tomovl.ru Open in urlscan Pro
195.24.68.27 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://tomovl.ru/
Submission: On February 26 via api (February 26th 2023, 8:15:59 pm UTC) from CH — Scanned from DE

Summary HTTP 167 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 34 IPs in 11 countries across 30 domains to perform 167 HTTP transactions. The main IP is 195.24.68.27, located in Russian Federation and belongs to RU-CENTER, RU. The main domain is tomovl.ru.

This is the only time tomovl.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
39	195.24.68.27 195.24.68.27	48287 (RU-CENTER) (RU-CENTER)
23	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:400d:80d::2004	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1 2	141.95.147.42 141.95.147.42	16276 (OVH) (OVH)
1	81.19.89.1 81.19.89.1	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
1 2	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
1 4	81.19.89.18 81.19.89.18	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
2 3	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
1	89.208.236.251 89.208.236.251	12695 (DINET-AS) (DINET-AS)
2 3	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
1	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:400d:80a::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:807::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:402... 2a00:1450:4028:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80c::200e	15169 (GOOGLE) (GOOGLE)
1	2a01:28:cb6:5::c 2a01:28:cb6:5::c	39392 (SUPERNETW...) (SUPERNETWORK ^_^)
6 16	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 4	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
2 4	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
2	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
2 2	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
4 4	35.158.143.193 35.158.143.193	16509 (AMAZON-02) (AMAZON-02)
1 2	23.35.209.30 23.35.209.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	37.157.3.29 37.157.3.29	198622 (ADFORM) (ADFORM)
167	34

39 195.24.68.27 (Russian Federation)

ASN48287 (RU-CENTER, RU)
PTR: wcarp.hosting.nic.ru

tomovl.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80d::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.147.42 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns3213586.ip-141-95-147.eu

www.translate.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.19.89.1 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: top100.rambler.ru

top100-images.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8:a::a (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

www.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 81.19.89.18 (Russian Federation) 1 redirects

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

counter.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kraken.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.163.52.67 (Russian Federation) 2 redirects

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

d1.c8.b8.a0.top.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.208.236.251 (Reutov, Russian Federation)

ASN12695 (DINET-AS, RU)

hit24.hotlog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.212.202.52 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:400d:80a::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4028:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)

i1.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:28:cb6:5::c (Prague, Czech Republic)

ASN39392 (SUPERNETWORK ^_^, CZ)

rr1---sn-n02xgoxufvg3-2gb6.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.186.98 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.20 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.228.164.11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.134.244 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.158.143.193 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-143-193.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.209.30 (Vienna, Austria) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-209-30.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.29 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 140	512 KB
39	tomovl.ru tomovl.ru	102 KB
28	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 319 cm.g.doubleclick.net — Cisco Umbrella Rank: 202	165 KB
18	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	211 KB
8	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 73	4 KB
5	rambler.ru 1 redirects top100-images.rambler.ru — Cisco Umbrella Rank: 640636 counter.rambler.ru — Cisco Umbrella Rank: 113533 kraken.rambler.ru — Cisco Umbrella Rank: 37599	105 KB
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 277	2 KB
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 755 r.turn.com — Cisco Umbrella Rank: 3104	2 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 203	4 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531	3 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	194 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	4 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8947	818 B
3	yadro.ru 2 redirects counter.yadro.ru — Cisco Umbrella Rank: 9857	2 KB
3	mail.ru 2 redirects d1.c8.b8.a0.top.mail.ru top-fwz1.mail.ru — Cisco Umbrella Rank: 10101	3 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 590	1 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1218	459 B
2	ctnsnet.com 2 redirects ipac.ctnsnet.com — Cisco Umbrella Rank: 4937	1016 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 741 s.tribalfusion.com — Cisco Umbrella Rank: 1813	1 KB
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 459	2 KB
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 654	929 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	17 KB
2	yandex.ru 1 redirects www.yandex.ru — Cisco Umbrella Rank: 54927	4 KB
2	translate.ru 1 redirects www.translate.ru — Cisco Umbrella Rank: 675531	252 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2856	104 B
1	googlevideo.com rr1---sn-n02xgoxufvg3-2gb6.googlevideo.com — Cisco Umbrella Rank: 982738	1 MB
1	ytimg.com i1.ytimg.com — Cisco Umbrella Rank: 1615	13 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 271	25 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 855	601 B
1	hotlog.ru hit24.hotlog.ru
167	30

	Domain	Requested by
39	tomovl.ru	tomovl.ru
23	pagead2.googlesyndication.com	tomovl.ru pagead2.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com tpc.googlesyndication.com www.googletagservices.com
22	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com tomovl.ru
16	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
11	www.gstatic.com	tomovl.ru googleads.g.doubleclick.net
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net tomovl.ru
5	fonts.gstatic.com	fonts.googleapis.com
5	www.google.com	1 redirects tomovl.ru tpc.googlesyndication.com googleads.g.doubleclick.net
4	x.bidswitch.net	4 redirects
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net tomovl.ru
4	fonts.googleapis.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	counter.yadro.ru	2 redirects tomovl.ru
2	c1.adform.net	2 redirects
2	sync.teads.tv	1 redirects
2	ipac.ctnsnet.com	2 redirects
2	sync.mathtag.com	2 redirects
2	cms.quantserve.com	googleads.g.doubleclick.net
2	r.turn.com
2	ad.turn.com	2 redirects
2	csi.gstatic.com	www.gstatic.com
2	googleads4.g.doubleclick.net	tomovl.ru
2	www.google-analytics.com	tomovl.ru
2	kraken.rambler.ru	tomovl.ru
2	top-fwz1.mail.ru	1 redirects tomovl.ru
2	counter.rambler.ru	1 redirects tomovl.ru
2	www.yandex.ru	1 redirects tomovl.ru
2	www.translate.ru	1 redirects tomovl.ru
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	rr1---sn-n02xgoxufvg3-2gb6.googlevideo.com	googleads.g.doubleclick.net
1	i1.ytimg.com	googleads.g.doubleclick.net
1	s0.2mdn.net	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	hit24.hotlog.ru	tomovl.ru
1	d1.c8.b8.a0.top.mail.ru	1 redirects
1	top100-images.rambler.ru	tomovl.ru
167	41

This site contains links to these domains. Also see Links.

Domain
www.translate.ru
top.mail.ru
top100.rambler.ru
click.hotlog.ru
www.liveinternet.ru
yandex.ru

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.rambler.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-05-16` - `2023-05-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.googlevideo.com GTS CA 1C3	`2023-02-14` - `2023-04-25`	2 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh

This page contains 19 frames:

