tam.by Open in urlscan Pro
2a0a:7d80::c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.tam.by/
Effective URL:
https://tam.by/
Submission: On March 20 via api (March 20th 2021, 5:37:18 pm UTC) from US

Summary HTTP 205 Redirects Links 53 Behaviour Indicators

Summary

This website contacted 29 IPs in 7 countries across 24 domains to perform 205 HTTP transactions. The main IP is 2a0a:7d80::c, located in Minsk, Belarus and belongs to BELPAK-AS BELPAK, BY. The main domain is tam.by.
TLS certificate: Issued by R3 on January 11th 2021. Valid for: 3 months.

This is the only time tam.by was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 47	2a0a:7d80::c 2a0a:7d80::c	6697 (BELPAK-AS...) (BELPAK-AS BELPAK)
5	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
6	2a0a:7d80::c:1:0 2a0a:7d80::c:1:0	6697 (BELPAK-AS...) (BELPAK-AS BELPAK)
4	178.172.235.237 178.172.235.237	6697 (BELPAK-AS...) (BELPAK-AS BELPAK)
11	93.125.48.34 93.125.48.34	6697 (BELPAK-AS...) (BELPAK-AS BELPAK)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8::16b 2a02:6b8::16b	13238 (YANDEX) (YANDEX)
5	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1 5	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1 4	146.59.10.80 146.59.10.80	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c1b::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
15	77.88.21.179 77.88.21.179	13238 (YANDEX) (YANDEX)
10	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
35	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	18.185.192.106 18.185.192.106	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.133.199 185.29.133.199	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
3 3	3.120.242.149 3.120.242.149	16509 (AMAZON-02) (AMAZON-02)
2 2	18.193.144.52 18.193.144.52	16509 (AMAZON-02) (AMAZON-02)
2 2	3.122.89.158 3.122.89.158	16509 (AMAZON-02) (AMAZON-02)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
205	29

47 2a0a:7d80::c (Minsk, Belarus) 1 redirects

ASN6697 (BELPAK-AS BELPAK, BY)

www.tam.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tam.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.tam.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.tut.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a0a:7d80::c:1:0 (Minsk, Belarus)

ASN6697 (BELPAK-AS BELPAK, BY)

s3r.tut.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1hit.tut.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c2hit.tut.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.172.235.237 (Belarus)

ASN6697 (BELPAK-AS BELPAK, BY)

blog.tam.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 93.125.48.34 (Belarus)

ASN6697 (BELPAK-AS BELPAK, BY)
PTR: 93-125-48-34.hoster.by

ad.tam.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::16b (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8::90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.59.10.80 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip80.ip-146-59-10.eu

gaby.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 77.88.21.179 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: adfox-external-l3-engine.stable.qloud-b.yandex.net

ads.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2010 (United States)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.192.106 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-192-106.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.133.199 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.120.242.149 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-242-149.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.193.144.52 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-144-52.eu-central-1.compute.amazonaws.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.89.158 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-89-158.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	tam.by 1 redirects www.tam.by tam.by img.tam.by blog.tam.by ad.tam.by	856 KB
56	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	649 KB
18	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	101 KB
15	adfox.ru ads.adfox.ru	442 B
11	yandex.ru 1 redirects matchid.adfox.yandex.ru an.yandex.ru mc.yandex.ru	87 KB
9	google.com 2 redirects www.google.com adservice.google.com	1 KB
7	tut.by s3r.tut.by c1hit.tut.by c2hit.tut.by www.tut.by	18 KB
5	googletagservices.com www.googletagservices.com	162 KB
5	google-analytics.com www.google-analytics.com	52 KB
5	yastatic.net yastatic.net	200 KB
4	google.de www.google.de adservice.google.de	2 KB
4	gemius.pl 1 redirects gaby.hit.gemius.pl	12 KB
4	googleadservices.com www.googleadservices.com partner.googleadservices.com	17 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	53 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com	2 KB
2	3lift.com 2 redirects eb2.3lift.com	940 B
2	sportradarserving.com 2 redirects a.sportradarserving.com	1 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
1	travelaudience.com 1 redirects ads.travelaudience.com	606 B
1	mathtag.com 1 redirects sync.mathtag.com	816 B
1	dotomi.com dclk-match.dotomi.com	104 B
1	googleapis.com fonts.googleapis.com	674 B
1	googletagmanager.com www.googletagmanager.com	30 KB
205	24

	Domain	Requested by
35	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
35	img.tam.by	tam.by
21	pagead2.googlesyndication.com	yastatic.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
15	ads.adfox.ru
11	ad.tam.by	tam.by ad.tam.by
10	tam.by	tam.by
9	googleads.g.doubleclick.net	www.googleadservices.com pagead2.googlesyndication.com googleads.g.doubleclick.net
7	cm.g.doubleclick.net	googleads.g.doubleclick.net
6	www.google.com	2 redirects tam.by googleads.g.doubleclick.net
5	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	mc.yandex.ru	1 redirects tam.by mc.yandex.ru
5	www.google-analytics.com	tam.by www.google-analytics.com
5	an.yandex.ru	yastatic.net
5	yastatic.net	yastatic.net an.yandex.ru
4	gaby.hit.gemius.pl	1 redirects tam.by gaby.hit.gemius.pl
4	blog.tam.by	tam.by
3	x.bidswitch.net	3 redirects
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	partner.googleadservices.com	pagead2.googlesyndication.com
3	c2hit.tut.by	tam.by
2	ups.analytics.yahoo.com	2 redirects
2	eb2.3lift.com	2 redirects
2	a.sportradarserving.com	2 redirects
2	pm.w55c.net	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	s3r.tut.by	tam.by
1	ads.travelaudience.com	1 redirects
1	sync.mathtag.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	www.tut.by	ad.tam.by
1	www.google.de	tam.by
1	c1hit.tut.by	tam.by
1	www.googletagmanager.com	tam.by
1	matchid.adfox.yandex.ru	yastatic.net
1	www.googleadservices.com	tam.by
1	www.tam.by	1 redirects
205	40

This site contains links to these domains. Also see Links.

Domain
blog.tam.by
partnership.tam.by
153.tam.by
kusochek-schastya.tam.by
mebelmax.tam.by
yurkas.tam.by
myasnov.tam.by
nastoyaschaya-mebel.tam.by
mebel-holl.tam.by
kv-kiseleva.tam.by
doktor-vet.tam.by
international-house.tam.by
avtogarantbel.tam.by
kv-kirova.tam.by
incotrade.tam.by
mebel-land-by.tam.by
askona-na-mazurova.tam.by
stormnet.tam.by
kuzovnik.tam.by
remontpola-bel.tam.by
servicetech.tam.by
tutby.com
jobs.tut.by
tamby.freshdesk.com
mobile.tut.by
brest.tam.by
vitebsk.tam.by
gomel.tam.by
grodno.tam.by
mogilev.tam.by
baranovichi.tam.by
bobruysk.tam.by
borisov.tam.by
zhlobin.tam.by
lida.tam.by
hoster.by

Subject Issuer	Validity	Valid
tam.by R3	`2021-01-11` - `2021-04-11`	3 months	crt.sh
*.yastatic.net Yandex CA	`2021-03-03` - `2021-09-01`	6 months	crt.sh
*.tut.by RapidSSL RSA CA 2018	`2020-01-22` - `2021-04-22`	a year	crt.sh
blog.tam.by R3	`2020-12-28` - `2021-03-28`	3 months	crt.sh
*.tam.by RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-12-24` - `2022-01-14`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
matchid.adfox.yandex.ru Yandex CA	`2021-03-16` - `2021-09-08`	6 months	crt.sh
bs.yandex.ru Yandex CA	`2020-12-17` - `2021-06-17`	6 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2019-09-11` - `2021-09-24`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.adfox.ru Yandex CA	`2021-02-26` - `2021-08-08`	5 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh

This page contains 17 frames:

Primary Page: https://tam.by/
Frame ID: DAD58A7309D6AEA0AE48FD611E940DF2
Requests: 113 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: B260AA5B5117F7D10F3BADA95FF9AA86
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 23CF8B226BE4DF6C62CFD357EAA938FD
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 1554C5BAC5242D64415BF516B6814677
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/zrt_lookup.html
Frame ID: 3DB1F09591D0DE593D20F6A6D9AAB2F2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755396&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261817973&bpp=5&bdt=70&idt=61&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=2&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=694121058&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1350&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44739387&oid=3&pvsid=838796600582210&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.zlt8nk85gnu&btvi=1&fsb=1&dtd=77
Frame ID: 1A693DE06EF9963EBA4538390410F2FB
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755399&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261817990&bpp=2&bdt=53&idt=71&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=1&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=791957473&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=4335&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=42530672%2C21066429%2C21067570%2C21068083%2C31060352%2C44739387&oid=3&pvsid=2589565841276441&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.7zk60flqegph&btvi=1&fsb=1&dtd=79
Frame ID: DB2F8DE05C8C8E44CB55F986A9289705
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_1_floors_11&adk=3924702937&adf=3279755398&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261818016&bpp=1&bdt=69&idt=62&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=1&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=277249881&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3257&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=21068944%2C44739387&oid=3&pvsid=375176194981074&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.u00aqb1xtcrs&btvi=1&fsb=1&dtd=98
Frame ID: 5970A8AB23AF6C09936CB5567D6BE8D0
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html
Frame ID: 6E594B601D8CC5485F0EA4A6E2F712F1
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html
Frame ID: 68657A46DCA652D28A7109834A2643CC
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: C5D039158B83B38D7F105FA704E5BB3E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: A3B0C5326CEEFEAAF9D6D522FC090283
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2E76B6B948CF4C9926F0098A30FBA574
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Frame ID: 60F7982115D275EF798AD59A5777F64E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: E42C3B7A5D2A92A33439870ABBA9940C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 9EA84413FA44FF4891B198207680F90E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 86AC019B881F6A426A809E5FAB7779D0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.tam.by/ HTTP 301
https://tam.by/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

205
Requests

100 %
HTTPS

63 %
IPv6

24
Domains

40
Subdomains

29
IPs

7
Countries

2240 kB
Transfer

5681 kB
Size

12
Cookies

53 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.tam.by/
Title: Советы

Search URL Search Domain Scan URL

URL: https://partnership.tam.by/?utm_source=TAM_menu&utm_medium=TAM&utm_campaign=landingPromo
Title: Эффективная реклама

Search URL Search Domain Scan URL

URL: https://153.tam.by/

Search URL Search Domain Scan URL

URL: https://153.tam.by/#phone
Title:

Search URL Search Domain Scan URL

URL: https://kusochek-schastya.tam.by/

Search URL Search Domain Scan URL

URL: https://kusochek-schastya.tam.by/#phone
Title:

Search URL Search Domain Scan URL

URL: https://mebelmax.tam.by/

Search URL Search Domain Scan URL

URL: https://mebelmax.tam.by/#phone
Title:

Search URL Search Domain Scan URL

URL: https://yurkas.tam.by/skidki/sovershai-pokupki-v-salonahyurkasi-poluchai-v-podarok-kartu-skidokvygodnyi-remont

Search URL Search Domain Scan URL

URL: https://myasnov.tam.by/skidki/tehnika-dlya-kuhni-v-magazinah-myasnov-so-skidkoi-50

Search URL Search Domain Scan URL

URL: https://nastoyaschaya-mebel.tam.by/skidki/rasprodazha-divanovskidki-do-33

Search URL Search Domain Scan URL

URL: https://mebel-holl.tam.by/skidki/skidka-20na-krovati-transformery/#offer

Search URL Search Domain Scan URL

URL: https://mebel-holl.tam.by/
Title: Изготовление мебели по индивидуальному заказу Мебель Холл / Mebel Holl

Search URL Search Domain Scan URL

URL: https://kv-kiseleva.tam.by/skidki/kazhdaya-10-kvartiraodni-sutki-prozhivaniya-besplatno/#offer

Search URL Search Domain Scan URL

URL: https://kv-kiseleva.tam.by/
Title: Апартаменты класса "Люкс" без посредников 1-комнатная квартира на Киселева, 3

Search URL Search Domain Scan URL

URL: https://doktor-vet.tam.by/skidki/2-po-tsene-1hill-s-dlya-schenkov/#offer

Search URL Search Domain Scan URL

URL: https://doktor-vet.tam.by/
Title: Сеть ветеринарных аптек Доктор Вет

Search URL Search Domain Scan URL

URL: https://international-house.tam.by/skidki/nakopitelnaya-skidka-do-10v-yazykovoi-shkole-interneshnl-haus/#offer

Search URL Search Domain Scan URL

URL: https://international-house.tam.by/
Title: Международная школа английского языка International House / Интернэшнл Хаус

Search URL Search Domain Scan URL

URL: https://avtogarantbel.tam.by/skidki/soprovozhdenie-sdelki-kupli-prodazhi-v-podarok-pri-zakaze-uslugikompleksnyi-podbor-avto/#offer

Search URL Search Domain Scan URL

URL: https://avtogarantbel.tam.by/
Title: Автоподбор, сто Автогарант

Search URL Search Domain Scan URL

URL: https://kv-kirova.tam.by/skidki/skidka-30na-arendu-4-hkomnatnyh-kvartir-na-sutki/#offer

Search URL Search Domain Scan URL

URL: https://kv-kirova.tam.by/
Title: Роскошные апартаменты без посредников 3-комнатная квартира на Кирова, 1

Search URL Search Domain Scan URL

URL: https://incotrade.tam.by/skidki/zakazhi-kompakt-plitu-getalit-na-stoleshnitsu-v-vannuyu-komnatu-i-poluchi-v-podarok-polki-dlya-vanno/#offer

Search URL Search Domain Scan URL

URL: https://incotrade.tam.by/
Title: Мебельные комплектующие Инкотрэйд

Search URL Search Domain Scan URL

URL: https://mebel-land-by.tam.by/skidki/skidka-5pri-pokupke-mebeli-dlya-ofisa-v-komplekte/#offer

Search URL Search Domain Scan URL

URL: https://mebel-land-by.tam.by/
Title: Интернет-магазин корпусной мебели Мебель-лэнд.бай / Mebel-land.by

Search URL Search Domain Scan URL

URL: https://askona-na-mazurova.tam.by/otzyvy/#605468857d1e876fea30acc2

Search URL Search Domain Scan URL

URL: https://stormnet.tam.by/otzyvy/#605466c87d1e873910309bf5

Search URL Search Domain Scan URL

URL: https://nastoyaschaya-mebel.tam.by/otzyvy/#605465087d1e87444a4018aa

Search URL Search Domain Scan URL

URL: https://blog.tam.by/10-idej-kak-organizovat-uyutnoe-zhiloe-prostranstvo-v-kvartire/

Search URL Search Domain Scan URL

URL: https://blog.tam.by/6-sposobov-s-pomoshhyu-kotoryx-marketologi-manipuliruyut-soznaniem-pokupatelej/

Search URL Search Domain Scan URL

URL: https://blog.tam.by/ot-massiva-do-kvarca-kakuyu-stoleshnicu-vybrat-na-kuxnyu-i-v-vannuyu/

Search URL Search Domain Scan URL

URL: https://blog.tam.by/kak-sdelat-derevyannuyu-polku-dlya-obuvi-potrativ-ne-bolshe-50-rublej/

Search URL Search Domain Scan URL

URL: https://kuzovnik.tam.by/

Search URL Search Domain Scan URL

URL: https://remontpola-bel.tam.by/

Search URL Search Domain Scan URL

URL: https://servicetech.tam.by/

Search URL Search Domain Scan URL

URL: https://tutby.com/contact/filials/
Title: TAM.BY в регионах

Search URL Search Domain Scan URL

URL: https://jobs.tut.by/employer/752710
Title: Наши вакансии

Search URL Search Domain Scan URL

URL: https://tamby.freshdesk.com/support/tickets/new
Title: Связаться с нами

Search URL Search Domain Scan URL

URL: https://partnership.tam.by/?utm_source=TAM_footer&utm_medium=TAM&utm_campaign=landingPromo
Title: Реклама на TAM.BY

Search URL Search Domain Scan URL

URL: https://mobile.tut.by/app-catalog-android.html?utm_source=TUT.BY&utm_medium=ref&utm_campaign=footer_tam.by
Title: Загрузить с Google Play

Search URL Search Domain Scan URL

URL: https://brest.tam.by/
Title: Брест

Search URL Search Domain Scan URL

URL: https://vitebsk.tam.by/
Title: Витебск

Search URL Search Domain Scan URL

URL: https://gomel.tam.by/
Title: Гомель

Search URL Search Domain Scan URL

URL: https://grodno.tam.by/
Title: Гродно

Search URL Search Domain Scan URL

URL: https://mogilev.tam.by/
Title: Могилев

Search URL Search Domain Scan URL

URL: https://baranovichi.tam.by/
Title: Барановичи

Search URL Search Domain Scan URL

URL: https://bobruysk.tam.by/
Title: Бобруйск

Search URL Search Domain Scan URL

URL: https://borisov.tam.by/
Title: Борисов

Search URL Search Domain Scan URL

URL: https://zhlobin.tam.by/
Title: Жлобин

Search URL Search Domain Scan URL

URL: https://lida.tam.by/
Title: Лида

Search URL Search Domain Scan URL

URL: https://hoster.by/
Title: HOSTER.BY

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.tam.by/ HTTP 301
https://tam.by/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81

https://mc.yandex.ru/watch/31359968?wmode=7&page-url=https%3A%2F%2Ftam.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74honwal%3Afp%3A1033%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A462%3Acn%3A1%3Adp%3A0%3Als%3A4229860582%3Ahid%3A362189869%3Az%3A60%3Ai%3A20210320183657%3Aet%3A1616261817%3Ac%3A1%3Arn%3A23353258%3Au%3A1616261817155854012%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1616261816214%3Ads%3A0%2C0%2C132%2C1%2C250%2C0%2C%2C528%2C1%2C%2C%2C%2C920%3Adsn%3A0%2C0%2C132%2C1%2C251%2C0%2C%2C530%2C1%2C%2C%2C%2C920%3Arqnl%3A1%3Ati%3A2%3Ast%3A1616261817%3At%3ATAM.BY%20-%20%D0%BD%D1%83%D0%B6%D0%BD%D1%8B%D0%B5%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20%D0%B2%20%D0%BD%D1%83%D0%B6%D0%BD%D1%8B%D0%B9%20%D0%BC%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%20(%D0%9C%D0%B8%D0%BD%D1%81%D0%BA) HTTP 302
https://mc.yandex.ru/watch/31359968/1?wmode=7&page-url=https%3A%2F%2Ftam.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74honwal%3Afp%3A1033%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A462%3Acn%3A1%3Adp%3A0%3Als%3A4229860582%3Ahid%3A362189869%3Az%3A60%3Ai%3A20210320183657%3Aet%3A1616261817%3Ac%3A1%3Arn%3A23353258%3Au%3A1616261817155854012%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1616261816214%3Ads%3A0%2C0%2C132%2C1%2C250%2C0%2C%2C528%2C1%2C%2C%2C%2C920%3Adsn%3A0%2C0%2C132%2C1%2C251%2C0%2C%2C530%2C1%2C%2C%2C%2C920%3Arqnl%3A1%3Ati%3A2%3Ast%3A1616261817%3At%3ATAM.BY%20-%20%D0%BD%D1%83%D0%B6%D0%BD%D1%8B%D0%B5%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20%D0%B2%20%D0%BD%D1%83%D0%B6%D0%BD%D1%8B%D0%B9%20%D0%BC%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%20%28%D0%9C%D0%B8%D0%BD%D1%81%D0%BA%29

Request Chain 89

https://gaby.hit.gemius.pl/_1616261817397/rexdot.js?l=100&id=0iWVhGLhkSnOM.coExUx_ZR6DfXGYVuPku6GN3CSc4D.S7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Ftam.by%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=HFzb3mKa7XLl4Lv.HxvH3O6TibubQC6jM6D8LA6cL3b.07&vis=1 HTTP 301
https://gaby.hit.gemius.pl/__/_1616261817397/rexdot.js?l=100&id=0iWVhGLhkSnOM.coExUx_ZR6DfXGYVuPku6GN3CSc4D.S7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Ftam.by%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=HFzb3mKa7XLl4Lv.HxvH3O6TibubQC6jM6D8LA6cL3b.07&vis=1

Request Chain 162

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 171

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 180

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEM8DtccutQDQXR0Pjoa5o3Q&google_cver=1&google_push=AQvitUKKW7w1nP6V6vpZMU1Jd4XlkyVy8pAXBGeIgU1fjvOffk76_WFyscSFATJ16Gq8xVcnmhff1pHFdZ4BQ5PBQ7EcOzw1Xg HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEM8DtccutQDQXR0Pjoa5o3Q&google_cver=1&google_push=AQvitUKKW7w1nP6V6vpZMU1Jd4XlkyVy8pAXBGeIgU1fjvOffk76_WFyscSFATJ16Gq8xVcnmhff1pHFdZ4BQ5PBQ7EcOzw1Xg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RVNjTWY1WncxTG5GeDA1&google_gid=CAESEM8DtccutQDQXR0Pjoa5o3Q&google_cver=1&google_push=AQvitUKKW7w1nP6V6vpZMU1Jd4XlkyVy8pAXBGeIgU1fjvOffk76_WFyscSFATJ16Gq8xVcnmhff1pHFdZ4BQ5PBQ7EcOzw1Xg

Request Chain 181

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEP146UdP2fRQe-3N_B5mNZE&google_cver=1&google_push=AQvitULA4ukmePCf-P9AfvX6L_2VQOUpPOj9Z8055N9ooUWfUSl7HOKfQv6j-UB9v_G512J9bGGgiTpeottBDAUNewRzV5nTiNY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitULA4ukmePCf-P9AfvX6L_2VQOUpPOj9Z8055N9ooUWfUSl7HOKfQv6j-UB9v_G512J9bGGgiTpeottBDAUNewRzV5nTiNY

