garmed.ru Open in urlscan Pro
5.9.86.87 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://garmed.ru/
Submission: On October 09 via api (October 9th 2022, 3:01:50 am UTC) from US — Scanned from DE

Summary HTTP 166 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 35 IPs in 5 countries across 26 domains to perform 166 HTTP transactions. The main IP is 5.9.86.87, located in Germany and belongs to HETZNER-AS, DE. The main domain is garmed.ru.

This is the only time garmed.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
30	5.9.86.87 5.9.86.87	24940 (HETZNER-AS) (HETZNER-AS)
8	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1 1	87.240.129.187 87.240.129.187	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
6	87.240.132.67 87.240.132.67	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
1 1	217.69.139.100 217.69.139.100	47764 (VK-AS) (VK-AS)
1 3	94.100.180.54 94.100.180.54	47764 (VK-AS) (VK-AS)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
6	95.163.114.204 95.163.114.204	12695 (DINET-AS) (DINET-AS)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	185.5.137.205 185.5.137.205	47764 (VK-AS) (VK-AS)
2	94.100.180.38 94.100.180.38	47764 (VK-AS) (VK-AS)
6	95.142.206.2 95.142.206.2	60476 (MYCOM-AS) (MYCOM-AS)
4 8	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1 2	159.69.82.209 159.69.82.209	24940 (HETZNER-AS) (HETZNER-AS)
2 3	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
15	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
39	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
2	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
4	185.5.137.203 185.5.137.203	47764 (VK-AS) (VK-AS)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (VK-AS) (VK-AS)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	92.63.192.10 92.63.192.10	29182 (RU-JSCIOT) (RU-JSCIOT)
1	62.109.6.15 62.109.6.15	29182 (RU-JSCIOT) (RU-JSCIOT)
1	95.217.109.66 95.217.109.66	24940 (HETZNER-AS) (HETZNER-AS)
1	217.197.112.80 217.197.112.80	20655 (E-STYLEIS...) (E-STYLEISP-AS)
166	35

30 5.9.86.87 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.87.86.9.5.clients.your-server.de

garmed.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.240.129.187 (Russian Federation) 1 redirects

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv187-129-240-87.vk.com

userapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 87.240.132.67 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv67-132-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.69.139.100 (Russian Federation) 1 redirects

ASN47764 (VK-AS, RU)
PTR: img.mail.ru

cdn.connect.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 94.100.180.54 (Russian Federation) 1 redirects

ASN47764 (VK-AS, RU)
PTR: connect.mail.ru

connect.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

t1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 95.163.114.204 (Moscow, Russian Federation)

ASN12695 (DINET-AS, RU)

w.uptolike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.sk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.sk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.5.137.205 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: mystatic5.i.mail.ru

my2.imgsmail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.100.180.38 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: my.mail.ru

my.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 95.142.206.2 (Amsterdam, Netherlands)

ASN60476 (MYCOM-AS, NL)
PTR: srv2-206.vkontakte.ru

st6-22.vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.69.82.209 (Essen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.209.82.69.159.clients.your-server.de

novoston.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.212.202.52 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.5.137.203 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: mystatic3.i.mail.ru

my1.imgsmail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (VK-AS, RU)

rs.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.63.192.10 (Russian Federation)

ASN29182 (RU-JSCIOT, RU)
PTR: belesta1023.ru

optimads.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.109.6.15 (Russian Federation)

ASN29182 (RU-JSCIOT, RU)
PTR: belesta1024.ru

supraneet.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.217.109.66 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.66.109.217.95.clients.your-server.de

cdn.smntq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.197.112.80 (Russian Federation)

ASN20655 (E-STYLEISP-AS, RU)
PTR: seopult.ru

af.click.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 170	530 KB
30	garmed.ru garmed.ru	35 KB
15	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 311	250 KB
12	vk.com vk.com — Cisco Umbrella Rank: 3030 st6-22.vk.com — Cisco Umbrella Rank: 82381	227 KB
10	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 68	50 KB
9	mail.ru 2 redirects cdn.connect.mail.ru — Cisco Umbrella Rank: 403980 connect.mail.ru — Cisco Umbrella Rank: 42451 my.mail.ru — Cisco Umbrella Rank: 67583 top-fwz1.mail.ru — Cisco Umbrella Rank: 5365 rs.mail.ru — Cisco Umbrella Rank: 8517	22 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 991 syndication.twitter.com — Cisco Umbrella Rank: 1241	151 KB
6	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 136 www.google.com — Cisco Umbrella Rank: 19	1 KB
6	uptolike.com w.uptolike.com — Cisco Umbrella Rank: 87455	20 KB
5	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 8250	2 KB
5	imgsmail.ru my2.imgsmail.ru — Cisco Umbrella Rank: 144726 my1.imgsmail.ru — Cisco Umbrella Rank: 226543	93 KB
4	gstatic.com t1.gstatic.com www.gstatic.com fonts.gstatic.com	65 KB
3	yadro.ru 2 redirects counter.yadro.ru — Cisco Umbrella Rank: 5532	2 KB
3	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 2147	57 KB
3	google.sk adservice.google.sk — Cisco Umbrella Rank: 69257	1 KB
2	novoston.com 1 redirects novoston.com	221 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 203	87 KB
1	click.ru af.click.ru — Cisco Umbrella Rank: 118215	1 KB
1	smntq.com cdn.smntq.com — Cisco Umbrella Rank: 87903	490 B
1	supraneet.ru supraneet.ru	319 B
1	optimads.ru optimads.ru	5 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 115	3 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 228	45 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1003	643 B
1	userapi.com 1 redirects userapi.com — Cisco Umbrella Rank: 5312	318 B
166	26

	Domain	Requested by
39	tpc.googlesyndication.com	googleads.g.doubleclick.net cdn.ampproject.org pagead2.googlesyndication.com tpc.googlesyndication.com
30	garmed.ru	garmed.ru
15	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	pagead2.googlesyndication.com	garmed.ru pagead2.googlesyndication.com tpc.googlesyndication.com
6	st6-22.vk.com	vk.com st6-22.vk.com
6	w.uptolike.com	garmed.ru w.uptolike.com
6	vk.com	garmed.ru userapi.com vk.com
5	mc.yandex.com	2 redirects garmed.ru
4	my1.imgsmail.ru	connect.mail.ru my1.imgsmail.ru
4	platform.twitter.com	garmed.ru platform.twitter.com
3	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
3	counter.yadro.ru	2 redirects garmed.ru
3	mc.yandex.ru	2 redirects garmed.ru
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.sk	pagead2.googlesyndication.com
3	connect.mail.ru	1 redirects garmed.ru my2.imgsmail.ru
2	fonts.gstatic.com	fonts.googleapis.com
2	top-fwz1.mail.ru	vk.com
2	syndication.twitter.com	platform.twitter.com garmed.ru
2	novoston.com	1 redirects garmed.ru
2	my.mail.ru	garmed.ru connect.mail.ru
2	connect.facebook.net	garmed.ru connect.facebook.net
1	af.click.ru	w.uptolike.com
1	cdn.smntq.com	w.uptolike.com
1	supraneet.ru	w.uptolike.com
1	optimads.ru	w.uptolike.com
1	www.facebook.com	connect.facebook.net
1	rs.mail.ru	connect.mail.ru
1	www.gstatic.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	my2.imgsmail.ru	cdn.connect.mail.ru
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	t1.gstatic.com	garmed.ru
1	cdn.connect.mail.ru	1 redirects
1	userapi.com	1 redirects
166	37

This site contains links to these domains. Also see Links.

Domain
connect.mail.ru
www.liveinternet.ru

Subject Issuer	Validity	Valid
uptolike.com R3	`2022-08-23` - `2022-11-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.sk GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-03-18` - `2023-04-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-18` - `2022-10-16`	3 months	crt.sh
novoston.com R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.imgsmail.ru GeoTrust RSA CA 2018	`2022-03-11` - `2023-03-15`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.my.mail.ru GlobalSign RSA OV SSL CA 2018	`2022-06-02` - `2023-07-04`	a year	crt.sh
optimads.ru R3	`2022-10-04` - `2023-01-02`	3 months	crt.sh
supraneet.ru R3	`2022-10-04` - `2023-01-02`	3 months	crt.sh
smntq.com R3	`2022-09-18` - `2022-12-17`	3 months	crt.sh
*.click.ru R3	`2022-08-26` - `2022-11-24`	3 months	crt.sh

This page contains 17 frames:

Primary Page: http://garmed.ru/
Frame ID: F84DDBACDE4F7E9AA853593E8A273156
Requests: 69 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6095929928545495&output=html&h=600&adk=3368150715&adf=1834103405&w=160&lmt=1665284503&channel=0900002288&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=D5D5D5&color_link=0033FF&color_text=333333&color_url=008000&url=http%3A%2F%2Fgarmed.ru%2F&wgl=1&dt=1665284504192&bpp=19&bdt=515&idt=213&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&abxe=1&correlator=5095527943462&frm=20&pv=2&ga_vid=151692660.1665284504&ga_sid=1665284504&ga_hid=1715777623&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=850&ady=493&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44772927%2C44773746%2C31067826&oid=2&pvsid=2390537064069740&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=iznkN1mLEA&p=http%3A//garmed.ru&dtd=231
Frame ID: F8C9D17CF4B5925D8D6229B138BA6118
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6095929928545495&output=html&h=60&adk=1819086711&adf=130451210&w=468&lmt=1665284503&channel=0900002288&ad_type=text_image&format=468x60_as&color_bg=FFFFFF&color_border=D5D5D5&color_link=0033FF&color_text=333333&color_url=008000&url=http%3A%2F%2Fgarmed.ru%2F&wgl=1&dt=1665284504215&bpp=4&bdt=539&idt=214&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&abxe=1&prev_fmts=160x600_as&correlator=5095527943462&pv_ch=0900002288%2B&frm=20&pv=1&ga_vid=151692660.1665284504&ga_sid=1665284504&ga_hid=1715777623&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=1682&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44772927%2C44773746%2C31067826&oid=2&pvsid=2390537064069740&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Z0MF367KBB&p=http%3A//garmed.ru&dtd=217
Frame ID: 92822DA1C961383342A9BD0B3EEA2CE9
Requests: 22 HTTP requests in this frame

Frame: https://vk.com/widget_like.php?app=3073565&width=100%25&_ver=1&page=0&url=http%3A%2F%2Fgarmed.ru%2F&type=button&verb=0&color=&title=%D0%A1%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%20%22%D0%93%D0%B0%D1%80%D0%BC%D0%B5%D0%B4%22%20%2F%20%D0%92%D0%B0%D1%88%20%D1%81%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D0%BD%D1%82&description=%D0%A1%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%20%22%D0%93%D0%B0%D1%80%D0%BC%D0%B5%D0%B4%22%20%7C%20%D0%9A%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D1%86%D0%B8%D0%B8%20%D0%BF%D0%BE%20%D0%B2%D1%81%D0%B5%D0%BC%20%D0%B2%D0%B8%D0%B4%D0%B0%D0%BC%20%D1%81%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F%20%7C%20%D0%A1%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D1%87%D0%BD%D0%B8%D0%BA%20%D1%81%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D1%8B%D1%85%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D0%B9&image=&text=&h=22&startWidth=0&referrer=&183bab0fb88
Frame ID: 138F1648B09C9EA336EAAD2D875EA722
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6095929928545495&output=html&h=600&adk=3835333389&adf=447756648&w=160&lmt=1665284503&channel=0900002288&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=D5D5D5&color_link=0033FF&color_text=333333&color_url=008000&url=http%3A%2F%2Fgarmed.ru%2F&wgl=1&dt=1665284504569&bpp=9&bdt=892&idt=9&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&abxe=1&cookie=ID%3Ddaf88c0665bf5c44-22be8a6840ce0085%3AT%3D1665284504%3ART%3D1665284504%3AS%3DALNI_MYnkg90jeDuD0Ej3MmTw7jFdS9q9Q&prev_fmts=160x600_as%2C468x60_as&correlator=5095527943462&pv_ch=0900002288%2B&frm=20&pv=1&ga_vid=151692660.1665284504&ga_sid=1665284504&ga_hid=1715777623&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=720&ady=3443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44772927%2C44773746%2C31067826&oid=2&pvsid=2390537064069740&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=UuGZRevAYT&p=http%3A//garmed.ru&dtd=15
Frame ID: 36F7B514EC76C7C10997E0BF407A9101
Requests: 14 HTTP requests in this frame

Frame: https://novoston.com/informer_data/currency_rate
Frame ID: DD055E396F218C0699B491E7F2214BB3
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=http%3A%2F%2Fgarmed.ru
Frame ID: E32A24058B767A827909453141A54FA8
Requests: 2 HTTP requests in this frame

Frame: https://connect.mail.ru/share_button?cm=1&ck=3&sz=20&st=2&domain=garmed.ru&url=http%3A%2F%2Fgarmed.ru%2F&buttonID=8813985&faces_count=10&height=20&width=100%25&caption=%D0%9D%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%81%D1%8F&cp=1&host=http%3A%2F%2Fgarmed.ru&wid=7521676&type=insertable&app_id=-1&appid=-1
Frame ID: CBFE86D1CBD30ECAD7FCD5ABE483C997
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E604DD1723FDDF00E98B66C3D9FF9B50
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.7dae38096d06923d683a2a807172322a.ru.html
Frame ID: 7037E13FA83F7E4D964C5789453105D1
Requests: 2 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84
Frame ID: 1EE72A866758F12A698FE50C12D1D9A6
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df157ce34a09aa28%26domain%3Dgarmed.ru%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fgarmed.ru%252Ff269441c393b0cc%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fgarmed.ru%2F&layout=button_count&locale=ru_RU&sdk=joey&send=false&show_faces=true&width=120
Frame ID: E2A6A0CD831C5EE6F55B0545D56B3FE1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/zrt_lookup.html
Frame ID: F504C7DEBD7637A701EA53906FB042F6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6095929928545495&output=html&adk=1812271804&adf=3025194257&lmt=1665284503&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&channel=0900002288&format=0x0&url=http%3A%2F%2Fgarmed.ru%2F&ea=0&pra=7&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1665284505886&bpp=1&bdt=2209&idt=2&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddaf88c0665bf5c44-22be8a6840ce0085%3AT%3D1665284504%3ART%3D1665284504%3AS%3DALNI_MYnkg90jeDuD0Ej3MmTw7jFdS9q9Q&prev_fmts=160x600_as%2C468x60_as%2C160x600_as&nras=1&correlator=5095527943462&pv_ch=0900002288%2B&frm=20&pv=1&ga_vid=151692660.1665284504&ga_sid=1665284504&ga_hid=1715777623&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44772927%2C44773746%2C31067826&oid=2&psts=APxP-9AkTpcBzWn8sLXdEPct6obQtgjDSUCrA1u1jHAQ_vDX_JK44AW-LL0QXcIthTMatkwrLj1JLgMR10yKc3talg%2CAPxP-9Axq2rHo_sT46fIyGbbLbJZB_yauC6ABSvFL6nX_MeV1DoqiWZvBHpM8iBAMH8fVyvof1jIRwjW5WgfDQzhdg%2CAPxP-9BWz9sn5y1WDzdMbvI8exiUWNpqkPMsK9MVNJvXE0fr-fljn0LjTjxhvT6ZaCL1y0Z4d02Bu-ueGdkZaFX_QA&pvsid=2390537064069740&tmod=1772986814&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=19
Frame ID: 1BDC196E35B1444BE33EB8113942DACC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F165FB3878C714ECCEAD876D993312AB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 299807302754DC8A6E90A9E1D4D4569F
Requests: 2 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/zp/support.html
Frame ID: D4F85A99588E3B1B4EFF6351F4DAD4C0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Страховая компания "Гармед" / Ваш страховой консультант

Detected technologies

Joomla (CMS) Expand

Overall confidence: 50%
Detected patterns

(?:<div[^>]+id="wrapper_r"|<(?:link|script)[^>]+(?:feed|components)/com_|<table[^>]+class="pill)

MooTools (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

mootools.*\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

166
Requests

75 %
HTTPS

50 %
IPv6

26
Domains

37
Subdomains

35
IPs

5
Countries

1647 kB
Transfer

4909 kB
Size

25
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://connect.mail.ru/share
Title: Нравится

Search URL Search Domain Scan URL

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

http://userapi.com/js/api/openapi.js?52 HTTP 301
https://vk.com/js/api/openapi.js?52

Request Chain 18

http://cdn.connect.mail.ru/js/loader.js HTTP 301
http://connect.mail.ru/js/loader.js

Request Chain 40

http://connect.facebook.net/ru_RU/all.js HTTP 307
https://connect.facebook.net/ru_RU/all.js

Request Chain 60

http://mc.yandex.ru/metrika/watch.js HTTP 302
https://mc.yandex.ru/metrika/watch.js

Request Chain 62

http://novoston.com/informer_data/currency_rate HTTP 301
https://novoston.com/informer_data/currency_rate

Request Chain 63

http://counter.yadro.ru/hit?t57.6;r;s1600*1200*24;uhttp%3A//garmed.ru/;0.1575394101734029 HTTP 302
https://counter.yadro.ru/hit?t57.6;r;s1600*1200*24;uhttp%3A//garmed.ru/;0.1575394101734029 HTTP 302
https://counter.yadro.ru/hit?q;t57.6;r;s1600*1200*24;uhttp%3A//garmed.ru/;0.1575394101734029