Primary Page: http://tomovl.ru/
Frame ID: 227702F11F5ACD297B1CDDB0F83020E2
Requests: 66 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0940496935639317&output=html&h=600&slotname=6141929750&adk=4266690709&adf=2258814340&pi=t.ma~as.6141929750&w=160&lmt=1677442554&url=http%3A%2F%2Ftomovl.ru%2F&wgl=1&dt=1677442554010&bpp=11&bdt=74&idt=237&shv=r20230222&mjsv=m202302140101&ptt=5&saldr=sa&abxe=1&correlator=1584292899845&frm=20&pv=2&ga_vid=112705650.1677442554&ga_sid=1677442554&ga_hid=1378862998&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=781&ady=187&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759927%2C44759876%2C44759837%2C31072436%2C31072440&oid=2&pvsid=3969579687426660&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaE%7C&abl=NA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=IdhahcFKjf&p=http%3A//tomovl.ru&dtd=258
Frame ID: A8656B2BA1DA9C662350E07F8736BF32
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0940496935639317&output=html&h=15&slotname=6299305035&adk=2938491785&adf=79915431&pi=t.ma~as.6299305035&w=728&lmt=1677442554&url=http%3A%2F%2Ftomovl.ru%2F&wgl=1&dt=1677442554023&bpp=3&bdt=87&idt=253&shv=r20230222&mjsv=m202302140101&ptt=5&saldr=sa&abxe=1&prev_slotnames=6141929750&correlator=1584292899845&frm=20&pv=1&ga_vid=112705650.1677442554&ga_sid=1677442554&ga_hid=1378862998&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=10&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759927%2C44759876%2C44759837%2C31072436%2C31072440&oid=2&pvsid=3969579687426660&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaEe%7C&abl=NA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=a3D2v6UWXb&p=http%3A//tomovl.ru&dtd=256
Frame ID: EE8F20FF70852959F07AFEE7B474D70B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0940496935639317&output=html&h=280&slotname=3069855689&adk=168988542&adf=2787348630&pi=t.ma~as.3069855689&w=336&lmt=1677442554&url=http%3A%2F%2Ftomovl.ru%2F&wgl=1&dt=1677442554223&bpp=5&bdt=287&idt=59&shv=r20230222&mjsv=m202302140101&ptt=5&saldr=sa&abxe=1&prev_slotnames=6141929750%2C6299305035&correlator=1584292899845&frm=20&pv=1&ga_vid=112705650.1677442554&ga_sid=1677442554&ga_hid=1378862998&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=332&ady=961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759927%2C44759876%2C44759837%2C31072436%2C31072440&oid=2&pvsid=3969579687426660&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CaEe%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=dHKxgRolGN&p=http%3A//tomovl.ru&dtd=62
Frame ID: 651CB483A243DA33C98445B92A32B289
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js
Frame ID: 3218664B9D257C34681848AD7B5037CD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js
Frame ID: 66B64FB5EB53302AD31251571364B00C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/zrt_lookup.html
Frame ID: 62E41BA5CBABF23B9A7599662AD7A010
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0940496935639317&output=html&adk=1812271804&adf=3025194257&lmt=1677442555&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_r&format=0x0&url=http%3A%2F%2Ftomovl.ru%2F&ea=0&pra=7&wgl=1&dt=1677442555262&bpp=3&bdt=1326&idt=3&shv=r20230222&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1885e4afc4c91f60-228f4abe1add0090%3AT%3D1677442554%3ART%3D1677442554%3AS%3DALNI_MbAy5ISt6IA9a8w4gUNFxrheZk8Jg&gpic=UID%3D00000bbc520995fb%3AT%3D1677442554%3ART%3D1677442554%3AS%3DALNI_MZ-9uNHaq_gKb3xuKzhX-fG1xU09w&prev_slotnames=6141929750%2C6299305035%2C3069855689&nras=1&correlator=1584292899845&frm=20&pv=1&ga_vid=112705650.1677442554&ga_sid=1677442554&ga_hid=1378862998&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759927%2C44759876%2C44759837%2C31072436%2C31072440&oid=2&psts=AD37Y7uNMH88sk7-bHkhYDMyCrgHBpPNOMsjaedrmTbIWvvURK6OXfsUyEwI5D_PZrMlyUn-eA-2cde-VBweW8xdWw%2CAD37Y7uI695ILcGoQMTRJpVnJUDTp31Eq-gP9cic4ng6d-JJ-5yGEDhBqIlYVR959FvChBs9M_r1eJVwTyzVeH48KaqyTw&pvsid=3969579687426660&tmod=1193491593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=26
Frame ID: FC1FB8093A50F926DEA65BB54815F5A5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 30F0AFA7758C5A2B8C4E60C0BA7968CE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 751719A5FAD8B5A197C3C34C8189008D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Frame ID: D3CDB9C616D07E6D09DCB9706EE6F857
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Frame ID: F677285E1018D8D3BD3F2FF1A614F24F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLHVxd0BMAE&v=APEucNXQJ9PYPwsgp1acZSWvNAyBqnnGs1jh2Qy2jtHvx7Q9lIU0j1VAB8gCJh0x2_5z4qYXF-GU8LEDk8rAXUtk_UO6RojzMHRcomsf_6Zq4Us5Mxt5zlEQD6liHF4r-jRFPfGnFNIoArxWW_OZr8yu3FXhyVSLLOzhrX49nEmZ3gIQYZpJ8mM
Frame ID: C9DBC6246B1D69876710DA01BA40BA6F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js
Frame ID: BD064CA73FC467DDCF17495953147709
Requests: 13 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/030db783cd93f01ccad1528166361a91.js?tag=client_fast_engine_2019
Frame ID: 4757D6823737EF9868FFDD956765DB45
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FAACB4BD0FD1BBE43BD7EC1444C1A31C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4E54C8772EC74AFA67987DE9E47854C5
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AD8A5C647728EFB473321D542C9C2F31
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js
Frame ID: 9688E619CD9666D3D041F58371AC19F4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Страницы Истории. Сайт Леонида Томова. Природа и история Коми.

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

167
Requests

61 %
HTTPS

54 %
IPv6

30
Domains

41
Subdomains

34
IPs

11
Countries

2597 kB
Transfer

4439 kB
Size

41
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://www.translate.ru/
Title: Translate.Ru

Search URL Search Domain Scan URL

URL: http://top.mail.ru/jump?from=557334

Search URL Search Domain Scan URL

URL: http://top100.rambler.ru/home?id=1230048

Search URL Search Domain Scan URL

URL: http://click.hotlog.ru/?466520

Search URL Search Domain Scan URL

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: http://yandex.ru/cy?base=0&host=tomovl.ru

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://www.google.com/coop/cse/brand?form=cse-search-box&lang=ru HTTP 301
https://www.gstatic.com/prose/brandjs.js

Request Chain 11

http://www.translate.ru/App_Themes/Default/promt_transl.css HTTP 301
https://www.translate.ru/App_Themes/Default/promt_transl.css

Request Chain 15

http://www.yandex.ru/cycounter?tomovl.ru HTTP 302
https://www.yandex.ru/cycounter?tomovl.ru

Request Chain 17

http://counter.rambler.ru/top100.jcn?1230048 HTTP 307
https://counter.rambler.ru/top100.jcn?1230048

Request Chain 26

http://d1.c8.b8.a0.top.mail.ru/counter?id=557334;t=53;js=13;r=;j=false;s=1600*1200;d=24;rand=0.6623244374601522 HTTP 302
https://top-fwz1.mail.ru/counter?id=557334;t=53;js=13;r=;j=false;s=1600*1200;d=24;rand=0.6623244374601522 HTTP 302
https://top-fwz1.mail.ru/counter2?id=557334;t=53;js=13;r=;j=false;s=1600*1200;d=24;rand=0.6623244374601522

Request Chain 28

http://counter.yadro.ru/hit?t38.6;r;s1600*1200*24;uhttp%3A//tomovl.ru/;0.4887099236166004 HTTP 302
https://counter.yadro.ru/hit?t38.6;r;s1600*1200*24;uhttp%3A//tomovl.ru/;0.4887099236166004 HTTP 302
https://counter.yadro.ru/hit?q;t38.6;r;s1600*1200*24;uhttp%3A//tomovl.ru/;0.4887099236166004