Request Chain 182

https://ads.travelaudience.com/google_pixel?google_gid=CAESEMfZ6iBHzdk7jAZp70KIB1U&google_cver=1&google_push=AQvitUL1H_1JU2DVS4LIYUbmVd_un-xEVKjlrLg_A24IuaNIaaKy95ExPsxZlPajWwrt1wy-RuRY8pzSrsA_63F75y886JOegQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=H3MjoftrTCeAIOE0fZTlIQ2&google_push=AQvitUL1H_1JU2DVS4LIYUbmVd_un-xEVKjlrLg_A24IuaNIaaKy95ExPsxZlPajWwrt1wy-RuRY8pzSrsA_63F75y886JOegQ

Request Chain 183

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPbd5Mu0dLgsFmU40cYhkI0&google_cver=1&google_push=AQvitUI0ZaNTj140x2BgDwEpIN_JYLGONEyD9ZhlHdtp0zoPSXADjVKt0bm8ImAsdVPn6IQVoKfb8kUz5VOz6K0ILSr8amWgDHg HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEPbd5Mu0dLgsFmU40cYhkI0&google_cver=1&google_push=AQvitUI0ZaNTj140x2BgDwEpIN_JYLGONEyD9ZhlHdtp0zoPSXADjVKt0bm8ImAsdVPn6IQVoKfb8kUz5VOz6K0ILSr8amWgDHg HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=67ada8a8-9392-4a75-ae82-f072f23b995b&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUI0ZaNTj140x2BgDwEpIN_JYLGONEyD9ZhlHdtp0zoPSXADjVKt0bm8ImAsdVPn6IQVoKfb8kUz5VOz6K0ILSr8amWgDHg&google_hm=CEedJClFS3SxKqW3vZY1Ng==

Request Chain 184

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPsqX6WSkpJTJMn4bSQG3-E&google_cver=1&google_push=AQvitULZ_UQ0jYzneuw08gxgsbZ3sFHs0Ac0UiVTLC2pqzlxSVQzy0dkfquOPky-eEhAZ4-KijiVnhJtPNGtYlbgantubFxC094 HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AQvitULZ_UQ0jYzneuw08gxgsbZ3sFHs0Ac0UiVTLC2pqzlxSVQzy0dkfquOPky-eEhAZ4-KijiVnhJtPNGtYlbgantubFxC094&google_gid=CAESEPsqX6WSkpJTJMn4bSQG3-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY3NDMwNzQwMjQ1OTk0Mzk3NTQ%3D&google_push=AQvitULZ_UQ0jYzneuw08gxgsbZ3sFHs0Ac0UiVTLC2pqzlxSVQzy0dkfquOPky-eEhAZ4-KijiVnhJtPNGtYlbgantubFxC094

Request Chain 185

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECU3WzGCw9-WthqQEqG8XcQ&google_cver=1&google_push=AQvitUK_TOwV3aZiVgc-pB01rsdzTcVPYgzq_Gclp9HoL4WiAU4LOCvSPMait64o0wDog2EPTgEgUC3wgy58VIyAnTDBy9BSdW8c HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECU3WzGCw9-WthqQEqG8XcQ&google_cver=1&google_push=AQvitUK_TOwV3aZiVgc-pB01rsdzTcVPYgzq_Gclp9HoL4WiAU4LOCvSPMait64o0wDog2EPTgEgUC3wgy58VIyAnTDBy9BSdW8c&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS03Q1laOE1aRTJ1SFNyNkdQVGl0N180OUxFNW5ZTjNZZX5B&google_push=AQvitUK_TOwV3aZiVgc-pB01rsdzTcVPYgzq_Gclp9HoL4WiAU4LOCvSPMait64o0wDog2EPTgEgUC3wgy58VIyAnTDBy9BSdW8c

205 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
tam.by/
Redirect Chain

https://www.tam.by/
https://tam.by/

97 KB
21 KB

138ms
132ms

Document
text/html

2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL

https://tam.by/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),

Reverse DNS

Software

nginx /

Resource Hash

5e83f670daf83046edb7512f09417e0e95db0145877069b3cd58eac2766eb910

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

:method: GET
:authority: tam.by
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Sat, 20 Mar 2021 17:36:56 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding Accept-Encoding Cookie
link: <https://yastatic.net>; rel=preconnect; crossorigin, <https://s3r.tut.by>; rel=preconnect; crossorigin, <https://blog.tam.by>; rel=preconnect; crossorigin, <https://mc.yandex.ru>; rel=preconnect; crossorigin, <https://tam.by/css/by3/styles.min~catalog~custom~r0~r0~r0~r12053.css>; rel=preload; as=style; type=text/css, <https://tam.by/js/by3/modernizr~jquery-3.4.1.min~libs.min~main.min~catalog~catalog_suggests~catalog_geo~tam_core_extended~catalog_login~tam_by_events~r0~r0~r0~r12054.js>; rel=preload; as=script; type=text/javascript, <https://yastatic.net/pcode/adfox/loader.js>; rel=preload; as=script; type=text/javascript; crossorigin=anonymous
strict-transport-security: max-age=86400
referrer-policy: unsafe-url
content-encoding: gzip

Redirect headers

server: nginx
date: Sat, 20 Mar 2021 17:36:56 GMT
content-type: text/html; charset=utf-8
vary: Cookie
location: https://tam.by/
strict-transport-security: max-age=86400
referrer-policy: unsafe-url

GET
H2 200 styles.min~catalog~custom~r0~r0~r0~r12053.css
tam.by/css/by3/ 313 KB
43 KB 61ms
60ms Stylesheet
text/css 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL

https://tam.by/css/by3/styles.min~catalog~custom~r0~r0~r0~r12053.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),

Reverse DNS

Software

nginx /

Resource Hash

d61dec7be8ee9080cd713a30cbd91a22d0b594d5835467a3aac451b65a709578

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:56 GMT
content-encoding: gzip
referrer-policy: unsafe-url
server: nginx
etag: W/"60366321-4e433"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
cache-control: max-age=604800
strict-transport-security: max-age=86400
expires: Sat, 27 Mar 2021 17:36:56 GMT

GET
H2 200 modernizr~jquery-3.4.1.min~libs.min~main.min~catalog~catalog_suggests~catalog_geo~tam_core_extended~catalog_login~tam_by_events~r0~r0~r0~r12054.js Show response
tam.by/js/by3/ 393 KB
113 KB 113ms
113ms Script
application/javascript 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL

https://tam.by/js/by3/modernizr~jquery-3.4.1.min~libs.min~main.min~catalog~catalog_suggests~catalog_geo~tam_core_extended~catalog_login~tam_by_events~r0~r0~r0~r12054.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),

Reverse DNS

Software

nginx /

Resource Hash

9242456b82635a1b591d1e9502e5d17b33f11179eb694290db0bd5a1b0cd6f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:56 GMT
content-encoding: gzip
referrer-policy: unsafe-url
last-modified: Wed, 24 Feb 2021 14:31:53 GMT
server: nginx
etag: W/"60366359-6234c"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf8
cache-control: max-age=604800
strict-transport-security: max-age=86400
expires: Sat, 27 Mar 2021 17:36:56 GMT

GET
H2 200 loader.js Show response
yastatic.net/pcode/adfox/ 181 KB
41 KB 315ms
42ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e2150bd820d129a2c937e6d980824cbc88fb5ec9d43e06be325e99787db6a61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://tam.by
Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:56 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 41537
last-modified: Wed, 17 Mar 2021 06:04:30 GMT
server: nginx/1.17.9
etag: "d189538be506032b476812eb08a52367"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Mar 2021 18:36:05 GMT

GET
H2 200 1px.gif
s3r.tut.by/ 43 B
207 B 46ms
39ms Image
image/gif 2a0a:7d80::c:1:0
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3r.tut.by/1px.gif
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c:1:0 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:56 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-type: image/gif
cache-control: max-age=5184000
x-robots-tag: noindex, nofollow
content-length: 43
expires: Wed, 19 May 2021 17:36:56 GMT

GET
H2 200 44a4c1bf4431d8a65bdb39ae2f05c2b8c2248636.jpg
img.tam.by/240x150c/user_uploads/0b/e/ 10 KB
10 KB 119ms
106ms Image
image/jpeg 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/240x150c/user_uploads/0b/e/44a4c1bf4431d8a65bdb39ae2f05c2b8c2248636.jpg
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: cde1c67d99aac59b55c20e8b666b9b7b9b86a8d00abd7bc445dfdc22e2abe439

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Wed, 14 Nov 2018 07:44:40 GMT
server: nginx
etag: "5bebd268-28a9"
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 10409
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 32687386e507930c626de1444b3928df-1.png
img.tam.by/240x150c/company/0e/0/ 15 KB
15 KB 168ms
155ms Image
image/png 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/240x150c/company/0e/0/32687386e507930c626de1444b3928df-1.png
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 92a4a039e38c6ae8219c6e5bfd1f9673ff9abb785dd4dbaa4d026b1536d03436

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Wed, 26 Jun 2019 07:51:02 GMT
server: nginx
etag: "5d1323e6-3b2a"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 15146
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 salon-mebeli_mebelmax_minsk-dolgobrodskaya-17.png
img.tam.by/240x150c/l/01/d/ 1 KB
1 KB 94ms
82ms Image
image/png 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/240x150c/l/01/d/salon-mebeli_mebelmax_minsk-dolgobrodskaya-17.png
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: daaafad9f8276b91523c1b79a2e6dfb3e5a19c7b423fcf6d8ce7f1fff05cdd7b

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Sat, 09 Sep 2017 05:57:29 GMT
server: nginx
etag: "59b382c9-4ba"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1210
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 af920a5f5465aed6e65fa13708df7144-2.jpg
img.tam.by/240x150c/offers/00/f/ 7 KB
8 KB 52ms
40ms Image
image/jpeg 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/240x150c/offers/00/f/af920a5f5465aed6e65fa13708df7144-2.jpg
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: a1af81e943d1266d70e99cb4a7470e7697034c627e5612c3e3ea04fba146355c

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Mon, 01 Feb 2021 07:12:29 GMT
server: nginx
etag: "6017a9dd-1d79"
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7545
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 857171a5833a9ae5c7684488c0e7e27db3c03a11.png
img.tam.by/240x150c/user_uploads/0f/6/ 67 KB
68 KB 119ms
106ms Image
image/png 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/240x150c/user_uploads/0f/6/857171a5833a9ae5c7684488c0e7e27db3c03a11.png
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 7a301b89a0d78d1135830780c1aaa9a818b4defba66bd7e9148e22a4c722df6f

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Wed, 24 Feb 2021 12:31:48 GMT
server: nginx
etag: "60364734-10d65"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 68965
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 5d8dde324b783c07ad2aeee967540fb8-2.jpg
img.tam.by/240x150c/offers/01/f/ 11 KB
11 KB 168ms
156ms Image
image/jpeg 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/240x150c/offers/01/f/5d8dde324b783c07ad2aeee967540fb8-2.jpg
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 409a6d27dd0bc106a2248882f37320d8ad3f306adf4db09c38ebce30c4cb2190

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Thu, 10 Sep 2020 05:21:58 GMT
server: nginx
etag: "5f59b7f6-2ad5"
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 10965
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 219a2563c8c75ddd3e2d8c841e5dab9df38548af.png
img.tam.by/category/icon_android32/07/3/ 512 B
711 B 115ms
115ms Image
image/png 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/category/icon_android32/07/3/219a2563c8c75ddd3e2d8c841e5dab9df38548af.png
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 7975bcb2106ba8a17d6bf73afc69022c8e2d0a3af0b93de7f4b5da06346065de

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Fri, 21 Aug 2015 10:44:07 GMT
server: nginx
etag: "55d700f7-200"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 512
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 1a59787c8ee7faeb6d96a3987ccd49c4b6759bef.png
img.tam.by/category/icon_android32/06/0/ 359 B
558 B 110ms
108ms Image
image/png 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/category/icon_android32/06/0/1a59787c8ee7faeb6d96a3987ccd49c4b6759bef.png
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 84208b4110a1d38fb62ddacde7a2dcbe1fb73e9b782baefc81019dae8ade8930

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Fri, 21 Aug 2015 10:44:50 GMT
server: nginx
etag: "55d70122-167"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 359
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 fd1e14761b676eb399ab8facdcc1c36a2d9be772.png
img.tam.by/category/icon_android32/0d/2/ 432 B
631 B 106ms
104ms Image
image/png 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/category/icon_android32/0d/2/fd1e14761b676eb399ab8facdcc1c36a2d9be772.png
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: b4aa35d1aefe17ab75c8c0ba0972cfc241143316673eeb38e6750556634f5637

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Thu, 20 Aug 2015 16:33:18 GMT
server: nginx
etag: "55d6014e-1b0"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 432
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 54ec960d6947b2c16a81a99224cabf14aed58d0d.png
img.tam.by/category/icon_android32/0a/1/ 846 B
1 KB 107ms
105ms Image
image/png 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/category/icon_android32/0a/1/54ec960d6947b2c16a81a99224cabf14aed58d0d.png
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: be4aa1b1e1c465c82da400b7184f5949ae9dfb6b928a277bd4ba380250b22712

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Thu, 20 Aug 2015 16:33:59 GMT
server: nginx
etag: "55d60177-34e"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 846
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 3476b09f00ba25d6867b865f7d07b3865d3aa7de.png
img.tam.by/category/icon_android32/0d/1/ 811 B
1010 B 107ms
104ms Image
image/png 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/category/icon_android32/0d/1/3476b09f00ba25d6867b865f7d07b3865d3aa7de.png
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: e88b7dc458ea3ab8c5437de97d3fddf3f8d287de43acf8c6adafaab6f11eb332

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Thu, 20 Aug 2015 16:34:42 GMT
server: nginx
etag: "55d601a2-32b"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 811
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 02211c8e572aac16195855af21503dfc105cbb03.png
img.tam.by/category/icon_android32/04/4/ 487 B
686 B 110ms
107ms Image
image/png 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/category/icon_android32/04/4/02211c8e572aac16195855af21503dfc105cbb03.png
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 1cc97682d518a3ab2744843597c0686bf171de577848ec2bc51154a1c9851b08

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Thu, 20 Aug 2015 16:35:32 GMT
server: nginx
etag: "55d601d4-1e7"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 487
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 204363571851bc94a471dc38011d7151965b9a64.png
img.tam.by/category/icon_android32/0a/9/ 780 B
979 B 106ms
103ms Image
image/png 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/category/icon_android32/0a/9/204363571851bc94a471dc38011d7151965b9a64.png
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 9965e0d93596fb794b2545d6343b21648a36cd5dac4d43713b3fb2dfb00d9b75

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Thu, 20 Aug 2015 16:36:31 GMT
server: nginx
etag: "55d6020f-30c"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 780
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 cc85deaf463aa86ae59db12ff5de7bdebe93e9db.png
img.tam.by/category/icon_android32/06/b/ 518 B
717 B 110ms
108ms Image
image/png 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/category/icon_android32/06/b/cc85deaf463aa86ae59db12ff5de7bdebe93e9db.png
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: ba5f70b64ba31b909c5d85d8f63f061c041f2a5d7eab0418419d3ea4472e38db

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Thu, 20 Aug 2015 16:37:13 GMT
server: nginx
etag: "55d60239-206"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 518
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 9fe7af9776665f85c16b77e5cd3311e811f80d4b.png
img.tam.by/category/icon_android32/0c/10/ 494 B
693 B 105ms
102ms Image
image/png 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/category/icon_android32/0c/10/9fe7af9776665f85c16b77e5cd3311e811f80d4b.png
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 9e7ce88023742745bea51905de21f6be6fff9ef0a17b6763fa3c6698446e7e5a

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Thu, 20 Aug 2015 16:37:55 GMT
server: nginx
etag: "55d60263-1ee"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 494
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 1e1b47c26e8731417edb92ac64535b10610d73ea.png
img.tam.by/category/icon_android32/06/8/ 671 B
870 B 105ms
102ms Image
image/png 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/category/icon_android32/06/8/1e1b47c26e8731417edb92ac64535b10610d73ea.png
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 343b67d5917a7f43a542b6922f254e3cad7ae61f169a1d81b3adf9e30b33346f

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Thu, 20 Aug 2015 16:38:41 GMT
server: nginx
etag: "55d60291-29f"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 671
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 ffd92bc41e851557105fe3bcd0f662762f6c00a3.png
img.tam.by/category/icon_android32/0c/e/ 496 B
695 B 106ms
103ms Image
image/png 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/category/icon_android32/0c/e/ffd92bc41e851557105fe3bcd0f662762f6c00a3.png
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 8e8022ef5301415da86e942a66738e1fc3fe16b9d83d843637a83f8e8ae43c5f

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Thu, 20 Aug 2015 16:39:15 GMT
server: nginx
etag: "55d602b3-1f0"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 496
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 bb7d8b7833411d5622614d1143cf22d0b982f040.png
img.tam.by/category/icon_android32/09/d/ 656 B
855 B 110ms
108ms Image
image/png 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/category/icon_android32/09/d/bb7d8b7833411d5622614d1143cf22d0b982f040.png
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 5de7494128f5cd2f3f66429153f61b81df800630187321f27263bb8322d1bb43

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Thu, 20 Aug 2015 16:40:34 GMT
server: nginx
etag: "55d60302-290"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 656
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 449dc90cda9e4a20f6eaa442a56f52ba50ef7164.png
img.tam.by/category/icon_android32/00/10/ 817 B
1017 B 107ms
105ms Image
image/png 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/category/icon_android32/00/10/449dc90cda9e4a20f6eaa442a56f52ba50ef7164.png
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 64306c4d43c04a9f839aa3e27b91a7193fdf8752da5aa2931ddedd2a5efa9b04

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Thu, 20 Aug 2015 16:39:50 GMT
server: nginx
etag: "55d602d6-331"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 817
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 e5e8ef15e0e358b27d19e41f57f67bbbaeb0e74e.png
img.tam.by/category/icon_android32/06/0/ 420 B
619 B 110ms
108ms Image
image/png 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/category/icon_android32/06/0/e5e8ef15e0e358b27d19e41f57f67bbbaeb0e74e.png
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 073008d8135c1fb1252a12ce68a145069de2cf7d6148549e8980b6e876c336e5

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Thu, 20 Aug 2015 16:41:19 GMT
server: nginx
etag: "55d6032f-1a4"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 420
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 130023430da98f3b4b727527af03021d38e3e6a0.png
img.tam.by/category/icon_android32/0d/6/ 696 B
896 B 104ms
102ms Image
image/png 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/category/icon_android32/0d/6/130023430da98f3b4b727527af03021d38e3e6a0.png
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: abb104ac64187b2f903905e21b16803bdf8f2dc43d0992077d2e27cee929c2c3

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Thu, 20 Aug 2015 16:42:13 GMT
server: nginx
etag: "55d60365-2b8"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 696
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 96aef638d20c19c393e9eee9c885d59dcd80dbfc.png
img.tam.by/category/icon_android32/10/5/ 399 B
599 B 104ms
102ms Image
image/png 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/category/icon_android32/10/5/96aef638d20c19c393e9eee9c885d59dcd80dbfc.png
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 1918c8e229c1cad32f1d4eb855232c2b6c638906b869ac243328f74da0e63150

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Thu, 20 Aug 2015 16:42:51 GMT
server: nginx
etag: "55d6038b-18f"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 399
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 0c213d0f3a1443e2f4748ef6e1d4dd4537613cb9.png
img.tam.by/category/icon_android32/00/c/ 697 B
897 B 108ms
105ms Image
image/png 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/category/icon_android32/00/c/0c213d0f3a1443e2f4748ef6e1d4dd4537613cb9.png
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 101e0632069004c59a09ab95c214a8ecc159cfd9a0e163fece01168bd3b26f33

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Thu, 20 Aug 2015 16:43:23 GMT
server: nginx
etag: "55d603ab-2b9"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 697
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 37e23bbd6993322c34e157016fdb772330df8f17.png
img.tam.by/category/icon_android32/09/f/ 435 B
635 B 105ms
103ms Image
image/png 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/category/icon_android32/09/f/37e23bbd6993322c34e157016fdb772330df8f17.png
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: b3bde462ec554125cb55dfda8be71512fdc5ebe1985248c918655b3d01274fd7

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Thu, 20 Aug 2015 16:44:15 GMT
server: nginx
etag: "55d603df-1b3"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 435
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 5309dd81d25c0bc8c16aa3d1ea88ac73737136d2.png
img.tam.by/category/icon_android32/0d/2/ 396 B
596 B 106ms
104ms Image
image/png 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/category/icon_android32/0d/2/5309dd81d25c0bc8c16aa3d1ea88ac73737136d2.png
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 8929d8c7bee85ef7c3b8e647c87f999baf5fcb6501e29b1701df645d415b9834

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Thu, 20 Aug 2015 16:44:41 GMT
server: nginx
etag: "55d603f9-18c"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 396
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 1aba05b103911d5d295479e3997d1b4adc0f646d.png
img.tam.by/category/icon_android32/10/b/ 590 B
789 B 105ms
103ms Image
image/png 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/category/icon_android32/10/b/1aba05b103911d5d295479e3997d1b4adc0f646d.png
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 172e7aaed5b5bb7a7f8625ce5692751b386c77e3e3f83238d21e4043849fac08

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Thu, 11 Feb 2021 14:11:41 GMT
server: nginx
etag: "60253b1d-24e"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 590
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 c9e06746e944cbff781d727717d46e927d8c99d9.png
img.tam.by/category/icon_android32/07/f/ 2 KB
2 KB 107ms
104ms Image
image/png 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/category/icon_android32/07/f/c9e06746e944cbff781d727717d46e927d8c99d9.png
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: e543cf2c8cb3c2c64f8407f0fd850eb60f951253843fe64daf5b6b86d3b13fc1

