptc
Value: 1693313917142
.ssp-rtb.sape.ru/ Name: sspuid
Value: CkIDJWTt632AVQDHB/bWAlqSEnIvBC2gG3gf5IdpdnyZPcM2
.upravel.com/ Name: user_id
Value: 173b9518-af20-4cef-916c-a352c4c33b5d
.adhigh.net/ Name: gi_u
Value: Pvt3DHJ4okL.AikABlGKQV_hGw
.doubleclick.net/ Name: IDE
Value: AHWqTUniWwpBcKis8JPAxFWqVDLzA35Oxj_eRRVk9KzN_dhOrOqtjHM2E48NchaGNbg
.gl5.ru/ Name: _ym_visorc
Value: w
.rutarget.ru/ Name: userId
Value: p3LaVrrFAYD_
.blismedia.com/ Name: b
Value: 64EDEB7D951A896376EEB0F2BLIS
.ctnsnet.com/ Name: cid_b6c5cb1340e141459f510e2e4228ec80
Value: 1
.ctnsnet.com/ Name: gid_CAESEGlxxAPyQz-tKe7ZEXWo3R0
Value: 1
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%220DB78786-6080-4D26-9830-1C60D3FFB6E0%22%7D
.w55c.net/ Name: wfivefivec
Value: 50JGDP0g1QAYiN5
.w55c.net/ Name: matchgoogle
Value: 5
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZO3rfQAJDS7WnQA4
.tribalfusion.com/ Name: ANON_ID
Value: aXntuJOZb3VgUEjUAujyptvwwj1HU7Dse94sL1hQsjmIpZb95mG41qmVsFJHZdVKlrCTnKBsvwtxRYSnffS7b0ZaaAMK
.mts.ru/ Name: mts_id
Value: 4dd1edb4-7746-46ec-a056-45b348fecc5d
.mts.ru/ Name: mts_id_last_sync
Value: 1693313918
.yandex.ru/ Name: yuidss
Value: 9174037741693313918
.yandex.ru/ Name: yandexuid
Value: 9174037741693313918
.an.yandex.ru/ Name: yabs-dsp
Value: mts_banner.Ti10T1lHakVRNlNwbHhtdHpGSGZwZw==
.mts.ru/ Name: dspid
Value: be148231-2b48-4afe-8716-df3c62985fb4
.mts.ru/ Name: reset_cookie
Value: 1

1 Console Messages

Source Level URL
Text
other warning URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1(Line 20)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.adsource.tech
a.tribalfusion.com
a.utraff.com
acint.net
ad.adriver.ru
ads.betweendigital.com
ads.eu.criteo.com
ads.travelaudience.com
alfasense-sync.rutarget.ru
an.yandex.ru
cat.nl3.eu.criteo.com
cdn.alfasense.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
const.uno
covivado.club
cs.agency2.ru
cs.alfasense.com
cse.google.com
csm.eu.criteo.net
cstatic.weborama.com
dx.frontend.weborama.com
ev.adriver.ru
exchange.buzzoola.com
gl5.ru
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
ius.ctnsnet.com
kimberlite.io
match.adsrvr.org
match.new-programmatic.com
match.qtarget.tech
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.alfasense.com
pm.w55c.net
px.adhigh.net
region1.analytics.google.com
rtb.fr3.eu.criteo.com
rtb.nl3.eu.criteo.com
s.alfasrv.com
s.tribalfusion.com
s.uuidksinc.net
sm.rtb.mts.ru
solta-sync.rutarget.ru
srv.tunefindforfans.com
ssp-rtb.sape.ru
ssp.afp.ai
ssp.bidvol.com
ssp.hybrid.ai
ssp.otm-r.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.adspend.space
sync.bumlam.com
sync.upravel.com
tech.rtb.mts.ru
tpc.googlesyndication.com
tr.blismedia.com
v.alfasrv.com
vma.mts.ru
www.acint.net
www.gl5.ru
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x01.aidata.io
googleads.g.doubleclick.net
104.17.24.14
104.18.24.173
104.21.42.164
130.193.42.23
136.144.31.36
142.132.138.213
142.250.181.226
142.250.185.194
142.250.186.131
142.250.186.163
142.250.186.33
142.250.186.34
142.250.186.36
142.250.186.66
142.250.186.72
148.251.237.106
15.197.193.217
151.101.194.49
159.69.72.5
172.217.18.14
172.67.155.223