Request Chain 36

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 38

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=699239789&utmhn=tomovl.ru&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D1%8B%20%D0%98%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8.%20%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9B%D0%B5%D0%BE%D0%BD%D0%B8%D0%B4%D0%B0%20%D0%A2%D0%BE%D0%BC%D0%BE%D0%B2%D0%B0.%20%D0%9F%D1%80%D0%B8%D1%80%D0%BE%D0%B4%D0%B0%20%D0%B8%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D1%8F%20%D0%9A%D0%BE%D0%BC%D0%B8.&utmhid=1378862998&utmr=-&utmp=%2F&utmht=1677442554470&utmac=UA-8577728-1&utmcc=__utma%3D180340513.112705650.1677442554.1677442554.1677442554.1%3B%2B__utmz%3D180340513.1677442554.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=238870327&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAQAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=699239789&utmhn=tomovl.ru&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D1%8B%20%D0%98%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8.%20%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9B%D0%B5%D0%BE%D0%BD%D0%B8%D0%B4%D0%B0%20%D0%A2%D0%BE%D0%BC%D0%BE%D0%B2%D0%B0.%20%D0%9F%D1%80%D0%B8%D1%80%D0%BE%D0%B4%D0%B0%20%D0%B8%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D1%8F%20%D0%9A%D0%BE%D0%BC%D0%B8.&utmhid=1378862998&utmr=-&utmp=%2F&utmht=1677442554470&utmac=UA-8577728-1&utmcc=__utma%3D180340513.112705650.1677442554.1677442554.1677442554.1%3B%2B__utmz%3D180340513.1677442554.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=238870327&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAQAAAAE~

Request Chain 146

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHFSsCNa6KnFaCV57d50OXU&google_cver=1

Request Chain 147

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y-u9-VHcSf9USX9cdxj2fAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHFSsCNa6KnFaCV57d50OXU&google_cver=1

Request Chain 148

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEF0AT1h45WEXv9IQh415gJg&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEF0AT1h45WEXv9IQh415gJg%26google_cver%3D1

Request Chain 149

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY4OTgwMTI5NjAxMTEwMDEw

Request Chain 151

https://ad.turn.com/r/cs?pid=3&google_gid=CAESELNGzdN9kADE0tFbBQDmfDw&google_cver=1&google_push=Aa02lx8ZwyA7R2FU0F_NvZZRo3TTf23SQmmeLjdKLzCEZsuKTcEtTgCRRKp6fmNLIeSSLkHRfk1z8-1fArJ8GAvZPgP1IG3Qx_4Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjcwNzk5MTU3NDM1MjgwMjAzMQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELNGzdN9kADE0tFbBQDmfDw&google_cver=1

Request Chain 153

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPi51QADm6xKFZFydIgJT7M&google_cver=1&google_push=Aa02lx_9Z67O-bhUaqgIDSK3UsLlyc3mtXUkbJtKIr-ofl3BZ0rRK3nOu0zfdqHlfkDJNpfzcMZz00ukCGoJqzuVo9kY-3J8rrd3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_9Z67O-bhUaqgIDSK3UsLlyc3mtXUkbJtKIr-ofl3BZ0rRK3nOu0zfdqHlfkDJNpfzcMZz00ukCGoJqzuVo9kY-3J8rrd3

Request Chain 154

https://a.tribalfusion.com/i.match?p=b6&u=CAESEHIf2Omd50SqSSUj9BeRmsM&google_cver=1&google_push=Aa02lx_aP7PWrfYO8UK9Q8Ikz0lBEyiNa1hLulA_-NlREozAX71AZBcE29joijSM8icyfhWmIUATJcV1T866GDKmUq6_TvoxpGSbQg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_aP7PWrfYO8UK9Q8Ikz0lBEyiNa1hLulA_-NlREozAX71AZBcE29joijSM8icyfhWmIUATJcV1T866GDKmUq6_TvoxpGSbQg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHIf2Omd50SqSSUj9BeRmsM&google_cver=1&google_push=Aa02lx_aP7PWrfYO8UK9Q8Ikz0lBEyiNa1hLulA_-NlREozAX71AZBcE29joijSM8icyfhWmIUATJcV1T866GDKmUq6_TvoxpGSbQg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_aP7PWrfYO8UK9Q8Ikz0lBEyiNa1hLulA_-NlREozAX71AZBcE29joijSM8icyfhWmIUATJcV1T866GDKmUq6_TvoxpGSbQg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 155

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEMyIi6eXHPo1yoVgTjg0O2U&google_cver=1&google_push=Aa02lx8fVKkkXroTfT2KcXAfct0vRW42wgm-UnGznuYiVSmrzAURYmk2CXZmQcUoWzriu36FT8XH6lG08qaIgr1a4sBE_H_L8wnS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=Aa02lx8fVKkkXroTfT2KcXAfct0vRW42wgm-UnGznuYiVSmrzAURYmk2CXZmQcUoWzriu36FT8XH6lG08qaIgr1a4sBE_H_L8wnS&google_hm=gIa8NIG-SuuevVbXWInC6IQ

Request Chain 156

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBo9XpPSBQ_PR7B7p2s4KTQ&google_cver=1&google_push=Aa02lx9-ht8WMYXi8lDzkbAQHthmdmgc4pu_WY_AgbWjw0T3wnwpmWzrFYzml8hdenlQZfr9-gRkDQpo_rQYpsgLnBSDnS85dgcFrA HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBo9XpPSBQ_PR7B7p2s4KTQ&google_cver=1&google_push=Aa02lx9-ht8WMYXi8lDzkbAQHthmdmgc4pu_WY_AgbWjw0T3wnwpmWzrFYzml8hdenlQZfr9-gRkDQpo_rQYpsgLnBSDnS85dgcFrA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9-ht8WMYXi8lDzkbAQHthmdmgc4pu_WY_AgbWjw0T3wnwpmWzrFYzml8hdenlQZfr9-gRkDQpo_rQYpsgLnBSDnS85dgcFrA&google_hm=0kBZr1c1SsiKA7nySyktdQ==

Request Chain 157

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECA6GsFduV5ygYZjMzd0LLM&google_cver=1&google_push=Aa02lx_oNlkkvTQhFAxIajhxAMXtzyA6TtKu7dUZs52yxbHoVDyHTpzz6ykXVRu974YjU_4NT7UJufEqz82B1eUpU9_CexC42-M9zQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx_oNlkkvTQhFAxIajhxAMXtzyA6TtKu7dUZs52yxbHoVDyHTpzz6ykXVRu974YjU_4NT7UJufEqz82B1eUpU9_CexC42-M9zQ HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 159

https://ad.turn.com/r/cs?pid=3&google_gid=CAESELNGzdN9kADE0tFbBQDmfDw&google_cver=1&google_push=Aa02lx_IGYmKaN3dS6EQF9j7B6thmLCdXVWGpv_byAKZcF-bNx47vimt7SP6dFh1fbwj-hdhGC9sBweb5L8olBo_zJy2fuGbiuR4Z9g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjYzNTkzMzk4MDMxNDg3NDA5NQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELNGzdN9kADE0tFbBQDmfDw&google_cver=1

Request Chain 162

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPi51QADm6xKFZFydIgJT7M&google_cver=1&google_push=Aa02lx-blQhEfl98ghPqHyZjZ3DD4ZvtagXGQG3k0oek3JezXToAvbEtH-e8FwpEOPF9O7WrQenpPuSCUJ0w5orOmWveJx8YIX19Uak HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-blQhEfl98ghPqHyZjZ3DD4ZvtagXGQG3k0oek3JezXToAvbEtH-e8FwpEOPF9O7WrQenpPuSCUJ0w5orOmWveJx8YIX19Uak

Request Chain 163

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEMyIi6eXHPo1yoVgTjg0O2U&google_cver=1&google_push=Aa02lx8e_QSq2HUCGssfRMlREE4YkHKmSmgWVaWO7f3x3UCyXwLOY2EsHnkLJV5nYD1RnEJTLvs6QO1IKyGTOFP2j5h0YEYFTieEdw0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=Aa02lx8e_QSq2HUCGssfRMlREE4YkHKmSmgWVaWO7f3x3UCyXwLOY2EsHnkLJV5nYD1RnEJTLvs6QO1IKyGTOFP2j5h0YEYFTieEdw0&google_hm=E3pcX3HiRLuI1q-tFt3b7IQ