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Fri, 17 Apr 2020 10:10:51 GMT
server: nginx
etag: "5e9980ab-899"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2201
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 e588c3ee8e81169b9e04aa639fef4d13ec276ee6-1.jpg
img.tam.by/320x218s/offers/01/4/ 19 KB
19 KB 109ms
108ms Image
image/jpeg 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/320x218s/offers/01/4/e588c3ee8e81169b9e04aa639fef4d13ec276ee6-1.jpg
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 7da13c8bb01034fa0334489707a82a760ba8fd244df1e9715f102551dafcf526

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Mon, 14 Sep 2020 12:04:03 GMT
server: nginx
etag: "5f5f5c33-4bf6"
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 19446
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 a6a10555b43f8474e06ff46dd13f8fb4da8fffef.jpg
img.tam.by/320x218s/offers/0b/e/ 20 KB
20 KB 108ms
108ms Image
image/jpeg 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/320x218s/offers/0b/e/a6a10555b43f8474e06ff46dd13f8fb4da8fffef.jpg
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 89336e45a299e37cdf9cc130c65fc422e1b037ef827a253729750c524414c700

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Mon, 05 Aug 2019 05:57:38 GMT
server: nginx
etag: "5d47c552-4f3e"
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 20286
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 477c4e3deccab5fcffc9267c5c7a9218-2.jpg
img.tam.by/320x218s/offers/0e/5/ 16 KB
16 KB 106ms
105ms Image
image/jpeg 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/320x218s/offers/0e/5/477c4e3deccab5fcffc9267c5c7a9218-2.jpg
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 65a5696a6603e2d716646a1652ec0d35a8b8abea28abafc70200eb3192fa584e

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Wed, 03 Mar 2021 14:53:14 GMT
server: nginx
etag: "603fa2da-40ea"
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 16618
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 94bca770268675f20457408f86c913d2-2.jpg
img.tam.by/320x218s/offers/0a/8/ 9 KB
9 KB 109ms
108ms Image
image/jpeg 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/320x218s/offers/0a/8/94bca770268675f20457408f86c913d2-2.jpg
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 819c4d2969dbde4481efdc6d705e67b0d55b387aa2ab3214e3c2eea41a0c87fb

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Fri, 12 Mar 2021 13:50:41 GMT
server: nginx
etag: "604b71b1-22ea"
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 8938
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 fc0769c0a6e335442f009a924721a40614568a06.jpg
img.tam.by/320x218s/user_uploads/07/b/ 32 KB
32 KB 101ms
100ms Image
image/jpeg 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/320x218s/user_uploads/07/b/fc0769c0a6e335442f009a924721a40614568a06.jpg
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 9c298da1f0bd52a87f9d2bd8cca771df35896b377c2a21166ece0b846bce34d7

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Fri, 02 Aug 2019 09:49:31 GMT
server: nginx
etag: "5d44072b-7eea"
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 32490
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 557c912e449862cf72ac3b7f55c064755103f920.jpg
img.tam.by/320x218s/offers/00/5/ 13 KB
13 KB 100ms
99ms Image
image/jpeg 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/320x218s/offers/00/5/557c912e449862cf72ac3b7f55c064755103f920.jpg
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 5e9625029da10ba5ec15f2d96ecd2ac02a3824dd056315a205b4e6281a23a98a

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Mon, 05 Aug 2019 05:57:38 GMT
server: nginx
etag: "5d47c552-3447"
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13383
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 6ea46af9d09fb9f6e01f2b35eb11df3f-2.jpg
img.tam.by/320x218s/offers/09/3/ 12 KB
13 KB 100ms
99ms Image
image/jpeg 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/320x218s/offers/09/3/6ea46af9d09fb9f6e01f2b35eb11df3f-2.jpg
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 4b8424a98aedd813b6ef405d9b677156aa28b255d8e7814230cfc6e8981d6d9b

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Wed, 08 Jul 2020 10:02:50 GMT
server: nginx
etag: "5f0599ca-3166"
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 12646
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 4cb334cf2726269d6c47a0a6d45a2cb9-2.jpg
img.tam.by/320x218s/offers/0b/7/ 14 KB
14 KB 106ms
106ms Image
image/jpeg 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/320x218s/offers/0b/7/4cb334cf2726269d6c47a0a6d45a2cb9-2.jpg
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 677b6f84d0d9b7747c668570f0cdf5ac7b949e21b90c559ca844521c706363ca

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Thu, 28 Jan 2021 12:10:58 GMT
server: nginx
etag: "6012a9d2-37bf"
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 14271
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H/1.1 200
OK photo-1511554871707-cb50b6ea37e5.jpg
blog.tam.by/wp-content/uploads/2019/01/ 69 KB
70 KB 320ms
137ms Image
image/jpeg 178.172.235.237
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.tam.by/wp-content/uploads/2019/01/photo-1511554871707-cb50b6ea37e5.jpg
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.172.235.237 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 0938942bf54fdc456b6b2fe6f6134c9e46cdb5dda1ebac872a13c1a0b2f94e95

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 17:36:57 GMT
Last-Modified: Wed, 09 Jan 2019 14:51:23 GMT
Server: nginx/1.14.2
ETag: "5c360a6b-11577"
Content-Type: image/jpeg
Cache-Control: max-age=691200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 71031
Expires: Sun, 28 Mar 2021 17:36:57 GMT

GET
H/1.1 200
OK image-124-2.jpg
blog.tam.by/wp-content/uploads/2019/11/ 73 KB
73 KB 320ms
138ms Image
image/jpeg 178.172.235.237
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.tam.by/wp-content/uploads/2019/11/image-124-2.jpg
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.172.235.237 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: bf4744dda75641cc629d3427ad8a18400b336fc28521996486f14d4853bde02b

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 17:36:57 GMT
Last-Modified: Wed, 17 Mar 2021 09:07:08 GMT
Server: nginx/1.14.2
ETag: "6051c6bc-122b9"
Content-Type: image/jpeg
Cache-Control: max-age=691200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 74425
Expires: Sun, 28 Mar 2021 17:36:57 GMT

GET
H/1.1 200
OK 103151654_119850296138471_4152588826205965589_n-1.jpg
blog.tam.by/wp-content/uploads/2021/03/ 109 KB
109 KB 321ms
139ms Image
image/jpeg 178.172.235.237
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.tam.by/wp-content/uploads/2021/03/103151654_119850296138471_4152588826205965589_n-1.jpg
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.172.235.237 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: aa7becfd501eaba46719e90aaea7ec6281cb19f9c4d7775c067091cbb38af35d

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 17:36:57 GMT
Last-Modified: Sat, 06 Mar 2021 12:21:10 GMT
Server: nginx/1.14.2
ETag: "604373b6-1b3c4"
Content-Type: image/jpeg
Cache-Control: max-age=691200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 111556
Expires: Sun, 28 Mar 2021 17:36:57 GMT

GET
H/1.1 200
OK %D0%9B%D0%B5%D1%81%D0%BE%D0%BA-%D0%BE%D0%B1%D0%BB%D0%BE%D0%B6%D0%BA%D0%B0-03.jpg
blog.tam.by/wp-content/uploads/2021/03/ 139 KB
139 KB 321ms
150ms Image
image/jpeg 178.172.235.237
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.tam.by/wp-content/uploads/2021/03/%D0%9B%D0%B5%D1%81%D0%BE%D0%BA-%D0%BE%D0%B1%D0%BB%D0%BE%D0%B6%D0%BA%D0%B0-03.jpg
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.172.235.237 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 26bcbaf179d0e4c741690970aadcd385ef5712693f2c182e23c524e21c1cdd99

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 17:36:57 GMT
Last-Modified: Wed, 10 Mar 2021 13:02:59 GMT
Server: nginx/1.14.2
ETag: "6048c383-22bd0"
Content-Type: image/jpeg
Cache-Control: max-age=691200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 142288
Expires: Sun, 28 Mar 2021 17:36:57 GMT

GET
H2 200 api Show response
s3r.tut.by/ 96 KB
16 KB 384ms
42ms Script
application/javascript 2a0a:7d80::c:1:0
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://s3r.tut.by/api?rev=r0~r2375~r0~r0
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c:1:0 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 31697d4d66425d89d7fd18d49398d684e70656568ed4ecc64761840f7b4e2724

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:56 GMT
content-encoding: gzip
last-modified: Fri, 10 May 2019 13:17:30 GMT
server: nginx
etag: W/"5cd579ea-1805c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf8
cache-control: max-age=600
x-robots-tag: noindex, nofollow
expires: Sat, 20 Mar 2021 17:46:56 GMT

GET
H2 200 ajax-loader-transparent.gif
tam.by//images/i/by4/ 673 B
878 B 91ms
91ms Image
image/gif 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tam.by//images/i/by4/ajax-loader-transparent.gif?v=1
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 251e59286801a47d97bf67d9c7dfdbad02df1a6e524c81a9220c451be679b3fa

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Thu, 20 Aug 2015 13:27:32 GMT
server: nginx
etag: "55d5d5c4-2a1"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 673
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 icon_sell.png
tam.by/images/catalog/icons/ 414 B
629 B 100ms
99ms Image
image/png 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tam.by/images/catalog/icons/icon_sell.png
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 67a16df756a43b05b390255ba3b1d5e0b8ddff0238bb66711cc707b884349a62

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Thu, 20 Aug 2015 13:27:33 GMT
server: nginx
etag: "55d5d5c5-19e"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 414
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H/1.1 200
OK track.js Show response
ad.tam.by/retarget/ 2 KB
2 KB 91ms
90ms Script
application/x-javascript 93.125.48.34
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.tam.by/retarget/track.js
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.125.48.34 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-34.hoster.by
Software: nginx/1.14.2 /
Resource Hash: 61ffbb80b1c185686850ce79ab22efac48c19de958143b051110f47f3630273e

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 17:36:57 GMT
Content-Encoding: gzip
Server: nginx/1.14.2
ETag: W/"8c4-KRHCzlIwEqpWaBZ6GHcFM8WspWg"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Expose-Headers: IPCity
Cache-Control: public, max-age=18000000
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-type,Accept,X-Access-Token,X-Key,If-Modified-Since,Authorization,Etag,If-None-Match,IPCity

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 106ms
37ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: tam.by
URL: https://tam.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

661d4e4d6b713cbaddf30f69fcff178f29948a341227a1c9c868808b965d856c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15939
x-xss-protection: 0
server: cafe
etag: 6572468146197836932
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 20 Mar 2021 17:36:57 GMT

GET
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 87 B
366 B 132ms
46ms XHR
application/json 2a02:6b8::16b
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8c9666534901f30a4b0fd69536c28a2f2394e21b3910e46d5cc04d49a87ad010

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://tam.by
date: Sat, 20 Mar 2021 17:36:57 GMT
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 87
x-content-type-options: nosniff
content-type: application/json

GET
H2 200 banners.js Show response
yastatic.net/pcode-bundles/0.1.3050/ 116 KB
28 KB 51ms
51ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode-bundles/0.1.3050/banners.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

ca29310fd29ac240ad1ad67e271672ceecc9928f62b3804c8150307047ab59f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://tam.by
Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 27616
last-modified: Tue, 16 Mar 2021 18:58:28 GMT
server: nginx/1.17.9
etag: "5924bd6fc6ff6b3979bb58559e86fcfb"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Mar 2051 00:09:19 GMT

GET
H2 200 context.js Show response
an.yandex.ru/system/ 127 KB
36 KB 157ms
58ms Script
text/javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/context.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

034097799535384e103c7f573d5b38bb86b1ccfb29b072748d1c3637dab0e434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
strict-transport-security: max-age=31536000
content-encoding: br
etag: 2301012091
x-yandex-req-id: 1616261817136874-246156512634957933400166-production-app-host-sas-pcode-24
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 20 Mar 2021 18:36:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: tam.by
URL: https://tam.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 5662
date: Sat, 20 Mar 2021 16:02:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sat, 20 Mar 2021 18:02:35 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 123 KB
43 KB 44ms
43ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: tam.by
URL: https://tam.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

a928bd7174193ecef74cc60693796118826e53e5be214daf6d25f17f68b93446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
content-encoding: br
last-modified: Tue, 09 Mar 2021 18:36:29 GMT
etag: "6051cea4-aadb"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 43739
expires: Sat, 20 Mar 2021 18:36:57 GMT

GET
H2 200 xgemius.js Show response
gaby.hit.gemius.pl/ 39 KB
10 KB 158ms
48ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaby.hit.gemius.pl/xgemius.js
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: e638d0a2e34839411a00a5b34800a1dbf737b68fcea0b85c683e0d46414d3556

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
content-encoding: gzip
last-modified: Wed, 17 Mar 2021 11:13:20 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
accept-ranges: none
content-type: application/x-javascript
content-length: 10549
expires: Sun, 21 Mar 2021 05:36:57 GMT

GET
H2 200 sprite.svg
tam.by/images/by3/svg/symbol/ 23 KB
8 KB 99ms
99ms Other
image/svg+xml 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://tam.by/images/by3/svg/symbol/sprite.svg
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: b6745005745b7aefe26dfacb5bfd8a04b5e1a8ed10ca5da39529921bcd5c0956

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
content-encoding: gzip
last-modified: Fri, 07 Jun 2019 12:53:40 GMT
server: nginx
etag: W/"5cfa5e54-5c76"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 76 KB
30 KB 34ms
19ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K9H4XJ

Requested by

Host: tam.by
URL: https://tam.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bb6f2949dcc60b06101c598d4e6e43535db9726d5631c750f1a5321dc484b0b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Sat, 20 Mar 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 20 Mar 2021 17:36:57 GMT

GET
H2 200 res_co_track.gif
c1hit.tut.by/ 43 B
297 B 70ms
34ms Image
image/gif 2a0a:7d80::c:1:0
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c1hit.tut.by/res_co_track.gif
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c:1:0 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-type: image/gif
cache-control: no-cache
x-robots-tag: noindex, nofollow
content-length: 43
expires: Sat, 20 Mar 2021 17:36:56 GMT

GET
DATA 200
OK truncated
/ 624 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e09aea00e38e6dd82f3ef7fb470a7185501238189d6a9fb932a783a79fa8076e

Request headers

Referer: https://tam.by/css/by3/styles.min~catalog~custom~r0~r0~r0~r12053.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 18408_234_advertising.gif
c2hit.tut.by/stat/1362/54156/js/161626181/ 43 B
299 B 53ms
39ms Image
image/gif 2a0a:7d80::c:1:0
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c2hit.tut.by/stat/1362/54156/js/161626181/18408_234_advertising.gif
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c:1:0 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-type: image/gif
cache-control: max-age=60
x-robots-tag: noindex, nofollow
content-length: 43
expires: Sat, 20 Mar 2021 17:37:57 GMT

GET
H2 200 ajax-loader-transparent.gif
tam.by/images/i/by4/ 673 B
887 B 70ms
70ms Image
image/gif 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tam.by/images/i/by4/ajax-loader-transparent.gif?v=1ajax-loader-transparent.gif?v=1
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 251e59286801a47d97bf67d9c7dfdbad02df1a6e524c81a9220c451be679b3fa

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Thu, 20 Aug 2015 13:27:32 GMT
server: nginx
etag: "55d5d5c4-2a1"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 673
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
DATA 200
OK truncated Show response
/ 360 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a709c3f568cb8f4026537b3bf992f80ac6f447a28f38917c31c72eb79e0cdefa

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript

POST
H/1.1 200
OK show Show response
ad.tam.by/api/retarget/offers/ 15 B
644 B 587ms
424ms XHR
application/json 93.125.48.34
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.tam.by/api/retarget/offers/show
Requested by: Host: tam.by
URL: https://tam.by/js/by3/modernizr~jquery-3.4.1.min~libs.min~main.min~catalog~catalog_suggests~catalog_geo~tam_core_extended~catalog_login~tam_by_events~r0~r0~r0~r12054.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.125.48.34 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-34.hoster.by
Software: nginx/1.14.2 /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Sat, 20 Mar 2021 17:36:57 GMT
Server: nginx/1.14.2
ETag: W/"f-VaSQ4oDUiZblZNAEkkN+sX+q3Sg"
Vary: X-HTTP-Method-Override
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://tam.by
Access-Control-Expose-Headers: IPCity
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-type,Accept,X-Access-Token,X-Key,If-Modified-Since,Authorization,Etag,If-None-Match,IPCity
Content-Length: 15

POST
H/1.1 200
OK show Show response
ad.tam.by/api/retarget/offers/ 15 B
644 B 257ms
86ms XHR
application/json 93.125.48.34
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.tam.by/api/retarget/offers/show
Requested by: Host: tam.by
URL: https://tam.by/js/by3/modernizr~jquery-3.4.1.min~libs.min~main.min~catalog~catalog_suggests~catalog_geo~tam_core_extended~catalog_login~tam_by_events~r0~r0~r0~r12054.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.125.48.34 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-34.hoster.by
Software: nginx/1.14.2 /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Sat, 20 Mar 2021 17:36:57 GMT
Server: nginx/1.14.2
ETag: W/"f-VaSQ4oDUiZblZNAEkkN+sX+q3Sg"
Vary: X-HTTP-Method-Override
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://tam.by
Access-Control-Expose-Headers: IPCity
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-type,Accept,X-Access-Token,X-Key,If-Modified-Since,Authorization,Etag,If-None-Match,IPCity
Content-Length: 15

POST
H/1.1 200
OK show Show response
ad.tam.by/api/retarget/offers/ 15 B
644 B 257ms
85ms XHR
application/json 93.125.48.34
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.tam.by/api/retarget/offers/show
Requested by: Host: tam.by
URL: https://tam.by/js/by3/modernizr~jquery-3.4.1.min~libs.min~main.min~catalog~catalog_suggests~catalog_geo~tam_core_extended~catalog_login~tam_by_events~r0~r0~r0~r12054.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.125.48.34 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-34.hoster.by
Software: nginx/1.14.2 /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Sat, 20 Mar 2021 17:36:57 GMT
Server: nginx/1.14.2
ETag: W/"f-VaSQ4oDUiZblZNAEkkN+sX+q3Sg"
Vary: X-HTTP-Method-Override
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://tam.by
Access-Control-Expose-Headers: IPCity
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-type,Accept,X-Access-Token,X-Key,If-Modified-Since,Authorization,Etag,If-None-Match,IPCity
Content-Length: 15

POST
H/1.1 200
OK show Show response
ad.tam.by/api/retarget/offers/ 15 B
644 B 263ms
86ms XHR
application/json 93.125.48.34
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.tam.by/api/retarget/offers/show
Requested by: Host: tam.by
URL: https://tam.by/js/by3/modernizr~jquery-3.4.1.min~libs.min~main.min~catalog~catalog_suggests~catalog_geo~tam_core_extended~catalog_login~tam_by_events~r0~r0~r0~r12054.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.125.48.34 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-34.hoster.by
Software: nginx/1.14.2 /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Sat, 20 Mar 2021 17:36:57 GMT
Server: nginx/1.14.2
ETag: W/"f-VaSQ4oDUiZblZNAEkkN+sX+q3Sg"
Vary: X-HTTP-Method-Override
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://tam.by
Access-Control-Expose-Headers: IPCity
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-type,Accept,X-Access-Token,X-Key,If-Modified-Since,Authorization,Etag,If-None-Match,IPCity
Content-Length: 15

POST
H/1.1 200
OK show Show response
ad.tam.by/api/retarget/offers/ 15 B
644 B 266ms
88ms XHR
application/json 93.125.48.34
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.tam.by/api/retarget/offers/show
Requested by: Host: tam.by
URL: https://tam.by/js/by3/modernizr~jquery-3.4.1.min~libs.min~main.min~catalog~catalog_suggests~catalog_geo~tam_core_extended~catalog_login~tam_by_events~r0~r0~r0~r12054.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.125.48.34 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-34.hoster.by
Software: nginx/1.14.2 /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Sat, 20 Mar 2021 17:36:57 GMT
Server: nginx/1.14.2
ETag: W/"f-VaSQ4oDUiZblZNAEkkN+sX+q3Sg"
Vary: X-HTTP-Method-Override
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://tam.by
Access-Control-Expose-Headers: IPCity
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-type,Accept,X-Access-Token,X-Key,If-Modified-Since,Authorization,Etag,If-None-Match,IPCity
Content-Length: 15

POST
H/1.1 200
OK show Show response
ad.tam.by/api/retarget/offers/ 15 B
644 B 272ms
89ms XHR
application/json 93.125.48.34
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.tam.by/api/retarget/offers/show
Requested by: Host: tam.by
URL: https://tam.by/js/by3/modernizr~jquery-3.4.1.min~libs.min~main.min~catalog~catalog_suggests~catalog_geo~tam_core_extended~catalog_login~tam_by_events~r0~r0~r0~r12054.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.125.48.34 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-34.hoster.by
Software: nginx/1.14.2 /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Sat, 20 Mar 2021 17:36:57 GMT
Server: nginx/1.14.2
ETag: W/"f-VaSQ4oDUiZblZNAEkkN+sX+q3Sg"
Vary: X-HTTP-Method-Override
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://tam.by
Access-Control-Expose-Headers: IPCity
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-type,Accept,X-Access-Token,X-Key,If-Modified-Since,Authorization,Etag,If-None-Match,IPCity
Content-Length: 15