172.67.163.139
176.9.79.218
178.250.1.10
178.250.1.17
178.250.1.6
178.250.7.12
178.250.7.17
178.250.7.19
178.250.7.2
188.114.97.3
188.42.196.115
188.72.109.103
192.229.202.216
193.232.148.143
193.3.184.212
195.209.108.47
195.209.108.57
212.76.129.181
213.87.44.187
216.239.32.178
216.239.32.36
216.58.206.34
217.199.220.43
217.65.2.150
217.66.147.38
217.66.147.42
23.111.100.20
23.111.107.44
23.111.115.84
3.74.29.98
31.172.68.122
31.172.81.158
31.220.27.135
34.111.205.194
34.96.105.8
35.186.193.173
35.190.0.66
37.230.131.17
46.243.142.48
52.16.56.1
64.233.166.154
65.109.23.99
69.16.175.10
77.223.124.18
84.201.179.252
87.250.250.90
89.108.119.28
93.158.134.119
95.163.84.7
95.163.92.180
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
08b9636b6775125253e8c852c70e1e86af7d3f18472e95ebcbd5213cf5da7a13
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e937dbbcc6ac86d5eea66d1c88c0a4d73d48a0b1ebdabd7c76bf0aab271a0c3
114b07db8be817bfb1f20e07ac98d9500c7ed50146512c32c102f41309437b13
1281dfa591e6d669eb5ce9b04becc3aa57a6d43a1034d131da846db6ca0714bb
16da451514d981f134c7ee9113548fbde5db4aad710d29a48f0eef2fdf2b42d6
187a6710700eaf60ef10e50d2d6fea3db469918bfe738c87437499f81416c35d
18d0fd62b385af8e4412ac063a2cbd49b3df1bc80db47ca4cf44211ae138b9ba
2079d73121e4f5d92eb8b5dcc2fc505a5e8a780cf1bbaf69eb32e9fbec1fe46e
220302e21f2bc9324cb193a7606619011fd2abd69826bf8770e925afe98f6e33
265802a8c66fa6e82cdfc402ad10fe91cefbd6957878f8b2ce754c07811fb0c3
27790422580d55e8fb2c3aff38136be62d597803260966bf9362719766c3b69e
2994111509869935b944a6a97dff845f8fbafebc2ab754e9ad922315736f8e28
2b3a51882440c4e42dcbf66fc4a1919966bdf735b75de50117d53b79d7722461
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3e48869d45889d8c1370161ac5b499cb02dc73c6bebefb8c487173010aabb78b
3f0133a51dbe2306a5d32fbc64643af6fc2503036a2ebec0e61b377d6e60ae75
42986d96f95240f56b65d73b4867947fc7111ffcea44c1fd3093f3a1052778f9
483add264e246244397520af9a5827968c98559f133f04d0826b1f301127b34f
48b4a529ae40fb9d4bfb5eabecb10d193e465873187b849599abd51839cbf193
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef30192a1e0a14f8544eecbbd32db5510560c9b189925d4dbb1999dd7bcfd22
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
50b261f5fd2bf498bda962da74b21abe18827b551e0734ff4e439912b161c3eb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0
5ea677148a0cc9c7838c5afcd996e0a5fa73ddce6577664f81c193aaf7a5b1c8
60cc5bd8287bfc9b2f1091884b257d2de1c351f379c5ef0cf7180e99f52350ef
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
621101a4914c2c35e0ee589eb6b812316b6e3bad47dfe741519df6c96f2bf385
65105425c54399ed1f1d1de9e1e0242d77b0bca9385d298e73ba58b59f64504d
67f77c74e606710e77243887e33a674ed3d5718d8619e49f2cd075a52c446dd4
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6fdd39ed99dc41ac4e59104322e0a8a67a978ebe0b61bf1441051cc42b482a44
6fe3cf4ba417ff40a02e27ff1f26ceedb50d5b510f636849c9fcb48738a80f07
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72e94580139e97dcbe740d85e161ed291419dde0cbcfde4189a20b20f8e5717a
739fc81e141f34b6404a5b2ce7bec44746ed729ab20661378ad525af6d5f8e20
73e6d775189194e30d9d10c91d20ad2518e1c9f277405dea1f5257cfa97eec64