Request Chain 164

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBo9XpPSBQ_PR7B7p2s4KTQ&google_cver=1&google_push=Aa02lx8cpDSyeVP63gHXtbQFvIreHvy7PGnLZf8yNYD8dPvgD5vNTeiZ-Q-vmMqjmwPtg_0Ak_4G6ZYLHYVpnnlZDNfP3t8mHTWfdv8 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBo9XpPSBQ_PR7B7p2s4KTQ&google_cver=1&google_push=Aa02lx8cpDSyeVP63gHXtbQFvIreHvy7PGnLZf8yNYD8dPvgD5vNTeiZ-Q-vmMqjmwPtg_0Ak_4G6ZYLHYVpnnlZDNfP3t8mHTWfdv8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx8cpDSyeVP63gHXtbQFvIreHvy7PGnLZf8yNYD8dPvgD5vNTeiZ-Q-vmMqjmwPtg_0Ak_4G6ZYLHYVpnnlZDNfP3t8mHTWfdv8&google_hm=b_KyGokITcasyIGm3N65iw==

Request Chain 165

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEYcx_vooYwL8azk3zpqEEQ&google_cver=1&google_push=Aa02lx_x6O6g_FGQMR0RD5JrUv2wj0-Pj3KrS1kGfYfjpKeLKSEtmVtnFwFNcCHHD2e5YUuedZ5MvBunGv8UieiV_XIpKxyZRdQBFA HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEYcx_vooYwL8azk3zpqEEQ&google_cver=1&google_push=Aa02lx_x6O6g_FGQMR0RD5JrUv2wj0-Pj3KrS1kGfYfjpKeLKSEtmVtnFwFNcCHHD2e5YUuedZ5MvBunGv8UieiV_XIpKxyZRdQBFA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTA0NjU2MDUyMzI5NTI0NTE3Mw&google_push=Aa02lx_x6O6g_FGQMR0RD5JrUv2wj0-Pj3KrS1kGfYfjpKeLKSEtmVtnFwFNcCHHD2e5YUuedZ5MvBunGv8UieiV_XIpKxyZRdQBFA

167 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
tomovl.ru/ 61 KB
18 KB 571ms
48ms Document
text/html 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to

Full URL: http://tomovl.ru/
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: 95db653da5f6f9f12916173fdb139aaac0810118bd91139c07f9555b68745489

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 26 Feb 2023 20:15:53 GMT
Server: openresty
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK verx_pravyu_banner_p.gif
tomovl.ru/images/ 437 B
672 B 45ms
45ms Image
image/gif 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/verx_pravyu_banner_p.gif
Requested by: Host: tomovl.ru
URL: http://tomovl.ru/
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: d898033d8910149c3f11ca9adff9e0c0da00b5fd33af3e44064b1a1591cf040b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:53 GMT
Last-Modified: Sat, 29 Dec 2012 13:40:23 GMT
Server: openresty
ETag: "50def2c7-1b5"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 437

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 99 KB
36 KB 57ms
51ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: tomovl.ru
URL: http://tomovl.ru/

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f063882869b6ccb71a081601c8660bb0713d2d337c223942f2cc5ad4e6752a53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 14988288354104094554
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 35932
X-XSS-Protection: 0
Expires: Sun, 26 Feb 2023 20:15:53 GMT

GET
H/1.1 200
OK chapka.gif
tomovl.ru/images/ 3 KB
3 KB 45ms
42ms Image
image/gif 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/chapka.gif
Requested by: Host: tomovl.ru
URL: http://tomovl.ru/
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: 246a708a3f728535719fa61f7229afa4f6024ab8d09c67d7906902ce017ebd1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:53 GMT
Last-Modified: Thu, 23 Feb 2012 00:54:49 GMT
Server: openresty
ETag: "4f458e59-c70"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3184

GET
H/1.1 200
OK prozra.gif
tomovl.ru/images/ 49 B
282 B 80ms
40ms Image
image/gif 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/prozra.gif
Requested by: Host: tomovl.ru
URL: http://tomovl.ru/
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:54 GMT
Last-Modified: Wed, 17 Mar 2010 15:20:00 GMT
Server: openresty
ETag: "4ba0f320-31"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49

GET
H2

200

brandjs.js Show response
www.gstatic.com/prose/
Redirect Chain

http://www.google.com/coop/cse/brand?form=cse-search-box&lang=ru
https://www.gstatic.com/prose/brandjs.js

14 KB
6 KB

30ms
8ms

Script
text/javascript

2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/prose/brandjs.js

Requested by

Host: tomovl.ru
URL: http://tomovl.ru/

Protocol

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 18:11:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5807
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 15:14:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Mon, 27 Feb 2023 18:11:48 GMT

Redirect headers

Date: Sun, 26 Feb 2023 20:02:58 GMT
X-Content-Type-Options: nosniff
Server: sffe
Age: 775
Content-Type: text/html; charset=UTF-8
Location: https://www.gstatic.com/prose/brandjs.js
Cache-Control: public, max-age=1800
Content-Length: 237
X-XSS-Protection: 0
Expires: Sun, 26 Feb 2023 20:32:58 GMT

GET
H/1.1 200
OK komi_0.gif
tomovl.ru/images/ 387 B
622 B 87ms
42ms Image
image/gif 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/komi_0.gif
Requested by: Host: tomovl.ru
URL: http://tomovl.ru/
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: d1406c6bb5d4abd04fd6aed26ffae6fa80646d37fa39c8e2d8aefa549b095d9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:54 GMT
Last-Modified: Wed, 17 Mar 2010 15:19:00 GMT
Server: openresty
ETag: "4ba0f2e4-183"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 387

GET
H/1.1 200
OK komi.gif
tomovl.ru/images/ 9 KB
9 KB 89ms
44ms Image
image/gif 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/komi.gif
Requested by: Host: tomovl.ru
URL: http://tomovl.ru/
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: d615794db5b7f748f8f0bd791358c0bfa209d08f225ca508f85c096fbe7e9e6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:54 GMT
Last-Modified: Wed, 17 Mar 2010 15:19:00 GMT
Server: openresty
ETag: "4ba0f2e4-2323"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8995

GET
H/1.1 200
OK syktyvkar0088.jpg
tomovl.ru/images/ 6 KB
7 KB 91ms
45ms Image
image/jpeg 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/syktyvkar0088.jpg
Requested by: Host: tomovl.ru
URL: http://tomovl.ru/
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: 9caa515b5db246102b0c0c032412af5597502959c5aba329431b8f19870efc0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:54 GMT
Last-Modified: Wed, 17 Mar 2010 15:20:20 GMT
Server: openresty
ETag: "4ba0f334-1913"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6419

GET
H/1.1 200
OK fon.gif
tomovl.ru/images/ 789 B
1 KB 49ms
46ms Image
image/gif 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/fon.gif
Requested by: Host: tomovl.ru
URL: http://tomovl.ru/
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: 4bada45d6d0bde61a8a829f491881ceefb14c569f30da6f7971b355204e869d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:54 GMT
Last-Modified: Wed, 17 Mar 2010 15:18:24 GMT
Server: openresty
ETag: "4ba0f2c0-315"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 789

GET
H/1.1 200
OK marker027.gif
tomovl.ru/images/ 97 B
330 B 45ms
44ms Image
image/gif 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/marker027.gif
Requested by: Host: tomovl.ru
URL: http://tomovl.ru/
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: b98aa71b757c146f181b798bcb8df45190bf5c8a6604f71c50ab470c9246dc66

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:54 GMT
Last-Modified: Wed, 17 Mar 2010 15:19:14 GMT
Server: openresty
ETag: "4ba0f2f2-61"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 97

GET
H/1.1 200
OK marker.gif
tomovl.ru/images/ 101 B
335 B 40ms
39ms Image
image/gif 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/marker.gif
Requested by: Host: tomovl.ru
URL: http://tomovl.ru/
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: fd6eae323e7aedddd74ed7b76319dc6999a86e0e9170ade28c887bcf9b0063b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:54 GMT
Last-Modified: Tue, 21 Feb 2012 04:15:44 GMT
Server: openresty
ETag: "4f431a70-65"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 101