POST
H/1.1 200
OK show Show response
ad.tam.by/api/retarget/offers/ 15 B
644 B 347ms
90ms XHR
application/json 93.125.48.34
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.tam.by/api/retarget/offers/show
Requested by: Host: tam.by
URL: https://tam.by/js/by3/modernizr~jquery-3.4.1.min~libs.min~main.min~catalog~catalog_suggests~catalog_geo~tam_core_extended~catalog_login~tam_by_events~r0~r0~r0~r12054.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.125.48.34 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-34.hoster.by
Software: nginx/1.14.2 /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Sat, 20 Mar 2021 17:36:57 GMT
Server: nginx/1.14.2
ETag: W/"f-VaSQ4oDUiZblZNAEkkN+sX+q3Sg"
Vary: X-HTTP-Method-Override
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://tam.by
Access-Control-Expose-Headers: IPCity
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-type,Accept,X-Access-Token,X-Key,If-Modified-Since,Authorization,Etag,If-None-Match,IPCity
Content-Length: 15

POST
H/1.1 200
OK show Show response
ad.tam.by/api/retarget/offers/ 15 B
644 B 345ms
88ms XHR
application/json 93.125.48.34
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.tam.by/api/retarget/offers/show
Requested by: Host: tam.by
URL: https://tam.by/js/by3/modernizr~jquery-3.4.1.min~libs.min~main.min~catalog~catalog_suggests~catalog_geo~tam_core_extended~catalog_login~tam_by_events~r0~r0~r0~r12054.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.125.48.34 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-34.hoster.by
Software: nginx/1.14.2 /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Sat, 20 Mar 2021 17:36:57 GMT
Server: nginx/1.14.2
ETag: W/"f-VaSQ4oDUiZblZNAEkkN+sX+q3Sg"
Vary: X-HTTP-Method-Override
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://tam.by
Access-Control-Expose-Headers: IPCity
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-type,Accept,X-Access-Token,X-Key,If-Modified-Since,Authorization,Etag,If-None-Match,IPCity
Content-Length: 15

GET
H2 200 18408_7153_advertising.gif
c2hit.tut.by/stat/1360/54152/js/161626181/ 43 B
299 B 40ms
33ms Image
image/gif 2a0a:7d80::c:1:0
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c2hit.tut.by/stat/1360/54152/js/161626181/18408_7153_advertising.gif
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c:1:0 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-type: image/gif
cache-control: max-age=60
x-robots-tag: noindex, nofollow
content-length: 43
expires: Sat, 20 Mar 2021 17:37:57 GMT

GET
H2 200 stars-gray.svg
tam.by/images/by3/content/ 2 KB
595 B 64ms
63ms Image
image/svg+xml 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tam.by/images/by3/content/stars-gray.svg
Requested by: Host: tam.by
URL: https://tam.by/css/by3/styles.min~catalog~custom~r0~r0~r0~r12053.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: fd0d1e46f88e8ab51c3d4cfaaa9a22c2c2c5fd0e578b06afc7f710456e474b46

Request headers

Referer: https://tam.by/css/by3/styles.min~catalog~custom~r0~r0~r0~r12053.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
content-encoding: gzip
last-modified: Wed, 31 Jul 2019 12:43:11 GMT
server: nginx
etag: W/"5d418cdf-6d1"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 stars-red.svg
tam.by/images/by3/content/ 2 KB
598 B 106ms
106ms Image
image/svg+xml 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tam.by/images/by3/content/stars-red.svg
Requested by: Host: tam.by
URL: https://tam.by/css/by3/styles.min~catalog~custom~r0~r0~r0~r12053.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: a20b8435bae24bc3ab0c3aef93ce24fa7eda07b548da3b8f1321ace391f3206c

Request headers

Referer: https://tam.by/css/by3/styles.min~catalog~custom~r0~r0~r0~r12053.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
content-encoding: gzip
last-modified: Wed, 31 Jul 2019 12:43:11 GMT
server: nginx
etag: W/"5d418cdf-6d1"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
expires: Sat, 27 Mar 2021 17:36:57 GMT

GET
H2 200 18408_5_advertising.gif
c2hit.tut.by/stat/1359/54151/js/161626181/ 43 B
299 B 43ms
42ms Image
image/gif 2a0a:7d80::c:1:0
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c2hit.tut.by/stat/1359/54151/js/161626181/18408_5_advertising.gif
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c:1:0 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-type: image/gif
cache-control: max-age=60
x-robots-tag: noindex, nofollow
content-length: 43
expires: Sat, 20 Mar 2021 17:37:57 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/997888407/ 2 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/997888407/?random=1616261817129&cv=9&fst=1616261817129&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ftam.by%2F&tiba=TAM.BY%20-%20%D0%BD%D1%83%D0%B6%D0%BD%D1%8B%D0%B5%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20%D0%B2%20%D0%BD%D1%83%D0%B6%D0%BD%D1%8B%D0%B9%20%D0%BC%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%20(%D0%9C%D0%B8%D0%BD%D1%81%D0%BA)&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a07a89d8a7941456bb3afc08f7c0ea3f813ba0fe01a67f649ad8712482157f23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 17:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1040
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
tam.by/ 13 KB
2 KB 79ms
78ms XHR
text/html 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL

https://tam.by/?call=loginpopup&ret=https%3A%2F%2Ftam.by%2F

Requested by

Host: tam.by
URL: https://tam.by/js/by3/modernizr~jquery-3.4.1.min~libs.min~main.min~catalog~catalog_suggests~catalog_geo~tam_core_extended~catalog_login~tam_by_events~r0~r0~r0~r12054.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),

Reverse DNS

Software

nginx /

Resource Hash

4c0e3208ae1beeda0f89b3adcc2c38ae34087f7d888d6104e2029a18d9310b83

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: */*
Referer: https://tam.by/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
content-encoding: gzip
referrer-policy: unsafe-url
server: nginx
strict-transport-security: max-age=86400
content-type: text/html; charset=utf-8
cache-control: max-age=3600, public
vary: Accept-Encoding, Accept-Encoding, Cookie

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 85 KB
34 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-TDBJVHT&cid=359534313.1616261817

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

275b98eb2a7433036bad3d0703c2101d7a3c76198151f84ed75a091b6f12dedf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34095
x-xss-protection: 0
last-modified: Sat, 20 Mar 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 20 Mar 2021 17:36:57 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
41 B 14ms
14ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1098605947&t=pageview&_s=1&dl=https%3A%2F%2Ftam.by%2F&ul=en-us&de=UTF-8&dt=TAM.BY%20-%20%D0%BD%D1%83%D0%B6%D0%BD%D1%8B%D0%B5%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20%D0%B2%20%D0%BD%D1%83%D0%B6%D0%BD%D1%8B%D0%B9%20%D0%BC%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%20(%D0%9C%D0%B8%D0%BD%D1%81%D0%BA)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGDAAEADQAAAAC~&jid=750306385&gjid=689568383&cid=359534313.1616261817&tid=UA-46480880-15&_gid=1771297325.1616261817&_r=1&_slc=1&z=107384895

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 17:36:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tam.by
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
25 B 13ms
13ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1098605947&t=pageview&_s=1&dl=https%3A%2F%2Ftam.by%2F&ul=en-us&de=UTF-8&dt=TAM.BY%20-%20%D0%BD%D1%83%D0%B6%D0%BD%D1%8B%D0%B5%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20%D0%B2%20%D0%BD%D1%83%D0%B6%D0%BD%D1%8B%D0%B9%20%D0%BC%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%20(%D0%9C%D0%B8%D0%BD%D1%81%D0%BA)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGDAAEADQAAAAC~&jid=1491669164&gjid=297583635&cid=359534313.1616261817&tid=UA-46480880-18&_gid=1771297325.1616261817&_r=1&_slc=1&z=1321686481

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 17:36:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tam.by
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
81 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-46480880-15&cid=359534313.1616261817&jid=750306385&gjid=689568383&_gid=1771297325.1616261817&_u=KGDAAEACQAAAAC~&z=1310812310

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 20 Mar 2021 17:36:57 GMT
content-type: text/plain
access-control-allow-origin: https://tam.by
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 17ms
16ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=https%3A%2F%2Ftam.by%2F&cid=359534313.1616261817&jid=1285599597&gjid=325112229&_gid=1771297325.1616261817&_u=aGDAgEADQAAAAG~&z=1807748967

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 20 Mar 2021 17:36:57 GMT
content-type: text/plain
access-control-allow-origin: https://tam.by
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
120 B 7ms
6ms Image
image/gif 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=1098605947&t=pageview&_s=1&dl=https%3A%2F%2Ftam.by%2F&ul=en-us&de=UTF-8&dt=TAM.BY%20-%20%D0%BD%D1%83%D0%B6%D0%BD%D1%8B%D0%B5%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20%D0%B2%20%D0%BD%D1%83%D0%B6%D0%BD%D1%8B%D0%B9%20%D0%BC%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%20(%D0%9C%D0%B8%D0%BD%D1%81%D0%BA)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEADQAAAAC~&jid=1285599597&gjid=325112229&cid=359534313.1616261817&tid=https%3A%2F%2Ftam.by%2F&_gid=1771297325.1616261817&gtm=2wg3a0K9H4XJ&z=1484097475

Requested by

Host: tam.by
URL: https://tam.by/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 20:35:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75711
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/31359968/
Redirect Chain

https://mc.yandex.ru/watch/31359968?wmode=7&page-url=https%3A%2F%2Ftam.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74honwal%3Afp%3A1033%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%...
https://mc.yandex.ru/watch/31359968/1?wmode=7&page-url=https%3A%2F%2Ftam.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74honwal%3Afp%3A1033%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3A...

236 B
609 B

44ms
44ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/31359968/1?wmode=7&page-url=https%3A%2F%2Ftam.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74honwal%3Afp%3A1033%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A462%3Acn%3A1%3Adp%3A0%3Als%3A4229860582%3Ahid%3A362189869%3Az%3A60%3Ai%3A20210320183657%3Aet%3A1616261817%3Ac%3A1%3Arn%3A23353258%3Au%3A1616261817155854012%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1616261816214%3Ads%3A0%2C0%2C132%2C1%2C250%2C0%2C%2C528%2C1%2C%2C%2C%2C920%3Adsn%3A0%2C0%2C132%2C1%2C251%2C0%2C%2C530%2C1%2C%2C%2C%2C920%3Arqnl%3A1%3Ati%3A2%3Ast%3A1616261817%3At%3ATAM.BY%20-%20%D0%BD%D1%83%D0%B6%D0%BD%D1%8B%D0%B5%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20%D0%B2%20%D0%BD%D1%83%D0%B6%D0%BD%D1%8B%D0%B9%20%D0%BC%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%20%28%D0%9C%D0%B8%D0%BD%D1%81%D0%BA%29

Requested by

Host: tam.by
URL: https://tam.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

ff01abcda30db3f0195e462b33eb98f8e4fcf594f24cd34ea88b3d5ff883abfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 17:36:57 GMT
x-content-type-options: nosniff
last-modified: Sat, 20-Mar-2021 17:36:57 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tam.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 236
x-xss-protection: 1; mode=block
expires: Sat, 20-Mar-2021 17:36:57 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Sat, 20-Mar-2021 17:36:57 GMT
location: /watch/31359968/1?wmode=7&page-url=https%3A%2F%2Ftam.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74honwal%3Afp%3A1033%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A462%3Acn%3A1%3Adp%3A0%3Als%3A4229860582%3Ahid%3A362189869%3Az%3A60%3Ai%3A20210320183657%3Aet%3A1616261817%3Ac%3A1%3Arn%3A23353258%3Au%3A1616261817155854012%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1616261816214%3Ads%3A0%2C0%2C132%2C1%2C250%2C0%2C%2C528%2C1%2C%2C%2C%2C920%3Adsn%3A0%2C0%2C132%2C1%2C251%2C0%2C%2C530%2C1%2C%2C%2C%2C920%3Arqnl%3A1%3Ati%3A2%3Ast%3A1616261817%3At%3ATAM.BY%20-%20%D0%BD%D1%83%D0%B6%D0%BD%D1%8B%D0%B5%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20%D0%B2%20%D0%BD%D1%83%D0%B6%D0%BD%D1%8B%D0%B9%20%D0%BC%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%20%28%D0%9C%D0%B8%D0%BD%D1%81%D0%BA%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://tam.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Sat, 20-Mar-2021 17:36:57 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
149 B 44ms
44ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: tam.by
URL: https://tam.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Tue, 09 Mar 2021 18:36:29 GMT
etag: "6051cea4-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 20 Mar 2021 18:36:57 GMT

GET
H2 200 dab3f131ce09081e8f82.js Show response
yastatic.net/partner-code-bundles/14191/ 12 KB
5 KB 43ms
43ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/14191/dab3f131ce09081e8f82.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

3c6f08b53edcf72d9996f93f9a7fd58064d8847901f6b2f723f99d5d7df91090

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://tam.by
Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4197
last-modified: Thu, 18 Mar 2021 14:31:54 GMT
server: nginx/1.17.9
etag: "6124314a2e952c1aae216a486cabdf7e"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Mar 2051 00:09:59 GMT

GET
H2 200 e229f1f57321f1737659.js Show response
yastatic.net/partner-code-bundles/14191/ 391 KB
82 KB 54ms
54ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/14191/e229f1f57321f1737659.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4be2a8490219feb3f6a5f60cd7d2e4d7dc265a8fd38d1b853570d8a89d5d2c35

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://tam.by
Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 82959
last-modified: Thu, 18 Mar 2021 14:31:54 GMT
server: nginx/1.17.9
etag: "a338dc1a658fb81fd50a5f0beb43fe2b"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Mar 2051 00:09:59 GMT

GET
H2 200 8f8acf4dc15aabb0248d.js Show response
yastatic.net/partner-code-bundles/14191/ 270 KB
45 KB 108ms
108ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/14191/8f8acf4dc15aabb0248d.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

df230a2c167a80823d937db721e39bd4ee4eb917ec2694559fec24090ef6c28d

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://tam.by
Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 45562
last-modified: Thu, 18 Mar 2021 14:31:54 GMT
server: nginx/1.17.9
etag: "9e36d45c73c6062f8c8f47ef374eaf1a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Mar 2051 00:10:12 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/997888407/ 42 B
108 B 20ms
19ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/997888407/?random=1616261817129&cv=9&fst=1616259600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Ftam.by%2F&tiba=TAM.BY%20-%20%D0%BD%D1%83%D0%B6%D0%BD%D1%8B%D0%B5%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20%D0%B2%20%D0%BD%D1%83%D0%B6%D0%BD%D1%8B%D0%B9%20%D0%BC%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%20(%D0%9C%D0%B8%D0%BD%D1%81%D0%BA)&fmt=3&is_vtc=1&random=3818910401&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: tam.by
URL: https://tam.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 17:36:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/997888407/ 42 B
108 B 19ms
18ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/997888407/?random=1616261817129&cv=9&fst=1616259600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Ftam.by%2F&tiba=TAM.BY%20-%20%D0%BD%D1%83%D0%B6%D0%BD%D1%8B%D0%B5%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20%D0%B2%20%D0%BD%D1%83%D0%B6%D0%BD%D1%8B%D0%B9%20%D0%BC%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%20(%D0%9C%D0%B8%D0%BD%D1%81%D0%BA)&fmt=3&is_vtc=1&random=3818910401&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: tam.by
URL: https://tam.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 17:36:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fpdata.js Show response
gaby.hit.gemius.pl/ 275 B
388 B 48ms
48ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaby.hit.gemius.pl/fpdata.js?href=tam.by
Requested by: Host: gaby.hit.gemius.pl
URL: https://gaby.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: c0858cef243753dd5eb4aa252f2063fa980574659c108bb55d795c053531776e

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
accept-ranges: none
content-type: application/x-javascript
content-length: 275
expires: Mon, 19 Apr 2021 17:36:57 GMT

GET
H2

200

rexdot.js Show response
gaby.hit.gemius.pl/__/_1616261817397/
Redirect Chain

https://gaby.hit.gemius.pl/_1616261817397/rexdot.js?l=100&id=0iWVhGLhkSnOM.coExUx_ZR6DfXGYVuPku6GN3CSc4D.S7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Ftam.by%2F...
https://gaby.hit.gemius.pl/__/_1616261817397/rexdot.js?l=100&id=0iWVhGLhkSnOM.coExUx_ZR6DfXGYVuPku6GN3CSc4D.S7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Ftam.by...

169 B
430 B

121ms
120ms

Script
application/x-javascript

146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaby.hit.gemius.pl/__/_1616261817397/rexdot.js?l=100&id=0iWVhGLhkSnOM.coExUx_ZR6DfXGYVuPku6GN3CSc4D.S7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Ftam.by%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=HFzb3mKa7XLl4Lv.HxvH3O6TibubQC6jM6D8LA6cL3b.07&vis=1
Requested by: Host: tam.by
URL: https://tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: d95f5beca7425ebf58bbe6a71782e6e57a388cd1a2cdbdba6e0103fc74ac8c1f

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 17:36:57 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Fri, 19 Mar 2021 17:36:57 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Mar 2021 17:36:57 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1616261817397/rexdot.js?l=100&id=0iWVhGLhkSnOM.coExUx_ZR6DfXGYVuPku6GN3CSc4D.S7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Ftam.by%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=HFzb3mKa7XLl4Lv.HxvH3O6TibubQC6jM6D8LA6cL3b.07&vis=1
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Fri, 19 Mar 2021 17:36:57 GMT

GET
H2 200 ga.php Show response
www.tut.by/login/ 62 B
658 B 192ms
119ms Script
application/x-javascript 2a0a:7d80::c
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tut.by/login/ga.php

Requested by

Host: ad.tam.by
URL: https://ad.tam.by/retarget/track.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a0a:7d80::c Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),

Reverse DNS

Software

nginx /

Resource Hash

74f8113a093a9772ebe29204ff0fd89b692fcc0ad69814bc1725fd8f68ceaa4e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 17:36:57 GMT
referrer-policy: unsafe-url
last-modified: Sat, 20 Mar 2021 17:36:57 GMT
server: nginx
vary: Cookie
content-type: application/x-javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=15768000
x-robots-tag: noindex, nofollow
content-length: 62
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK log Show response
ad.tam.by/retarget/ 6 B
542 B 79ms
79ms XHR
text/html 93.125.48.34
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.tam.by/retarget/log
Requested by: Host: ad.tam.by
URL: https://ad.tam.by/retarget/track.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.125.48.34 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-34.hoster.by
Software: nginx/1.14.2 /
Resource Hash: 7baa99652be2c7c7a89cd84eb9dd6b2cbd5f72217a229fdf08dfdd23eed637bb

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/json; charset=UTF-8

Response headers

Date: Sat, 20 Mar 2021 17:36:59 GMT
Server: nginx/1.14.2
ETag: W/"6-JBls4FkQjfZ7VowtRNIdA6ELOsw"
Vary: X-HTTP-Method-Override
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://tam.by
Access-Control-Expose-Headers: IPCity
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-type,Accept,X-Access-Token,X-Key,If-Modified-Since,Authorization,Etag,If-None-Match,IPCity
Content-Length: 6

OPTIONS
H/1.1 200
OK log
ad.tam.by/retarget/ Frame 0
0 1568ms
85ms Preflight 93.125.48.34
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.tam.by/retarget/log
Protocol: HTTP/1.1
Server: 93.125.48.34 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-34.hoster.by
Software: nginx/1.14.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://tam.by
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.14.2
Date: Sat, 20 Mar 2021 17:36:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-type,Accept,X-Access-Token,X-Key,If-Modified-Since,Authorization,Etag,If-None-Match,IPCity
Access-Control-Expose-Headers: IPCity
Access-Control-Allow-Origin: https://tam.by
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS

GET
H2 200 v2 Show response
an.yandex.ru/adfox/246762/getBulk/ 170 B
428 B 109ms
109ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/246762/getBulk/v2?dl=https%3A%2F%2Ftam.by%2F&date=2021-03-20T18%3A36%3A57.655%2B01%3A00&pd=20&pdh=1200&pdw=1600&pr1=1952301762&pr=533654548&prr=&pv=18&pw=6&extid_loader=MTYxNjI2MTgxNzE1NTg1NDAxMg%3D%3D&extid_tag_loader=tam.by&ylv=0.3051&ybv=0.3050&ytt=550855330236437&is-turbo=0&skip-token=&ad-session-id=254351616261817659&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A0%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&yandexuid=3336156040377600140&sign=04871d9426f53f1842e9db87358dcba7&p1=cgcgp&p2=ftad&puid1=15800&puid2=&puid4=&puid5=0&puid17=&slotNumber=1&matchid-direct=1&bids=W10%3D&grab=dFRBTS5CWSAtINC90YPQttC90YvQtSDRg9GB0LvRg9Cz0Lgg0LIg0L3Rg9C20L3Ri9C5INC80L7QvNC10L3RgiAo0JzQuNC90YHQuikKMtCY0YnQuNGC0LUg0LrQvtC80L_QsNC90LjQuCDQuCDRg9GB0LvRg9Cz0LggCjLQodC70LXQtNC40YLQtSDQt9CwINC_0L7Qv9GD0LvRj9GA0L3Ri9C80Lgg0LDQutGG0LjRj9C80LggCjLQp9C40YLQsNC50YLQtSDQvtGC0LfRi9Cy0Ysg0L4g0LrQvtC80L_QsNC90LjRj9GFIAoy0J_QvtC70YPRh9Cw0LnRgtC1INC_0L7Qu9C10LfQvdGL0LUg0YHQvtCy0LXRgtGLIAoy0KPQt9C90LDQudGC0LUg0L_QtdGA0LLRi9C8INC-INC90L7QstC-0Lkg0LrQvtC80L_QsNC90LjQuCAKM9Ce0YHRgtCw0LLQu9GP0LnRgtC1INC30LDRj9Cy0LrQuCDQvdCwINGC0L7QstCw0YDRiyDQuCDRg9GB0LvRg9Cz0LggCg%3D%3D&utf8=%E2%9C%93&duid=MTYxNjI2MTgxNzE1NTg1NDAxMg%3D%3D