Request Chain 84

http://connect.mail.ru/share_button?cm=1&ck=3&sz=20&st=2&domain=garmed.ru&url=http%3A%2F%2Fgarmed.ru%2F&buttonID=8813985&faces_count=10&height=20&width=100%25&caption=%D0%9D%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%81%D1%8F&cp=1&host=http%3A%2F%2Fgarmed.ru&wid=7521676&type=insertable&app_id=-1&appid=-1 HTTP 301
https://connect.mail.ru/share_button?cm=1&ck=3&sz=20&st=2&domain=garmed.ru&url=http%3A%2F%2Fgarmed.ru%2F&buttonID=8813985&faces_count=10&height=20&width=100%25&caption=%D0%9D%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%81%D1%8F&cp=1&host=http%3A%2F%2Fgarmed.ru&wid=7521676&type=insertable&app_id=-1&appid=-1

Request Chain 102

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9785.Ht0tjSMa9D45busLlFcfcQ53hD4ilWIC3GwYIS92lURX5HKYPAODRb0ePocJTeIH.vpQSnuhBXR2IcXTsIALRD1GhVAA%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9785.zjaaTKv3ZNFFXEP7EM8S8kBq_WG0GZR2Bzm6z7yfnF0UMF-M8L5zN9WyIOE2KbPqy6QnvmcMyZ02hmJzhLqoNQ%2C%2C.dMh_WTM3Z2upLEGzdQ-iS_9tSrs%2C

Request Chain 107

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 116

https://mc.yandex.com/watch/23414332?wmode=7&page-url=http%3A%2F%2Fgarmed.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A8zdfc3pjszirvo7fx08h8%3Afp%3A3692%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A908334127013%3Ahid%3A719761673%3Az%3A0%3Ai%3A20221009030145%3Aet%3A1665284505%3Ac%3A1%3Arn%3A289623347%3Arqn%3A1%3Au%3A1665284505647502522%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A26%2C28%2C3220%2C349%2C0%2C0%2C%2C594%2C0%2C%2C%2C%2C4218%3Acpf%3A1%3Antf%3A1%3Ans%3A1665284500396%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665284505%3At%3A%D0%A1%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%20%22%D0%93%D0%B0%D1%80%D0%BC%D0%B5%D0%B4%22%20%2F%20%D0%92%D0%B0%D1%88%20%D1%81%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D0%BD%D1%82&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fgarmed.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A8zdfc3pjszirvo7fx08h8%3Afp%3A3692%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A908334127013%3Ahid%3A719761673%3Az%3A0%3Ai%3A20221009030145%3Aet%3A1665284505%3Ac%3A1%3Arn%3A289623347%3Arqn%3A1%3Au%3A1665284505647502522%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A26%2C28%2C3220%2C349%2C0%2C0%2C%2C594%2C0%2C%2C%2C%2C4218%3Acpf%3A1%3Antf%3A1%3Ans%3A1665284500396%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665284505%3At%3A%D0%A1%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%20%22%D0%93%D0%B0%D1%80%D0%BC%D0%B5%D0%B4%22%20%2F%20%D0%92%D0%B0%D1%88%20%D1%81%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D0%BD%D1%82&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

166 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
garmed.ru/ 59 KB
25 KB 3274ms
3220ms Document
text/html 5.9.86.87
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://garmed.ru/
Protocol: HTTP/1.1
Server: 5.9.86.87 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.87.86.9.5.clients.your-server.de
Software: nginx/1.18.0 / PHP/5.2.17
Resource Hash: a03e5519641f8f42c1cd57a13dd17cd72b6c4446c9f10def4ee18d0b2d890544

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Sun, 09 Oct 2022 03:01:43 GMT
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sun, 09 Oct 2022 03:01:43 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: nginx/1.18.0
Transfer-Encoding: chunked
X-Content-Encoded-By: Joomla! 1.5
X-Powered-By: PHP/5.2.17

GET
H/1.1 404
Not Found style.css
garmed.ru/components/com_jcomments/tpl/default/ 0
0 336ms
308ms Stylesheet
text/html 5.9.86.87
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://garmed.ru/components/com_jcomments/tpl/default/style.css?v=12
Requested by: Host: garmed.ru
URL: http://garmed.ru/
Protocol: HTTP/1.1
Server: 5.9.86.87 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.87.86.9.5.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 555
Content-Type: text/html

GET
H/1.1 404
Not Found style.css
garmed.ru/modules/mod_news_show_gk3/style/ 0
0 336ms
307ms Stylesheet
text/html 5.9.86.87
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://garmed.ru/modules/mod_news_show_gk3/style/style.css
Requested by: Host: garmed.ru
URL: http://garmed.ru/
Protocol: HTTP/1.1
Server: 5.9.86.87 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.87.86.9.5.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 555
Content-Type: text/html

GET
H/1.1 404
Not Found mootools.js
garmed.ru/media/system/js/ 0
0 370ms
29ms Script
text/html 5.9.86.87
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://garmed.ru/media/system/js/mootools.js
Requested by: Host: garmed.ru
URL: http://garmed.ru/
Protocol: HTTP/1.1
Server: 5.9.86.87 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.87.86.9.5.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 555
Content-Type: text/html

GET
H/1.1 404
Not Found caption.js
garmed.ru/media/system/js/ 0
0 368ms
27ms Script
text/html 5.9.86.87
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://garmed.ru/media/system/js/caption.js
Requested by: Host: garmed.ru
URL: http://garmed.ru/
Protocol: HTTP/1.1
Server: 5.9.86.87 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.87.86.9.5.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 555
Content-Type: text/html

GET
H/1.1 404
Not Found engine_1_11_compressed.js
garmed.ru/modules/mod_news_show_gk3/scripts/ 0
0 372ms
31ms Script
text/html 5.9.86.87
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://garmed.ru/modules/mod_news_show_gk3/scripts/engine_1_11_compressed.js
Requested by: Host: garmed.ru
URL: http://garmed.ru/
Protocol: HTTP/1.1
Server: 5.9.86.87 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.87.86.9.5.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 555
Content-Type: text/html

GET
H/1.1 404
Not Found system.css
garmed.ru/templates/system/css/ 0
0 331ms
304ms Stylesheet
text/html 5.9.86.87
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://garmed.ru/templates/system/css/system.css
Requested by: Host: garmed.ru
URL: http://garmed.ru/
Protocol: HTTP/1.1
Server: 5.9.86.87 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.87.86.9.5.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 555
Content-Type: text/html

GET
H/1.1 404
Not Found general.css
garmed.ru/templates/system/css/ 0
0 334ms
304ms Stylesheet
text/html 5.9.86.87
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://garmed.ru/templates/system/css/general.css
Requested by: Host: garmed.ru
URL: http://garmed.ru/
Protocol: HTTP/1.1
Server: 5.9.86.87 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.87.86.9.5.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 555
Content-Type: text/html

GET
H/1.1 404
Not Found tdefaut.css
garmed.ru/templates/everhest/css/ 0
0 334ms
305ms Stylesheet
text/html 5.9.86.87
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://garmed.ru/templates/everhest/css/tdefaut.css
Requested by: Host: garmed.ru
URL: http://garmed.ru/
Protocol: HTTP/1.1
Server: 5.9.86.87 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.87.86.9.5.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 555
Content-Type: text/html

GET
H/1.1 404
Not Found logo.png
garmed.ru/templates/everhest/images/ 555 B
555 B 35ms
26ms Image
text/html 5.9.86.87
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://garmed.ru/templates/everhest/images/logo.png
Requested by: Host: garmed.ru
URL: http://garmed.ru/
Protocol: HTTP/1.1
Server: 5.9.86.87 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.87.86.9.5.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 555
Content-Type: text/html

GET
H/1.1 404
Not Found slide1.jpg
garmed.ru/images/stories/slide/ 555 B
555 B 36ms
28ms Image
text/html 5.9.86.87
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://garmed.ru/images/stories/slide/slide1.jpg
Requested by: Host: garmed.ru
URL: http://garmed.ru/
Protocol: HTTP/1.1
Server: 5.9.86.87 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.87.86.9.5.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 555
Content-Type: text/html

GET
H/1.1 404
Not Found about.png
garmed.ru/images/stories/ 555 B
555 B 36ms
28ms Image
text/html 5.9.86.87
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://garmed.ru/images/stories/about.png
Requested by: Host: garmed.ru
URL: http://garmed.ru/
Protocol: HTTP/1.1
Server: 5.9.86.87 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.87.86.9.5.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 555
Content-Type: text/html

GET
H/1.1 404
Not Found contact.png
garmed.ru/images/stories/ 555 B
555 B 36ms
29ms Image
text/html 5.9.86.87
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://garmed.ru/images/stories/contact.png
Requested by: Host: garmed.ru
URL: http://garmed.ru/
Protocol: HTTP/1.1
Server: 5.9.86.87 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.87.86.9.5.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 555
Content-Type: text/html

GET
H/1.1 404
Not Found share42.css
garmed.ru/share42/ 0
0 31ms
28ms Stylesheet
text/html 5.9.86.87
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://garmed.ru/share42/share42.css
Requested by: Host: garmed.ru
URL: http://garmed.ru/
Protocol: HTTP/1.1
Server: 5.9.86.87 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.87.86.9.5.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 555
Content-Type: text/html

GET
H/1.1 404
Not Found share42.js
garmed.ru/share42/ 0
0 39ms
28ms Script
text/html 5.9.86.87
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://garmed.ru/share42/share42.js
Requested by: Host: garmed.ru
URL: http://garmed.ru/
Protocol: HTTP/1.1
Server: 5.9.86.87 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.87.86.9.5.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 555
Content-Type: text/html

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 112 KB
40 KB 84ms
38ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: garmed.ru
URL: http://garmed.ru/

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad5ec988bd020164b671bb75db6db271e404cc8f48c601292b88d8811de6e061

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 17719123733879590686
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 40124
X-XSS-Protection: 0
Expires: Sun, 09 Oct 2022 03:01:44 GMT

GET
H/1.1 404
Not Found image020.jpg
garmed.ru/images/stories/003/ 555 B
555 B 28ms
28ms Image
text/html 5.9.86.87
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://garmed.ru/images/stories/003/image020.jpg
Requested by: Host: garmed.ru
URL: http://garmed.ru/
Protocol: HTTP/1.1
Server: 5.9.86.87 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.87.86.9.5.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 555
Content-Type: text/html

GET
H/1.1 404
Not Found image012.jpg
garmed.ru/images/stories/003/ 555 B
555 B 27ms
27ms Image
text/html 5.9.86.87
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://garmed.ru/images/stories/003/image012.jpg
Requested by: Host: garmed.ru
URL: http://garmed.ru/
Protocol: HTTP/1.1
Server: 5.9.86.87 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.87.86.9.5.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 555
Content-Type: text/html

GET
H2

200

openapi.js Show response
vk.com/js/api/
Redirect Chain

http://userapi.com/js/api/openapi.js?52
https://vk.com/js/api/openapi.js?52

104 KB
23 KB

182ms
55ms

Script
application/x-javascript

87.240.132.67
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?52
Requested by: Host: garmed.ru
URL: http://garmed.ru/
Protocol: H2
Server: 87.240.132.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS: srv67-132-240-87.vk.com
Software: kittenx /
Resource Hash: 2f7e190c7a25194337efdd52f0018320ebfa239e150b19b95f3703b0bc02e6c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 03:01:44 GMT
content-encoding: br
x-frontend: front224006
last-modified: Wed, 10 Aug 2022 14:44:17 GMT
server: kittenx
etag: "62f3c441-5b1a"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 23322
expires: Thu, 13 Oct 2022 03:01:44 GMT

Redirect headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
Strict-Transport-Security: max-age=15768000
X-Frontend: front508124
Server: kittenx
Content-Type: text/html
Location: https://vk.com/js/api/openapi.js?52
Access-Control-Expose-Headers: X-Frontend
Connection: keep-alive
Content-Length: 164

GET
H/1.1

200
OK

loader.js Show response
connect.mail.ru/js/
Redirect Chain

http://cdn.connect.mail.ru/js/loader.js
http://connect.mail.ru/js/loader.js

8 KB
3 KB

245ms
64ms

Script
application/javascript

94.100.180.54
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://connect.mail.ru/js/loader.js

Requested by

Host: garmed.ru
URL: http://garmed.ru/

Protocol

HTTP/1.1

Server

94.100.180.54 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

connect.mail.ru

Software

nginx /

Resource Hash

749ac42703ade78a5ed1277ed14fb8adb16ee555cd0997b07c902371bc1fee07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 12 Sep 2022 13:39:27 GMT
Server: nginx
ETag: W/"631f368f-213e"
X-WebKit-CSP-Report-Only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
Transfer-Encoding: chunked
X-Frame-Options: DENY
Content-Type: application/javascript
P3P: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
Cache-Control: no-cache, no-store, must-revalidate, private
Connection: keep-alive
X-XSS-Protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Redirect headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: text/html
Location: http://connect.mail.ru/js/loader.js
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 178

GET
H/1.1 404
Not Found %208.jpg
garmed.ru/images/stories/ 555 B
555 B 29ms
28ms Image
text/html 5.9.86.87
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://garmed.ru/images/stories/%208.jpg
Requested by: Host: garmed.ru
URL: http://garmed.ru/
Protocol: HTTP/1.1
Server: 5.9.86.87 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.87.86.9.5.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 555
Content-Type: text/html

GET
H/1.1 404
Not Found image014.jpg
garmed.ru/images/stories/004/ 555 B
555 B 30ms
29ms Image
text/html 5.9.86.87
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://garmed.ru/images/stories/004/image014.jpg
Requested by: Host: garmed.ru
URL: http://garmed.ru/
Protocol: HTTP/1.1
Server: 5.9.86.87 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.87.86.9.5.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 555
Content-Type: text/html

GET
H/1.1 404
Not Found voditel%20pogruzchika%20obuchenie%20kiev.jpg
garmed.ru/images/stories/ 555 B
555 B 31ms
30ms Image
text/html 5.9.86.87
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://garmed.ru/images/stories/voditel%20pogruzchika%20obuchenie%20kiev.jpg
Requested by: Host: garmed.ru
URL: http://garmed.ru/
Protocol: HTTP/1.1
Server: 5.9.86.87 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.87.86.9.5.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 555
Content-Type: text/html

GET
H/1.1 200
OK images
t1.gstatic.com/ 8 KB
9 KB 105ms
65ms Image
image/jpeg 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://t1.gstatic.com/images?q=tbn:ANd9GcSEztFRubEeWsTn0PuezXUt36JDKtamXd9HDMWEyinWBfKYk-Tz

Requested by

Host: garmed.ru
URL: http://garmed.ru/

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7b00186265dc1dcdef9b7448bffe1001216eaf85d84a5ac5fdab8e612f34e56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 08 Apr 2022 13:33:48 GMT
Server: sffe
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
Report-To: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 8184
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="images-tbn"
Expires: Mon, 09 Oct 2023 03:01:44 GMT

GET
H/1.1 404
Not Found image040.jpg
garmed.ru/images/stories/014/ 555 B
555 B 32ms
32ms Image
text/html 5.9.86.87
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://garmed.ru/images/stories/014/image040.jpg
Requested by: Host: garmed.ru
URL: http://garmed.ru/
Protocol: HTTP/1.1
Server: 5.9.86.87 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.87.86.9.5.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 555
Content-Type: text/html

GET
H/1.1 404
Not Found image047.jpg
garmed.ru/images/stories/014/ 555 B
555 B 29ms
28ms Image
text/html 5.9.86.87
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://garmed.ru/images/stories/014/image047.jpg
Requested by: Host: garmed.ru
URL: http://garmed.ru/
Protocol: HTTP/1.1
Server: 5.9.86.87 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.87.86.9.5.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 555
Content-Type: text/html

GET
H/1.1 404
Not Found image017.jpg
garmed.ru/images/stories/015/ 555 B
555 B 27ms
27ms Image
text/html 5.9.86.87
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://garmed.ru/images/stories/015/image017.jpg
Requested by: Host: garmed.ru
URL: http://garmed.ru/
Protocol: HTTP/1.1
Server: 5.9.86.87 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.87.86.9.5.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 555
Content-Type: text/html

GET
H/1.1 200
OK zp.js Show response
w.uptolike.com/widgets/v1/ 44 KB
12 KB 254ms
69ms Script
application/javascript 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/zp.js?pid=tle56a9aa26891bc802575dc34aaadf13193db145c
Requested by: Host: garmed.ru
URL: http://garmed.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 8bba4eb43c3d186256977d7282beaf05c1f58c55fbea96212519677aaf8c63ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31556926
Connection: keep-alive

GET
H/1.1 404
Not Found image042.jpg
garmed.ru/images/stories/009/ 555 B
555 B 29ms
28ms Image
text/html 5.9.86.87
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://garmed.ru/images/stories/009/image042.jpg
Requested by: Host: garmed.ru
URL: http://garmed.ru/
Protocol: HTTP/1.1
Server: 5.9.86.87 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.87.86.9.5.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 555
Content-Type: text/html

GET
H/1.1 404
Not Found image011.jpg
garmed.ru/images/stories/001/ 555 B
555 B 30ms
29ms Image
text/html 5.9.86.87
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://garmed.ru/images/stories/001/image011.jpg
Requested by: Host: garmed.ru
URL: http://garmed.ru/
Protocol: HTTP/1.1
Server: 5.9.86.87 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.87.86.9.5.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 555
Content-Type: text/html

GET
H/1.1 404
Not Found image007.jpg
garmed.ru/images/stories/010/ 555 B
555 B 30ms
29ms Image
text/html 5.9.86.87
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://garmed.ru/images/stories/010/image007.jpg
Requested by: Host: garmed.ru
URL: http://garmed.ru/
Protocol: HTTP/1.1
Server: 5.9.86.87 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.87.86.9.5.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 555
Content-Type: text/html