GET
H2

404

promt_transl.css
www.translate.ru/App_Themes/Default/
Redirect Chain

http://www.translate.ru/App_Themes/Default/promt_transl.css
https://www.translate.ru/App_Themes/Default/promt_transl.css

0
0

47ms
17ms

Stylesheet
text/html

141.95.147.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.translate.ru/App_Themes/Default/promt_transl.css
Requested by: Host: tomovl.ru
URL: http://tomovl.ru/
Protocol: H2
Server: 141.95.147.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3213586.ip-141-95-147.eu
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Redirect headers

Location: https://www.translate.ru/App_Themes/Default/promt_transl.css
Date: Sun, 26 Feb 2023 20:15:54 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=20
Content-Length: 162
Content-Type: text/html

GET
H/1.1 200
OK prozra2.gif
tomovl.ru/images/ 45 B
278 B 53ms
53ms Image
image/gif 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/prozra2.gif
Requested by: Host: tomovl.ru
URL: http://tomovl.ru/
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: 07445ff60f0a3cb761a2342d0b83604e328f609f096b81a0728f7d81ee58a1f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:54 GMT
Last-Modified: Wed, 17 Mar 2010 15:20:00 GMT
Server: openresty
ETag: "4ba0f320-2d"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 45

GET
H/1.1 200
OK fonn.jpg
tomovl.ru/images/ 555 B
791 B 45ms
45ms Image
image/jpeg 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/fonn.jpg
Requested by: Host: tomovl.ru
URL: http://tomovl.ru/
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: 8395ed638bdee890040856d2713be31d39911b72ed1973b13c9d13806b7c4af5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:54 GMT
Last-Modified: Wed, 17 Mar 2010 15:18:26 GMT
Server: openresty
ETag: "4ba0f2c2-22b"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 555

GET
H/1.1 200
OK banner-88x31-rambler-darkblue2.gif
top100-images.rambler.ru/top100/ 950 B
1 KB 142ms
47ms Image
image/gif 81.19.89.1
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://top100-images.rambler.ru/top100/banner-88x31-rambler-darkblue2.gif
Requested by: Host: tomovl.ru
URL: http://tomovl.ru/
Protocol: HTTP/1.1
Server: 81.19.89.1 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: top100.rambler.ru
Software: nginx /
Resource Hash: 7627e9cb7246cb72b4e386eae36497ab07ea6df3fcfb04681d958e62ba59dbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:54 GMT
Last-Modified: Wed, 02 Feb 2022 05:30:04 GMT
Server: nginx
x-amz-request-id: tx00000000000001aa57ddd-0063fbbc32-783970ff-default
ETag: "78ecf9f0b85511d82f0b0d2d28b45cb1"
Content-Type: image/gif
P3P: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
x-rgw-object-type: Normal
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=40
Content-Length: 950

GET
H2

200

cycounter
www.yandex.ru/
Redirect Chain

http://www.yandex.ru/cycounter?tomovl.ru
https://www.yandex.ru/cycounter?tomovl.ru

1 KB
2 KB

166ms
59ms

Image
image/png

2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.yandex.ru/cycounter?tomovl.ru

Requested by

Host: tomovl.ru
URL: http://tomovl.ru/

Protocol

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

51407eb068a051c1910a368920d4f4736465d43a5f108948881baafb2223086e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Thu, 23 Feb 2023 08:33:55 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1677442554200950-12255168447987587606-sas2-0565-5f1-sas-l7-balancer-8080-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: image/png
x-xss-protection: 1; mode=block
expires: Thu, 09 Mar 2023 08:33:55 GMT

Redirect headers

X-Content-Type-Options: nosniff
NEL: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
Accept-CH: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
X-Yandex-Req-Id: 1677442554036449-3898907575781149261-vla1-4683-vla-l7-balancer-8080-BAL
Report-To: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
Location: https://www.yandex.ru/cycounter?tomovl.ru
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK butterfly.gif
tomovl.ru/images/ 7 KB
7 KB 46ms
46ms Image
image/gif 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/butterfly.gif
Requested by: Host: tomovl.ru
URL: http://tomovl.ru/
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: 605a577ce3ca37a29c4e3ce5714654baf0af9fb0d92775561f06a32c43257d92

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:54 GMT
Last-Modified: Wed, 17 Mar 2010 15:17:45 GMT
Server: openresty
ETag: "4ba0f299-1abd"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6845

GET
H2

200

top100.jcn Show response
counter.rambler.ru/
Redirect Chain

http://counter.rambler.ru/top100.jcn?1230048
https://counter.rambler.ru/top100.jcn?1230048

102 KB
102 KB

193ms
98ms

Script
application/javascript

81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.rambler.ru/top100.jcn?1230048
Requested by: Host: tomovl.ru
URL: http://tomovl.ru/
Protocol: H2
Server: 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: 62e173614a753fa54f2bceff8f2ecf868e0567984e5877b4c789bcac18d03988

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: application/octet-stream, application/javascript
date: Sun, 26 Feb 2023 20:15:54 GMT
server: nginx/1.19.4
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"

Redirect headers

Date: Sun, 26 Feb 2023 20:15:54 GMT
Server: nginx/1.19.4
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Location: https://counter.rambler.ru/top100.jcn?1230048
P3P: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Content-Length: 171

GET
H/1.1 200
OK chapka2.gif
tomovl.ru/images/ 3 KB
3 KB 45ms
45ms Image
image/gif 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/chapka2.gif
Requested by: Host: tomovl.ru
URL: http://tomovl.ru/
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: 523a762a2e0f2f38da68673442e1f2101cd4e62f8a6309313a0b04b6ba42889e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:54 GMT
Last-Modified: Thu, 23 Feb 2012 00:54:49 GMT
Server: openresty
ETag: "4f458e59-c38"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3128

GET
H/1.1 200
OK marker2.gif
tomovl.ru/images/ 727 B
962 B 46ms
46ms Image
image/gif 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/marker2.gif
Requested by: Host: tomovl.ru
URL: http://tomovl.ru/
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: b3cb29a8eda26f3e359882e0ca26fb5a9bd853a665f734398b18adfd67deadb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:54 GMT
Last-Modified: Wed, 17 Mar 2010 15:19:15 GMT
Server: openresty
ETag: "4ba0f2f3-2d7"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 727

GET
H/1.1 200
OK background.jpg
tomovl.ru/images/ 994 B
1 KB 70ms
45ms Image
image/jpeg 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/background.jpg
Requested by: Host: tomovl.ru
URL: http://tomovl.ru/
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: ed5cd04f9084bbb3748bade55d29d3904653211c5570598a3c973f7aeea4cba9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:54 GMT
Last-Modified: Wed, 17 Mar 2010 15:17:43 GMT
Server: openresty
ETag: "4ba0f297-3e2"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 994

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/ 366 KB
121 KB 97ms
74ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0940496935639317&plah=tomovl.ru&bust=31072440

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3cbc92b67087ed9141a3c50762fa0e426492e6b042607f8af5606969ee2160b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 20:15:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123271
x-xss-protection: 0
server: cafe
etag: 12457737192095306923
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 26 Feb 2023 20:15:54 GMT

GET
H/1.1 200
OK fon14.jpg
tomovl.ru/images/ 5 KB
5 KB 84ms
78ms Image
image/jpeg 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/fon14.jpg
Requested by: Host: tomovl.ru
URL: http://tomovl.ru/
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: 109212df25a909956bddefd27408d87d863d929667168d2aeb91d48c956af626

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:54 GMT
Last-Modified: Tue, 21 Feb 2012 04:15:42 GMT
Server: openresty
ETag: "4f431a6e-1278"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4728