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

484987e65ac0c5a134ed9c4eb521b0cc06057b2a44311491b052fbf4e925a406

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 17:36:57 GMT
content-encoding: gzip
last-modified: Sat, 20 Mar 2021 17:36:57 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://tam.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 20 Mar 2021 17:36:57 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/312020/getBulk/ 6 KB
2 KB 228ms
227ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/312020/getBulk/v2?dl=https%3A%2F%2Ftam.by%2F&date=2021-03-20T18%3A36%3A57.667%2B01%3A00&pd=20&pdh=1200&pdw=1600&pr1=2712045390&pr=533654548&prr=&pv=18&pw=6&extid_loader=MTYxNjI2MTgxNzE1NTg1NDAxMg%3D%3D&extid_tag_loader=tam.by&ylv=0.3051&ybv=0.3050&ytt=550855330236437&is-turbo=0&skip-token=&ad-session-id=254351616261817659&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1208%2C%22h%22%3A0%2C%22width%22%3A1208%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A196%2C%22top%22%3A1350%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&yandexuid=3336156040377600140&sign=04871d9426f53f1842e9db87358dcba7&p1=cjsja&p2=gmyw&puid17=&slotNumber=4&matchid-direct=1&bids=W10%3D&grab=dFRBTS5CWSAtINC90YPQttC90YvQtSDRg9GB0LvRg9Cz0Lgg0LIg0L3Rg9C20L3Ri9C5INC80L7QvNC10L3RgiAo0JzQuNC90YHQuikKMtCY0YnQuNGC0LUg0LrQvtC80L_QsNC90LjQuCDQuCDRg9GB0LvRg9Cz0LggCjLQodC70LXQtNC40YLQtSDQt9CwINC_0L7Qv9GD0LvRj9GA0L3Ri9C80Lgg0LDQutGG0LjRj9C80LggCjLQp9C40YLQsNC50YLQtSDQvtGC0LfRi9Cy0Ysg0L4g0LrQvtC80L_QsNC90LjRj9GFIAoy0J_QvtC70YPRh9Cw0LnRgtC1INC_0L7Qu9C10LfQvdGL0LUg0YHQvtCy0LXRgtGLIAoy0KPQt9C90LDQudGC0LUg0L_QtdGA0LLRi9C8INC-INC90L7QstC-0Lkg0LrQvtC80L_QsNC90LjQuCAKM9Ce0YHRgtCw0LLQu9GP0LnRgtC1INC30LDRj9Cy0LrQuCDQvdCwINGC0L7QstCw0YDRiyDQuCDRg9GB0LvRg9Cz0LggCg%3D%3D&utf8=%E2%9C%93&duid=MTYxNjI2MTgxNzE1NTg1NDAxMg%3D%3D

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

1b5709efacce69b6987bd825396d8adb14bf03935e5f3c7ec3789dacdcdd503c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 17:36:57 GMT
content-encoding: gzip
last-modified: Sat, 20 Mar 2021 17:36:57 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://tam.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 20 Mar 2021 17:36:57 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/312020/getBulk/ 6 KB
2 KB 270ms
270ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/312020/getBulk/v2?dl=https%3A%2F%2Ftam.by%2F&date=2021-03-20T18%3A36%3A57.671%2B01%3A00&pd=20&pdh=1200&pdw=1600&pr1=1734387770&pr=533654548&prr=&pv=18&pw=6&extid_loader=MTYxNjI2MTgxNzE1NTg1NDAxMg%3D%3D&extid_tag_loader=tam.by&ylv=0.3051&ybv=0.3050&ytt=550855330236437&is-turbo=0&skip-token=&ad-session-id=254351616261817659&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1248%2C%22h%22%3A0%2C%22width%22%3A1248%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A176%2C%22top%22%3A3008%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&yandexuid=3336156040377600140&sign=04871d9426f53f1842e9db87358dcba7&p1=cjsiz&p2=gmyw&slotNumber=5&matchid-direct=1&bids=W10%3D&grab=dFRBTS5CWSAtINC90YPQttC90YvQtSDRg9GB0LvRg9Cz0Lgg0LIg0L3Rg9C20L3Ri9C5INC80L7QvNC10L3RgiAo0JzQuNC90YHQuikKMtCY0YnQuNGC0LUg0LrQvtC80L_QsNC90LjQuCDQuCDRg9GB0LvRg9Cz0LggCjLQodC70LXQtNC40YLQtSDQt9CwINC_0L7Qv9GD0LvRj9GA0L3Ri9C80Lgg0LDQutGG0LjRj9C80LggCjLQp9C40YLQsNC50YLQtSDQvtGC0LfRi9Cy0Ysg0L4g0LrQvtC80L_QsNC90LjRj9GFIAoy0J_QvtC70YPRh9Cw0LnRgtC1INC_0L7Qu9C10LfQvdGL0LUg0YHQvtCy0LXRgtGLIAoy0KPQt9C90LDQudGC0LUg0L_QtdGA0LLRi9C8INC-INC90L7QstC-0Lkg0LrQvtC80L_QsNC90LjQuCAKM9Ce0YHRgtCw0LLQu9GP0LnRgtC1INC30LDRj9Cy0LrQuCDQvdCwINGC0L7QstCw0YDRiyDQuCDRg9GB0LvRg9Cz0LggCg%3D%3D&utf8=%E2%9C%93&duid=MTYxNjI2MTgxNzE1NTg1NDAxMg%3D%3D

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

7097197fee31debf6a6b9fe6698f18ab230e32ee15c462df4a7e85cb48050d4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 17:36:57 GMT
content-encoding: gzip
last-modified: Sat, 20 Mar 2021 17:36:57 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://tam.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 20 Mar 2021 17:36:57 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/312020/getBulk/ 6 KB
2 KB 256ms
255ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/312020/getBulk/v2?dl=https%3A%2F%2Ftam.by%2F&date=2021-03-20T18%3A36%3A57.674%2B01%3A00&pd=20&pdh=1200&pdw=1600&pr1=1876280836&pr=533654548&prr=&pv=18&pw=6&extid_loader=MTYxNjI2MTgxNzE1NTg1NDAxMg%3D%3D&extid_tag_loader=tam.by&ylv=0.3051&ybv=0.3050&ytt=550855330236437&is-turbo=0&skip-token=&ad-session-id=254351616261817659&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1248%2C%22h%22%3A0%2C%22width%22%3A1248%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A176%2C%22top%22%3A3836%2C%22req_no%22%3A3%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&yandexuid=3336156040377600140&sign=04871d9426f53f1842e9db87358dcba7&p1=cjsja&p2=gmyw&puid17=&slotNumber=8&matchid-direct=1&bids=W10%3D&grab=dFRBTS5CWSAtINC90YPQttC90YvQtSDRg9GB0LvRg9Cz0Lgg0LIg0L3Rg9C20L3Ri9C5INC80L7QvNC10L3RgiAo0JzQuNC90YHQuikKMtCY0YnQuNGC0LUg0LrQvtC80L_QsNC90LjQuCDQuCDRg9GB0LvRg9Cz0LggCjLQodC70LXQtNC40YLQtSDQt9CwINC_0L7Qv9GD0LvRj9GA0L3Ri9C80Lgg0LDQutGG0LjRj9C80LggCjLQp9C40YLQsNC50YLQtSDQvtGC0LfRi9Cy0Ysg0L4g0LrQvtC80L_QsNC90LjRj9GFIAoy0J_QvtC70YPRh9Cw0LnRgtC1INC_0L7Qu9C10LfQvdGL0LUg0YHQvtCy0LXRgtGLIAoy0KPQt9C90LDQudGC0LUg0L_QtdGA0LLRi9C8INC-INC90L7QstC-0Lkg0LrQvtC80L_QsNC90LjQuCAKM9Ce0YHRgtCw0LLQu9GP0LnRgtC1INC30LDRj9Cy0LrQuCDQvdCwINGC0L7QstCw0YDRiyDQuCDRg9GB0LvRg9Cz0LggCg%3D%3D&utf8=%E2%9C%93&duid=MTYxNjI2MTgxNzE1NTg1NDAxMg%3D%3D

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

70c2700345f5d5de3e0b570416ec75957f1dc64321642c412f36ef957efbf8bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 17:36:57 GMT
content-encoding: gzip
last-modified: Sat, 20 Mar 2021 17:36:57 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://tam.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 20 Mar 2021 17:36:57 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/31359968/ 43 B
73 B 47ms
47ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/31359968/1?page-url=https%3A%2F%2Ftam.by%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74honwal%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A462%3Acn%3A1%3Adp%3A1%3Als%3A4229860582%3Ahid%3A362189869%3Az%3A60%3Ai%3A20210320183657%3Aet%3A1616261818%3Ac%3A1%3Arn%3A75846552%3Au%3A1616261817155854012%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1616261816214%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1440%2C1440%2C%2C%3Adsn%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1440%2C1440%2C%2C%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1616261818

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 17:36:57 GMT
last-modified: Sat, 20-Mar-2021 17:36:57 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://tam.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 20-Mar-2021 17:36:57 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B260 139 KB
49 KB 43ms
23ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode-bundles/0.1.3050/banners.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

839b41dd475d143b31c479aa6e666b8deb648b293ee93e67071222960f2b75cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49857
x-xss-protection: 0
server: cafe
etag: 11991498641368206346
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 20 Mar 2021 17:36:57 GMT

GET
H2 204 event
ads.adfox.ru/312020/ 0
14 B 303ms
109ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=19ecbfcbdbc96e93&pm=bmo&pxo=F6zjJXMJTwM-25A5hUQPzxs258_gmCiSAOpsgO0-HF7viko28NEe_zyyC20zdDB75WKGuXZNK5gyejAqSlXqkqBgjeW_77F0L-oO80dStF9S_Ju-rI4YTaXi63qBGuXwL7ROScKIKetOMZIvvijbGLDXxiWf84NNFIXnmIbJ1_AZmTtHEBM%3D&p5=gxcpc&rand=beilsof&sj=0Pcq4J96U1dPcpH9IoEKA3kBol2ZlsDgM83-YHWqVUQiplstPZqsS6Rcv7WSCA%3D%3D&ad-session-id=254351616261817659&lts=fgawlwb&ytt=550855330236437&ybv=0.3050&ylv=0.3051&dl=https%3A%2F%2Ftam.by%2F&pr=bsxuruy&p1=cjsja&rqs=uZYCwqeCvIO5MlZgrMz75_HQW6QhRwQo&rtb-si=b&p2=gmyw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 20 Mar 2021 17:36:58 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 23CF 139 KB
49 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode-bundles/0.1.3050/banners.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

839b41dd475d143b31c479aa6e666b8deb648b293ee93e67071222960f2b75cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49857
x-xss-protection: 0
server: cafe
etag: 11991498641368206346
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 20 Mar 2021 17:36:57 GMT

GET
H2 204 event
ads.adfox.ru/312020/ 0
14 B 281ms
120ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=dbb87787a7755e3f&pm=bmo&pxo=YRDE7dQzeEn_KmQDdsB4f3hSqED1qjpkpY3M-vqJ8lXDFgGCyE1SXI_iOwsOzzc7VCmjv1JPdO2g7KnX6Qtj3NjNzp4oInYGOtzmOv7yJ0dMqOy5bc-YOgiOKCO1gzWkr4_1S-z5nJTNYnrYEnqT-EyQqcA9jJc4JDyy9lFAxJ8TL77X9Ek%3D&p5=gxcpc&rand=fmzghox&sj=o2PsvkEKJTq72JeDws01oyA5LRGWdIHluYw4Co1T5uHMtME_F5vCxXgNOXh_jg%3D%3D&ad-session-id=254351616261817659&lts=fgawlwb&ytt=550855330236437&ybv=0.3050&ylv=0.3051&dl=https%3A%2F%2Ftam.by%2F&pr=bsxuruy&p1=cjsja&rqs=uZYCwqeCvIO5MlZg_fKiKXFk6-Gkhel3&rtb-si=b&p2=gmyw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 20 Mar 2021 17:36:58 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1554 139 KB
49 KB 50ms
37ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode-bundles/0.1.3050/banners.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

839b41dd475d143b31c479aa6e666b8deb648b293ee93e67071222960f2b75cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49857
x-xss-protection: 0
server: cafe
etag: 11991498641368206346
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 20 Mar 2021 17:36:57 GMT

GET
H2 204 event
ads.adfox.ru/312020/ 0
107 B 260ms
109ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=13c3e678fb4f3fb6&pm=bmo&pxo=HNkOwLe0FXpYeeh0AuD5PVXJz_AGnYE5YIobrm6YM55SPjUyKWOOko9Hao2MHu-qxoCgE__8FmlS7TdQkYwRTxqQpDgHHKvtlWTWBhBAh7oP8k_rebqXO5lcNfLsskiw4TeMRhvaSTRAsb4Akgh7y1kc9oQ0nNYnMHuKcYH04Dwlc4JEvNs%3D&p5=gxcpc&rand=dylzlox&sj=NM_lPHIu8j67x8mRyT_uocdDz22aX7U9sIm7OPUErQMBRLirfaIjv74-wzPRyQ%3D%3D&ad-session-id=254351616261817659&lts=fgawlwb&ytt=550855330236437&ybv=0.3050&ylv=0.3051&dl=https%3A%2F%2Ftam.by%2F&pr=bsxuruy&p1=cjsiz&rqs=uZYCwqeCvIO5MlZgFTHwcCZ_X3Ar31M-&rtb-si=b&p2=gmyw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 20 Mar 2021 17:36:58 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/ Frame B260 226 KB
85 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8241049497608997&plah=tam.by&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86501
x-xss-protection: 0
server: cafe
etag: 16342648926818324530
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 20 Mar 2021 17:36:57 GMT

GET
H3-Q050 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/ Frame 3DB1 10 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210316/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tam.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tam.by/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 20 Mar 2021 04:26:34 GMT
expires: Sat, 03 Apr 2021 04:26:34 GMT
content-type: text/html; charset=UTF-8
etag: 14488317231655078900
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4661
x-xss-protection: 0
age: 47423
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/ Frame 23CF 226 KB
85 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8241049497608997&plah=tam.by&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86501
x-xss-protection: 0
server: cafe
etag: 16342648926818324530
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 20 Mar 2021 17:36:58 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/ Frame 1554 226 KB
84 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8241049497608997&plah=tam.by&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86501
x-xss-protection: 0
server: cafe
etag: 16342648926818324530
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 20 Mar 2021 17:36:58 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame B260 196 B
636 B 111ms
49ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=tam.by&callback=_gfp_s_&client=ca-pub-8241049497608997

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8241049497608997&plah=tam.by&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

cb54751a13853d238e21af8281666e687a1ef4419b7006e931aed9fa9e00ff4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 187
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame B260 107 B
799 B 37ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tam.by

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Mar 2021 17:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame B260 107 B
553 B 36ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tam.by

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Mar 2021 17:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1A69 92 KB
34 KB 386ms
385ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755396&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261817973&bpp=5&bdt=70&idt=61&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=2&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=694121058&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1350&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44739387&oid=3&pvsid=838796600582210&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.zlt8nk85gnu&btvi=1&fsb=1&dtd=77

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

496607b344060b972db70ca82bad4c416548ef683dc7ebf3699be7828c9a3ac3

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKngnry0v-8CFY8UGwod1xoAqw&gqi=ujJWYNDjA8XL1gbN05rIAw&layout=/sadbundle/%24csp%253Der3%24/15114128110379568047/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755396&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261817973&bpp=5&bdt=70&idt=61&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=2&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=694121058&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1350&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44739387&oid=3&pvsid=838796600582210&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.zlt8nk85gnu&btvi=1&fsb=1&dtd=77
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tam.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tam.by/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKngnry0v-8CFY8UGwod1xoAqw&gqi=ujJWYNDjA8XL1gbN05rIAw&layout=/sadbundle/%24csp%253Der3%24/15114128110379568047/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 20 Mar 2021 17:36:58 GMT
server: cafe
content-length: 33818
x-xss-protection: 0
set-cookie: IDE=AHWqTUkdtW51mYoaqCMcqNYqUnJSEgs_UdgJnLSX6WrnvuMCr0Erb5m4CqbHrkT2LiE; expires=Thu, 14-Apr-2022 17:36:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 20 Mar 2021 17:36:58 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame B260 73 KB
28 KB 36ms
16ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980824644616"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28204
x-xss-protection: 0
expires: Sat, 20 Mar 2021 17:36:58 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 23CF 196 B
257 B 109ms
69ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=tam.by&callback=_gfp_s_&client=ca-pub-8241049497608997

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

f44004c0c9ea3f322f7a346eee2592dcbf275fbd32a5ef53ab2e56ff22dc084b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 188
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 23CF 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tam.by

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Mar 2021 17:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 23CF 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tam.by

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Mar 2021 17:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DB2F 92 KB
34 KB 382ms
382ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755399&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261817990&bpp=2&bdt=53&idt=71&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=1&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=791957473&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=4335&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=42530672%2C21066429%2C21067570%2C21068083%2C31060352%2C44739387&oid=3&pvsid=2589565841276441&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.7zk60flqegph&btvi=1&fsb=1&dtd=79

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e6e49e8c8f80d5b97121be897c9be683dc9784b6c5f272456367b9bb8ee20f3

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNPXn7y0v-8CFQ-IhQod7HwG6w&gqi=ujJWYPjhBJrn1gaG1qq4Dw&layout=/sadbundle/%24csp%253Der3%24/15114128110379568047/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755399&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261817990&bpp=2&bdt=53&idt=71&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=1&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=791957473&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=4335&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=42530672%2C21066429%2C21067570%2C21068083%2C31060352%2C44739387&oid=3&pvsid=2589565841276441&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.7zk60flqegph&btvi=1&fsb=1&dtd=79
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tam.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tam.by/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNPXn7y0v-8CFQ-IhQod7HwG6w&gqi=ujJWYPjhBJrn1gaG1qq4Dw&layout=/sadbundle/%24csp%253Der3%24/15114128110379568047/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 20 Mar 2021 17:36:58 GMT
server: cafe
content-length: 33801
x-xss-protection: 0
set-cookie: IDE=AHWqTUlPLUB9pKCzL64wnJvsMT5Otxb9i4ql2nu33iTYL4kAvquIviC-0X3P7uFezDQ; expires=Thu, 14-Apr-2022 17:36:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 20 Mar 2021 17:36:58 GMT
cache-control: private

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 1554 196 B
253 B 69ms
68ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=tam.by&callback=_gfp_s_&client=ca-pub-8241049497608997

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

748f955a5027eb3f8ef2f546bd096881ea650cc1ed5c7fdced2cb1a83bbe660c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 188
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 1554 107 B
777 B 42ms
29ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tam.by

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Mar 2021 17:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1554 107 B
531 B 43ms
29ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tam.by

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Mar 2021 17:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5970 74 KB
25 KB 364ms
364ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_1_floors_11&adk=3924702937&adf=3279755398&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261818016&bpp=1&bdt=69&idt=62&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=1&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=277249881&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3257&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=21068944%2C44739387&oid=3&pvsid=375176194981074&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.u00aqb1xtcrs&btvi=1&fsb=1&dtd=98

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

555c79cd9c846dc701b048373441ca12d455ea37234d116c6021a16b4c61ed40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_1_floors_11&adk=3924702937&adf=3279755398&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261818016&bpp=1&bdt=69&idt=62&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=1&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=277249881&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3257&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=21068944%2C44739387&oid=3&pvsid=375176194981074&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.u00aqb1xtcrs&btvi=1&fsb=1&dtd=98
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tam.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tam.by/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 20 Mar 2021 17:36:58 GMT
server: cafe
content-length: 25063
x-xss-protection: 0
set-cookie: IDE=AHWqTUkmCzK4bH-dY4iLDKqQ36vieyrZco4DDe7mXmlod1dmSI34B4EQWi9U2TghkOc; expires=Thu, 14-Apr-2022 17:36:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 20 Mar 2021 17:36:58 GMT
cache-control: private

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1554 73 KB
28 KB 41ms
27ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980824644616"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28204
x-xss-protection: 0
expires: Sat, 20 Mar 2021 17:36:58 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/ Frame 6E59 79 KB
19 KB 30ms
9ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755396&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261817973&bpp=5&bdt=70&idt=61&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=2&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=694121058&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1350&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44739387&oid=3&pvsid=838796600582210&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.zlt8nk85gnu&btvi=1&fsb=1&dtd=77

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a979f9f9c8408f52c9390b1533ef41ca0e8f2541b02abdb56bf7386475a4a0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/15114128110379568047/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Thu, 18 Mar 2021 10:26:26 GMT
expires: Fri, 18 Mar 2022 10:26:26 GMT
last-modified: Wed, 27 Jan 2021 11:48:38 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 18019
age: 198632
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame 1A69 17 KB
7 KB 32ms
13ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 15132876316592709121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Apr 2021 17:36:23 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 1A69 2 KB
1 KB 28ms
9ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Apr 2021 17:35:41 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1A69 117 KB
36 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Sat, 20 Mar 2021 17:36:58 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 1A69 13 KB
6 KB 25ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:33:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 189
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5991
x-xss-protection: 0
server: cafe
etag: 8832118191516519848
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Apr 2021 17:33:49 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 1A69 0
0 42ms
29ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ4FVkiOAfXdXGM7B6T6PVz2vHnAM3piY0Xe-fApNxM8kgBunb3fn-RoIdVP21jwx8SaketIadDhqnJZmSuJmwSl63Hcg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755396&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261817973&bpp=5&bdt=70&idt=61&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=2&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=694121058&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1350&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44739387&oid=3&pvsid=838796600582210&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.zlt8nk85gnu&btvi=1&fsb=1&dtd=77
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/ Frame 6865 79 KB
18 KB 17ms
14ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755399&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261817990&bpp=2&bdt=53&idt=71&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=1&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=791957473&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=4335&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=42530672%2C21066429%2C21067570%2C21068083%2C31060352%2C44739387&oid=3&pvsid=2589565841276441&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.7zk60flqegph&btvi=1&fsb=1&dtd=79