GET
H/1.1 404
Not Found image042.jpg
garmed.ru/images/stories/004/ 555 B
555 B 31ms
29ms Image
text/html 5.9.86.87
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://garmed.ru/images/stories/004/image042.jpg
Requested by: Host: garmed.ru
URL: http://garmed.ru/
Protocol: HTTP/1.1
Server: 5.9.86.87 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.87.86.9.5.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 555
Content-Type: text/html

GET
H/1.1 404
Not Found image040.jpg
garmed.ru/images/stories/011/ 555 B
555 B 29ms
28ms Image
text/html 5.9.86.87
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://garmed.ru/images/stories/011/image040.jpg
Requested by: Host: garmed.ru
URL: http://garmed.ru/
Protocol: HTTP/1.1
Server: 5.9.86.87 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.87.86.9.5.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 555
Content-Type: text/html

GET
H/1.1 404
Not Found yandex.png
garmed.ru/components/com_sdrsssyndicator/assets/images/buttons/ 555 B
555 B 28ms
27ms Image
text/html 5.9.86.87
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://garmed.ru/components/com_sdrsssyndicator/assets/images/buttons/yandex.png
Requested by: Host: garmed.ru
URL: http://garmed.ru/
Protocol: HTTP/1.1
Server: 5.9.86.87 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.87.86.9.5.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 555
Content-Type: text/html

GET
H/1.1 404
Not Found top.png
garmed.ru/templates/everhest/images/ 555 B
555 B 29ms
28ms Image
text/html 5.9.86.87
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://garmed.ru/templates/everhest/images/top.png
Requested by: Host: garmed.ru
URL: http://garmed.ru/
Protocol: HTTP/1.1
Server: 5.9.86.87 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.87.86.9.5.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 555
Content-Type: text/html

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/ 349 KB
115 KB 111ms
49ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=pub-6095929928545495&plah=garmed.ru

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2874b889eb9dbe3f2ff827d4abcb0cf9ce8541e913b717cc2df2828388d38d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 03:01:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117221
x-xss-protection: 0
server: cafe
etag: 6711815766611181844
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 09 Oct 2022 03:01:44 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 213 B
643 B 81ms
30ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=garmed.ru&callback=_gfp_s_&client=ca-pub-6095929928545495

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=pub-6095929928545495&plah=garmed.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10b23cf3271a1eccc74388f0ef2eaaa6eec444853ba98831dd504291242e037f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 03:01:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.sk/adsid/ 107 B
792 B 98ms
31ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.sk/adsid/integrator.js?domain=garmed.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 03:01:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 95ms
31ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=garmed.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 03:01:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F8C9 70 KB
13 KB 1066ms
1015ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6095929928545495&output=html&h=600&adk=3368150715&adf=1834103405&w=160&lmt=1665284503&channel=0900002288&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=D5D5D5&color_link=0033FF&color_text=333333&color_url=008000&url=http%3A%2F%2Fgarmed.ru%2F&wgl=1&dt=1665284504192&bpp=19&bdt=515&idt=213&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&abxe=1&correlator=5095527943462&frm=20&pv=2&ga_vid=151692660.1665284504&ga_sid=1665284504&ga_hid=1715777623&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=850&ady=493&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44772927%2C44773746%2C31067826&oid=2&pvsid=2390537064069740&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=iznkN1mLEA&p=http%3A//garmed.ru&dtd=231

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

202e92740f4fa7f0e7649f6069f366c191465421b77c9dd9be4653c27eaad29d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://garmed.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: x-google-amp-ad-validated-version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 12617
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 09 Oct 2022 03:01:45 GMT
expires: Sun, 09 Oct 2022 03:01:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9282 56 KB
12 KB 308ms
265ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6095929928545495&output=html&h=60&adk=1819086711&adf=130451210&w=468&lmt=1665284503&channel=0900002288&ad_type=text_image&format=468x60_as&color_bg=FFFFFF&color_border=D5D5D5&color_link=0033FF&color_text=333333&color_url=008000&url=http%3A%2F%2Fgarmed.ru%2F&wgl=1&dt=1665284504215&bpp=4&bdt=539&idt=214&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&abxe=1&prev_fmts=160x600_as&correlator=5095527943462&pv_ch=0900002288%2B&frm=20&pv=1&ga_vid=151692660.1665284504&ga_sid=1665284504&ga_hid=1715777623&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=1682&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44772927%2C44773746%2C31067826&oid=2&pvsid=2390537064069740&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Z0MF367KBB&p=http%3A//garmed.ru&dtd=217

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bcf9edbbf04dea4779edced3cae8af78406f229c22a30a0fbe8d80bcedcb0183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://garmed.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: x-google-amp-ad-validated-version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 11449
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 09 Oct 2022 03:01:44 GMT
expires: Sun, 09 Oct 2022 03:01:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

all.js Show response
connect.facebook.net/ru_RU/
Redirect Chain

http://connect.facebook.net/ru_RU/all.js
https://connect.facebook.net/ru_RU/all.js

3 KB
2 KB

80ms
24ms

Script
application/x-javascript

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/all.js

Requested by

Host: garmed.ru
URL: http://garmed.ru/

Protocol

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

32e7709b69d912e8961d7ff11e2d1a17dcc8e4ec24db50bdb4129ed2b785b1b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 09 Oct 2022 03:01:44 GMT
content-md5: m70j6GRCt1P1/ClCrHTmYA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: sPRUoonGSsT25zIGkHR96dI7fVCmCux6gZvhLMco70p02S1g162G1Ssn7BJ8+qHI4YhHKNwYj3UFka+7fMbcdw==
x-fb-trip-id: 917726464
x-fb-content-md5: 104f43084b8f73c0d42431abd09458d9
cross-origin-opener-policy: same-origin-allow-popups
etag: "dd89aaeae5b417673029d4535387a109"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Sun, 09 Oct 2022 03:08:27 GMT

Redirect headers

Location: https://connect.facebook.net/ru_RU/all.js#xfbml=1
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 103ms
23ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: garmed.ru
URL: http://garmed.ru/
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668D) /
Resource Hash: 9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
Content-Encoding: gzip
Age: 1091
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 29223
x-amzn-internal-status: 304
Last-Modified: Wed, 28 Sep 2022 20:05:37 GMT
Server: ECS (frb/668D)
Etag: "f26384f93da6974ed577808dfa1fede5+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 upload.gif
vk.com/images/ 230 B
403 B 56ms
55ms Image
image/gif 87.240.132.67
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vk.com/images/upload.gif
Requested by: Host: garmed.ru
URL: http://garmed.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.240.132.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS: srv67-132-240-87.vk.com
Software: kittenx /
Resource Hash: 0d7e358637c1b1caa66949aefc529c1e4488923f99e499d6be09eb8cdd0b4202

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 03:01:44 GMT
last-modified: Tue, 22 Sep 2020 20:30:00 GMT
server: kittenx
etag: "5f6a5ec8-e6"
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
content-length: 230
expires: Sun, 16 Oct 2022 03:01:44 GMT

GET
H2 200 widget_like.php Show response
vk.com/ Frame 138F 9 KB
5 KB 96ms
96ms Document
text/html 87.240.132.67
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/widget_like.php?app=3073565&width=100%25&_ver=1&page=0&url=http%3A%2F%2Fgarmed.ru%2F&type=button&verb=0&color=&title=%D0%A1%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%20%22%D0%93%D0%B0%D1%80%D0%BC%D0%B5%D0%B4%22%20%2F%20%D0%92%D0%B0%D1%88%20%D1%81%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D0%BD%D1%82&description=%D0%A1%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%20%22%D0%93%D0%B0%D1%80%D0%BC%D0%B5%D0%B4%22%20%7C%20%D0%9A%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D1%86%D0%B8%D0%B8%20%D0%BF%D0%BE%20%D0%B2%D1%81%D0%B5%D0%BC%20%D0%B2%D0%B8%D0%B4%D0%B0%D0%BC%20%D1%81%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F%20%7C%20%D0%A1%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D1%87%D0%BD%D0%B8%D0%BA%20%D1%81%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D1%8B%D1%85%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D0%B9&image=&text=&h=22&startWidth=0&referrer=&183bab0fb88

Requested by

Host: userapi.com
URL: http://userapi.com/js/api/openapi.js?52

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.132.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv67-132-240-87.vk.com

Software

kittenx / KPHP/7.4.112376

Resource Hash

6404ffc917099408e2ebf84f92b02fcef93259358a878a17d7b1814f71e3e099

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://.vk.com https://vk.ru https://.vk.ru https://static.vk.me https://.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://.yandex.ru https://.google-analytics.com https://.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://.google.com https://google.com https://.vkpartner.ru https://.moatads.com https://.adlooxtracking.ru https://.serving-sys.ru https://.weborama-tech.ru https://.gstatic.com https://.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://.vk-cdn.net https://.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://.vk.com https://vk.ru https://.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=15768000
X-Xss-Protection	1; report=/xss_reports

Request headers

Referer: http://garmed.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: X-Frontend
cache-control: no-store
content-encoding: gzip
content-length: 4032
content-security-policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline'
content-type: text/html; charset=windows-1251
date: Sun, 09 Oct 2022 03:01:44 GMT
server: kittenx
strict-transport-security: max-age=15768000
x-frontend: front224006
x-powered-by: KPHP/7.4.112376
x-xss-protection: 1; report=/xss_reports

GET
H/1.1 200
OK api_min.js Show response
my2.imgsmail.ru/mail/ru/images/js/connect/api/ 49 KB
15 KB 180ms
62ms Script
application/javascript 185.5.137.205
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://my2.imgsmail.ru/mail/ru/images/js/connect/api/api_min.js?16
Requested by: Host: cdn.connect.mail.ru
URL: http://cdn.connect.mail.ru/js/loader.js
Protocol: HTTP/1.1
Server: 185.5.137.205 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: mystatic5.i.mail.ru
Software: nginx /
Resource Hash: a104e58adddcc5086b3c84a058272e62965737fa798e3020b3db0c07e31ef6ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 13:36:35 GMT
Server: nginx
ETag: W/"631f35e3-c533"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: http://my.mail.ru
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK grstat
my.mail.ru/ 43 B
609 B 189ms
69ms Image
image/gif 94.100.180.38
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://my.mail.ru/grstat?name=my.api.browsers.total:my.api.browsers.chrome.106&r=0.9378346466870762

Requested by

Host: garmed.ru
URL: http://garmed.ru/

Protocol

HTTP/1.1

Server

94.100.180.38 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

my.mail.ru

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:44 GMT
X-Content-Type-Options: nosniff
Server: nginx
X-WebKit-CSP-Report-Only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
X-Frame-Options: DENY
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
Cache-Control: no-cache, no-store, must-revalidate, private
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e6def5d3feece899f0580b9f50d769b4ca2a3b3339fb122ceb00b9830c1df0b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aab3ff0dc213477454a0641c0c83219ba436b48005b60d3802fc064f06df96b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 integrator.js Show response
adservice.google.sk/adsid/ 107 B
165 B 33ms
32ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.sk/adsid/integrator.js?domain=garmed.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 03:01:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 32ms
31ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=garmed.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 03:01:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 36F7 69 KB
21 KB 321ms
321ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6095929928545495&output=html&h=600&adk=3835333389&adf=447756648&w=160&lmt=1665284503&channel=0900002288&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=D5D5D5&color_link=0033FF&color_text=333333&color_url=008000&url=http%3A%2F%2Fgarmed.ru%2F&wgl=1&dt=1665284504569&bpp=9&bdt=892&idt=9&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&abxe=1&cookie=ID%3Ddaf88c0665bf5c44-22be8a6840ce0085%3AT%3D1665284504%3ART%3D1665284504%3AS%3DALNI_MYnkg90jeDuD0Ej3MmTw7jFdS9q9Q&prev_fmts=160x600_as%2C468x60_as&correlator=5095527943462&pv_ch=0900002288%2B&frm=20&pv=1&ga_vid=151692660.1665284504&ga_sid=1665284504&ga_hid=1715777623&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=720&ady=3443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44772927%2C44773746%2C31067826&oid=2&pvsid=2390537064069740&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=UuGZRevAYT&p=http%3A//garmed.ru&dtd=15

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97f3c1ca9f09e22da012c5f521d9ba0c7131d5436d73c739bd1c2ae9e0b42927

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://garmed.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 21780
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 09 Oct 2022 03:01:44 GMT
expires: Sun, 09 Oct 2022 03:01:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 loader_nav2073700409_6.js Show response
vk.com/js/ Frame 138F 197 KB
46 KB 115ms
114ms Script
text/javascript 87.240.132.67
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/js/loader_nav2073700409_6.js

Requested by

Host: vk.com
URL: https://vk.com/widget_like.php?app=3073565&width=100%25&_ver=1&page=0&url=http%3A%2F%2Fgarmed.ru%2F&type=button&verb=0&color=&title=%D0%A1%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%20%22%D0%93%D0%B0%D1%80%D0%BC%D0%B5%D0%B4%22%20%2F%20%D0%92%D0%B0%D1%88%20%D1%81%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D0%BD%D1%82&description=%D0%A1%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%20%22%D0%93%D0%B0%D1%80%D0%BC%D0%B5%D0%B4%22%20%7C%20%D0%9A%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D1%86%D0%B8%D0%B8%20%D0%BF%D0%BE%20%D0%B2%D1%81%D0%B5%D0%BC%20%D0%B2%D0%B8%D0%B4%D0%B0%D0%BC%20%D1%81%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F%20%7C%20%D0%A1%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D1%87%D0%BD%D0%B8%D0%BA%20%D1%81%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D1%8B%D1%85%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D0%B9&image=&text=&h=22&startWidth=0&referrer=&183bab0fb88

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.132.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv67-132-240-87.vk.com

Software

kittenx / KPHP/7.4.112376

Resource Hash

7b345573b3213ee4e30a7a4f60d21488bc1c4da397709d0043dec9333b4d6ccf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/widget_like.php?app=3073565&width=100%25&_ver=1&page=0&url=http%3A%2F%2Fgarmed.ru%2F&type=button&verb=0&color=&title=%D0%A1%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%20%22%D0%93%D0%B0%D1%80%D0%BC%D0%B5%D0%B4%22%20%2F%20%D0%92%D0%B0%D1%88%20%D1%81%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D0%BD%D1%82&description=%D0%A1%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%20%22%D0%93%D0%B0%D1%80%D0%BC%D0%B5%D0%B4%22%20%7C%20%D0%9A%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D1%86%D0%B8%D0%B8%20%D0%BF%D0%BE%20%D0%B2%D1%81%D0%B5%D0%BC%20%D0%B2%D0%B8%D0%B4%D0%B0%D0%BC%20%D1%81%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F%20%7C%20%D0%A1%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D1%87%D0%BD%D0%B8%D0%BA%20%D1%81%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D1%8B%D1%85%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D0%B9&image=&text=&h=22&startWidth=0&referrer=&183bab0fb88
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 03:01:44 GMT
content-encoding: gzip
x-frontend: front224006
strict-transport-security: max-age=15768000
server: kittenx
x-powered-by: KPHP/7.4.112376
content-type: text/javascript; charset=windows-1251
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 46269

GET
H2 200 lite.9f12d6dbab465521b947.css
st6-22.vk.com/css/al/ Frame 138F 303 KB
37 KB 102ms
30ms Stylesheet
text/css 95.142.206.2
MYCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://st6-22.vk.com/css/al/lite.9f12d6dbab465521b947.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.142.206.2 Amsterdam, Netherlands, ASN60476 (MYCOM-AS, NL),

Reverse DNS

srv2-206.vkontakte.ru

Software

kittenx /

Resource Hash

518c9c94cbdc53c327f141f1ed215cadaeb91dfad2f1c8bc2be85ecf8d4ad4ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 03:01:44 GMT
content-encoding: br
x-frontend: front6-22
strict-transport-security: max-age=15768000
last-modified: Fri, 07 Oct 2022 13:29:52 GMT
server: kittenx
etag: "634029d0-946b"
content-type: text/css
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
accept-ranges: bytes
content-length: 37995
expires: Thu, 13 Oct 2022 03:01:44 GMT

GET
H2 200 lite.js Show response
vk.com/js/al/ Frame 138F 268 KB
62 KB 57ms
56ms Script
application/x-javascript 87.240.132.67
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/al/lite.js?104
Requested by: Host: vk.com
URL: https://vk.com/widget_like.php?app=3073565&width=100%25&_ver=1&page=0&url=http%3A%2F%2Fgarmed.ru%2F&type=button&verb=0&color=&title=%D0%A1%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%20%22%D0%93%D0%B0%D1%80%D0%BC%D0%B5%D0%B4%22%20%2F%20%D0%92%D0%B0%D1%88%20%D1%81%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D0%BD%D1%82&description=%D0%A1%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%20%22%D0%93%D0%B0%D1%80%D0%BC%D0%B5%D0%B4%22%20%7C%20%D0%9A%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D1%86%D0%B8%D0%B8%20%D0%BF%D0%BE%20%D0%B2%D1%81%D0%B5%D0%BC%20%D0%B2%D0%B8%D0%B4%D0%B0%D0%BC%20%D1%81%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F%20%7C%20%D0%A1%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D1%87%D0%BD%D0%B8%D0%BA%20%D1%81%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D1%8B%D1%85%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D0%B9&image=&text=&h=22&startWidth=0&referrer=&183bab0fb88
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.240.132.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS: srv67-132-240-87.vk.com
Software: kittenx /
Resource Hash: b2a50082eaf1a2316926d395ae0df4fd8c101c4eb18b629e10e5401a06b818b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/widget_like.php?app=3073565&width=100%25&_ver=1&page=0&url=http%3A%2F%2Fgarmed.ru%2F&type=button&verb=0&color=&title=%D0%A1%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%20%22%D0%93%D0%B0%D1%80%D0%BC%D0%B5%D0%B4%22%20%2F%20%D0%92%D0%B0%D1%88%20%D1%81%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D0%BD%D1%82&description=%D0%A1%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%20%22%D0%93%D0%B0%D1%80%D0%BC%D0%B5%D0%B4%22%20%7C%20%D0%9A%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D1%86%D0%B8%D0%B8%20%D0%BF%D0%BE%20%D0%B2%D1%81%D0%B5%D0%BC%20%D0%B2%D0%B8%D0%B4%D0%B0%D0%BC%20%D1%81%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F%20%7C%20%D0%A1%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D1%87%D0%BD%D0%B8%D0%BA%20%D1%81%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D1%8B%D1%85%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D0%B9&image=&text=&h=22&startWidth=0&referrer=&183bab0fb88
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 03:01:44 GMT
content-encoding: br
x-frontend: front224006
last-modified: Wed, 05 Oct 2022 15:18:43 GMT
server: kittenx
etag: "633da053-f76f"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 63343
expires: Thu, 13 Oct 2022 03:01:44 GMT