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/ru/ 1 KB
2 KB 88ms
22ms Image
image/png 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/ru/branding.png

Requested by

Host: tomovl.ru
URL: http://tomovl.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cdb4dd08ba584cdf21b63932a8834d79969701403ef62afb63f0c6f436e6c0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 15:29:00 GMT
x-content-type-options: nosniff
age: 276414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1377
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 23 Feb 2024 15:29:00 GMT

GET
H/1.1 200
OK fon7.jpg
tomovl.ru/images/ 5 KB
5 KB 60ms
41ms Image
image/jpeg 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/fon7.jpg
Requested by: Host: tomovl.ru
URL: http://tomovl.ru/
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: b66c4541d058a2005ca27becc4eef3ad8402fa18bb8792549c9e7436e42b8392

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:54 GMT
Last-Modified: Tue, 21 Feb 2012 04:15:43 GMT
Server: openresty
ETag: "4f431a6f-1228"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4648

GET
H/1.1 200
OK fon10.jpg
tomovl.ru/images/ 5 KB
5 KB 68ms
51ms Image
image/jpeg 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/fon10.jpg
Requested by: Host: tomovl.ru
URL: http://tomovl.ru/
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: bcb8e9667fee5c5c7234c9dd4c1d013347f1a71301a4d531c5e9708eb5e1c7ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:54 GMT
Last-Modified: Tue, 21 Feb 2012 04:15:43 GMT
Server: openresty
ETag: "4f431a6f-1223"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4643

GET
H2

200

counter2
top-fwz1.mail.ru/
Redirect Chain

http://d1.c8.b8.a0.top.mail.ru/counter?id=557334;t=53;js=13;r=;j=false;s=1600*1200;d=24;rand=0.6623244374601522
https://top-fwz1.mail.ru/counter?id=557334;t=53;js=13;r=;j=false;s=1600*1200;d=24;rand=0.6623244374601522
https://top-fwz1.mail.ru/counter2?id=557334;t=53;js=13;r=;j=false;s=1600*1200;d=24;rand=0.6623244374601522

549 B
1 KB

48ms
47ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter2?id=557334;t=53;js=13;r=;j=false;s=1600*1200;d=24;rand=0.6623244374601522

Requested by

Host: tomovl.ru
URL: http://tomovl.ru/

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

55a10e0744127dab3fe0bc5861569205a5c3854b77613ca6df25932477374ca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 20:15:54 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 549
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

date: Sun, 26 Feb 2023 20:15:54 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 0
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
accept-ch-lifetime: 86400
location: https://top-fwz1.mail.ru/counter2?id=557334;t=53;js=13;r=;j=false;s=1600*1200;d=24;rand=0.6623244374601522
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 404
Not Found count
hit24.hotlog.ru/cgi-bin/hotlog/ 0
0 226ms
51ms Image
text/plain 89.208.236.251
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hit24.hotlog.ru/cgi-bin/hotlog/count?0.17588335701911095&s=466520&im=33&r=&pg=http%3A//tomovl.ru/&c=Y&j=N&wh=1600x1200&px=24&js=1.3&
Requested by: Host: tomovl.ru
URL: http://tomovl.ru/
Protocol: HTTP/1.1
Server: 89.208.236.251 Reutov, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?t38.6;r;s1600*1200*24;uhttp%3A//tomovl.ru/;0.4887099236166004
https://counter.yadro.ru/hit?t38.6;r;s1600*1200*24;uhttp%3A//tomovl.ru/;0.4887099236166004
https://counter.yadro.ru/hit?q;t38.6;r;s1600*1200*24;uhttp%3A//tomovl.ru/;0.4887099236166004

445 B
931 B

47ms
47ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t38.6;r;s1600*1200*24;uhttp%3A//tomovl.ru/;0.4887099236166004

Requested by

Host: tomovl.ru
URL: http://tomovl.ru/

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

3e13369e5c528a4598007330a7d572dadd181e268d0cf87ba7b62fd7668597f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Feb 2023 20:15:54 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 445
Expires: Fri, 25 Feb 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 26 Feb 2023 20:15:54 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t38.6;r;s1600*1200*24;uhttp%3A//tomovl.ru/;0.4887099236166004
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Fri, 25 Feb 2022 21:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
601 B 118ms
47ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=tomovl.ru&callback=_gfp_s_&client=ca-pub-0940496935639317

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0940496935639317&plah=tomovl.ru&bust=31072440

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d7f54ff45ad4a33437a8d5fe6ade75b855e6f74c5048961cbd2544f10bf24df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 20:15:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 42ms
19ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tomovl.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 20:15:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 111ms
44ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tomovl.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 20:15:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A865 101 KB
34 KB 465ms
443ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0940496935639317&output=html&h=600&slotname=6141929750&adk=4266690709&adf=2258814340&pi=t.ma~as.6141929750&w=160&lmt=1677442554&url=http%3A%2F%2Ftomovl.ru%2F&wgl=1&dt=1677442554010&bpp=11&bdt=74&idt=237&shv=r20230222&mjsv=m202302140101&ptt=5&saldr=sa&abxe=1&correlator=1584292899845&frm=20&pv=2&ga_vid=112705650.1677442554&ga_sid=1677442554&ga_hid=1378862998&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=781&ady=187&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759927%2C44759876%2C44759837%2C31072436%2C31072440&oid=2&pvsid=3969579687426660&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaE%7C&abl=NA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=IdhahcFKjf&p=http%3A//tomovl.ru&dtd=258

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b756a0698ba982c931f30408cd7ce52cbeb839a9d97033e1527bd8a9d71b650a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://tomovl.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34605
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 20:15:54 GMT
expires: Sun, 26 Feb 2023 20:15:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EE8F 603 B
534 B 43ms
31ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0940496935639317&output=html&h=15&slotname=6299305035&adk=2938491785&adf=79915431&pi=t.ma~as.6299305035&w=728&lmt=1677442554&url=http%3A%2F%2Ftomovl.ru%2F&wgl=1&dt=1677442554023&bpp=3&bdt=87&idt=253&shv=r20230222&mjsv=m202302140101&ptt=5&saldr=sa&abxe=1&prev_slotnames=6141929750&correlator=1584292899845&frm=20&pv=1&ga_vid=112705650.1677442554&ga_sid=1677442554&ga_hid=1378862998&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=10&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759927%2C44759876%2C44759837%2C31072436%2C31072440&oid=2&pvsid=3969579687426660&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaEe%7C&abl=NA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=a3D2v6UWXb&p=http%3A//tomovl.ru&dtd=256

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://tomovl.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 20:15:54 GMT
expires: Sun, 26 Feb 2023 20:15:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 651C 93 KB
33 KB 677ms
672ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0940496935639317&output=html&h=280&slotname=3069855689&adk=168988542&adf=2787348630&pi=t.ma~as.3069855689&w=336&lmt=1677442554&url=http%3A%2F%2Ftomovl.ru%2F&wgl=1&dt=1677442554223&bpp=5&bdt=287&idt=59&shv=r20230222&mjsv=m202302140101&ptt=5&saldr=sa&abxe=1&prev_slotnames=6141929750%2C6299305035&correlator=1584292899845&frm=20&pv=1&ga_vid=112705650.1677442554&ga_sid=1677442554&ga_hid=1378862998&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=332&ady=961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759927%2C44759876%2C44759837%2C31072436%2C31072440&oid=2&pvsid=3969579687426660&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CaEe%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=dHKxgRolGN&p=http%3A//tomovl.ru&dtd=62