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a979f9f9c8408f52c9390b1533ef41ca0e8f2541b02abdb56bf7386475a4a0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/15114128110379568047/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Thu, 18 Mar 2021 10:26:26 GMT
expires: Fri, 18 Mar 2022 10:26:26 GMT
last-modified: Wed, 27 Jan 2021 11:48:38 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 18019
age: 198632
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame DB2F 17 KB
7 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755399&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261817990&bpp=2&bdt=53&idt=71&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=1&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=791957473&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=4335&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=42530672%2C21066429%2C21067570%2C21068083%2C31060352%2C44739387&oid=3&pvsid=2589565841276441&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.7zk60flqegph&btvi=1&fsb=1&dtd=79

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 15132876316592709121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Apr 2021 17:36:23 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame DB2F 2 KB
1 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755399&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261817990&bpp=2&bdt=53&idt=71&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=1&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=791957473&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=4335&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=42530672%2C21066429%2C21067570%2C21068083%2C31060352%2C44739387&oid=3&pvsid=2589565841276441&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.7zk60flqegph&btvi=1&fsb=1&dtd=79

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Apr 2021 17:35:41 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DB2F 117 KB
36 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755399&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261817990&bpp=2&bdt=53&idt=71&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=1&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=791957473&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=4335&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=42530672%2C21066429%2C21067570%2C21068083%2C31060352%2C44739387&oid=3&pvsid=2589565841276441&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.7zk60flqegph&btvi=1&fsb=1&dtd=79

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Sat, 20 Mar 2021 17:36:58 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame DB2F 13 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755399&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261817990&bpp=2&bdt=53&idt=71&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=1&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=791957473&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=4335&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=42530672%2C21066429%2C21067570%2C21068083%2C31060352%2C44739387&oid=3&pvsid=2589565841276441&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.7zk60flqegph&btvi=1&fsb=1&dtd=79

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:33:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 189
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5991
x-xss-protection: 0
server: cafe
etag: 8832118191516519848
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Apr 2021 17:33:49 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame DB2F 0
0 21ms
20ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRETwqQB8nWvLBSPikYDLvEI6noQ8tzrRsPQIABeJp9HwG2C1qaaVvI0Ir6xbXksGz767srbFlLlVFyM-r3d3k1dzO-Ag
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755399&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261817990&bpp=2&bdt=53&idt=71&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=1&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=791957473&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=4335&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=42530672%2C21066429%2C21067570%2C21068083%2C31060352%2C44739387&oid=3&pvsid=2589565841276441&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.7zk60flqegph&btvi=1&fsb=1&dtd=79
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 css
fonts.googleapis.com/ Frame 5970 3 KB
674 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_1_floors_11&adk=3924702937&adf=3279755398&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261818016&bpp=1&bdt=69&idt=62&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=1&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=277249881&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3257&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=21068944%2C44739387&oid=3&pvsid=375176194981074&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.u00aqb1xtcrs&btvi=1&fsb=1&dtd=98

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 20 Mar 2021 16:38:50 GMT
server: ESF
date: Sat, 20 Mar 2021 17:36:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Mar 2021 17:36:58 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C5D0 143 B
220 B 7ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755396&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261817973&bpp=5&bdt=70&idt=61&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=2&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=694121058&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1350&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44739387&oid=3&pvsid=838796600582210&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.zlt8nk85gnu&btvi=1&fsb=1&dtd=77
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkmCzK4bH-dY4iLDKqQ36vieyrZco4DDe7mXmlod1dmSI34B4EQWi9U2TghkOc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755396&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261817973&bpp=5&bdt=70&idt=61&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=2&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=694121058&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1350&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44739387&oid=3&pvsid=838796600582210&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.zlt8nk85gnu&btvi=1&fsb=1&dtd=77

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 20 Mar 2021 17:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 818
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 1A69 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3be6f6e3967be4d6c8255b570d73a3c4e7319ba18457a60469bca80091ad6a24

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 5970 2 KB
988 B 36ms
21ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_1_floors_11&adk=3924702937&adf=3279755398&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261818016&bpp=1&bdt=69&idt=62&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=1&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=277249881&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3257&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=21068944%2C44739387&oid=3&pvsid=375176194981074&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.u00aqb1xtcrs&btvi=1&fsb=1&dtd=98

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0965d7aef99ff8aa80d1b807e0065dfc11611347233cc4e9343a62511785a1dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:32:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 891
x-xss-protection: 0
server: cafe
etag: 8551179781376740118
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Apr 2021 17:32:45 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame 5970 17 KB
7 KB 36ms
21ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_1_floors_11&adk=3924702937&adf=3279755398&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261818016&bpp=1&bdt=69&idt=62&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=1&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=277249881&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3257&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=21068944%2C44739387&oid=3&pvsid=375176194981074&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.u00aqb1xtcrs&btvi=1&fsb=1&dtd=98

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 15132876316592709121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Apr 2021 17:36:23 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 5970 2 KB
1 KB 32ms
21ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_1_floors_11&adk=3924702937&adf=3279755398&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261818016&bpp=1&bdt=69&idt=62&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=1&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=277249881&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3257&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=21068944%2C44739387&oid=3&pvsid=375176194981074&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.u00aqb1xtcrs&btvi=1&fsb=1&dtd=98

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Apr 2021 17:35:41 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5970 117 KB
36 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_1_floors_11&adk=3924702937&adf=3279755398&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261818016&bpp=1&bdt=69&idt=62&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=1&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=277249881&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3257&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=21068944%2C44739387&oid=3&pvsid=375176194981074&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.u00aqb1xtcrs&btvi=1&fsb=1&dtd=98

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Sat, 20 Mar 2021 17:36:58 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 5970 13 KB
6 KB 30ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_1_floors_11&adk=3924702937&adf=3279755398&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261818016&bpp=1&bdt=69&idt=62&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=1&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=277249881&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3257&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=21068944%2C44739387&oid=3&pvsid=375176194981074&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.u00aqb1xtcrs&btvi=1&fsb=1&dtd=98

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:33:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 189
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5991
x-xss-protection: 0
server: cafe
etag: 8832118191516519848
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Apr 2021 17:33:49 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 5970 0
0 15ms
14ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSI6wdx_q45WdbuYSzwS_CcnElgFgCMKlwrlDz4xV2icwVwA1FSNHG57T7-fw0I7rjquQCjN5TLEDrWSd7fSy4daol2qg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_1_floors_11&adk=3924702937&adf=3279755398&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261818016&bpp=1&bdt=69&idt=62&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=1&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=277249881&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3257&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=21068944%2C44739387&oid=3&pvsid=375176194981074&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.u00aqb1xtcrs&btvi=1&fsb=1&dtd=98
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 957c89dfc9e78dd5a0a3956da91f5358.js Show response
www.gstatic.com/mysidia/ Frame 5970 25 KB
11 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/957c89dfc9e78dd5a0a3956da91f5358.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_1_floors_11&adk=3924702937&adf=3279755398&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261818016&bpp=1&bdt=69&idt=62&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=1&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=277249881&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3257&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=21068944%2C44739387&oid=3&pvsid=375176194981074&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.u00aqb1xtcrs&btvi=1&fsb=1&dtd=98

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74701d1b03dcb606710d7cc01bbf35a36ad5e5e443e33e55894a013f0d65aacf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 10:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Mar 2021 03:13:35 GMT
server: sffe
age: 198118
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10839
x-xss-protection: 0
expires: Wed, 16 Jun 2021 10:35:00 GMT

POST
H3-Q050 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 1A69 0
433 B 73ms
40ms Other
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKngnry0v-8CFY8UGwod1xoAqw&gqi=ujJWYNDjA8XL1gbN05rIAw&layout=/sadbundle/%24csp%253Der3%24/15114128110379568047/index.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 17:36:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 event
ads.adfox.ru/312020/ 0
14 B 106ms
106ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=331ba5e9b569f12d&pm=bmu&pxo=F6zjJXMJTwM-25A5hUQPzxs258_gmCiSAOpsgO0-HF7viko28NEe_zyyC20zdDB75WKGuXZNK5gyejAqSlXqkqBgjeW_77F0L-oO80dStF9S_Ju-rI4YTaXi63qBGuXwL7ROScKIKetOMZIvvijbGLDXxiWf84NNFIXnmIbJ1_AZmTtHEBM%3D&p5=gxcpc&rand=ipmqqie&sj=0Pcq4J96U1dPcpH9IoEKA3kBol2ZlsDgM83-YHWqVUQiplstPZqsS6Rcv7WSCA%3D%3D&ad-session-id=254351616261817659&lts=fgawlwb&ytt=550855330236437&ybv=0.3050&ylv=0.3051&dl=https%3A%2F%2Ftam.by%2F&pr=bsxuruy&p1=cjsja&rqs=uZYCwqeCvIO5MlZgrMz75_HQW6QhRwQo&rtb-si=b&p2=gmyw&resp-time=680

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 20 Mar 2021 17:36:58 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A3B0 143 B
165 B 7ms
7ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755399&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261817990&bpp=2&bdt=53&idt=71&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=1&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=791957473&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=4335&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=42530672%2C21066429%2C21067570%2C21068083%2C31060352%2C44739387&oid=3&pvsid=2589565841276441&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.7zk60flqegph&btvi=1&fsb=1&dtd=79

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755399&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261817990&bpp=2&bdt=53&idt=71&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=1&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=791957473&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=4335&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=42530672%2C21066429%2C21067570%2C21068083%2C31060352%2C44739387&oid=3&pvsid=2589565841276441&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.7zk60flqegph&btvi=1&fsb=1&dtd=79
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkmCzK4bH-dY4iLDKqQ36vieyrZco4DDe7mXmlod1dmSI34B4EQWi9U2TghkOc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755399&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261817990&bpp=2&bdt=53&idt=71&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=1&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=791957473&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=4335&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=42530672%2C21066429%2C21067570%2C21068083%2C31060352%2C44739387&oid=3&pvsid=2589565841276441&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.7zk60flqegph&btvi=1&fsb=1&dtd=79

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 20 Mar 2021 17:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 818
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6E59 16 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 01:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59279
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 21 Mar 2021 01:08:59 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6E59 22 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17704
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 21 Mar 2021 12:41:54 GMT

GET
DATA 200
OK truncated
/ Frame DB2F 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7415c465ad3d08b915c5a47b2a052afb68e192b8809cf32cf547f1cbb9a3857

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15955325470550595450/ Frame 5970 28 KB
28 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15955325470550595450/downsize_200k_v1?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_1_floors_11&adk=3924702937&adf=3279755398&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261818016&bpp=1&bdt=69&idt=62&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=1&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=277249881&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3257&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=21068944%2C44739387&oid=3&pvsid=375176194981074&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.u00aqb1xtcrs&btvi=1&fsb=1&dtd=98

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93438992d6f0744c038aad6e3d5ec3025b8f94b125faebe7b1da92b5e53c5696

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 09:09:16 GMT
x-content-type-options: nosniff
age: 30462
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28331
x-xss-protection: 0
last-modified: Wed, 04 Dec 2019 08:28:13 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Mar 2022 09:09:16 GMT

GET
DATA 200
OK truncated
/ Frame 5970 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3-Q050 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame DB2F 0
23 B 40ms
40ms Other
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNPXn7y0v-8CFQ-IhQod7HwG6w&gqi=ujJWYPjhBJrn1gaG1qq4Dw&layout=/sadbundle/%24csp%253Der3%24/15114128110379568047/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755399&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261817990&bpp=2&bdt=53&idt=71&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=1&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=791957473&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=4335&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=42530672%2C21066429%2C21067570%2C21068083%2C31060352%2C44739387&oid=3&pvsid=2589565841276441&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.7zk60flqegph&btvi=1&fsb=1&dtd=79

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 17:36:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6865 16 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 01:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59279
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 21 Mar 2021 01:08:59 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6865 22 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17704
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 21 Mar 2021 12:41:54 GMT

GET
H2 204 event
ads.adfox.ru/312020/ 0
14 B 109ms
109ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=8c676653b46f71f9&pm=bmu&pxo=YRDE7dQzeEn_KmQDdsB4f3hSqED1qjpkpY3M-vqJ8lXDFgGCyE1SXI_iOwsOzzc7VCmjv1JPdO2g7KnX6Qtj3NjNzp4oInYGOtzmOv7yJ0dMqOy5bc-YOgiOKCO1gzWkr4_1S-z5nJTNYnrYEnqT-EyQqcA9jJc4JDyy9lFAxJ8TL77X9Ek%3D&p5=gxcpc&rand=ebqgfkz&sj=o2PsvkEKJTq72JeDws01oyA5LRGWdIHluYw4Co1T5uHMtME_F5vCxXgNOXh_jg%3D%3D&ad-session-id=254351616261817659&lts=fgawlwb&ytt=550855330236437&ybv=0.3050&ylv=0.3051&dl=https%3A%2F%2Ftam.by%2F&pr=bsxuruy&p1=cjsja&rqs=uZYCwqeCvIO5MlZg_fKiKXFk6-Gkhel3&rtb-si=b&p2=gmyw&resp-time=741

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 20 Mar 2021 17:36:58 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2E76 1 KB
935 B 6ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_1_floors_11&adk=3924702937&adf=3279755398&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261818016&bpp=1&bdt=69&idt=62&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=1&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=277249881&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3257&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=21068944%2C44739387&oid=3&pvsid=375176194981074&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.u00aqb1xtcrs&btvi=1&fsb=1&dtd=98

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 20 Mar 2021 16:59:40 GMT
expires: Sun, 21 Mar 2021 16:59:40 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 2238
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 5970 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2c54a34796740b17a21a95e80a389cb9419bac542769253aff79119ebdc8ed6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 5970 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 01:58:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 229118
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Fri, 18 Mar 2022 01:58:20 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 5970 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 21:42:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 244475
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Thu, 17 Mar 2022 21:42:23 GMT

GET
H2 204 event
ads.adfox.ru/312020/ 0
14 B 112ms
111ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=7e8e8db51a582208&pm=bmu&pxo=HNkOwLe0FXpYeeh0AuD5PVXJz_AGnYE5YIobrm6YM55SPjUyKWOOko9Hao2MHu-qxoCgE__8FmlS7TdQkYwRTxqQpDgHHKvtlWTWBhBAh7oP8k_rebqXO5lcNfLsskiw4TeMRhvaSTRAsb4Akgh7y1kc9oQ0nNYnMHuKcYH04Dwlc4JEvNs%3D&p5=gxcpc&rand=fjgevmy&sj=NM_lPHIu8j67x8mRyT_uocdDz22aX7U9sIm7OPUErQMBRLirfaIjv74-wzPRyQ%3D%3D&ad-session-id=254351616261817659&lts=fgawlwb&ytt=550855330236437&ybv=0.3050&ylv=0.3051&dl=https%3A%2F%2Ftam.by%2F&pr=bsxuruy&p1=cjsiz&rqs=uZYCwqeCvIO5MlZgFTHwcCZ_X3Ar31M-&rtb-si=b&p2=gmyw&resp-time=804

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 20 Mar 2021 17:36:58 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B260 8 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210316&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

240ff9c1b4b327c255346e3159fec4cc65df6d013148c12e92ab96ab4e711081

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Mar 2021 17:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6551
x-xss-protection: 0

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C5D0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
158 B

39ms
39ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkmCzK4bH-dY4iLDKqQ36vieyrZco4DDe7mXmlod1dmSI34B4EQWi9U2TghkOc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 20 Mar 2021 17:36:58 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 20-Mar-2021 18:36:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 20 Mar 2021 17:36:58 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 20 Mar 2021 17:36:58 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 23CF 8 KB
6 KB 20ms
20ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210316&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5304486b47542a01e07463f17fe15d5d424e1e39a7142a6698df715d7005b75b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Mar 2021 17:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6575
x-xss-protection: 0

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 6E59 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 13:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 102718
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Sat, 19 Mar 2022 13:05:00 GMT

GET
H3-Q050 200 Element_24.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/ Frame 6E59 13 KB
4 KB 10ms
9ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/Element_24.svg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6961a4d4296ec402fe593fad1dc613d2a4afe369e19b245a1139e8addeef035

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 249265
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4012
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 11:48:38 GMT
server: sffe
date: Wed, 17 Mar 2021 20:22:33 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 20:22:33 GMT

GET
H3-Q050 200 Element_18.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/ Frame 6E59 3 KB
3 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/Element_18.svg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bea8ca18fc59dd9efc69075b87febbe8dfd2a4819e600cd6fd9b5da0df604e44

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 198632
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1235
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 11:48:38 GMT
server: sffe
date: Thu, 18 Mar 2021 10:26:26 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Mar 2022 10:26:26 GMT

GET
H3-Q050 200 Element_16.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/ Frame 6E59 246 B
228 B 12ms
11ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/Element_16.svg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d82367742a789f0618bd00083354a3df851fc894683e6a94e41123268ee99254

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 198632
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 11:48:38 GMT
server: sffe
date: Thu, 18 Mar 2021 10:26:26 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Mar 2022 10:26:26 GMT

GET
H3-Q050 200 Element_15.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/ Frame 6E59 5 KB
2 KB 12ms
10ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/Element_15.svg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbe53fbdf228359ca0cbce287c93bd5d381dc271605ae88635204eec016aa98

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 198632
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1760
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 11:48:38 GMT
server: sffe
date: Thu, 18 Mar 2021 10:26:26 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Mar 2022 10:26:26 GMT

GET
H3-Q050 200 Element_19.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/ Frame 6E59 473 B
353 B 11ms
10ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/Element_19.svg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a3fa995039579e0ecb5ee278f9bad4dca2b2f4fa34ddefd7c12e17e14fa018e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 66621
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 269
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 11:48:38 GMT
server: sffe
date: Fri, 19 Mar 2021 23:06:37 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Mar 2022 23:06:37 GMT

GET
H3-Q050 200 Element_13.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/ Frame 6E59 10 KB
2 KB 16ms
15ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/Element_13.svg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5e3a2c67fa809ff28e25a52dfa078a0b3bb3f7431a564c64d88f3dd1ee5ca62

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 198632
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2515
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 11:48:38 GMT
server: sffe
date: Thu, 18 Mar 2021 10:26:26 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Mar 2022 10:26:26 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A3B0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

41ms
40ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755399&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261817990&bpp=2&bdt=53&idt=71&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=1&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=791957473&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=4335&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=42530672%2C21066429%2C21067570%2C21068083%2C31060352%2C44739387&oid=3&pvsid=2589565841276441&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.7zk60flqegph&btvi=1&fsb=1&dtd=79

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkmCzK4bH-dY4iLDKqQ36vieyrZco4DDe7mXmlod1dmSI34B4EQWi9U2TghkOc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 20 Mar 2021 17:36:58 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 20-Mar-2021 18:36:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 20 Mar 2021 17:36:58 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 20 Mar 2021 17:36:58 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 6865 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 13:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 102718
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Sat, 19 Mar 2022 13:05:00 GMT

GET
H3-Q050 200 Element_24.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/ Frame 6865 13 KB
4 KB 15ms
14ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/Element_24.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6961a4d4296ec402fe593fad1dc613d2a4afe369e19b245a1139e8addeef035

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 249265
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4012
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 11:48:38 GMT
server: sffe
date: Wed, 17 Mar 2021 20:22:33 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 20:22:33 GMT

GET
H3-Q050 200 Element_18.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/ Frame 6865 3 KB
1 KB 12ms
11ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/Element_18.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bea8ca18fc59dd9efc69075b87febbe8dfd2a4819e600cd6fd9b5da0df604e44

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 198632
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1235
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 11:48:38 GMT
server: sffe
date: Thu, 18 Mar 2021 10:26:26 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Mar 2022 10:26:26 GMT

GET
H3-Q050 200 Element_16.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/ Frame 6865 246 B
224 B 12ms
11ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/Element_16.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d82367742a789f0618bd00083354a3df851fc894683e6a94e41123268ee99254

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 198632
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 11:48:38 GMT
server: sffe
date: Thu, 18 Mar 2021 10:26:26 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Mar 2022 10:26:26 GMT

GET
H3-Q050 200 Element_15.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/ Frame 6865 5 KB
2 KB 13ms
13ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/Element_15.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbe53fbdf228359ca0cbce287c93bd5d381dc271605ae88635204eec016aa98

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 198632
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1760
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 11:48:38 GMT
server: sffe
date: Thu, 18 Mar 2021 10:26:26 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Mar 2022 10:26:26 GMT

GET
H3-Q050 200 Element_19.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/ Frame 6865 473 B
298 B 13ms
12ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/Element_19.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a3fa995039579e0ecb5ee278f9bad4dca2b2f4fa34ddefd7c12e17e14fa018e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 66621
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 269
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 11:48:38 GMT
server: sffe
date: Fri, 19 Mar 2021 23:06:37 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Mar 2022 23:06:37 GMT

GET
H3-Q050 200 Element_13.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/ Frame 6865 10 KB
2 KB 15ms
14ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/Element_13.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5e3a2c67fa809ff28e25a52dfa078a0b3bb3f7431a564c64d88f3dd1ee5ca62

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 198632
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2515
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 11:48:38 GMT
server: sffe
date: Thu, 18 Mar 2021 10:26:26 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Mar 2022 10:26:26 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 2E76 0
104 B 94ms
64ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENrA1MvFgcDqfHU7Ig0iunI&google_cver=1&google_push=AQvitUKVDsmW15jrRuVF9rlkV4ixkRhJ_4HCRMp_QUUYd4PDz08vQw6Q7HYRHsENcNS3-FqJpU8OBVvc8zu2U8wBGfY_dJvlK10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_1_floors_11&adk=3924702937&adf=3279755398&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261818016&bpp=1&bdt=69&idt=62&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=1&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=277249881&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3257&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=21068944%2C44739387&oid=3&pvsid=375176194981074&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.u00aqb1xtcrs&btvi=1&fsb=1&dtd=98
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 17:36:58 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 2E76
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEM8DtccutQDQXR0Pjoa5o3Q&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEM8DtccutQDQXR0Pjoa5o3Q&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RVNjTWY1WncxTG5GeDA1&google_gid=CAESEM8DtccutQDQXR0Pjoa5o3Q&google_cver=1&google_push=AQvitUKKW7w1nP6V6vpZMU1Jd4XlkyVy8pAXBGeIgU1fjvO...