GET
H2 200 lang6_0.js Show response
vk.com/js/ Frame 138F 74 KB
22 KB 168ms
167ms Script
text/javascript 87.240.132.67
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/js/lang6_0.js?27754741

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.132.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv67-132-240-87.vk.com

Software

kittenx / KPHP/7.4.112376

Resource Hash

345a67cfd0606856a2447d3fa12feb4a50aabc7394840586556ddb4dcc509934

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/widget_like.php?app=3073565&width=100%25&_ver=1&page=0&url=http%3A%2F%2Fgarmed.ru%2F&type=button&verb=0&color=&title=%D0%A1%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%20%22%D0%93%D0%B0%D1%80%D0%BC%D0%B5%D0%B4%22%20%2F%20%D0%92%D0%B0%D1%88%20%D1%81%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D0%BD%D1%82&description=%D0%A1%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%20%22%D0%93%D0%B0%D1%80%D0%BC%D0%B5%D0%B4%22%20%7C%20%D0%9A%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D1%86%D0%B8%D0%B8%20%D0%BF%D0%BE%20%D0%B2%D1%81%D0%B5%D0%BC%20%D0%B2%D0%B8%D0%B4%D0%B0%D0%BC%20%D1%81%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F%20%7C%20%D0%A1%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D1%87%D0%BD%D0%B8%D0%BA%20%D1%81%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D1%8B%D1%85%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D0%B9&image=&text=&h=22&startWidth=0&referrer=&183bab0fb88
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 03:01:44 GMT
content-encoding: gzip
x-frontend: front224006
strict-transport-security: max-age=15768000
server: kittenx
x-powered-by: KPHP/7.4.112376
content-type: text/javascript; charset=windows-1251
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 22557

GET
H2 200 xdm.js Show response
st6-22.vk.com/js/api/ Frame 138F 11 KB
3 KB 165ms
93ms Script
application/x-javascript 95.142.206.2
MYCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://st6-22.vk.com/js/api/xdm.js?9

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.142.206.2 Amsterdam, Netherlands, ASN60476 (MYCOM-AS, NL),

Reverse DNS

srv2-206.vkontakte.ru

Software

kittenx /

Resource Hash

ed89697436c213e02c99f290a0f8a3d20c4bde9ccdb2ddf025b0849cdfe11347

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 03:01:44 GMT
content-encoding: br
x-frontend: front6-22
strict-transport-security: max-age=15768000
last-modified: Tue, 22 Sep 2020 20:30:00 GMT
server: kittenx
etag: "5f6a5ec8-b1e"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
accept-ranges: bytes
content-length: 2846
expires: Thu, 13 Oct 2022 03:01:44 GMT

GET
H2 200 widgets.47486d37242644617dbc.css
st6-22.vk.com/css/al/ Frame 138F 26 KB
4 KB 147ms
76ms Stylesheet
text/css 95.142.206.2
MYCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://st6-22.vk.com/css/al/widgets.47486d37242644617dbc.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.142.206.2 Amsterdam, Netherlands, ASN60476 (MYCOM-AS, NL),

Reverse DNS

srv2-206.vkontakte.ru

Software

kittenx /

Resource Hash

042000e3d473316da1511f64120982a76afe16ab666aa07d2026518c69ea5769

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 03:01:44 GMT
content-encoding: br
x-frontend: front6-22
strict-transport-security: max-age=15768000
last-modified: Fri, 17 Jun 2022 10:18:50 GMT
server: kittenx
etag: "62ac550a-fcc"
content-type: text/css
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 4044
expires: Thu, 13 Oct 2022 03:01:44 GMT

GET
H2 200 al_like.js Show response
st6-22.vk.com/js/api/widgets/ Frame 138F 15 KB
4 KB 163ms
91ms Script
application/x-javascript 95.142.206.2
MYCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://st6-22.vk.com/js/api/widgets/al_like.js?30

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.142.206.2 Amsterdam, Netherlands, ASN60476 (MYCOM-AS, NL),

Reverse DNS

srv2-206.vkontakte.ru

Software

kittenx /

Resource Hash

43fe62030092e73be7d24ffff01910b0046174c3e61f2a3a4a01de13bb367a6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 03:01:44 GMT
content-encoding: br
x-frontend: front6-22
strict-transport-security: max-age=15768000
last-modified: Tue, 22 Sep 2020 20:30:00 GMT
server: kittenx
etag: "5f6a5ec8-e8f"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
accept-ranges: bytes
content-length: 3727
expires: Thu, 13 Oct 2022 03:01:44 GMT

GET
H2 200 base.3b7922aba52780a67bed.css
st6-22.vk.com/css/al/ Frame 138F 112 KB
19 KB 149ms
78ms Stylesheet
text/css 95.142.206.2
MYCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://st6-22.vk.com/css/al/base.3b7922aba52780a67bed.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.142.206.2 Amsterdam, Netherlands, ASN60476 (MYCOM-AS, NL),

Reverse DNS

srv2-206.vkontakte.ru

Software

kittenx /

Resource Hash

a6d78d0910d4539d6354d6c09d7bc38c59f6f03e9c7b53969f30d39a7aba549c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 03:01:44 GMT
content-encoding: br
x-frontend: front6-22
strict-transport-security: max-age=15768000
last-modified: Fri, 07 Oct 2022 11:27:11 GMT
server: kittenx
etag: "63400d0f-4926"
content-type: text/css
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
accept-ranges: bytes
content-length: 18726
expires: Thu, 13 Oct 2022 03:01:44 GMT

GET
H3 200 all.js Show response
connect.facebook.net/ru_RU/ 303 KB
85 KB 50ms
24ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/all.js?hash=5401bd6db96b668e051f9ceb39f4458c

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/ru_RU/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

943b6f5f7d928a1736767a4ae06a95c0fc6a797e7b1220f6cf3ac8dd03585034

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://garmed.ru/
Origin: http://garmed.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 09 Oct 2022 03:01:44 GMT
content-md5: wp6P1q19XhNDMqvP1ce8XA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87003
x-fb-rlafr: 0
x-fb-debug: cuB+tMr6X5aN2ry3PJY99tVL4k8uLIT2CSmyB/CDIxjD7f9/mz+XbcElFiwpITlVu7LaQFyOMAEG8XL0F4dPiQ==
x-fb-content-md5: d46aa08d142d857c04f80f1da6c3cee7
cross-origin-opener-policy: same-origin-allow-popups
etag: "373a9f3cecb0cec8469f5439a98985ad"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 09 Oct 2023 02:40:17 GMT

GET
H2

200

watch.js Show response
mc.yandex.ru/metrika/
Redirect Chain

http://mc.yandex.ru/metrika/watch.js
https://mc.yandex.ru/metrika/watch.js

160 KB
57 KB

259ms
129ms

Script
application/javascript

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: garmed.ru
URL: http://garmed.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

6d0f9faf185c1f43001f2508f80abf686cfb1c00f58c6bf0fa807791b5fc65e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 03:01:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Fri, 07 Oct 2022 07:30:00 GMT
etag: "633fab48-e0cd"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 57549
expires: Sun, 09 Oct 2022 04:01:44 GMT

Redirect headers

Location: https://mc.yandex.ru/metrika/watch.js
Content-Length: 0

GET
H/1.1 200
OK version.js Show response
w.uptolike.com/widgets/v1/ 70 B
844 B 66ms
65ms Script
application/javascript 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_1665284504608281
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/zp.js?pid=tle56a9aa26891bc802575dc34aaadf13193db145c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: f5edf9e004f01d4c8c4d5469a2447a83f558f499bedf7fae0bb06c1d156cdbec

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 09 Oct 2022 03:01:44 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Connection: keep-alive
Expires: Thu, 06 Oct 2022 16:40:49 GMT

GET
H2

200

currency_rate
novoston.com/informer_data/ Frame DD05
Redirect Chain

http://novoston.com/informer_data/currency_rate
https://novoston.com/informer_data/currency_rate

0
0

79ms
25ms

Document
text/html

159.69.82.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://novoston.com/informer_data/currency_rate

Requested by

Host: garmed.ru
URL: http://garmed.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.69.82.209 Essen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.209.82.69.159.clients.your-server.de

Software

nginx-more / PHP/7.2.34

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://garmed.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, must-revalidate
content-encoding: br
content-language: ru
content-type: text/html; charset=UTF-8
date: Sun, 09 Oct 2022 03:01:44 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
server: nginx-more
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.2.34

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Sun, 09 Oct 2022 03:01:44 GMT
Location: https://novoston.com/informer_data/currency_rate
Server: nginx-more

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?t57.6;r;s1600*1200*24;uhttp%3A//garmed.ru/;0.1575394101734029
https://counter.yadro.ru/hit?t57.6;r;s1600*1200*24;uhttp%3A//garmed.ru/;0.1575394101734029
https://counter.yadro.ru/hit?q;t57.6;r;s1600*1200*24;uhttp%3A//garmed.ru/;0.1575394101734029

911 B
1 KB

62ms
62ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t57.6;r;s1600*1200*24;uhttp%3A//garmed.ru/;0.1575394101734029

Requested by

Host: garmed.ru
URL: http://garmed.ru/

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

07af4360c2212cdb2437994bbb1cb31c63d0811357f21593893ecf0214c21f07

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 09 Oct 2022 03:01:45 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 911
Expires: Fri, 08 Oct 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 09 Oct 2022 03:01:44 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t57.6;r;s1600*1200*24;uhttp%3A//garmed.ru/;0.1575394101734029
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Fri, 08 Oct 2021 21:00:00 GMT

GET
H/1.1 200
OK widget_iframe.7dae38096d06923d683a2a807172322a.html Show response
platform.twitter.com/widgets/ Frame E32A 320 KB
104 KB 91ms
23ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=http%3A%2F%2Fgarmed.ru
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67E0) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: http://garmed.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 795426
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Sun, 09 Oct 2022 03:01:44 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 28 Sep 2022 20:04:27 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67E0)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012209142312000/ Frame 9282 220 KB
60 KB 110ms
28ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209142312000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6095929928545495&output=html&h=60&adk=1819086711&adf=130451210&w=468&lmt=1665284503&channel=0900002288&ad_type=text_image&format=468x60_as&color_bg=FFFFFF&color_border=D5D5D5&color_link=0033FF&color_text=333333&color_url=008000&url=http%3A%2F%2Fgarmed.ru%2F&wgl=1&dt=1665284504215&bpp=4&bdt=539&idt=214&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&abxe=1&prev_fmts=160x600_as&correlator=5095527943462&pv_ch=0900002288%2B&frm=20&pv=1&ga_vid=151692660.1665284504&ga_sid=1665284504&ga_hid=1715777623&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=1682&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44772927%2C44773746%2C31067826&oid=2&pvsid=2390537064069740&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Z0MF367KBB&p=http%3A//garmed.ru&dtd=217

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff325c328985ef8a083bc155e6fa6b5cf2182d7d3174d43c9e8e077f4a1576b9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 06 Oct 2022 13:34:33 GMT
age: 221231
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61591
x-xss-protection: 0
server: sffe
etag: "e54f9754f7fcb5b6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 06 Oct 2023 13:34:33 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012209142312000/v0/ Frame 9282 14 KB
5 KB 151ms
70ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209142312000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ccca58c9fa219fa65853a7398d935b56ce1fcdaab4787294b3f444ddf7d1036

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 06 Oct 2022 13:34:33 GMT
age: 221231
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5187
x-xss-protection: 0
server: sffe
etag: "59737ceedde8bf1d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 06 Oct 2023 13:34:33 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012209142312000/v0/ Frame 9282 94 KB
28 KB 136ms
62ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209142312000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddcba88db922f967fd78e15a055bfeb5088c7c58500ca2b7f08b74eb3736189b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 06 Oct 2022 13:34:33 GMT
age: 221231
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28888
x-xss-protection: 0
server: sffe
etag: "e2dd099ef3a2ca02"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 06 Oct 2023 13:34:33 GMT

GET
H2 200 amp-carousel-0.1.mjs Show response
cdn.ampproject.org/rtv/012209142312000/v0/ Frame 9282 32 KB
10 KB 144ms
71ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209142312000/v0/amp-carousel-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a03ad83dfc98ea451b3f790e5f56bb6979b8ef27bb7d8fea0a0fb67c5ab4319

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 06 Oct 2022 23:16:37 GMT
age: 186307
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10084
x-xss-protection: 0
server: sffe
etag: "9b9c66deab726883"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 06 Oct 2023 23:16:37 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012209142312000/v0/ Frame 9282 5 KB
2 KB 146ms
73ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209142312000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5e6919b2460cd051d50b47942408d3b3dbf0470fdaec473a7ca6b928d7ae4e3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 06 Oct 2022 13:34:33 GMT
age: 221231
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
etag: "01e154329648e832"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 06 Oct 2023 13:34:33 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012209142312000/v0/ Frame 9282 40 KB
14 KB 96ms
22ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209142312000/v0/amp-form-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25ae07afb30f4156fa035a5ffc7f14945c8863ef79772f062d3d04fd97c25391

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 06 Oct 2022 13:34:33 GMT
age: 221231
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12955
x-xss-protection: 0
server: sffe
etag: "45d7f146b93052d9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 06 Oct 2023 13:34:33 GMT

GET
H2 200 amp-gwd-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012209142312000/v0/ Frame 9282 6 KB
3 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209142312000/v0/amp-gwd-animation-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9638afb330d341d9553eac824a17ec22108c881ac869b2bdf4d89f3c3ac623bc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 07 Oct 2022 14:06:54 GMT
age: 132890
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2456
x-xss-protection: 0
server: sffe
etag: "630f73805b8c2774"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Oct 2023 14:06:54 GMT

GET
H2 200 ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9282 3 KB
3 KB 88ms
21ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ru.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 05:12:12 GMT
x-content-type-options: nosniff
server: cafe
age: 78572
etag: 6726277462267614359
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3041
x-xss-protection: 0
expires: Sun, 09 Oct 2022 05:12:12 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9282 344 B
449 B 88ms
22ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 04:10:05 GMT
x-content-type-options: nosniff
server: cafe
age: 82299
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sun, 09 Oct 2022 04:10:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9282 0
21 B 117ms
69ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CK4njmDlCY_GmHou-9u8Pkpi16Azs48qobOPaquerEKKFwK3mLxABINvE-AZglQKgAZLZsv0ByAEJqQIlcf_mT1mwPqgDAcgDCKoEywFP0CbPJ2yheyjLWyRhp6W-C6414vS9W22tm2rP8f9-ecbWQFrOjU_vNWPuZDEDIrVvkHMrtB1SLEqYmQRva8j01j9Xqno_MymKeqbdwP0bTQbbVlCCceL28r30ztTUKZW7aojI5iIbMSGRmE8sNDIdNvB1pqzB22pV-FDZlULgFXfT3d3Wdws3exg4aMnxFibOw3R2WKNI9G_VTIueYByq3FlzOONvVz_ZeMV-Wq9s3fCYTOV46f4nYS_enBg2kAEujnTp4CdAMOcDdMAEy6Pb2vMDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB9amzYICqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQovAB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNjA5NTkyOTkyODU0NTQ5NRgA&sigh=NMANEJKz54M&uach_m=[UACH]&template_id=419

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6095929928545495&output=html&h=60&adk=1819086711&adf=130451210&w=468&lmt=1665284503&channel=0900002288&ad_type=text_image&format=468x60_as&color_bg=FFFFFF&color_border=D5D5D5&color_link=0033FF&color_text=333333&color_url=008000&url=http%3A%2F%2Fgarmed.ru%2F&wgl=1&dt=1665284504215&bpp=4&bdt=539&idt=214&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&abxe=1&prev_fmts=160x600_as&correlator=5095527943462&pv_ch=0900002288%2B&frm=20&pv=1&ga_vid=151692660.1665284504&ga_sid=1665284504&ga_hid=1715777623&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=1682&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44772927%2C44773746%2C31067826&oid=2&pvsid=2390537064069740&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Z0MF367KBB&p=http%3A//garmed.ru&dtd=217
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 09 Oct 2022 03:01:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 09 Oct 2022 03:01:44 GMT

GET
H2 200 logo.svg
tpc.googlesyndication.com/sadbundle/2433356824812827338/ Frame 9282 3 KB
1 KB 89ms
23ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/2433356824812827338/logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0c4dbf7067cb39583786b86fa184c04e476a26c8f85da71e680ab8482f17b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 03:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172869
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1269
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:25:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Oct 2023 03:00:35 GMT

GET
H2 200 ufo_120x160_1.png
tpc.googlesyndication.com/sadbundle/2433356824812827338/ Frame 9282 56 KB
56 KB 89ms
23ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/2433356824812827338/ufo_120x160_1.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0774f3004aaf1f3972ee1e58ff7f78b1212b1318d8e5d5254693cc5d7b46e238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 03:00:35 GMT
x-content-type-options: nosniff
age: 172869
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57565
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:25:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Oct 2023 03:00:35 GMT