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53625dc9abafe6198e9a4d0d5df429f4c73a072a6ecba60217aa8875bafba5e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://tomovl.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34076
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 20:15:54 GMT
expires: Sun, 26 Feb 2023 20:15:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
kraken.rambler.ru/cnt/ 43 B
487 B 97ms
50ms Image
image/gif 81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/?et=pv&v=3.13.9i&pid=1230048&tid=t1.1230048.1017430967.1677442554354&rid=1677442554.355-1975695111&fid=pA8AAENKs1d8KXiEAe6fhAA%3D&eid=781525543573853&aduid=2ab358ab-22ab-4640-80b4-82300bead0ac&aduidsc=tomovl.ru&stid=978916524_1677442554355&sn=1&sen=1&ce=1&bs=1600x1200&rf&en=windows-1251&pt=%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D1%8B%20%D0%98%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8.%20%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9B%D0%B5%D0%BE%D0%BD%D0%B8%D0%B4%D0%B0%20%D0%A2%D0%BE%D0%BC%D0%BE%D0%B2%D0%B0.%20%D0%9F%D1%80%D0%B8%D1%80%D0%BE%D0%B4%D0%B0%20%D0%B8%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D1%8F%20%D0%9A%D0%BE%D0%BC%D0%B8.&sr=1600x1200&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Win32&tz=0&le=1&ct=web&url=http%3A%2F%2Ftomovl.ru%2F&lv&exp=%5B%5B%22exp_bot%22%2C%22split_a%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=398581951
Requested by: Host: tomovl.ru
URL: http://tomovl.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 20:15:54 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
x-srv: 2kraken-prod0003.ad.rambler.tech
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif, image/gif
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

92ms
23ms

Script
text/javascript

2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: tomovl.ru
URL: http://tomovl.ru/

Protocol

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 26 Feb 2023 19:47:20 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1714
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Sun, 26 Feb 2023 21:47:20 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 /
kraken.rambler.ru/cnt/v2/ 43 B
487 B 47ms
47ms Image
image/gif 81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=1230048&session_id=978916524_1677442554355&session_number=1&session_event_number=1&version=3.13.9i&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_a%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.1230048.1017430967.1677442554354&adtech_uid=2ab358ab-22ab-4640-80b4-82300bead0ac&adtech_uid_scope=tomovl.ru&fingerprint=pA8AAENKs1d8KXiEAe6fhAA%3D&url=http%3A%2F%2Ftomovl.ru%2F&request_id=1677442554.355-1975695111&event_id=781525543573853&meta=%7B%22title%22%3A%22%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D1%8B%20%D0%98%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8.%20%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9B%D0%B5%D0%BE%D0%BD%D0%B8%D0%B4%D0%B0%20%D0%A2%D0%BE%D0%BC%D0%BE%D0%B2%D0%B0.%20%D0%9F%D1%80%D0%B8%D1%80%D0%BE%D0%B4%D0%B0%20%D0%B8%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D1%8F%20%D0%9A%D0%BE%D0%BC%D0%B8.%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221600x1200%22%2C%22browser_size%22%3A%221600x1200%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Win32%22%2C%22timezone%22%3A%220%22%7D&rn=2134736000
Requested by: Host: tomovl.ru
URL: http://tomovl.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 20:15:54 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
x-srv: 2kraken-prod0003.ad.rambler.tech
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif, image/gif
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=699239789&utmhn=tomovl.ru&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%A...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=699239789&utmhn=tomovl.ru&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%...

35 B
197 B

45ms
45ms

Image
image/gif

2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=699239789&utmhn=tomovl.ru&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D1%8B%20%D0%98%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8.%20%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9B%D0%B5%D0%BE%D0%BD%D0%B8%D0%B4%D0%B0%20%D0%A2%D0%BE%D0%BC%D0%BE%D0%B2%D0%B0.%20%D0%9F%D1%80%D0%B8%D1%80%D0%BE%D0%B4%D0%B0%20%D0%B8%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D1%8F%20%D0%9A%D0%BE%D0%BC%D0%B8.&utmhid=1378862998&utmr=-&utmp=%2F&utmht=1677442554470&utmac=UA-8577728-1&utmcc=__utma%3D180340513.112705650.1677442554.1677442554.1677442554.1%3B%2B__utmz%3D180340513.1677442554.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=238870327&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAQAAAAE~

Requested by

Host: tomovl.ru
URL: http://tomovl.ru/

Protocol

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 20:15:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=699239789&utmhn=tomovl.ru&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D1%8B%20%D0%98%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8.%20%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9B%D0%B5%D0%BE%D0%BD%D0%B8%D0%B4%D0%B0%20%D0%A2%D0%BE%D0%BC%D0%BE%D0%B2%D0%B0.%20%D0%9F%D1%80%D0%B8%D1%80%D0%BE%D0%B4%D0%B0%20%D0%B8%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D1%8F%20%D0%9A%D0%BE%D0%BC%D0%B8.&utmhid=1378862998&utmr=-&utmp=%2F&utmht=1677442554470&utmac=UA-8577728-1&utmcc=__utma%3D180340513.112705650.1677442554.1677442554.1677442554.1%3B%2B__utmz%3D180340513.1677442554.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=238870327&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAQAAAAE~
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 css
fonts.googleapis.com/ Frame A865 8 KB
1 KB 121ms
49ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0940496935639317&output=html&h=600&slotname=6141929750&adk=4266690709&adf=2258814340&pi=t.ma~as.6141929750&w=160&lmt=1677442554&url=http%3A%2F%2Ftomovl.ru%2F&wgl=1&dt=1677442554010&bpp=11&bdt=74&idt=237&shv=r20230222&mjsv=m202302140101&ptt=5&saldr=sa&abxe=1&correlator=1584292899845&frm=20&pv=2&ga_vid=112705650.1677442554&ga_sid=1677442554&ga_hid=1378862998&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=781&ady=187&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759927%2C44759876%2C44759837%2C31072436%2C31072440&oid=2&pvsid=3969579687426660&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaE%7C&abl=NA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=IdhahcFKjf&p=http%3A//tomovl.ru&dtd=258

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 26 Feb 2023 20:15:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 26 Feb 2023 18:36:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Feb 2023 20:15:54 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame A865 2 KB
846 B 113ms
47ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 11:08:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32855
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 11:08:19 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame A865 22 KB
9 KB 88ms
22ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 11:00:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 11:00:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame A865 3 KB
1 KB 110ms
48ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 11:00:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 11:00:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame A865 20 KB
8 KB 112ms
46ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 11:00:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 11:00:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A865 158 KB
49 KB 105ms
82ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 20:15:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 26 Feb 2023 20:15:54 GMT

GET
H2 200 ed8ae2896763956dad3710d8730c1299.js Show response
www.gstatic.com/mysidia/ Frame A865 33 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ed8ae2896763956dad3710d8730c1299.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:01:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14007
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 21:21:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 27 May 2023 14:01:05 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame A865 0
0 51ms
50ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cgcf2-r37Y7OIE7rEmLAP2_aDiA_Zi-rsao-K5u3kD9vZHhABINfkuxBglQKgAc_F7PoCyAEJqQJcT_DlG1KSPqgDAcgDywSqBMMBT9AfagXldz3U0_LS7tYSCKUMsqTGOb9bcrFi55TJ9IVsV1mdiYaEfMQ2YG8t9Qg-6PyarQeuDw0sNN74k2xdQeqMB-Hv9ydw2cEKqJ8caAz-tCfvDDahJyZ0eRmWlAEcfu30RtAErex_1wo5i1regdEza6-3a0VoY9YL3CTN9JFTfqqHXMu4SS0220mhtR-hvZOr2acjmAeZfa-mLbP4GFnEPtDEzjpwGZf0Fo84yoRryIK2fNPpEZ12JaHhByPH_r7WwATJw7qivwOSBQQIBBgBkgUECAUYBKAGLoAHmbqThQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCn1A_SCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUB9AVAZgWAYAXAbIXHAoaCAASFHB1Yi0wOTQwNDk2OTM1NjM5MzE3GAA&sigh=c1ADXD7ZG88&uach_m=[UACH]&cid=CAQSGwDUE5ymsWTWQTfmOC8tXUQXxW426y0jZTzKqhgB&template_id=5000