170 B
190 B

37ms
37ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RVNjTWY1WncxTG5GeDA1&google_gid=CAESEM8DtccutQDQXR0Pjoa5o3Q&google_cver=1&google_push=AQvitUKKW7w1nP6V6vpZMU1Jd4XlkyVy8pAXBGeIgU1fjvOffk76_WFyscSFATJ16Gq8xVcnmhff1pHFdZ4BQ5PBQ7EcOzw1Xg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 17:36:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 17:36:58 GMT
Server: PingMatch/v2.0.30-632-ga311aad#rel-ec2-master i-0ab29fc25246f26bf@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RVNjTWY1WncxTG5GeDA1&google_gid=CAESEM8DtccutQDQXR0Pjoa5o3Q&google_cver=1&google_push=AQvitUKKW7w1nP6V6vpZMU1Jd4XlkyVy8pAXBGeIgU1fjvOffk76_WFyscSFATJ16Gq8xVcnmhff1pHFdZ4BQ5PBQ7EcOzw1Xg
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 2E76
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEP146UdP2fRQe-3N_B5mNZE&google_cver=1&google_push=AQvitULA4ukmePCf-P9AfvX6L_2VQOUpPOj9Z8055N9ooUWfUSl7HOKfQv6j-UB9v_G512J9bGGgiTpeottBDAUN...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitULA4ukmePCf-P9AfvX6L_2VQOUpPOj9Z8055N9ooUWfUSl7HOKfQv6j-UB9v_G512J9bGGgiTpeottBDAUNewRzV5nTiNY

170 B
484 B

80ms
49ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitULA4ukmePCf-P9AfvX6L_2VQOUpPOj9Z8055N9ooUWfUSl7HOKfQv6j-UB9v_G512J9bGGgiTpeottBDAUNewRzV5nTiNY

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 17:36:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 20 Mar 2021 17:37:02 GMT
Server: MT3 3611 f10363c master zrh-pixel-x25
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitULA4ukmePCf-P9AfvX6L_2VQOUpPOj9Z8055N9ooUWfUSl7HOKfQv6j-UB9v_G512J9bGGgiTpeottBDAUNewRzV5nTiNY
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 20 Mar 2021 17:37:01 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 2E76
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEMfZ6iBHzdk7jAZp70KIB1U&google_cver=1&google_push=AQvitUL1H_1JU2DVS4LIYUbmVd_un-xEVKjlrLg_A24IuaNIaaKy95ExPsxZlPajWwrt1wy-RuRY8pzSrsA_63F7...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=H3MjoftrTCeAIOE0fZTlIQ2&google_push=AQvitUL1H_1JU2DVS4LIYUbmVd_un-xEVKjlrLg_A24IuaNIaaKy95ExPsxZlPajWwrt1wy-RuRY8pzSrsA_63F75y886JOegQ

170 B
190 B

85ms
51ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=H3MjoftrTCeAIOE0fZTlIQ2&google_push=AQvitUL1H_1JU2DVS4LIYUbmVd_un-xEVKjlrLg_A24IuaNIaaKy95ExPsxZlPajWwrt1wy-RuRY8pzSrsA_63F75y886JOegQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 17:36:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 20 Mar 2021 17:36:58 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=H3MjoftrTCeAIOE0fZTlIQ2&google_push=AQvitUL1H_1JU2DVS4LIYUbmVd_un-xEVKjlrLg_A24IuaNIaaKy95ExPsxZlPajWwrt1wy-RuRY8pzSrsA_63F75y886JOegQ
x-host: tde-deliveryengine-production-6fcb7cb86-w9km2
alt-svc: clear
content-length: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 2E76
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPbd5Mu0dLgsFmU40cYhkI0&google_cver=1&google_push=AQvitUI0ZaNTj140x2BgDwEpIN_JYLGONEyD9ZhlHdtp0zoPSXADjVKt0bm8ImAsdVPn6IQVoKfb8kUz5VOz6K0ILSr8...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEPbd5Mu0dLgsFmU40cYhkI0&google_cver=1&google_push=AQvitUI0ZaNTj140x2BgDwEpIN_JYLGONEyD9ZhlHdtp0zoPSXADjVKt0bm8ImAsdVPn6IQVoKfb8kUz5VOz6K...
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=67ada8a8-9392-4a75-ae82-f072f23b995b&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUI0ZaNTj140x2BgDwEpIN_JYLGONEyD9ZhlHdtp0zoPSXADjVKt0bm8ImAsdVPn6IQVoKfb8kUz5VOz6K0ILSr8amWgDHg&google_hm=CEedJClFS3SxKqW3vZY1Ng==

170 B
190 B

36ms
36ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUI0ZaNTj140x2BgDwEpIN_JYLGONEyD9ZhlHdtp0zoPSXADjVKt0bm8ImAsdVPn6IQVoKfb8kUz5VOz6K0ILSr8amWgDHg&google_hm=CEedJClFS3SxKqW3vZY1Ng==

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 17:36:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUI0ZaNTj140x2BgDwEpIN_JYLGONEyD9ZhlHdtp0zoPSXADjVKt0bm8ImAsdVPn6IQVoKfb8kUz5VOz6K0ILSr8amWgDHg&google_hm=CEedJClFS3SxKqW3vZY1Ng==
date: Sat, 20 Mar 2021 17:36:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 2E76
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPsqX6WSkpJTJMn4bSQG3-E&google_cver=1&google_push=AQvitULZ_UQ0jYzneuw08gxgsbZ3sFHs0Ac0UiVTLC2pqzlxSVQzy0dkfquOPky-eEhAZ4-KijiVnhJtPNGtYlbgantubFxC094
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AQvitULZ_UQ0jYzneuw08gxgsbZ3sFHs0Ac0UiVTLC2pqzlxSVQzy0dkfquOPky-eEhAZ4-KijiVnhJtPNGtYlbgantubFxC094&googl...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY3NDMwNzQwMjQ1OTk0Mzk3NTQ%3D&google_push=AQvitULZ_UQ0jYzneuw08gxgsbZ3sFHs0Ac0UiVTLC2pqzlxSVQzy0dkfquOPk...

170 B
190 B

37ms
36ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY3NDMwNzQwMjQ1OTk0Mzk3NTQ%3D&google_push=AQvitULZ_UQ0jYzneuw08gxgsbZ3sFHs0Ac0UiVTLC2pqzlxSVQzy0dkfquOPky-eEhAZ4-KijiVnhJtPNGtYlbgantubFxC094

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 17:36:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY3NDMwNzQwMjQ1OTk0Mzk3NTQ%3D&google_push=AQvitULZ_UQ0jYzneuw08gxgsbZ3sFHs0Ac0UiVTLC2pqzlxSVQzy0dkfquOPky-eEhAZ4-KijiVnhJtPNGtYlbgantubFxC094
date: Sat, 20 Mar 2021 17:36:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 2E76
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECU3WzGCw9-WthqQEqG8XcQ&google_cver=1&google_push=AQvitUK_TOwV3aZiVgc-pB01rsdzTcVPYgzq_Gclp9HoL4WiAU4LOCvSPMait64o0wDog2EPTg...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECU3WzGCw9-WthqQEqG8XcQ&google_cver=1&google_push=AQvitUK_TOwV3aZiVgc-pB01rsdzTcVPYgzq_Gclp9HoL4WiAU4LOCvSPMait64o0wDog2EPTg...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS03Q1laOE1aRTJ1SFNyNkdQVGl0N180OUxFNW5ZTjNZZX5B&google_push=AQvitUK_TOwV3aZiVgc-pB01rsdzTcVPYgzq_Gclp9HoL4WiAU4LOCvSP...

170 B
190 B

38ms
37ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS03Q1laOE1aRTJ1SFNyNkdQVGl0N180OUxFNW5ZTjNZZX5B&google_push=AQvitUK_TOwV3aZiVgc-pB01rsdzTcVPYgzq_Gclp9HoL4WiAU4LOCvSPMait64o0wDog2EPTgEgUC3wgy58VIyAnTDBy9BSdW8c

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 17:36:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 20 Mar 2021 17:36:58 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS03Q1laOE1aRTJ1SFNyNkdQVGl0N180OUxFNW5ZTjNZZX5B&google_push=AQvitUK_TOwV3aZiVgc-pB01rsdzTcVPYgzq_Gclp9HoL4WiAU4LOCvSPMait64o0wDog2EPTgEgUC3wgy58VIyAnTDBy9BSdW8c
Connection: keep-alive
Content-Length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2E76 0
227 B 103ms
34ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IrAHU3Rhn6zkayjD5c5VQiC3iVQhOPrdlgXH269gdGyDl_DP7o6ts5Qp321DJlnqaVXbKllg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_1_floors_11&adk=3924702937&adf=3279755398&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261818016&bpp=1&bdt=69&idt=62&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=1&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=277249881&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3257&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=21068944%2C44739387&oid=3&pvsid=375176194981074&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.u00aqb1xtcrs&btvi=1&fsb=1&dtd=98

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:58 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1554 8 KB
6 KB 21ms
18ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210316&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

328d4275fcd0fed17ebbfdb3c8b2b77e24eb065e2fe0af5ba6f188b505456b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Mar 2021 17:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6523
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B260 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sat, 20 Mar 2021 17:36:58 GMT

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 60F7 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_1_floors_11&adk=3924702937&adf=3279755398&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1616261818&psa=0&format=970x250&url=https%3A%2F%2Ftam.by%2F&ea=0&flash=0&wgl=1&dt=1616261818016&bpp=1&bdt=69&idt=62&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5394776803784&frm=23&ife=1&pv=1&ga_vid=359534313.1616261817&ga_sid=1616261818&ga_hid=277249881&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3257&biw=1600&bih=1200&isw=970&ish=250&ifk=1708318535&scr_x=0&scr_y=0&eid=21068944%2C44739387&oid=3&pvsid=375176194981074&loc=https%3A%2F%2Ftam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.u00aqb1xtcrs&btvi=1&fsb=1&dtd=98

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 13:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 102718
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Sat, 19 Mar 2022 13:05:00 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 23CF 17 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sat, 20 Mar 2021 17:36:58 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1554 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sat, 20 Mar 2021 17:36:58 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame E42C 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tam.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tam.by/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Sat, 20 Mar 2021 14:45:18 GMT
expires: Sun, 20 Mar 2022 14:45:18 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10301
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 9EA8 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tam.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tam.by/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Sat, 20 Mar 2021 14:45:18 GMT
expires: Sun, 20 Mar 2022 14:45:18 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10301
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 86AC 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tam.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tam.by/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Sat, 20 Mar 2021 14:45:18 GMT
expires: Sun, 20 Mar 2022 14:45:18 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10301
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame E42C 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 13:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 102719
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Sat, 19 Mar 2022 13:05:00 GMT

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 9EA8 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 13:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 102719
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Sat, 19 Mar 2022 13:05:00 GMT

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 86AC 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 13:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 102719
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Sat, 19 Mar 2022 13:05:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B260 0
23 B 42ms
41ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210316&jk=838796600582210&bg=!NDelN3PNAAbUo7L91KM7ACkAdvg8Wv-Q2l9s7kDgohS_Lj3XbgEfkEde9DB1nhz_JlY3SWvgw_9o2wIAAADUUgAAAB9oAQcKAZNWJ69E56oHD_ilLSPr-DL8SGG8PvP2xSc_eIy5RG6Nc7ahkKjvfhQPxS237mehJRcI4BCeU-fimlQm-SA_cLOkwNtaCm30qLhCCzxjpZuxMxnMeMaqh75cWQ6NDD-kz2UhZcbf-EGEjv2O7i3ETr-fLlWKMzD1ZpvkrXcEf8nVW6if_DDn07TImkCHSfhJyEZQtnIBR3xtdUCFN70DsfokoRUZR5x9OmMhvnRXThSzYnr4mLoOEgYzxj42nN32XCpbAcfkJVS65rgLgTmvGia-1YM6ENZ0uYnK0dTR7ukODw6tqZDenDPs9aHY5_pCt1rx2t3hAC5MTyaKDc9asJwjPBCbClmjYzAhnha5UVnitgfpIa2llHNgGxJKAqSx5deUgDXiio6WcAksqqTypci0T_picK6Z7OEhSp7RU-Rli4yhQtZxLSANOTyF6z29UDOah3q1psBqD0LUEkr1APbnauoNX3bkMgqtfrwAV1SL2yUjpV8MKCMjbgyDo7d6guBkbiM4SwVVusU5qooBy1hxbOGYmQHOs-0eeG5MRNsIX56-MV4rkUbZvJGzOxSXP5YGMxut8IKgegb4mXDCnU3uksM7Twy9jYq05OE1qqvTdaqdEo6eNaHHuslGMUEnPvgOCk0j8G-OK9FNblEOLJV9AJ_9lTjWAg809j5sCbQmgZ6BP4RENnc6N7ojkg3ORUIB0UpPB9DtRBlrds6hHrZMbaavC5ApYHPL7QboH2OsQyLZm9n6t25sCnGx3zBwCis2oFI3l9ODR3MbGK11fN76dcphqcAz13oNk6XDtg__HIDdH6dgrR07Dxlo9yrSggNr3GVydHGHSHEgZBxMG2ovr3fvrpPoXXSHybamMOg0aJS_v_K09KdHe1CnHWRT2o3Vu42PXVImVEwHPmeMH-P3J_ERkUbBk3Mt55qwTW9xbanQWyZ2Nvywn0rYtlVcXVSO6PgnTBmVVaKA3QXavTuO83pdGqInLDxh7OE2GQuowaDerxmILc5aj69A0a2p4pFI5X3zkveZNFyolbALx1GZkKZKiq-V1fLnEx1bJW1XLnvHq9WoDupJwjqtucXybw90QJLBlheCyrVDkarPo61SJg_d51Jz0MrHB7fWGFFkNU70Qe2sN7cFnpnnlad-4yo80ZFx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 17:36:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1554 0
109 B 39ms
39ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210316&jk=375176194981074&bg=!jI-lj8vNAAbUo7L91KM7ACkAdvg8WqiAamrGcaVkfGq23izNABilnzccSBmvtXkZwGj282sc0aRjzAIAAAC_UgAAACBoAQcKAL_6hjEocV9lV4quzSHk6X_0iNfgBIptvBlwYcwpzMZpARKTykjNGfPwD-flGoq8YNGo4AyHQgfWp_JzroXGcEHeYIHTLcqUQCZ3JvhG3RqwZo4rbA0AKHBRNGa_-60euXpfGx-fXats0zGKsKTIN8E56j4m9Kldv_C43hS6yXqr_ERbCmPLfQ8nXy-t-VwCwtQtr0_VKhiDAMdQq47L3mTL5bDz-0XyZwSGT6G7Ny3GUwSaRhUmC6b189dB09OnnJkB7RVVUPsgu_OamE7MW7jMzQWQXs8iLOarHWAr9nDhD2psO18osCCHdY8j1zYkfeRkYblax2Usu7ivsA3vPVcTnYwO5_NTQHOrN5Et3ubEhAW8JRhoBpqvTnA33djBHL7vf2yRpMxZHt5QXhpoPHpBW296x8Bs1mhIm0f7gfUD8Eiszmi_d5F2LEM6VS0MVs3UOt_fOXWQZa-0iMFzLlYItestXS9ZIS4JChTZ9Sv1i9D5wwCcf7sNJuYzbnDd1BZSRuwaGADaSe4fYPhNO9Ym6-m_4DjWXcCKJ6VFmWzUJd5pbN5rQPUAyoA2mYmzWr13uhiHAi_UhCXs_DLP7tjRqzaz0Z5BQvr_l-L6w4v5tz7izz9g71RwfNcksJ7q8SZMIy_L2IVR0Iw0aMlJRcdv7rRaAmS-6o0GoXy1Oj4FI981D4MjFEgRHfFvu2nlbtcFeTIHqHaD-NFkav4hyxKh5bN4VtAZG_2ueyjZaCwIyzQOCidTEBoUyBz3wUChTFrKxtfcmx2AlSbn193OAwZC90cT1NSBmrkthKNeDX__mvsvaGNtDVwJCvIZO4PaRzM1mbMOTzjsqpMOhQVu3_bjRFCy4AdPwKtenqlPVyb9twc5Q_ngU8esDY-yMpO605VNTzSdv15c1zjpx-QgQLI

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 17:36:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 23CF 0
23 B 39ms
39ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210316&jk=2589565841276441&bg=!vb6lvvrNAAbUo7L91KM7ACkAdvg8Wld-2jnhaGXY82vXgt3YE105KtLEUQdbmJWg9sJOldgS9zI8sAIAAADUUgAAABFoAQcKAJfmWCCmz675TPOvAsK4uR--D_IO8CWzhWeChjzlwbkIcYGmCEVKsH5vQU8NxtnLkmi6dRcdvtgIPvRVk3DSH0_zb_jMHXnKpqVZEtODKL6rp0tMrX95hZ3hKleisK3qMXNE_WVJCqA7mvgaMaQo30FEgOsRzmkjO3M4wjW-t7B8WTXEFN_Xj_sbdFL46LtLqkVEAxlaimFUmQHmuiq2NiYD-vsHF01Y4THcXM3AheDc0sssTCsNEPjm6v7OvyE51KJ5v-jbNsN07-1fwoCX4Bj5fAT5NDnqgc5eoo-1xwA9ZvXx2Z02wOuQxPQR9ZuEXiUWROE6crnmiLKOKG5cayASsBIobb6P9TBJWEUV-mthwMmZILPjOf4VXfV7_1XGk6FMwpShQ1t2srX8C9O0a69YuZTDVRPpmhJ5TcqJXyj01bXkr_z3DoQ9i3AUvx0AkSTW3FaJg98tYmn9ooNanr0ysga2OnN4-T5M7V3hFQiHZ1bKqRMoTERC6j1QQLyzZDtcGJJApvg7ABDT5sIXVEi1hbh_4QOv7pqm1f7kpopsOvDhQ1Zy4UP-CIfg17aMzVrMIefHkFZMuNz05EY9Ywbu3IUzct5v8ohtNYfrzAMQ3Bsx-2vafQumYhS3Wj8pGMgjTp0-Hr52VWIht3KanfwrZ5Q8CkyJ5pOJBrCyLOAgAflnk-SBJtzFiV-lxXu6GnThinQUMH4cc9Rpg8mv5oeWX7rwuDclAw6N9mM7IB0K3WrYM9aovoZhteMsexgLGzNjOqqT9WtzYxScautnwmqQr2ubpOI-_m4Sh1Y3TtDfaKQ7AsVWxJxQbky2Upk6hPjbyncuq1sAYg2D5LEtNnmD