GET
H2 200 mieten_schwarz.svg
tpc.googlesyndication.com/sadbundle/2433356824812827338/ Frame 9282 1 KB
1014 B 88ms
22ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/2433356824812827338/mieten_schwarz.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6111adf2d267651edfefe5466550ef4463c00ba7bfbfd4b5ac37f54acde3f96b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 03:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172869
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 653
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:25:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Oct 2023 03:00:35 GMT

GET
H3 200 rote_Ecke.svg
tpc.googlesyndication.com/sadbundle/2433356824812827338/ Frame 9282 194 B
194 B 71ms
23ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/2433356824812827338/rote_Ecke.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfe419656dd889de2ec720db0136e2c564a919fa5215e67020632cc684496885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 15:42:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 472752
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 165
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:25:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 03 Oct 2023 15:42:32 GMT

GET
H3 200 mobile_ueberwachung.svg
tpc.googlesyndication.com/sadbundle/2433356824812827338/ Frame 9282 8 KB
3 KB 72ms
24ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/2433356824812827338/mobile_ueberwachung.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

703d5529e0a0d9c43128d2060510ca86175594a6c2c3275c1647c20fc2d69d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 03:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172869
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:25:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Oct 2023 03:00:35 GMT

GET
DATA 200
OK truncated
/ Frame 9282 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 289e96d423c1359d4fd533508c4234edaf94d9beba530e28bce0f08b19c16945

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 settings Show response
syndication.twitter.com/ Frame E32A 851 B
676 B 177ms
125ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=f2923b50b44e679b675bce8ce74580650ae2679a

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=http%3A%2F%2Fgarmed.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

45bc75820c2292bf64b74af20b9785c4a053608816b7d0c05bdc968e8e9de805

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-response-time: 103
date: Sun, 09 Oct 2022 03:01:44 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Sun, 09 Oct 2022 03:01:44 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: f6a3fb2df6394d81
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: ec3df94861ce6a078d8ae2bf62448ab2b3805c1f2fa8ea5e7834a8660568ae8c
content-length: 355

GET
H3 200 like_widget.png
st6-22.vk.com/images/icons/ Frame 138F 538 B
815 B 90ms
30ms Image
image/png 95.142.206.2
MYCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://st6-22.vk.com/images/icons/like_widget.png

Requested by

Host: st6-22.vk.com
URL: https://st6-22.vk.com/css/al/widgets.47486d37242644617dbc.css

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

95.142.206.2 Amsterdam, Netherlands, ASN60476 (MYCOM-AS, NL),

Reverse DNS

srv2-206.vkontakte.ru

Software

kittenx /

Resource Hash

3795726557f64bf66677a94511e34f7d67dd58c73baef60ddb3f9a0cb8f38c1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://st6-22.vk.com/css/al/widgets.47486d37242644617dbc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 03:01:44 GMT
strict-transport-security: max-age=15768000
x-frontend: front6-22
last-modified: Tue, 22 Sep 2020 20:29:56 GMT
server: kittenx
etag: "5f6a5ec4-21a"
content-type: image/png
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 538
expires: Thu, 13 Oct 2022 03:01:44 GMT

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ Frame 138F 32 KB
14 KB 238ms
112ms Script
application/javascript 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

a1e6a59e0567f886caaada41007e695d2039c4fe07fb28727dd27ab2029ecd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 03:01:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Tue, 13 Sep 2022 17:32:31 GMT
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
etag: W/"6320beaf-7ecc"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *
expires: Sun, 09 Oct 2022 04:01:44 GMT

GET
H/1.1

200
OK

share_button Show response
connect.mail.ru/ Frame CBFE
Redirect Chain

http://connect.mail.ru/share_button?cm=1&ck=3&sz=20&st=2&domain=garmed.ru&url=http%3A%2F%2Fgarmed.ru%2F&buttonID=8813985&faces_count=10&height=20&width=100%25&caption=%D0%9D%D1%80%D0%B0%D0%B2%D0%B8...
https://connect.mail.ru/share_button?cm=1&ck=3&sz=20&st=2&domain=garmed.ru&url=http%3A%2F%2Fgarmed.ru%2F&buttonID=8813985&faces_count=10&height=20&width=100%25&caption=%D0%9D%D1%80%D0%B0%D0%B2%D0%B...

3 KB
2 KB

192ms
65ms

Document
text/html

94.100.180.54
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.mail.ru/share_button?cm=1&ck=3&sz=20&st=2&domain=garmed.ru&url=http%3A%2F%2Fgarmed.ru%2F&buttonID=8813985&faces_count=10&height=20&width=100%25&caption=%D0%9D%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%81%D1%8F&cp=1&host=http%3A%2F%2Fgarmed.ru&wid=7521676&type=insertable&app_id=-1&appid=-1
Requested by: Host: my2.imgsmail.ru
URL: http://my2.imgsmail.ru/mail/ru/images/js/connect/api/api_min.js?16
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.100.180.54 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: connect.mail.ru
Software: nginx /
Resource Hash: 329131edccb130ceee9433b018b5c1eb24da707eaea37329c95a4544df266d7a

Request headers

Referer: http://garmed.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 09 Oct 2022 03:01:45 GMT
Expires: Sat, 09 Oct 2021 03:01:45 GMT
P3P: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
X-WebKit-CSP-Report-Only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate, private
Connection: keep-alive
Content-Type: text/html
Date: Sun, 09 Oct 2022 03:01:44 GMT
Location: https://connect.mail.ru/share_button?cm=1&ck=3&sz=20&st=2&domain=garmed.ru&url=http%3A%2F%2Fgarmed.ru%2F&buttonID=8813985&faces_count=10&height=20&width=100%25&caption=%D0%9D%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%81%D1%8F&cp=1&host=http%3A%2F%2Fgarmed.ru&wid=7521676&type=insertable&app_id=-1&appid=-1
P3P: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
Server: nginx
Transfer-Encoding: chunked
X-WebKit-CSP-Report-Only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:

GET
H2 200 css
fonts.googleapis.com/ Frame 36F7 8 KB
1 KB 84ms
32ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6095929928545495&output=html&h=600&adk=3835333389&adf=447756648&w=160&lmt=1665284503&channel=0900002288&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=D5D5D5&color_link=0033FF&color_text=333333&color_url=008000&url=http%3A%2F%2Fgarmed.ru%2F&wgl=1&dt=1665284504569&bpp=9&bdt=892&idt=9&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&abxe=1&cookie=ID%3Ddaf88c0665bf5c44-22be8a6840ce0085%3AT%3D1665284504%3ART%3D1665284504%3AS%3DALNI_MYnkg90jeDuD0Ej3MmTw7jFdS9q9Q&prev_fmts=160x600_as%2C468x60_as&correlator=5095527943462&pv_ch=0900002288%2B&frm=20&pv=1&ga_vid=151692660.1665284504&ga_sid=1665284504&ga_hid=1715777623&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=720&ady=3443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44772927%2C44773746%2C31067826&oid=2&pvsid=2390537064069740&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=UuGZRevAYT&p=http%3A//garmed.ru&dtd=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

74017d97a0876e72ef09a14ea0b3ad49a744811c726e7b05e305d4a6e3e07612

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 09 Oct 2022 03:01:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 09 Oct 2022 02:24:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Oct 2022 03:01:45 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 36F7 2 KB
902 B 24ms
23ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 02:38:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1395
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Oct 2022 02:38:29 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/ Frame 36F7 23 KB
9 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a2c6856e8437c3183ec517c59fc9724eb82cac59f685970113a7fb15ecd272c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 02:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9540
x-xss-protection: 0
server: cafe
etag: 6580860447119072478
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Oct 2022 02:51:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 36F7 3 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 02:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1579
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Oct 2022 02:35:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 36F7 17 KB
7 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 02:30:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7528
x-xss-protection: 0
server: cafe
etag: 13775775994264215463
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Oct 2022 02:30:57 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 36F7 0
0 84ms
31ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSrzwBdS1y9aDJ655LYNyQXsMaHRBEdR9HaGOTafnS_5LOsTy1pkUwAKaBl96TCWxVoiSZ6zLh3omrrqpo4PVkNOEWapw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6095929928545495&output=html&h=600&adk=3835333389&adf=447756648&w=160&lmt=1665284503&channel=0900002288&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=D5D5D5&color_link=0033FF&color_text=333333&color_url=008000&url=http%3A%2F%2Fgarmed.ru%2F&wgl=1&dt=1665284504569&bpp=9&bdt=892&idt=9&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&abxe=1&cookie=ID%3Ddaf88c0665bf5c44-22be8a6840ce0085%3AT%3D1665284504%3ART%3D1665284504%3AS%3DALNI_MYnkg90jeDuD0Ej3MmTw7jFdS9q9Q&prev_fmts=160x600_as%2C468x60_as&correlator=5095527943462&pv_ch=0900002288%2B&frm=20&pv=1&ga_vid=151692660.1665284504&ga_sid=1665284504&ga_hid=1715777623&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=720&ady=3443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44772927%2C44773746%2C31067826&oid=2&pvsid=2390537064069740&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=UuGZRevAYT&p=http%3A//garmed.ru&dtd=15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 36F7 142 KB
45 KB 93ms
42ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 03:01:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45072
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664970042070988"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 09 Oct 2022 03:01:45 GMT

GET
H2 200 ff28bd887d5918000d85a256eb9567a4.js Show response
www.gstatic.com/mysidia/ Frame 36F7 32 KB
14 KB 81ms
22ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ff28bd887d5918000d85a256eb9567a4.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a61fe6e2743a18f977ac18a2f805735e8dccf115b16dbbbd2e3864ae98d4c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 10:33:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 318522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13740
x-xss-protection: 0
last-modified: Fri, 30 Sep 2022 21:54:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 03 Jan 2023 10:33:03 GMT

GET
H3 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012209142312000/ 23 KB
8 KB 66ms
22ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209142312000/amp4ads-host-v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2fae245b5d3f8183490f65c90aa9e367cf9d533abc047f12e7e5b72399913a43

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 06 Oct 2022 23:52:19 GMT
age: 184166
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7836
x-xss-protection: 0
server: sffe
etag: "e4e01c5e74b534e6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 06 Oct 2023 23:52:19 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 36F7 0
0 70ms
69ms Fetch
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CY-STmDlCY-yjJZOG7_UPv8SmsA3vveLUbP62g42wEMCNtwEQASDbxPgGYJUCoAGVgNHNKMgBAakCKu5I9McSXT6oAwGqBMQBT9CeT-xl6kJC1Xtgl98t8rRt8Jd5qzX8C7bRRYVQSbuXfkVkc5yDrgfKXIwDznaJDNycV2NIpgVoNU4OQWR_GbMscxpJog7WuKAZ_g6aptu5u2xMeVUUcLyT1mPsmGrUjl-NOdN4IPiYEH1CUf29CmE-hMuVTBhzoeo7gijssFyvF8P2avjbkKqO8A8mD5RdlvqesVnNP7tjXwloQddpi5UfUVyHqgGRuqTYjYqjBF67LEYCUOn2j317wtOYFUwyrwO7gsAEs8b4rpsEkgUECAQYAZIFBAgFGASAB5W4oa0DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQmt8B0ggSCIjhgBAQARgfMgOqggE6AoBAgAoByAsB2BMK0BUBgBcBshccChoIABIUcHViLTYwOTU5Mjk5Mjg1NDU0OTUYAA&sigh=UNVRyLXiOSQ&uach_m=[UACH]&template_id=5020

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6095929928545495&output=html&h=600&adk=3835333389&adf=447756648&w=160&lmt=1665284503&channel=0900002288&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=D5D5D5&color_link=0033FF&color_text=333333&color_url=008000&url=http%3A%2F%2Fgarmed.ru%2F&wgl=1&dt=1665284504569&bpp=9&bdt=892&idt=9&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&abxe=1&cookie=ID%3Ddaf88c0665bf5c44-22be8a6840ce0085%3AT%3D1665284504%3ART%3D1665284504%3AS%3DALNI_MYnkg90jeDuD0Ej3MmTw7jFdS9q9Q&prev_fmts=160x600_as%2C468x60_as&correlator=5095527943462&pv_ch=0900002288%2B&frm=20&pv=1&ga_vid=151692660.1665284504&ga_sid=1665284504&ga_hid=1715777623&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=720&ady=3443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44772927%2C44773746%2C31067826&oid=2&pvsid=2390537064069740&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=UuGZRevAYT&p=http%3A//garmed.ru&dtd=15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 09 Oct 2022 03:01:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 36F7 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK button.d2f864f87f544dc0c11d7d712a191c1f.js Show response
platform.twitter.com/js/ 7 KB
3 KB 23ms
22ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.d2f864f87f544dc0c11d7d712a191c1f.js
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D3) /
Resource Hash: 236dca679b9983d1fbea0415d584b17d80f1c6942506fc508a5384db924e8795

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:45 GMT
Content-Encoding: gzip
Age: 795427
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 2362
Last-Modified: Wed, 28 Sep 2022 20:04:20 GMT
Server: ECS (frb/67D3)
Etag: "7bb2d17ac20be3bd6ec1079356afecd9+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E604 143 B
166 B 23ms
22ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6095929928545495&output=html&h=600&adk=3835333389&adf=447756648&w=160&lmt=1665284503&channel=0900002288&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=D5D5D5&color_link=0033FF&color_text=333333&color_url=008000&url=http%3A%2F%2Fgarmed.ru%2F&wgl=1&dt=1665284504569&bpp=9&bdt=892&idt=9&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&abxe=1&cookie=ID%3Ddaf88c0665bf5c44-22be8a6840ce0085%3AT%3D1665284504%3ART%3D1665284504%3AS%3DALNI_MYnkg90jeDuD0Ej3MmTw7jFdS9q9Q&prev_fmts=160x600_as%2C468x60_as&correlator=5095527943462&pv_ch=0900002288%2B&frm=20&pv=1&ga_vid=151692660.1665284504&ga_sid=1665284504&ga_hid=1715777623&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=720&ady=3443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44772927%2C44773746%2C31067826&oid=2&pvsid=2390537064069740&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=UuGZRevAYT&p=http%3A//garmed.ru&dtd=15
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2783
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 09 Oct 2022 02:15:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 36F7 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6b64b6f2dc21fe31f863b6e91a7455bfcdd0845b69d98630357a50a4134919e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK tweet_button.7dae38096d06923d683a2a807172322a.ru.html Show response
platform.twitter.com/widgets/ Frame 7037 38 KB
14 KB 23ms
22ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.7dae38096d06923d683a2a807172322a.ru.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D3) /
Resource Hash: bea07e5f5fac6182573e5ace37856b782fdd091d2ff846ca5fe2f1de1bc8f6fc

Request headers

Referer: http://garmed.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 795421
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 14118
Content-Type: text/html; charset=utf-8
Date: Sun, 09 Oct 2022 03:01:45 GMT
Etag: "16ba9ee45f051dbe060c1c213f221bc2+gzip"
Last-Modified: Wed, 28 Sep 2022 20:04:25 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67D3)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
126 B 133ms
133ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fgarmed.ru%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22ru%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1665284505080%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221c23387b1f70c%3A1664388199485%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=f2923b50b44e679b675bce8ce74580650ae2679a

Requested by

Host: garmed.ru
URL: http://garmed.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-response-time: 110
date: Sun, 09 Oct 2022 03:01:44 GMT
strict-transport-security: max-age=631138519
last-modified: Sun, 09 Oct 2022 03:01:45 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: 18225b0d912013c7
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: ec3df94861ce6a078d8ae2bf62448ab2b3805c1f2fa8ea5e7834a8660568ae8c
content-length: 43

GET
H2 200 counter
top-fwz1.mail.ru/ Frame 138F 43 B
959 B 57ms
56ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=2685520;u=http%3A//garmed.ru/;st=1665284504828;pid=0;title=%D0%A1%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%20%22%D0%93%D0%B0%D1%80%D0%BC%D0%B5%D0%B4%22%20%2F%20%D0%92%D0%B0%D1%88%20%D1%81%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D0%BD%D1%82;s=1600*1200;vp=180*22;touch=0;hds=1;frame=1;flash=;sid=e2682d03271c86aa;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.2//4g/0/0/;lvid=1665284505087%3A1665284505100%3A1%3A43cf96be81a887247e679be25ad04cb3;visible=true;_=0.19396793710179883

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 03:01:45 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9785.Ht0tjSMa9D45busLlFcfcQ53hD4ilWIC3GwYIS92lURX5HKYPAODRb0ePocJTeIH.vpQSnuhBXR2IcXTsIALRD1GhVAA%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9785.zjaaTKv3ZNFFXEP7EM8S8kBq_WG0GZR2Bzm6z7yfnF0UMF-M8L5zN9WyIOE2KbPqy6QnvmcMyZ02hmJzhLqoNQ%2C%2C.dMh_WTM3Z2upLEGzdQ-iS_9tSrs%2C

75 B
75 B

65ms
65ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9785.zjaaTKv3ZNFFXEP7EM8S8kBq_WG0GZR2Bzm6z7yfnF0UMF-M8L5zN9WyIOE2KbPqy6QnvmcMyZ02hmJzhLqoNQ%2C%2C.dMh_WTM3Z2upLEGzdQ-iS_9tSrs%2C