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7a9d3576d5d9ef72647cdcac3f1c9c641c2824707d433e8ff4c980849a6401bf
7ac84433abe8e18afc6bb35ab0c684b5c30d8d1694403b80eaab632e4f4ab341
80826fab9c68578eed8d38ac33657732b8109ddaf86ca1bb8f4fcefeba3a1315
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
848cd3f624541418d7f7e8224ad119331243dbc9c374d9142ae4b03ea860c277
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8ba59dad3519d4521c25170a8dbfa9f0e9ecaf5e5c59bcc5d76f69079d94ff2b
8bfc66ab6620f055f1ed833cec6dc64adec87283f2b9d4ac1620056af967771b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
917edc30d5b9abfc453d5d1f4bb15651fcda3783ef15666504f005ea24ceeae9
91c32cf62c2a7ec7bc63bd4354823f66812d56d2323a5298eac81e5b969811c2
99a121cc5b663678c7af3c1d2532656f6346a9a2e56f471f7c22c43c1904d8ff
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c6bdb0716a6057ed840599eefa02f871149963a1db5007feeff59b07f16ab5b
9d06390c96d685eb5d49156e1d4c80ba65fdfe22ed2ccb4086c2efd52676703d
9ddecac03736392c6ca294cb33357db8fe08b476450ad9a33a64bb39561196b9
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a48756fa742f41ce2256254fdb6ec9244746bbec8fc342cecbe05cd0cdc99887
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ad09f7f363054e1444e4b959899fcfdec6c42c8f9cb700bb93bbbcd415d832f9
aef494577cb590c1ea671aba8b90e4cdeaae593e5132ba55f7434131586fdb08
b138805db8d6ea05c65ec3e0d57b9ab162d69e197775f9bba34f24a896427ec9
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b4d5cd59e626514d5a925245b6b73c5e9c3f626d01a91ac76bb52f658841fb85
b4df7af587b224b34acbc72a9f4ffa621469a66a633d17b5ce0dfe2c3ae366c6
be95ef3fa965c61b8a62d9b273ea9cec410c1f00b3db2a0d5685d1bafc5e0754
c0ed27d1a647cbf0d2bce80e7cc93bdddb25218744e179db2fd5a2b2c640aabf
c1c30bafc1dadbf6df1f21690867f2e3621c3914bdf968693b86dea45dc549d1
c23989be3dce6c063aa905e21899f4030246e3f9821d0f93db79e581d0d8c883
c548ab92911cb0c3db4cbbe04248ddbfd4f50759d33b73ba54f6086cb7716b68
c78cbc891d36ddcc95ff6786a968ef27edab4085779b578253a42bcb9f8f44af
c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f
c99f08a2b6e9e3db74c882e447e6c2b632d9d596b771aae67c6df600e2a6b771
cac9fb81a29c07978b6ff53ec2a73344f4756aba46e066610c17d9dd06fa96ae
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d32acf592f7f63460ff06711e1a9d41fbf6327a03303ae840e83fa9ef278d8f1
d8f8ebd4e96964c63aa9eb0933af2ddafdfdb7e94c2efc70a5af109518c9ae80
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ea54cce26e1f34a30aa98a0f6ef7b4115f2f38ea3a19aae2e08934eef69bda82
eb33793d786e59b89809736b42479b6fa0c39a503ad338b21a370b7ecc437dea
ebbf7eb076227233571e0e8fb4af615cdc0eec2cbb85c50ecad8c6286dab4fd9
ec6a08ab8fbd5a5ced2a049b76bd2d783e0472e113f974dbd173023b3d05d9e5
eda1092d534c85db5180ed0157ce3f2f8402e9ad790eafb0668acf0f822f8ed2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1b544f7a5f84937eca6256f5e2032e96a7c508860453f58ba76cb899e93aef4
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f722a5a714647fe8b79304defef61d9743dc2e9fb6d3f81aafe27dbe08f0ec7d
f8838236c44c8badcce02aaa1ee4b02f1facd4af1df8de3779dc011c4f072047
fd44c81e8612365e2c140cc1c544f783196829b486f52de2e3013ac3fecca570
fd636bee19d500e7c91b5308c1d30a1d1fbf148809e49c984557377ad01f09d2