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 17:36:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 event
ads.adfox.ru/312020/ 0
38 B 117ms
117ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=466e4d059ab3621f&pm=bmp&pxo=F6zjJXMJTwM-25A5hUQPzxs258_gmCiSAOpsgO0-HF7viko28NEe_zyyC20zdDB75WKGuXZNK5gyejAqSlXqkqBgjeW_77F0L-oO80dStF9S_Ju-rI4YTaXi63qBGuXwL7ROScKIKetOMZIvvijbGLDXxiWf84NNFIXnmIbJ1_AZmTtHEBM%3D&p5=gxcpc&rand=dcirlbp&sj=0Pcq4J96U1dPcpH9IoEKA3kBol2ZlsDgM83-YHWqVUQiplstPZqsS6Rcv7WSCA%3D%3D&ad-session-id=254351616261817659&lts=fgawlwb&ytt=550855330236437&ybv=0.3050&ylv=0.3051&dl=https%3A%2F%2Ftam.by%2F&pr=bsxuruy&p1=cjsja&rqs=uZYCwqeCvIO5MlZgrMz75_HQW6QhRwQo&rtb-si=b&p2=gmyw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 20 Mar 2021 17:36:59 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 204 event
ads.adfox.ru/312020/ 0
37 B 126ms
125ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=97076f19d9306023&pm=bmp&pxo=YRDE7dQzeEn_KmQDdsB4f3hSqED1qjpkpY3M-vqJ8lXDFgGCyE1SXI_iOwsOzzc7VCmjv1JPdO2g7KnX6Qtj3NjNzp4oInYGOtzmOv7yJ0dMqOy5bc-YOgiOKCO1gzWkr4_1S-z5nJTNYnrYEnqT-EyQqcA9jJc4JDyy9lFAxJ8TL77X9Ek%3D&p5=gxcpc&rand=jplvyun&sj=o2PsvkEKJTq72JeDws01oyA5LRGWdIHluYw4Co1T5uHMtME_F5vCxXgNOXh_jg%3D%3D&ad-session-id=254351616261817659&lts=fgawlwb&ytt=550855330236437&ybv=0.3050&ylv=0.3051&dl=https%3A%2F%2Ftam.by%2F&pr=bsxuruy&p1=cjsja&rqs=uZYCwqeCvIO5MlZg_fKiKXFk6-Gkhel3&rtb-si=b&p2=gmyw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 20 Mar 2021 17:37:00 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 204 event
ads.adfox.ru/312020/ 0
14 B 117ms
117ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=628df2fda2794468&pm=bmp&pxo=HNkOwLe0FXpYeeh0AuD5PVXJz_AGnYE5YIobrm6YM55SPjUyKWOOko9Hao2MHu-qxoCgE__8FmlS7TdQkYwRTxqQpDgHHKvtlWTWBhBAh7oP8k_rebqXO5lcNfLsskiw4TeMRhvaSTRAsb4Akgh7y1kc9oQ0nNYnMHuKcYH04Dwlc4JEvNs%3D&p5=gxcpc&rand=kiqtcbk&sj=NM_lPHIu8j67x8mRyT_uocdDz22aX7U9sIm7OPUErQMBRLirfaIjv74-wzPRyQ%3D%3D&ad-session-id=254351616261817659&lts=fgawlwb&ytt=550855330236437&ybv=0.3050&ylv=0.3051&dl=https%3A%2F%2Ftam.by%2F&pr=bsxuruy&p1=cjsiz&rqs=uZYCwqeCvIO5MlZgFTHwcCZ_X3Ar31M-&rtb-si=b&p2=gmyw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 20 Mar 2021 17:37:00 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 204 event
ads.adfox.ru/312020/ 0
37 B 113ms
112ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=77c9c9e215ddd754&pm=bmq&pxo=F6zjJXMJTwM-25A5hUQPzxs258_gmCiSAOpsgO0-HF7viko28NEe_zyyC20zdDB75WKGuXZNK5gyejAqSlXqkqBgjeW_77F0L-oO80dStF9S_Ju-rI4YTaXi63qBGuXwL7ROScKIKetOMZIvvijbGLDXxiWf84NNFIXnmIbJ1_AZmTtHEBM%3D&p5=gxcpc&rand=iobapem&sj=0Pcq4J96U1dPcpH9IoEKA3kBol2ZlsDgM83-YHWqVUQiplstPZqsS6Rcv7WSCA%3D%3D&ad-session-id=254351616261817659&lts=fgawlwb&ytt=550855330236437&ybv=0.3050&ylv=0.3051&dl=https%3A%2F%2Ftam.by%2F&pr=bsxuruy&p1=cjsja&rqs=uZYCwqeCvIO5MlZgrMz75_HQW6QhRwQo&rtb-si=b&p2=gmyw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 20 Mar 2021 17:37:02 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 204 event
ads.adfox.ru/312020/ 0
37 B 122ms
122ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=d9a53146ab4c67b9&pm=bmq&pxo=YRDE7dQzeEn_KmQDdsB4f3hSqED1qjpkpY3M-vqJ8lXDFgGCyE1SXI_iOwsOzzc7VCmjv1JPdO2g7KnX6Qtj3NjNzp4oInYGOtzmOv7yJ0dMqOy5bc-YOgiOKCO1gzWkr4_1S-z5nJTNYnrYEnqT-EyQqcA9jJc4JDyy9lFAxJ8TL77X9Ek%3D&p5=gxcpc&rand=mnybwmj&sj=o2PsvkEKJTq72JeDws01oyA5LRGWdIHluYw4Co1T5uHMtME_F5vCxXgNOXh_jg%3D%3D&ad-session-id=254351616261817659&lts=fgawlwb&ytt=550855330236437&ybv=0.3050&ylv=0.3051&dl=https%3A%2F%2Ftam.by%2F&pr=bsxuruy&p1=cjsja&rqs=uZYCwqeCvIO5MlZg_fKiKXFk6-Gkhel3&rtb-si=b&p2=gmyw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 20 Mar 2021 17:37:03 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 204 event
ads.adfox.ru/312020/ 0
14 B 117ms
117ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=8acecc740f5815f9&pm=bmq&pxo=HNkOwLe0FXpYeeh0AuD5PVXJz_AGnYE5YIobrm6YM55SPjUyKWOOko9Hao2MHu-qxoCgE__8FmlS7TdQkYwRTxqQpDgHHKvtlWTWBhBAh7oP8k_rebqXO5lcNfLsskiw4TeMRhvaSTRAsb4Akgh7y1kc9oQ0nNYnMHuKcYH04Dwlc4JEvNs%3D&p5=gxcpc&rand=lvxpuwi&sj=NM_lPHIu8j67x8mRyT_uocdDz22aX7U9sIm7OPUErQMBRLirfaIjv74-wzPRyQ%3D%3D&ad-session-id=254351616261817659&lts=fgawlwb&ytt=550855330236437&ybv=0.3050&ylv=0.3051&dl=https%3A%2F%2Ftam.by%2F&pr=bsxuruy&p1=cjsiz&rqs=uZYCwqeCvIO5MlZgFTHwcCZ_X3Ar31M-&rtb-si=b&p2=gmyw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 20 Mar 2021 17:37:03 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 204 event
ads.adfox.ru/312020/ 0
37 B 112ms
112ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=3ac876bb06577495&pm=bmr&pxo=F6zjJXMJTwM-25A5hUQPzxs258_gmCiSAOpsgO0-HF7viko28NEe_zyyC20zdDB75WKGuXZNK5gyejAqSlXqkqBgjeW_77F0L-oO80dStF9S_Ju-rI4YTaXi63qBGuXwL7ROScKIKetOMZIvvijbGLDXxiWf84NNFIXnmIbJ1_AZmTtHEBM%3D&p5=gxcpc&rand=mpndpmo&sj=0Pcq4J96U1dPcpH9IoEKA3kBol2ZlsDgM83-YHWqVUQiplstPZqsS6Rcv7WSCA%3D%3D&ad-session-id=254351616261817659&lts=fgawlwb&ytt=550855330236437&ybv=0.3050&ylv=0.3051&dl=https%3A%2F%2Ftam.by%2F&pr=bsxuruy&p1=cjsja&rqs=uZYCwqeCvIO5MlZgrMz75_HQW6QhRwQo&rtb-si=b&p2=gmyw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 20 Mar 2021 17:37:07 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 204 event
ads.adfox.ru/312020/ 0
37 B 122ms
121ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=f81cae5992b0751c&pm=bmr&pxo=YRDE7dQzeEn_KmQDdsB4f3hSqED1qjpkpY3M-vqJ8lXDFgGCyE1SXI_iOwsOzzc7VCmjv1JPdO2g7KnX6Qtj3NjNzp4oInYGOtzmOv7yJ0dMqOy5bc-YOgiOKCO1gzWkr4_1S-z5nJTNYnrYEnqT-EyQqcA9jJc4JDyy9lFAxJ8TL77X9Ek%3D&p5=gxcpc&rand=ktfmrpn&sj=o2PsvkEKJTq72JeDws01oyA5LRGWdIHluYw4Co1T5uHMtME_F5vCxXgNOXh_jg%3D%3D&ad-session-id=254351616261817659&lts=fgawlwb&ytt=550855330236437&ybv=0.3050&ylv=0.3051&dl=https%3A%2F%2Ftam.by%2F&pr=bsxuruy&p1=cjsja&rqs=uZYCwqeCvIO5MlZg_fKiKXFk6-Gkhel3&rtb-si=b&p2=gmyw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 20 Mar 2021 17:37:08 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 204 event
ads.adfox.ru/312020/ 0
14 B 121ms
120ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=834a65649776e9ea&pm=bmr&pxo=HNkOwLe0FXpYeeh0AuD5PVXJz_AGnYE5YIobrm6YM55SPjUyKWOOko9Hao2MHu-qxoCgE__8FmlS7TdQkYwRTxqQpDgHHKvtlWTWBhBAh7oP8k_rebqXO5lcNfLsskiw4TeMRhvaSTRAsb4Akgh7y1kc9oQ0nNYnMHuKcYH04Dwlc4JEvNs%3D&p5=gxcpc&rand=nmxekdu&sj=NM_lPHIu8j67x8mRyT_uocdDz22aX7U9sIm7OPUErQMBRLirfaIjv74-wzPRyQ%3D%3D&ad-session-id=254351616261817659&lts=fgawlwb&ytt=550855330236437&ybv=0.3050&ylv=0.3051&dl=https%3A%2F%2Ftam.by%2F&pr=bsxuruy&p1=cjsiz&rqs=uZYCwqeCvIO5MlZgFTHwcCZ_X3Ar31M-&rtb-si=b&p2=gmyw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 20 Mar 2021 17:37:08 GMT
x-content-type-options: nosniff
timing-allow-origin: *

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tam.by/	1970-01-19 17:40:53	Name: gta_tut Value: null
.tam.by/	1969-12-31 23:59:59	Name: track_uniq_usr Value: 7a721f02f6911c6ebc130c19f49b6ade
.tam.by/	1970-01-19 16:57:43	Name: _ym_visorc Value: w
.tam.by/	1970-01-20 16:57:41	Name: __gfp_64b Value: HFzb3mKa7XLl4Lv.HxvH3O6TibubQC6jM6D8LA6cL3b.07\|1616261817
.tam.by/	1970-01-19 16:58:53	Name: _ym_isad Value: 2
.tam.by/	1970-01-20 01:43:17	Name: _ym_uid Value: 1616261817155854012
.tam.by/	1970-01-19 16:57:41	Name: _dc_gtm_httpstamby Value: 1
.tam.by/	1970-01-20 01:43:17	Name: _ym_d Value: 1616261817
.tam.by/	1970-01-19 16:57:41	Name: _gat_tamby Value: 1
.tam.by/	1970-01-19 16:59:08	Name: _gid Value: GA1.2.1771297325.1616261817
.tam.by/	1970-01-19 16:57:41	Name: _gat Value: 1
.tam.by/	1970-01-20 10:28:53	Name: _ga Value: GA1.2.359534313.1616261817

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=86400

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sportradarserving.com
ad.tam.by
ads.adfox.ru
ads.travelaudience.com
adservice.google.com
adservice.google.de
an.yandex.ru
blog.tam.by
c1hit.tut.by
c2hit.tut.by
cm.g.doubleclick.net
dclk-match.dotomi.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
gaby.hit.gemius.pl
googleads.g.doubleclick.net
img.tam.by
matchid.adfox.yandex.ru
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
s3r.tut.by
stats.g.doubleclick.net
sync.mathtag.com
tam.by
tpc.googlesyndication.com
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.tam.by
www.tut.by
x.bidswitch.net
yastatic.net
142.250.185.162
142.250.185.66
146.59.10.80
178.172.235.237
18.156.0.31
18.185.192.106
18.193.144.52
185.29.133.199
2a00:1450:4001:800::2003
2a00:1450:4001:801::2002
2a00:1450:4001:801::200e
2a00:1450:4001:809::2001
2a00:1450:4001:809::200e
2a00:1450:4001:810::2004
2a00:1450:4001:812::2002
2a00:1450:4001:827::2008
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:400c:c1b::9c
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::1:119
2a02:6b8::90
2a02:fa8:8806:20::2010
2a0a:7d80::c
2a0a:7d80::c:1:0
3.120.242.149
3.122.89.158
35.190.0.66
77.88.21.179
93.125.48.34
034097799535384e103c7f573d5b38bb86b1ccfb29b072748d1c3637dab0e434
073008d8135c1fb1252a12ce68a145069de2cf7d6148549e8980b6e876c336e5
0938942bf54fdc456b6b2fe6f6134c9e46cdb5dda1ebac872a13c1a0b2f94e95
0965d7aef99ff8aa80d1b807e0065dfc11611347233cc4e9343a62511785a1dd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
101e0632069004c59a09ab95c214a8ecc159cfd9a0e163fece01168bd3b26f33
172e7aaed5b5bb7a7f8625ce5692751b386c77e3e3f83238d21e4043849fac08
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1918c8e229c1cad32f1d4eb855232c2b6c638906b869ac243328f74da0e63150
1b5709efacce69b6987bd825396d8adb14bf03935e5f3c7ec3789dacdcdd503c
1cc97682d518a3ab2744843597c0686bf171de577848ec2bc51154a1c9851b08
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
240ff9c1b4b327c255346e3159fec4cc65df6d013148c12e92ab96ab4e711081
251e59286801a47d97bf67d9c7dfdbad02df1a6e524c81a9220c451be679b3fa
26bcbaf179d0e4c741690970aadcd385ef5712693f2c182e23c524e21c1cdd99
275b98eb2a7433036bad3d0703c2101d7a3c76198151f84ed75a091b6f12dedf
31697d4d66425d89d7fd18d49398d684e70656568ed4ecc64761840f7b4e2724
328d4275fcd0fed17ebbfdb3c8b2b77e24eb065e2fe0af5ba6f188b505456b4b
343b67d5917a7f43a542b6922f254e3cad7ae61f169a1d81b3adf9e30b33346f
3be6f6e3967be4d6c8255b570d73a3c4e7319ba18457a60469bca80091ad6a24
3c6f08b53edcf72d9996f93f9a7fd58064d8847901f6b2f723f99d5d7df91090
409a6d27dd0bc106a2248882f37320d8ad3f306adf4db09c38ebce30c4cb2190
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
484987e65ac0c5a134ed9c4eb521b0cc06057b2a44311491b052fbf4e925a406
496607b344060b972db70ca82bad4c416548ef683dc7ebf3699be7828c9a3ac3
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4a3fa995039579e0ecb5ee278f9bad4dca2b2f4fa34ddefd7c12e17e14fa018e
4b8424a98aedd813b6ef405d9b677156aa28b255d8e7814230cfc6e8981d6d9b
4be2a8490219feb3f6a5f60cd7d2e4d7dc265a8fd38d1b853570d8a89d5d2c35
4c0e3208ae1beeda0f89b3adcc2c38ae34087f7d888d6104e2029a18d9310b83
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
5304486b47542a01e07463f17fe15d5d424e1e39a7142a6698df715d7005b75b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
555c79cd9c846dc701b048373441ca12d455ea37234d116c6021a16b4c61ed40
570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5de7494128f5cd2f3f66429153f61b81df800630187321f27263bb8322d1bb43
5e83f670daf83046edb7512f09417e0e95db0145877069b3cd58eac2766eb910
5e9625029da10ba5ec15f2d96ecd2ac02a3824dd056315a205b4e6281a23a98a
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
61ffbb80b1c185686850ce79ab22efac48c19de958143b051110f47f3630273e
64306c4d43c04a9f839aa3e27b91a7193fdf8752da5aa2931ddedd2a5efa9b04
65a5696a6603e2d716646a1652ec0d35a8b8abea28abafc70200eb3192fa584e
661d4e4d6b713cbaddf30f69fcff178f29948a341227a1c9c868808b965d856c
677b6f84d0d9b7747c668570f0cdf5ac7b949e21b90c559ca844521c706363ca
67a16df756a43b05b390255ba3b1d5e0b8ddff0238bb66711cc707b884349a62
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7097197fee31debf6a6b9fe6698f18ab230e32ee15c462df4a7e85cb48050d4f
70c2700345f5d5de3e0b570416ec75957f1dc64321642c412f36ef957efbf8bc
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74701d1b03dcb606710d7cc01bbf35a36ad5e5e443e33e55894a013f0d65aacf
748f955a5027eb3f8ef2f546bd096881ea650cc1ed5c7fdced2cb1a83bbe660c
74f8113a093a9772ebe29204ff0fd89b692fcc0ad69814bc1725fd8f68ceaa4e
76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb
7975bcb2106ba8a17d6bf73afc69022c8e2d0a3af0b93de7f4b5da06346065de
7a301b89a0d78d1135830780c1aaa9a818b4defba66bd7e9148e22a4c722df6f
7baa99652be2c7c7a89cd84eb9dd6b2cbd5f72217a229fdf08dfdd23eed637bb
7da13c8bb01034fa0334489707a82a760ba8fd244df1e9715f102551dafcf526
819c4d2969dbde4481efdc6d705e67b0d55b387aa2ab3214e3c2eea41a0c87fb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839b41dd475d143b31c479aa6e666b8deb648b293ee93e67071222960f2b75cc
84208b4110a1d38fb62ddacde7a2dcbe1fb73e9b782baefc81019dae8ade8930
849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70
8929d8c7bee85ef7c3b8e647c87f999baf5fcb6501e29b1701df645d415b9834
89336e45a299e37cdf9cc130c65fc422e1b037ef827a253729750c524414c700
89a979f9f9c8408f52c9390b1533ef41ca0e8f2541b02abdb56bf7386475a4a0
8c9666534901f30a4b0fd69536c28a2f2394e21b3910e46d5cc04d49a87ad010
8e8022ef5301415da86e942a66738e1fc3fe16b9d83d843637a83f8e8ae43c5f
9242456b82635a1b591d1e9502e5d17b33f11179eb694290db0bd5a1b0cd6f29
92a4a039e38c6ae8219c6e5bfd1f9673ff9abb785dd4dbaa4d026b1536d03436
93438992d6f0744c038aad6e3d5ec3025b8f94b125faebe7b1da92b5e53c5696
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
9965e0d93596fb794b2545d6343b21648a36cd5dac4d43713b3fb2dfb00d9b75
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c298da1f0bd52a87f9d2bd8cca771df35896b377c2a21166ece0b846bce34d7
9e6e49e8c8f80d5b97121be897c9be683dc9784b6c5f272456367b9bb8ee20f3
9e7ce88023742745bea51905de21f6be6fff9ef0a17b6763fa3c6698446e7e5a
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a07a89d8a7941456bb3afc08f7c0ea3f813ba0fe01a67f649ad8712482157f23
a1af81e943d1266d70e99cb4a7470e7697034c627e5612c3e3ea04fba146355c
a20b8435bae24bc3ab0c3aef93ce24fa7eda07b548da3b8f1321ace391f3206c
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a709c3f568cb8f4026537b3bf992f80ac6f447a28f38917c31c72eb79e0cdefa
a7415c465ad3d08b915c5a47b2a052afb68e192b8809cf32cf547f1cbb9a3857
a928bd7174193ecef74cc60693796118826e53e5be214daf6d25f17f68b93446
aa7becfd501eaba46719e90aaea7ec6281cb19f9c4d7775c067091cbb38af35d
abb104ac64187b2f903905e21b16803bdf8f2dc43d0992077d2e27cee929c2c3
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b3bde462ec554125cb55dfda8be71512fdc5ebe1985248c918655b3d01274fd7
b4aa35d1aefe17ab75c8c0ba0972cfc241143316673eeb38e6750556634f5637
b6745005745b7aefe26dfacb5bfd8a04b5e1a8ed10ca5da39529921bcd5c0956
ba5f70b64ba31b909c5d85d8f63f061c041f2a5d7eab0418419d3ea4472e38db
bb6f2949dcc60b06101c598d4e6e43535db9726d5631c750f1a5321dc484b0b9
be4aa1b1e1c465c82da400b7184f5949ae9dfb6b928a277bd4ba380250b22712
bea8ca18fc59dd9efc69075b87febbe8dfd2a4819e600cd6fd9b5da0df604e44
bf4744dda75641cc629d3427ad8a18400b336fc28521996486f14d4853bde02b
c0858cef243753dd5eb4aa252f2063fa980574659c108bb55d795c053531776e
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
c6961a4d4296ec402fe593fad1dc613d2a4afe369e19b245a1139e8addeef035
ca29310fd29ac240ad1ad67e271672ceecc9928f62b3804c8150307047ab59f3
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
cb54751a13853d238e21af8281666e687a1ef4419b7006e931aed9fa9e00ff4c
cde1c67d99aac59b55c20e8b666b9b7b9b86a8d00abd7bc445dfdc22e2abe439
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d61dec7be8ee9080cd713a30cbd91a22d0b594d5835467a3aac451b65a709578
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d82367742a789f0618bd00083354a3df851fc894683e6a94e41123268ee99254
d95f5beca7425ebf58bbe6a71782e6e57a388cd1a2cdbdba6e0103fc74ac8c1f
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
daaafad9f8276b91523c1b79a2e6dfb3e5a19c7b423fcf6d8ce7f1fff05cdd7b
ddbe53fbdf228359ca0cbce287c93bd5d381dc271605ae88635204eec016aa98
df230a2c167a80823d937db721e39bd4ee4eb917ec2694559fec24090ef6c28d
e09aea00e38e6dd82f3ef7fb470a7185501238189d6a9fb932a783a79fa8076e
e2150bd820d129a2c937e6d980824cbc88fb5ec9d43e06be325e99787db6a61f
e2c54a34796740b17a21a95e80a389cb9419bac542769253aff79119ebdc8ed6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e543cf2c8cb3c2c64f8407f0fd850eb60f951253843fe64daf5b6b86d3b13fc1
e638d0a2e34839411a00a5b34800a1dbf737b68fcea0b85c683e0d46414d3556
e88b7dc458ea3ab8c5437de97d3fddf3f8d287de43acf8c6adafaab6f11eb332
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f44004c0c9ea3f322f7a346eee2592dcbf275fbd32a5ef53ab2e56ff22dc084b
f5e3a2c67fa809ff28e25a52dfa078a0b3bb3f7431a564c64d88f3dd1ee5ca62
fd0d1e46f88e8ab51c3d4cfaaa9a22c2c2c5fd0e578b06afc7f710456e474b46
ff01abcda30db3f0195e462b33eb98f8e4fcf594f24cd34ea88b3d5ff883abfe

tam.by Open in urlscan Pro 2a0a:7d80::c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

205 Requests

100 %HTTPS

63 %IPv6

24 Domains

40 Subdomains

29 IPs

7 Countries

2240 kBTransfer

5681 kBSize

12 Cookies

53 Outgoing links

Page URL History

Redirected requests

205 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tam.by Open in urlscan Pro
2a0a:7d80::c Public Scan

Screenshot
Live screenshot

Full Image

205
Requests

100 %
HTTPS

63 %
IPv6

24
Domains

40
Subdomains

29
IPs

7
Countries

2240 kB
Transfer

5681 kB
Size

12
Cookies

205 HTTP transactions
6 data transactions