Requested by

Host: garmed.ru
URL: http://garmed.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 03:01:45 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9785.zjaaTKv3ZNFFXEP7EM8S8kBq_WG0GZR2Bzm6z7yfnF0UMF-M8L5zN9WyIOE2KbPqy6QnvmcMyZ02hmJzhLqoNQ%2C%2C.dMh_WTM3Z2upLEGzdQ-iS_9tSrs%2C
date: Sun, 09 Oct 2022 03:01:45 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK jquery.js Show response
my1.imgsmail.ru/r/js/ru/jsCore/jquery/ Frame CBFE 214 KB
64 KB 299ms
125ms Script
application/javascript 185.5.137.203
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://my1.imgsmail.ru/r/js/ru/jsCore/jquery/jquery.js
Requested by: Host: connect.mail.ru
URL: https://connect.mail.ru/share_button?cm=1&ck=3&sz=20&st=2&domain=garmed.ru&url=http%3A%2F%2Fgarmed.ru%2F&buttonID=8813985&faces_count=10&height=20&width=100%25&caption=%D0%9D%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%81%D1%8F&cp=1&host=http%3A%2F%2Fgarmed.ru&wid=7521676&type=insertable&app_id=-1&appid=-1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.5.137.203 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: mystatic3.i.mail.ru
Software: nginx /
Resource Hash: c915b48765a756aecea1bde59036e7d4db96e0a7f17c39e8fe4187026f5ccf59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mail.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 13:36:35 GMT
Server: nginx
ETag: W/"631f35e3-35795"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://my.mail.ru
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK uber-share.js Show response
my1.imgsmail.ru/r/js/connect/share/ Frame CBFE 45 KB
8 KB 245ms
65ms Script
application/javascript 185.5.137.203
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://my1.imgsmail.ru/r/js/connect/share/uber-share.js?1_2
Requested by: Host: connect.mail.ru
URL: https://connect.mail.ru/share_button?cm=1&ck=3&sz=20&st=2&domain=garmed.ru&url=http%3A%2F%2Fgarmed.ru%2F&buttonID=8813985&faces_count=10&height=20&width=100%25&caption=%D0%9D%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%81%D1%8F&cp=1&host=http%3A%2F%2Fgarmed.ru&wid=7521676&type=insertable&app_id=-1&appid=-1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.5.137.203 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: mystatic3.i.mail.ru
Software: nginx /
Resource Hash: ba7bc979694591a79dbf8a8894fdd972478d91be79c6386520bab30fa5213b85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mail.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 13:36:35 GMT
Server: nginx
ETag: W/"631f35e3-b478"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://my.mail.ru
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 20.css
my1.imgsmail.ru/mail/ru/css/new/share/compiled/ Frame CBFE 9 KB
2 KB 218ms
54ms Stylesheet
text/css 185.5.137.203
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://my1.imgsmail.ru/mail/ru/css/new/share/compiled/20.css?1_2
Requested by: Host: connect.mail.ru
URL: https://connect.mail.ru/share_button?cm=1&ck=3&sz=20&st=2&domain=garmed.ru&url=http%3A%2F%2Fgarmed.ru%2F&buttonID=8813985&faces_count=10&height=20&width=100%25&caption=%D0%9D%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%81%D1%8F&cp=1&host=http%3A%2F%2Fgarmed.ru&wid=7521676&type=insertable&app_id=-1&appid=-1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.5.137.203 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: mystatic3.i.mail.ru
Software: nginx /
Resource Hash: 7d2fc381aebbeca6bc929c34ff3af23c94352463c9233894221bb9120f030e63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mail.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 13:36:35 GMT
Server: nginx
ETag: W/"631f35e3-2294"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
136 B 64ms
64ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: garmed.ru
URL: http://garmed.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 03:01:45 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 07 Oct 2022 07:30:00 GMT
etag: "633fab48-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sun, 09 Oct 2022 04:01:45 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E604
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

33ms
33ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 09 Oct 2022 03:01:45 GMT
expires: Sun, 09 Oct 2022 03:01:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 09 Oct 2022 03:01:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7037 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 logo.svg
tpc.googlesyndication.com/sadbundle/2433356824812827338/ Frame 9282 3 KB
1 KB 23ms
23ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/2433356824812827338/logo.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209142312000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0c4dbf7067cb39583786b86fa184c04e476a26c8f85da71e680ab8482f17b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 03:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172870
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1269
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:25:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Oct 2023 03:00:35 GMT

GET
H3 200 ufo_120x160_1.png
tpc.googlesyndication.com/sadbundle/2433356824812827338/ Frame 9282 56 KB
56 KB 25ms
24ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/2433356824812827338/ufo_120x160_1.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209142312000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0774f3004aaf1f3972ee1e58ff7f78b1212b1318d8e5d5254693cc5d7b46e238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 03:00:35 GMT
x-content-type-options: nosniff
age: 172870
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57565
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:25:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Oct 2023 03:00:35 GMT

GET
H3 200 mieten_schwarz.svg
tpc.googlesyndication.com/sadbundle/2433356824812827338/ Frame 9282 1 KB
682 B 36ms
36ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/2433356824812827338/mieten_schwarz.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209142312000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6111adf2d267651edfefe5466550ef4463c00ba7bfbfd4b5ac37f54acde3f96b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 03:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172870
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 653
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:25:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Oct 2023 03:00:35 GMT

GET
H3 200 rote_Ecke.svg
tpc.googlesyndication.com/sadbundle/2433356824812827338/ Frame 9282 194 B
194 B 24ms
23ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/2433356824812827338/rote_Ecke.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209142312000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfe419656dd889de2ec720db0136e2c564a919fa5215e67020632cc684496885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 15:42:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 472753
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 165
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:25:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 03 Oct 2023 15:42:32 GMT

GET
H3 200 mobile_ueberwachung.svg
tpc.googlesyndication.com/sadbundle/2433356824812827338/ Frame 9282 8 KB
3 KB 24ms
23ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/2433356824812827338/mobile_ueberwachung.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209142312000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

703d5529e0a0d9c43128d2060510ca86175594a6c2c3275c1647c20fc2d69d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 03:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172870
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:25:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Oct 2023 03:00:35 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 36F7 28 KB
28 KB 87ms
28ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 22:13:37 GMT
x-content-type-options: nosniff
age: 449288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 22:13:37 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 36F7 14 KB
15 KB 82ms
22ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15e749617a3856bfaa4d2cea0c50d88366d2b579841bd5a45bd2d34062babc51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 23:16:23 GMT
x-content-type-options: nosniff
age: 186322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14432
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:04:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 23:16:23 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/23414332/
Redirect Chain

https://mc.yandex.com/watch/23414332?wmode=7&page-url=http%3A%2F%2Fgarmed.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A8zdfc3pjszirvo7fx08h8%3Afp%3A3692%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...
https://mc.yandex.com/watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fgarmed.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A8zdfc3pjszirvo7fx08h8%3Afp%3A3692%3Afu%3A0%3Aen%3Autf-8%3Ala%3...

427 B
509 B

69ms
68ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fgarmed.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A8zdfc3pjszirvo7fx08h8%3Afp%3A3692%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A908334127013%3Ahid%3A719761673%3Az%3A0%3Ai%3A20221009030145%3Aet%3A1665284505%3Ac%3A1%3Arn%3A289623347%3Arqn%3A1%3Au%3A1665284505647502522%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A26%2C28%2C3220%2C349%2C0%2C0%2C%2C594%2C0%2C%2C%2C%2C4218%3Acpf%3A1%3Antf%3A1%3Ans%3A1665284500396%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665284505%3At%3A%D0%A1%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%20%22%D0%93%D0%B0%D1%80%D0%BC%D0%B5%D0%B4%22%20%2F%20%D0%92%D0%B0%D1%88%20%D1%81%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D0%BD%D1%82&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Requested by

Host: garmed.ru
URL: http://garmed.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

9efe9ef06cd22cb61f7791442db0397e9d679b91a233e8c57a7263a5b7a97786

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Oct 2022 03:01:45 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sun, 09-Oct-2022 03:01:45 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: http://garmed.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 427
x-xss-protection: 1; mode=block
expires: Sun, 09-Oct-2022 03:01:45 GMT

Redirect headers

pragma: no-cache
date: Sun, 09 Oct 2022 03:01:45 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 09-Oct-2022 03:01:45 GMT
location: /watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fgarmed.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A8zdfc3pjszirvo7fx08h8%3Afp%3A3692%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A908334127013%3Ahid%3A719761673%3Az%3A0%3Ai%3A20221009030145%3Aet%3A1665284505%3Ac%3A1%3Arn%3A289623347%3Arqn%3A1%3Au%3A1665284505647502522%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A26%2C28%2C3220%2C349%2C0%2C0%2C%2C594%2C0%2C%2C%2C%2C4218%3Acpf%3A1%3Antf%3A1%3Ans%3A1665284500396%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665284505%3At%3A%D0%A1%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%20%22%D0%93%D0%B0%D1%80%D0%BC%D0%B5%D0%B4%22%20%2F%20%D0%92%D0%B0%D1%88%20%D1%81%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D0%BD%D1%82&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
access-control-allow-origin: http://garmed.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 09-Oct-2022 03:01:45 GMT

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012209142312000/ Frame F8C9 220 KB
60 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209142312000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6095929928545495&output=html&h=600&adk=3368150715&adf=1834103405&w=160&lmt=1665284503&channel=0900002288&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=D5D5D5&color_link=0033FF&color_text=333333&color_url=008000&url=http%3A%2F%2Fgarmed.ru%2F&wgl=1&dt=1665284504192&bpp=19&bdt=515&idt=213&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&abxe=1&correlator=5095527943462&frm=20&pv=2&ga_vid=151692660.1665284504&ga_sid=1665284504&ga_hid=1715777623&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=850&ady=493&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44772927%2C44773746%2C31067826&oid=2&pvsid=2390537064069740&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=iznkN1mLEA&p=http%3A//garmed.ru&dtd=231

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff325c328985ef8a083bc155e6fa6b5cf2182d7d3174d43c9e8e077f4a1576b9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 06 Oct 2022 13:34:33 GMT
age: 221232
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61591
x-xss-protection: 0
server: sffe
etag: "e54f9754f7fcb5b6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 06 Oct 2023 13:34:33 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012209142312000/v0/ Frame F8C9 14 KB
5 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209142312000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ccca58c9fa219fa65853a7398d935b56ce1fcdaab4787294b3f444ddf7d1036

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 06 Oct 2022 13:34:33 GMT
age: 221232
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5187
x-xss-protection: 0
server: sffe
etag: "59737ceedde8bf1d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 06 Oct 2023 13:34:33 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012209142312000/v0/ Frame F8C9 94 KB
28 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209142312000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddcba88db922f967fd78e15a055bfeb5088c7c58500ca2b7f08b74eb3736189b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 06 Oct 2022 13:34:33 GMT
age: 221232
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28888
x-xss-protection: 0
server: sffe
etag: "e2dd099ef3a2ca02"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 06 Oct 2023 13:34:33 GMT

GET
H3 200 amp-carousel-0.1.mjs Show response
cdn.ampproject.org/rtv/012209142312000/v0/ Frame F8C9 32 KB
10 KB 37ms
32ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209142312000/v0/amp-carousel-0.1.mjs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a03ad83dfc98ea451b3f790e5f56bb6979b8ef27bb7d8fea0a0fb67c5ab4319

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 06 Oct 2022 23:16:37 GMT
age: 186308
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10084
x-xss-protection: 0
server: sffe
etag: "9b9c66deab726883"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 06 Oct 2023 23:16:37 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012209142312000/v0/ Frame F8C9 5 KB
2 KB 39ms
34ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209142312000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5e6919b2460cd051d50b47942408d3b3dbf0470fdaec473a7ca6b928d7ae4e3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 06 Oct 2022 13:34:33 GMT
age: 221232
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
etag: "01e154329648e832"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 06 Oct 2023 13:34:33 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012209142312000/v0/ Frame F8C9 40 KB
13 KB 40ms
35ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209142312000/v0/amp-form-0.1.mjs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25ae07afb30f4156fa035a5ffc7f14945c8863ef79772f062d3d04fd97c25391

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 06 Oct 2022 13:34:33 GMT
age: 221232
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12955
x-xss-protection: 0
server: sffe
etag: "45d7f146b93052d9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 06 Oct 2023 13:34:33 GMT

GET
H3 200 amp-gwd-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012209142312000/v0/ Frame F8C9 6 KB
2 KB 41ms
37ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209142312000/v0/amp-gwd-animation-0.1.mjs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9638afb330d341d9553eac824a17ec22108c881ac869b2bdf4d89f3c3ac623bc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 07 Oct 2022 14:06:54 GMT
age: 132891
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2456
x-xss-protection: 0
server: sffe
etag: "630f73805b8c2774"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Oct 2023 14:06:54 GMT

GET
H3 200 ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F8C9 3 KB
3 KB 28ms
24ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ru.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 05:12:12 GMT
x-content-type-options: nosniff
server: cafe
age: 78573
etag: 6726277462267614359
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3041
x-xss-protection: 0
expires: Sun, 09 Oct 2022 05:12:12 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F8C9 344 B
368 B 27ms
22ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 04:10:05 GMT
x-content-type-options: nosniff
server: cafe
age: 82300
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sun, 09 Oct 2022 04:10:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F8C9 0
17 B 72ms
68ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ce8rmmDlCY_a2Hr7P7_UP-eK_yA7s48qobNbQjby5EKKFwK3mLxABINvE-AZglQKgAZLZsv0ByAEJqQIlcf_mT1mwPqgDAcgDCKoEyQFP0H4dhgxzWqAlFm13Im148vK6jKWF9G7s-2U6pjsHfSRhAHYZuc4iiNtX1PKjCwDOOaeSz1CtP__IkqfDgu1f_iIocSjoVxuolHkTEpp7t48SfDCShUDXXUdjyOSg7bT1Cj3542FAsR57mIdVu3bJjY2DwGXIElP7RAxTuAh9Z4zwg_oCagkyavp8hyAqm_Bw74PNKY0EsmD-cOb81KBWwLzo9HTJ7B3exLjgQvfUvJVRJqo9UtvPdAYX6aSq4gFVdswF05-EalnABMuj29rzA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfWps2CAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENyvA9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTYwOTU5Mjk5Mjg1NDU0OTUYAA&sigh=jXwdnyXSqqI&uach_m=[UACH]&template_id=419

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6095929928545495&output=html&h=600&adk=3368150715&adf=1834103405&w=160&lmt=1665284503&channel=0900002288&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=D5D5D5&color_link=0033FF&color_text=333333&color_url=008000&url=http%3A%2F%2Fgarmed.ru%2F&wgl=1&dt=1665284504192&bpp=19&bdt=515&idt=213&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&abxe=1&correlator=5095527943462&frm=20&pv=2&ga_vid=151692660.1665284504&ga_sid=1665284504&ga_hid=1715777623&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=850&ady=493&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44772927%2C44773746%2C31067826&oid=2&pvsid=2390537064069740&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=iznkN1mLEA&p=http%3A//garmed.ru&dtd=231
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 09 Oct 2022 03:01:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 ufo_120x160_1.png
tpc.googlesyndication.com/sadbundle/11842213090077821258/ Frame F8C9 56 KB
56 KB 28ms
24ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11842213090077821258/ufo_120x160_1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0774f3004aaf1f3972ee1e58ff7f78b1212b1318d8e5d5254693cc5d7b46e238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 05:30:55 GMT
x-content-type-options: nosniff
age: 163850
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57565
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:24:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Oct 2023 05:30:55 GMT

GET
H3 200 logo.svg
tpc.googlesyndication.com/sadbundle/11842213090077821258/ Frame F8C9 3 KB
1 KB 33ms
29ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11842213090077821258/logo.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0c4dbf7067cb39583786b86fa184c04e476a26c8f85da71e680ab8482f17b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:57:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 475431
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1269
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:24:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 03 Oct 2023 14:57:54 GMT

GET
H3 200 rote_Ecke.svg
tpc.googlesyndication.com/sadbundle/11842213090077821258/ Frame F8C9 194 B
204 B 35ms
32ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11842213090077821258/rote_Ecke.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfe419656dd889de2ec720db0136e2c564a919fa5215e67020632cc684496885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 03:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171745
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 165
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:24:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Oct 2023 03:19:20 GMT

GET
H3 200 mobile_ueberwachung.svg
tpc.googlesyndication.com/sadbundle/11842213090077821258/ Frame F8C9 8 KB
3 KB 36ms
32ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11842213090077821258/mobile_ueberwachung.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

703d5529e0a0d9c43128d2060510ca86175594a6c2c3275c1647c20fc2d69d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 03:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171745
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:24:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Oct 2023 03:19:20 GMT

GET
H3 200 mieten_weiss.svg
tpc.googlesyndication.com/sadbundle/11842213090077821258/ Frame F8C9 1 KB
749 B 36ms
32ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11842213090077821258/mieten_weiss.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd463c3153ca13fdb091473f0ac6fc5a7c297f2113030bc3a741575781787ed4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 03:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85010
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 711
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:24:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Oct 2023 03:24:55 GMT

GET
H3 200 diebstahl.svg
tpc.googlesyndication.com/sadbundle/11842213090077821258/ Frame F8C9 3 KB
1 KB 32ms
29ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11842213090077821258/diebstahl.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eefbb6ed5c954fda1b8cfa8db7828ada30bf3ccec35481983dce9f8f966f1cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 07:57:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155031
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1295
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:24:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Oct 2023 07:57:54 GMT

GET
H3 200 vandalismus.svg
tpc.googlesyndication.com/sadbundle/11842213090077821258/ Frame F8C9 6 KB
2 KB 31ms
28ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11842213090077821258/vandalismus.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1eddc419e3a3d1cf7f5261e3bf30b69cdd2d33c5d4e852eff4c3e40af5111c14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 03:02:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 431970
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2133
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:24:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 04 Oct 2023 03:02:15 GMT

GET
H3 200 einbruch.svg
tpc.googlesyndication.com/sadbundle/11842213090077821258/ Frame F8C9 2 KB
945 B 36ms
33ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11842213090077821258/einbruch.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7db3bf977b6edb173e8e55be71aa70cef23c57f06902e00b7b4b0ca0bac24ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 04:26:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167727
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 907
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:24:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Oct 2023 04:26:18 GMT

GET
H3 200 schutz_vor.svg
tpc.googlesyndication.com/sadbundle/11842213090077821258/ Frame F8C9 2 KB
1 KB 36ms
32ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11842213090077821258/schutz_vor.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10860052cef1a5864aef3915143cdbf8fc8749a22aba58ea6f8f931db7d848cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 03:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171745
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1247
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:24:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Oct 2023 03:19:20 GMT

GET
H/1.1 200
OK grstat
my.mail.ru/ Frame CBFE 43 B
609 B 180ms
62ms Image
image/gif 94.100.180.38
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.mail.ru/grstat?name=shows&connect=1

Requested by

Host: connect.mail.ru
URL: https://connect.mail.ru/share_button?cm=1&ck=3&sz=20&st=2&domain=garmed.ru&url=http%3A%2F%2Fgarmed.ru%2F&buttonID=8813985&faces_count=10&height=20&width=100%25&caption=%D0%9D%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%81%D1%8F&cp=1&host=http%3A%2F%2Fgarmed.ru&wid=7521676&type=insertable&app_id=-1&appid=-1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.100.180.38 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

my.mail.ru

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mail.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:45 GMT
X-Content-Type-Options: nosniff
Server: nginx
X-WebKit-CSP-Report-Only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
X-Frame-Options: DENY
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
Cache-Control: no-cache, no-store, must-revalidate, private
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H/1.1 200
OK d525461.gif
rs.mail.ru/ Frame CBFE 43 B
451 B 193ms
61ms Image
image/gif 2a00:1148:db00::17
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rs.mail.ru/d525461.gif?0.3690560870734285
Requested by: Host: connect.mail.ru
URL: https://connect.mail.ru/share_button?cm=1&ck=3&sz=20&st=2&domain=garmed.ru&url=http%3A%2F%2Fgarmed.ru%2F&buttonID=8813985&faces_count=10&height=20&width=100%25&caption=%D0%9D%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%81%D1%8F&cp=1&host=http%3A%2F%2Fgarmed.ru&wid=7521676&type=insertable&app_id=-1&appid=-1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mail.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:45 GMT
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43

GET
DATA 200
OK truncated
/ Frame F8C9 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc63c27e63fcca605f51b6d9887b9afca1ebfcff7867e598d3a67d5c6abb0fc2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK mm-rounded.png
my1.imgsmail.ru/mail/ru/images/my/app/connect/share/presets/20/ Frame CBFE 5 KB
5 KB 60ms
60ms Image
image/png 185.5.137.203
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my1.imgsmail.ru/mail/ru/images/my/app/connect/share/presets/20/mm-rounded.png
Requested by: Host: my1.imgsmail.ru
URL: https://my1.imgsmail.ru/mail/ru/css/new/share/compiled/20.css?1_2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.5.137.203 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: mystatic3.i.mail.ru
Software: nginx /
Resource Hash: b5bef9a7cc2af6198410cba7edfa844dd6419c800b5a518587c4b0d7d7dce29d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my1.imgsmail.ru/mail/ru/css/new/share/compiled/20.css?1_2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:45 GMT
Last-Modified: Wed, 01 Mar 2017 10:05:24 GMT
Server: nginx
ETag: "58b69ce4-1411"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5137
Expires: Sun, 16 Oct 2022 03:01:45 GMT

GET
H3 200 ufo_120x160_1.png
tpc.googlesyndication.com/sadbundle/11842213090077821258/ Frame F8C9 56 KB
56 KB 23ms
22ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11842213090077821258/ufo_120x160_1.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209142312000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0774f3004aaf1f3972ee1e58ff7f78b1212b1318d8e5d5254693cc5d7b46e238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 05:30:55 GMT
x-content-type-options: nosniff
age: 163850
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57565
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:24:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Oct 2023 05:30:55 GMT

GET
H3 200 logo.svg
tpc.googlesyndication.com/sadbundle/11842213090077821258/ Frame F8C9 3 KB
1 KB 27ms
27ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11842213090077821258/logo.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209142312000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0c4dbf7067cb39583786b86fa184c04e476a26c8f85da71e680ab8482f17b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:57:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 475431
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1269
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:24:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 03 Oct 2023 14:57:54 GMT

GET
H3 200 rote_Ecke.svg
tpc.googlesyndication.com/sadbundle/11842213090077821258/ Frame F8C9 194 B
204 B 27ms
26ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11842213090077821258/rote_Ecke.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209142312000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfe419656dd889de2ec720db0136e2c564a919fa5215e67020632cc684496885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 03:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171745
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 165
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:24:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Oct 2023 03:19:20 GMT

GET
H3 200 mobile_ueberwachung.svg
tpc.googlesyndication.com/sadbundle/11842213090077821258/ Frame F8C9 8 KB
3 KB 28ms
27ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11842213090077821258/mobile_ueberwachung.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209142312000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

703d5529e0a0d9c43128d2060510ca86175594a6c2c3275c1647c20fc2d69d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 03:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171745
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:24:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Oct 2023 03:19:20 GMT

GET
H3 200 mieten_weiss.svg
tpc.googlesyndication.com/sadbundle/11842213090077821258/ Frame F8C9 1 KB
749 B 28ms
27ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11842213090077821258/mieten_weiss.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209142312000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd463c3153ca13fdb091473f0ac6fc5a7c297f2113030bc3a741575781787ed4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 03:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85010
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 711
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:24:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Oct 2023 03:24:55 GMT

GET
H3 200 diebstahl.svg
tpc.googlesyndication.com/sadbundle/11842213090077821258/ Frame F8C9 3 KB
1 KB 28ms
27ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11842213090077821258/diebstahl.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209142312000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eefbb6ed5c954fda1b8cfa8db7828ada30bf3ccec35481983dce9f8f966f1cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 07:57:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155031
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1295
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:24:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Oct 2023 07:57:54 GMT

GET
H3 200 vandalismus.svg
tpc.googlesyndication.com/sadbundle/11842213090077821258/ Frame F8C9 6 KB
2 KB 28ms
27ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11842213090077821258/vandalismus.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209142312000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1eddc419e3a3d1cf7f5261e3bf30b69cdd2d33c5d4e852eff4c3e40af5111c14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 03:02:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 431970
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2133
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:24:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 04 Oct 2023 03:02:15 GMT

GET
H3 200 einbruch.svg
tpc.googlesyndication.com/sadbundle/11842213090077821258/ Frame F8C9 2 KB
945 B 28ms
27ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11842213090077821258/einbruch.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209142312000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7db3bf977b6edb173e8e55be71aa70cef23c57f06902e00b7b4b0ca0bac24ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 04:26:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167727
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 907
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:24:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Oct 2023 04:26:18 GMT

GET
H3 200 schutz_vor.svg
tpc.googlesyndication.com/sadbundle/11842213090077821258/ Frame F8C9 2 KB
1 KB 28ms
28ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11842213090077821258/schutz_vor.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209142312000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10860052cef1a5864aef3915143cdbf8fc8749a22aba58ea6f8f931db7d848cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 03:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171745
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1247
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:24:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Oct 2023 03:19:20 GMT

GET
H/1.1 200
OK impression.html Show response
w.uptolike.com/widgets/v1/ Frame 1EE7 1023 B
914 B 125ms
61ms Document
text/html 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/zp.js?pid=tle56a9aa26891bc802575dc34aaadf13193db145c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 829aefc2561d1da1496d88af2e9fdcda7d002eb568e8b59a636aaf49de2751de

Request headers

Referer: http://garmed.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=1800
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Sun, 09 Oct 2022 03:01:45 GMT
Expires: Sun, 09 Oct 2022 03:31:45 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK extra.js Show response
w.uptolike.com/widgets/v1/ 4 KB
3 KB 64ms
63ms Script
application/javascript 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.03764325560020576
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/zp.js?pid=tle56a9aa26891bc802575dc34aaadf13193db145c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 4e4c68f07617d62f0d5e4b0ae7c17d5892e817c6e89b565bc2104e57d1155751

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 09 Oct 2022 03:01:45 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Connection: keep-alive
Expires: Thu, 06 Oct 2022 16:40:49 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 162 KB
53 KB 93ms
46ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55abc736ad9b1f746d3fea8da93bebb6715e75a735ce44ed6ddede628607b612

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 03:01:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54589
x-xss-protection: 0
server: cafe
etag: 1662971329137327763
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 09 Oct 2022 03:01:45 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 82ms
36ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221003&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a902f9e3658d607cc31d466527610c44384d25623e3280a6b5537b20bf994fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 03:01:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11098
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame E2A6 0
3 KB 106ms
49ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df157ce34a09aa28%26domain%3Dgarmed.ru%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fgarmed.ru%252Ff269441c393b0cc%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fgarmed.ru%2F&layout=button_count&locale=ru_RU&sdk=joey&send=false&show_faces=true&width=120

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/all.js?hash=5401bd6db96b668e051f9ceb39f4458c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://garmed.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 09 Oct 2022 03:01:45 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: cdoRUyUNx+Q1Ne5pZuS0YLRqXNCHiATuTxPeGbrTJOFf1/lbBNByIhKK5y+WArhAoVDgQzQsr/Fpu1i7OeAetg==
x-xss-protection: 0

GET
H/1.1 200
OK porp.js Show response
optimads.ru/ 9 KB
5 KB 268ms
136ms Script
application/javascript 92.63.192.10
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://optimads.ru/porp.js

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.03764325560020576

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.63.192.10 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

belesta1023.ru

Software

nginx/1.13.12 /

Resource Hash

dc95dc7c5f3fac2ea7e6cf4a604d96ca0885c286954930a0196bab6cd7277c33

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:46 GMT
Content-Encoding: gzip
Last-Modified: Sunday, 09-Oct-2022 03:01:46 GMT
Server: nginx/1.13.12
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/javascript
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive

GET
H/1.1 200
OK / Show response
supraneet.ru/minus/ 0
319 B 201ms
67ms Script
application/javascript 62.109.6.15
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://supraneet.ru/minus/

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.03764325560020576

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.109.6.15 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

belesta1024.ru

Software

nginx/1.13.12 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:45 GMT
Last-Modified: Sunday, 09-Oct-2022 03:01:45 GMT
Server: nginx/1.13.12
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0

GET
H2 200 smart.js Show response
cdn.smntq.com/c83ul/ 6 B
490 B 176ms
55ms Script
text/javascript 95.217.109.66
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.smntq.com/c83ul/smart.js
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.03764325560020576
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.66.109.217.95.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: b98809417c0240085bf70f2a1127f0b622c1514651737e7e4ffac4b39e4da17e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 03:01:45 GMT
mode: no-cors
content-encoding: gzip
server: nginx/1.20.1
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H/1.1 200
OK collect_stat.js Show response
af.click.ru/ 913 B
1 KB 212ms
67ms Script
application/javascript 217.197.112.80
E-STYLEISP-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://af.click.ru/collect_stat.js
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.03764325560020576
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.197.112.80 , Russian Federation, ASN20655 (E-STYLEISP-AS, RU),
Reverse DNS: seopult.ru
Software: nginx /
Resource Hash: a01ed62761c70d35a7f2dd5f497451e70b85e85bb8f1774cee68d53554e6ecaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 03:01:45 GMT
Last-Modified: Fri, 22 Jul 2022 11:33:41 GMT
Server: nginx
ETag: "62da8b15-391"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 913

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 03:01:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 09 Oct 2022 03:01:45 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/ Frame F504 10 KB
4 KB 23ms
22ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://garmed.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 27549
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 08 Oct 2022 19:22:36 GMT
etag: 9671129459699598864
expires: Sat, 22 Oct 2022 19:22:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.sk/adsid/ 107 B
122 B 32ms
32ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.sk/adsid/integrator.js?domain=garmed.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 03:01:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
30ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=garmed.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 03:01:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1BDC 0
16 B 109ms
109ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6095929928545495&output=html&adk=1812271804&adf=3025194257&lmt=1665284503&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&channel=0900002288&format=0x0&url=http%3A%2F%2Fgarmed.ru%2F&ea=0&pra=7&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1665284505886&bpp=1&bdt=2209&idt=2&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddaf88c0665bf5c44-22be8a6840ce0085%3AT%3D1665284504%3ART%3D1665284504%3AS%3DALNI_MYnkg90jeDuD0Ej3MmTw7jFdS9q9Q&prev_fmts=160x600_as%2C468x60_as%2C160x600_as&nras=1&correlator=5095527943462&pv_ch=0900002288%2B&frm=20&pv=1&ga_vid=151692660.1665284504&ga_sid=1665284504&ga_hid=1715777623&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44772927%2C44773746%2C31067826&oid=2&psts=APxP-9AkTpcBzWn8sLXdEPct6obQtgjDSUCrA1u1jHAQ_vDX_JK44AW-LL0QXcIthTMatkwrLj1JLgMR10yKc3talg%2CAPxP-9Axq2rHo_sT46fIyGbbLbJZB_yauC6ABSvFL6nX_MeV1DoqiWZvBHpM8iBAMH8fVyvof1jIRwjW5WgfDQzhdg%2CAPxP-9BWz9sn5y1WDzdMbvI8exiUWNpqkPMsK9MVNJvXE0fr-fljn0LjTjxhvT6ZaCL1y0Z4d02Bu-ueGdkZaFX_QA&pvsid=2390537064069740&tmod=1772986814&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=19

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://garmed.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 09 Oct 2022 03:01:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F165 13 KB
5 KB 24ms
23ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://garmed.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 29051
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Oct 2022 18:57:34 GMT
expires: Sun, 08 Oct 2023 18:57:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2998 783 B
534 B 33ms
32ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

aa56239de58ad247b20d8b139bce7b702b7e0ee50f21910a4c92500f4dc65041

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JJs71UjbuXS8IYfSaznlxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://garmed.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-JJs71UjbuXS8IYfSaznlxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 09 Oct 2022 03:01:45 GMT
expires: Sun, 09 Oct 2022 03:01:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 204
No Content imp
w.uptolike.com/widgets/v1/zp/ Frame 1EE7 0
154 B 82ms
82ms Image
text/plain 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.uptolike.com/widgets/v1/zp/imp?pid=tle56a9aa26891bc802575dc34aaadf13193db145c&fl=false&sw=1600&sh=1200&vw=1600&vh=1200&vp=b99d67e9-65f6-4783-9aa3-49fd74af2095&ttl=JUQwJUExJUQxJTgyJUQxJTgwJUQwJUIwJUQxJTg1JUQwJUJFJUQwJUIyJUQwJUIwJUQxJThGJTIwJUQwJUJBJUQwJUJFJUQwJUJDJUQwJUJGJUQwJUIwJUQwJUJEJUQwJUI4JUQxJThGJTIwJTIyJUQwJTkzJUQwJUIwJUQxJTgwJUQwJUJDJUQwJUI1JUQwJUI0JTIyJTIwJTJGJTIwJUQwJTkyJUQwJUIwJUQxJTg4JTIwJUQxJTgxJUQxJTgyJUQxJTgwJUQwJUIwJUQxJTg1JUQwJUJFJUQwJUIyJUQwJUJFJUQwJUI5JTIwJUQwJUJBJUQwJUJFJUQwJUJEJUQxJTgxJUQxJTgzJUQwJUJCJUQxJThDJUQxJTgyJUQwJUIwJUQwJUJEJUQxJTgy&url=http%3A%2F%2Fgarmed.ru%2F&rnd=0.23217821511716763
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w.uptolike.com/widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 09 Oct 2022 03:01:45 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3 200 -Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js Show response
pagead2.googlesyndication.com/bg/ Frame F165 36 KB
16 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f98dfc777edad439af757cd19c85240fa8d3a50daeace696b9d0ba146fe34758

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 20:16:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15918
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Oct 2023 20:16:19 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2998 0
0 57ms
56ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221003&jk=2390537064069740&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F165 0
12 B 22ms
22ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?X0YHCw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 03:01:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
59ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221003&jk=2390537064069740&bg=!paalpuLNAAYQgTJdMIE7ACkAdvg8WgnqjSRbYf_Pz0nkHCjJbb62Gb_ntZR70MdwsbBKl1k8chA4FwIAAABYUgAAAAJoAQeZAtVDaZmOt78jIMcv7WwncMFdd1nEGzJjKg2oT0jk204T-qUyg0crWpKkCJpuCX4C6k2i8uB2qhm3dECtZhKbmlKiXE4PTEuIJk23i-d3-nmYH9FNf2c7sA71r6uyNVOcbvXJ61swpC_DXIZt2tXTIW3xxwJFXuNw0cGOqyI72d5-hKseyFcSamzo2gEbCCG5maDIbxI5f68TJJdTzve8TSvGyXgA8mBV9B41qn3Cy0uAHePlJ4EgoseXMyYUL2lB1kJ0VwT-LNiDTZcJV4KbtIDKabBHN5fXBbfxHt2wIqNnR0yns9IdeU8cd_4l05vzSnPVtv92rpomEezFnnx-a8hU3C0vWkNf8X3PX-rxQtv7WP40w8KVKcBo8A0KgpsqjRfjnXF8IMCZmLU1htkhrASMlaWhEe8QPo4Bn9a2scoPNhH9tDGXrR0UAmcPhWQquaqBTHpt6PTJPE2iXmJBknpHcgtVq9a_lagJOo2-cpb3QS2efJmlbrY5baycNCGOn0hYJpHR0EpI9zWv2zBzXbTMWG0LvjLyRacGj-1uJ7EF5NiSNjYaX8du8kzwCoZ8sw8ZcqjoiboxwbRUsy2XSL4zqKVlDk_HcVsUsfDgDRtccA64gWIPYTx-NF9kCyTmV2B8AEV2weXAYngw1WpNLuk89ZAy7bn9hu666f8h5k5Ovi6s5ROgXVpo2ez5WIvuWYhftYAAMqlwpg5sz3zKeG7Asa7rcX9Bx7bgPcDyeFy6u-kzrIEGpqGFq6eU41gynlg7c69_w5y4DiUGMCb8CTm1fqv5VFwq1RmI33cpcCORLD7ST8ZY0xDvoiLbD3GeXdkYsQonsQa4C2PE_3t5KBvOCMyQJdI1pnx40K7dqBTMx3OB9UeLnuekvFrpSZek8tDXktoQpwoIRLSx8BfypHyuz51HxfuxEFiy4jjDwfspxOm92lmEtud2c8NHUJxf-_-jD-kd-g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://garmed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F8C9 42 B
64 B 62ms
60ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuiOBOt_kJXcmYHl7XHSDuQ7gtCTpIQXq9fvU-pJwkQKAhw1_9f219S3o50ldf3UPdCnZXZgo7SrPPNUfjah550SaFQDNsVaIVY6DTjWmAnjhSV3E1ngADw8cVakhqx77FFVQc56Q&sai=AMfl-YTo4g_xEiKjXJ6zMsMer_g2QsKf2KxvqnyQyORRdA787xbLEHs7iTlqivZviVYS-xH6uwbZwYUZ3Nz0iGY&sig=Cg0ArKJSzDCg_YUQj8YIEAE&id=ampim&o=850,493&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=1287&tls=2288&g=100&h=100&tt=2289&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=&uaw=&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Oct 2022 03:01:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK support.html Show response
w.uptolike.com/widgets/v1/zp/ Frame D4F8 14 KB
4 KB 64ms
63ms Document
text/html 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/zp/support.html
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/zp.js?pid=tle56a9aa26891bc802575dc34aaadf13193db145c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: dbb87754e7677c99a20c4603a88765b6cb926a78b79edb863fee5c9ea1c96ef4

Request headers

Referer: http://garmed.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=1800
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Sun, 09 Oct 2022 03:01:46 GMT
Expires: Sun, 09 Oct 2022 03:31:46 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

Verdicts & Comments Add Verdict or Comment

237 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
garmed.ru/	1969-12-31 23:59:59	Name: ef34972f7a735bdb05f4a22e1ec3381d Value: 6ffcf6750858bff3aceaf2e5601de331
.w.uptolike.com/	1970-01-20 16:10:44	Name: utl_id2 Value: 29110984287
.w.uptolike.com/	1970-01-20 16:10:44	Name: utl_dat Value: "CIT2w9W7MBAAIITHjt67MCiEx47euzAwAERJfpDfxA8wA9DD9LhfWLM="
.garmed.ru/	1970-01-20 15:56:20	Name: __gads Value: ID=daf88c0665bf5c44-22be8a6840ce0085:T=1665284504:RT=1665284504:S=ALNI_MYnkg90jeDuD0Ej3MmTw7jFdS9q9Q
.vk.com/	1970-01-20 15:11:27	Name: remixlang Value: 6
.vk.com/	1970-01-20 15:20:20	Name: remixstlid Value: 9081027531942673345_qV2oENRdlRzt3UOzhBARm16I88eQoyxWFa8MDPoo4IP
.vk.com/	1970-01-20 15:26:47	Name: remixstid Value: 281966897_vNG8nC8iDEzQyZ6rXH0IzSPyECXSYNNPdLDIIagxELg
.doubleclick.net/	1970-01-20 15:56:20	Name: IDE Value: AHWqTUnOqNti8VN1Dl236jVhXq9EUWc066ebVD5gsxVwoG3my3YYh6a_lOGsy6DABuI
.yadro.ru/	1970-01-20 15:19:58	Name: FTID Value: 1ZGZcO0hMX8Q1ZGZcO003JqJ
.yadro.ru/	1970-01-20 15:19:58	Name: VID Value: 25cL5O2iDU8Q1ZGZcP003Jqu
.garmed.ru/	1970-01-20 15:20:20	Name: _ym_uid Value: 1665284505647502522
.garmed.ru/	1970-01-20 15:20:20	Name: _ym_d Value: 1665284505
.mail.ru/	1970-01-20 15:21:46	Name: VID Value: 0v2MSk1Q85YD00000i1OL4YD:::0-0-0-85c9259:CAASEBBfg-J1_tnXh7uRzYN6dbsaYERINeXwr6kwwc4o-OGDc4YO-8TgpNHbkWtrnFC40-mdMywX2HyNgRmbgSLc8qfYLy7EKNktWihfuhQJeVjrmzrThwdIkGbRizhoB_azGTo_WKbaloFKfMUC_9qz5oow-Q
.mc.yandex.com/	1970-01-20 06:34:45	Name: sync_cookie_csrf Value: 964272933fake
.garmed.ru/	1970-01-20 06:35:56	Name: _ym_isad Value: 2
.doubleclick.net/	1970-01-20 06:34:48	Name: DSID Value: NO_DATA
.mc.yandex.ru/	1970-01-20 06:34:45	Name: sync_cookie_csrf Value: 1883488895fake
.yandex.com/	1970-01-20 15:20:20	Name: yandexuid Value: 1274916781665284505
.yandex.com/	1970-01-20 15:20:20	Name: yuidss Value: 1274916781665284505
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 278878751665284505
.yandex.com/	1970-01-20 16:10:44	Name: i Value: cEDqkZpQVJznVfRxnkVApN55uHME1QraCCa3pznYxWxRZYDCZ1WTAPmYTc5oJkFmV0h4RaUGLFVcMhJzPIJPO9z8Wp4=
.yandex.com/	1970-01-20 15:20:20	Name: ymex Value: 1696820505.yrts.1665284505#1696820505.yrtsi.1665284505
.doubleclick.net/	1970-01-20 06:34:45	Name: test_cookie Value: CheckForPermission
.mail.ru/	1970-01-20 16:10:44	Name: p Value: 6EEBAFCM/JoA
.cdn.smntq.com/	1970-01-20 16:10:44	Name: smart Value: 1892933f593f4742b78cd96f17d39092

33 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://garmed.ru/templates/system/css/system.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://garmed.ru/components/com_jcomments/tpl/default/style.css?v=12 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://garmed.ru/modules/mod_news_show_gk3/style/style.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://garmed.ru/templates/system/css/general.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://garmed.ru/templates/everhest/css/tdefaut.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://garmed.ru/media/system/js/caption.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://garmed.ru/media/system/js/mootools.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://garmed.ru/modules/mod_news_show_gk3/scripts/engine_1_11_compressed.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://garmed.ru/share42/share42.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://garmed.ru/templates/everhest/images/logo.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://garmed.ru/share42/share42.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://garmed.ru/images/stories/slide/slide1.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://garmed.ru/images/stories/about.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://garmed.ru/images/stories/contact.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://garmed.ru/images/stories/003/image020.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://garmed.ru/images/stories/003/image012.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://garmed.ru/images/stories/%208.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://garmed.ru/images/stories/004/image014.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://garmed.ru/images/stories/voditel%20pogruzchika%20obuchenie%20kiev.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://garmed.ru/images/stories/014/image040.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://garmed.ru/images/stories/014/image047.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://garmed.ru/images/stories/015/image017.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://garmed.ru/images/stories/009/image042.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://garmed.ru/images/stories/001/image011.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://garmed.ru/images/stories/010/image007.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://garmed.ru/images/stories/004/image042.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://garmed.ru/images/stories/011/image040.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://garmed.ru/components/com_sdrsssyndicator/assets/images/buttons/yandex.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://garmed.ru/templates/everhest/images/top.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://novoston.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
other	warning	URL: https://cdn.ampproject.org/rtv/012209142312000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9785.zjaaTKv3ZNFFXEP7EM8S8kBq_WG0GZR2Bzm6z7yfnF0UMF-M8L5zN9WyIOE2KbPqy6QnvmcMyZ02hmJzhLqoNQ%2C%2C.dMh_WTM3Z2upLEGzdQ-iS_9tSrs%2C Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://cdn.ampproject.org/rtv/012209142312000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.sk
af.click.ru
cdn.ampproject.org
cdn.connect.mail.ru
cdn.smntq.com
connect.facebook.net
connect.mail.ru
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
garmed.ru
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
my.mail.ru
my1.imgsmail.ru
my2.imgsmail.ru
novoston.com
optimads.ru
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
rs.mail.ru
st6-22.vk.com
supraneet.ru
syndication.twitter.com
t1.gstatic.com
top-fwz1.mail.ru
tpc.googlesyndication.com
userapi.com
vk.com
w.uptolike.com
www.facebook.com
www.google.com
www.googletagservices.com
www.gstatic.com
104.244.42.8
159.69.82.209
185.5.137.203
185.5.137.205
217.197.112.80
217.69.139.100
2606:2800:234:59:254c:406:2366:268c
2a00:1148:db00::17
2a00:1450:4001:800::2002
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:827::2001
2a00:1450:4001:827::2004
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2004
2a02:6b8::1:119
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
5.9.86.87
62.109.6.15
87.240.129.187
87.240.132.67
88.212.202.52
92.63.192.10
94.100.180.38
94.100.180.54
95.142.206.2
95.163.114.204
95.163.52.67
95.217.109.66
042000e3d473316da1511f64120982a76afe16ab666aa07d2026518c69ea5769
0774f3004aaf1f3972ee1e58ff7f78b1212b1318d8e5d5254693cc5d7b46e238
07af4360c2212cdb2437994bbb1cb31c63d0811357f21593893ecf0214c21f07
0d7e358637c1b1caa66949aefc529c1e4488923f99e499d6be09eb8cdd0b4202
10860052cef1a5864aef3915143cdbf8fc8749a22aba58ea6f8f931db7d848cd
10b23cf3271a1eccc74388f0ef2eaaa6eec444853ba98831dd504291242e037f
15e749617a3856bfaa4d2cea0c50d88366d2b579841bd5a45bd2d34062babc51
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1eddc419e3a3d1cf7f5261e3bf30b69cdd2d33c5d4e852eff4c3e40af5111c14
202e92740f4fa7f0e7649f6069f366c191465421b77c9dd9be4653c27eaad29d
236dca679b9983d1fbea0415d584b17d80f1c6942506fc508a5384db924e8795
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
25ae07afb30f4156fa035a5ffc7f14945c8863ef79772f062d3d04fd97c25391
2874b889eb9dbe3f2ff827d4abcb0cf9ce8541e913b717cc2df2828388d38d4b
289e96d423c1359d4fd533508c4234edaf94d9beba530e28bce0f08b19c16945
2a03ad83dfc98ea451b3f790e5f56bb6979b8ef27bb7d8fea0a0fb67c5ab4319
2f7e190c7a25194337efdd52f0018320ebfa239e150b19b95f3703b0bc02e6c8
2fae245b5d3f8183490f65c90aa9e367cf9d533abc047f12e7e5b72399913a43
329131edccb130ceee9433b018b5c1eb24da707eaea37329c95a4544df266d7a
32e7709b69d912e8961d7ff11e2d1a17dcc8e4ec24db50bdb4129ed2b785b1b5
345a67cfd0606856a2447d3fa12feb4a50aabc7394840586556ddb4dcc509934
3795726557f64bf66677a94511e34f7d67dd58c73baef60ddb3f9a0cb8f38c1e
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
43fe62030092e73be7d24ffff01910b0046174c3e61f2a3a4a01de13bb367a6e
45bc75820c2292bf64b74af20b9785c4a053608816b7d0c05bdc968e8e9de805
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4e4c68f07617d62f0d5e4b0ae7c17d5892e817c6e89b565bc2104e57d1155751
518c9c94cbdc53c327f141f1ed215cadaeb91dfad2f1c8bc2be85ecf8d4ad4ea
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55abc736ad9b1f746d3fea8da93bebb6715e75a735ce44ed6ddede628607b612
6111adf2d267651edfefe5466550ef4463c00ba7bfbfd4b5ac37f54acde3f96b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6404ffc917099408e2ebf84f92b02fcef93259358a878a17d7b1814f71e3e099
65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd
6d0f9faf185c1f43001f2508f80abf686cfb1c00f58c6bf0fa807791b5fc65e2
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
703d5529e0a0d9c43128d2060510ca86175594a6c2c3275c1647c20fc2d69d71
74017d97a0876e72ef09a14ea0b3ad49a744811c726e7b05e305d4a6e3e07612
749ac42703ade78a5ed1277ed14fb8adb16ee555cd0997b07c902371bc1fee07
7a2c6856e8437c3183ec517c59fc9724eb82cac59f685970113a7fb15ecd272c
7b345573b3213ee4e30a7a4f60d21488bc1c4da397709d0043dec9333b4d6ccf
7d2fc381aebbeca6bc929c34ff3af23c94352463c9233894221bb9120f030e63
7f0c4dbf7067cb39583786b86fa184c04e476a26c8f85da71e680ab8482f17b4
829aefc2561d1da1496d88af2e9fdcda7d002eb568e8b59a636aaf49de2751de
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8bba4eb43c3d186256977d7282beaf05c1f58c55fbea96212519677aaf8c63ae
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8ccca58c9fa219fa65853a7398d935b56ce1fcdaab4787294b3f444ddf7d1036
943b6f5f7d928a1736767a4ae06a95c0fc6a797e7b1220f6cf3ac8dd03585034
9638afb330d341d9553eac824a17ec22108c881ac869b2bdf4d89f3c3ac623bc
97f3c1ca9f09e22da012c5f521d9ba0c7131d5436d73c739bd1c2ae9e0b42927
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a61fe6e2743a18f977ac18a2f805735e8dccf115b16dbbbd2e3864ae98d4c33
9a902f9e3658d607cc31d466527610c44384d25623e3280a6b5537b20bf994fb
9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a
9efe9ef06cd22cb61f7791442db0397e9d679b91a233e8c57a7263a5b7a97786
a01ed62761c70d35a7f2dd5f497451e70b85e85bb8f1774cee68d53554e6ecaa
a03e5519641f8f42c1cd57a13dd17cd72b6c4446c9f10def4ee18d0b2d890544
a104e58adddcc5086b3c84a058272e62965737fa798e3020b3db0c07e31ef6ec
a1e6a59e0567f886caaada41007e695d2039c4fe07fb28727dd27ab2029ecd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6d78d0910d4539d6354d6c09d7bc38c59f6f03e9c7b53969f30d39a7aba549c
aa56239de58ad247b20d8b139bce7b702b7e0ee50f21910a4c92500f4dc65041
aab3ff0dc213477454a0641c0c83219ba436b48005b60d3802fc064f06df96b2
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad5ec988bd020164b671bb75db6db271e404cc8f48c601292b88d8811de6e061
b2a50082eaf1a2316926d395ae0df4fd8c101c4eb18b629e10e5401a06b818b1
b5bef9a7cc2af6198410cba7edfa844dd6419c800b5a518587c4b0d7d7dce29d
b7db3bf977b6edb173e8e55be71aa70cef23c57f06902e00b7b4b0ca0bac24ec
b98809417c0240085bf70f2a1127f0b622c1514651737e7e4ffac4b39e4da17e
ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5
ba7bc979694591a79dbf8a8894fdd972478d91be79c6386520bab30fa5213b85
bcf9edbbf04dea4779edced3cae8af78406f229c22a30a0fbe8d80bcedcb0183
bea07e5f5fac6182573e5ace37856b782fdd091d2ff846ca5fe2f1de1bc8f6fc
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c7b00186265dc1dcdef9b7448bffe1001216eaf85d84a5ac5fdab8e612f34e56
c915b48765a756aecea1bde59036e7d4db96e0a7f17c39e8fe4187026f5ccf59
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d5e6919b2460cd051d50b47942408d3b3dbf0470fdaec473a7ca6b928d7ae4e3
d6b64b6f2dc21fe31f863b6e91a7455bfcdd0845b69d98630357a50a4134919e
dbb87754e7677c99a20c4603a88765b6cb926a78b79edb863fee5c9ea1c96ef4
dc95dc7c5f3fac2ea7e6cf4a604d96ca0885c286954930a0196bab6cd7277c33
dd463c3153ca13fdb091473f0ac6fc5a7c297f2113030bc3a741575781787ed4
ddcba88db922f967fd78e15a055bfeb5088c7c58500ca2b7f08b74eb3736189b
dfe419656dd889de2ec720db0136e2c564a919fa5215e67020632cc684496885
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6def5d3feece899f0580b9f50d769b4ca2a3b3339fb122ceb00b9830c1df0b2
ed89697436c213e02c99f290a0f8a3d20c4bde9ccdb2ddf025b0849cdfe11347
eefbb6ed5c954fda1b8cfa8db7828ada30bf3ccec35481983dce9f8f966f1cda
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5edf9e004f01d4c8c4d5469a2447a83f558f499bedf7fae0bb06c1d156cdbec
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f98dfc777edad439af757cd19c85240fa8d3a50daeace696b9d0ba146fe34758
fc63c27e63fcca605f51b6d9887b9afca1ebfcff7867e598d3a67d5c6abb0fc2
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
ff325c328985ef8a083bc155e6fa6b5cf2182d7d3174d43c9e8e077f4a1576b9

garmed.ru Open in urlscan Pro 5.9.86.87 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

166 Requests

75 %HTTPS

50 %IPv6

26 Domains

37 Subdomains

35 IPs

5 Countries

1647 kBTransfer

4909 kBSize

25 Cookies

2 Outgoing links

Redirected requests

166 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

garmed.ru Open in urlscan Pro
5.9.86.87 Public Scan

Screenshot
Live screenshot

Full Image

166
Requests

75 %
HTTPS

50 %
IPv6

26
Domains

37
Subdomains

35
IPs

5
Countries

1647 kB
Transfer

4909 kB
Size

25
Cookies

166 HTTP transactions
7 data transactions