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0940496935639317&output=html&h=600&slotname=6141929750&adk=4266690709&adf=2258814340&pi=t.ma~as.6141929750&w=160&lmt=1677442554&url=http%3A%2F%2Ftomovl.ru%2F&wgl=1&dt=1677442554010&bpp=11&bdt=74&idt=237&shv=r20230222&mjsv=m202302140101&ptt=5&saldr=sa&abxe=1&correlator=1584292899845&frm=20&pv=2&ga_vid=112705650.1677442554&ga_sid=1677442554&ga_hid=1378862998&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=781&ady=187&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759927%2C44759876%2C44759837%2C31072436%2C31072440&oid=2&pvsid=3969579687426660&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaE%7C&abl=NA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=IdhahcFKjf&p=http%3A//tomovl.ru&dtd=258
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 26 Feb 2023 20:15:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 26 Feb 2023 20:15:54 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/16576345974318723797/ Frame A865 5 KB
6 KB 107ms
48ms Image
image/jpeg 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16576345974318723797/14763004658117789537?w=195&h=102

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae837c647be3e7bbabd9cb8942bcf5032f33cecdb04c458523400179094b1773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 10:07:07 GMT
x-content-type-options: nosniff
age: 209327
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5310
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 13:02:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 24 Feb 2024 10:07:07 GMT

GET
DATA 200
OK truncated
/ Frame A865 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A865 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A865 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1943f297415551e3b9bfb317eb4b00fd40a5bd4a661360092d2cf50fb4c49ce1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame A865 28 KB
28 KB 88ms
22ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 16:20:09 GMT
x-content-type-options: nosniff
age: 359745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Feb 2024 16:20:09 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame A865 14 KB
14 KB 111ms
45ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15e749617a3856bfaa4d2cea0c50d88366d2b579841bd5a45bd2d34062babc51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:32:04 GMT
x-content-type-options: nosniff
age: 391430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14432
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:04:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Feb 2024 07:32:04 GMT

GET
H2 200 6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js Show response
pagead2.googlesyndication.com/bg/ Frame 3218 36 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8deb16eb44574c11f7fc262b3fb21c23016e46f1d8b8cc4e0184adc0c38d097

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 19:37:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2298
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14401
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 19:37:36 GMT

GET
H3 200 030db783cd93f01ccad1528166361a91.js Show response
www.gstatic.com/mysidia/ Frame 651C 9 KB
4 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/030db783cd93f01ccad1528166361a91.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0940496935639317&output=html&h=280&slotname=3069855689&adk=168988542&adf=2787348630&pi=t.ma~as.3069855689&w=336&lmt=1677442554&url=http%3A%2F%2Ftomovl.ru%2F&wgl=1&dt=1677442554223&bpp=5&bdt=287&idt=59&shv=r20230222&mjsv=m202302140101&ptt=5&saldr=sa&abxe=1&prev_slotnames=6141929750%2C6299305035&correlator=1584292899845&frm=20&pv=1&ga_vid=112705650.1677442554&ga_sid=1677442554&ga_hid=1378862998&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=332&ady=961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759927%2C44759876%2C44759837%2C31072436%2C31072440&oid=2&pvsid=3969579687426660&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CaEe%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=dHKxgRolGN&p=http%3A//tomovl.ru&dtd=62

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3deda25f1d4dacb2dcb6291e32e305b3390f6225a657f45ce798101dcfcb9865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4099
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 21:21:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 27 May 2023 14:02:07 GMT

GET
H3 200 96e6597bbe8feeef4b24492bd7546dfa.js Show response
www.gstatic.com/mysidia/ Frame 651C 18 KB
7 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/96e6597bbe8feeef4b24492bd7546dfa.js?tag=pingback

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eded262e09382cfeea00c85a3c7275601aefe6f5ed388acd844f6eaae755c424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 03:28:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 406036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7610
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 01:49:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 23 May 2023 03:28:38 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 651C 6 KB
768 B 49ms
47ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 26 Feb 2023 20:15:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 26 Feb 2023 18:40:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Feb 2023 20:15:55 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 651C 2 KB
804 B 22ms
22ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 11:08:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32856
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 11:08:19 GMT

GET
H3 200 2c96be29c806e6a30d72c34b34031cd2.js Show response
www.gstatic.com/mysidia/ Frame 651C 5 KB
2 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2c96be29c806e6a30d72c34b34031cd2.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

909e4f36928b8676e7947d125e90b8c2baee1afc6c0dead2ddc05a665811470a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 15:43:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 361942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2003
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 18:15:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 23 May 2023 15:43:32 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame 651C 22 KB
9 KB 24ms
22ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 11:00:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 11:00:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 651C 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 11:00:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 11:00:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 651C 20 KB
8 KB 26ms
24ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 11:00:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 11:00:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 651C 158 KB
48 KB 108ms
106ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 20:15:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 26 Feb 2023 20:15:55 GMT

GET
H3 200 ed8ae2896763956dad3710d8730c1299.js Show response
www.gstatic.com/mysidia/ Frame 651C 33 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ed8ae2896763956dad3710d8730c1299.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:01:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14007
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 21:21:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 27 May 2023 14:01:05 GMT

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/7947708662961148335/ Frame 651C 47 KB
48 KB 23ms
22ms Image
image/jpeg 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7947708662961148335/2076313506083323656

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d02edc01eacfb2e82a4b6b586e457eb9e1eb13c3bab2379d53a4c5bb0ad57497

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 21:38:37 GMT
x-content-type-options: nosniff
age: 81438
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48534
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 11:55:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 25 Feb 2024 21:38:37 GMT

GET
DATA 200
OK truncated
/ Frame 651C 220 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15bd50925667bd5e94a81241ee34d7c2880e52622736a3deb5db79dc790aec3c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 651C 0
0 54ms
53ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CrCiP-r37Y-CME5OU1wagh5II3P3w7G2DnYeBjxHb2R4QASDX5LsQYJX68IGMB6ABl5DhvwPIAQmoAwHIA8sEqgS_AU_QQ3WC8sYrioV5g40Zrki4qKOLOewRLVDV4o6CS4Ho-QVRtbIUPgv8GSJYXf1jQz-HAChg2xyVHnqXrKUbQQwKfrBX5vioZ-zZBwKpl5nVlD7JxYtu-dMVzFXz25Jq8PTDDt25Ncy7ohDuRhOSIbUvH_nadfk2k5n2GSaKHZnmOuVYf-L89cjvkpW0SLojGD8vAmU8kEJiwcVqKLg5omCXXsQxkn9TaxpyBJJsCFbgjiV99RLsd-cgWB2qM1O_wAT68ZSJkASSBQQIBBgBkgUECAUYBKAGLoAHlaXbR6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPbVB9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDNAVAYAXAbIXHAoaCAASFHB1Yi0wOTQwNDk2OTM1NjM5MzE3GAA&sigh=6wfISccfLzs&uach_m=[UACH]&cid=CAQSGwDUE5ymfLQ0n5rIT8g0MPQQ7mwTVUmQScs7ExgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0940496935639317&output=html&h=280&slotname=3069855689&adk=168988542&adf=2787348630&pi=t.ma~as.3069855689&w=336&lmt=1677442554&url=http%3A%2F%2Ftomovl.ru%2F&wgl=1&dt=1677442554223&bpp=5&bdt=287&idt=59&shv=r20230222&mjsv=m202302140101&ptt=5&saldr=sa&abxe=1&prev_slotnames=6141929750%2C6299305035&correlator=1584292899845&frm=20&pv=1&ga_vid=112705650.1677442554&ga_sid=1677442554&ga_hid=1378862998&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=332&ady=961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759927%2C44759876%2C44759837%2C31072436%2C31072440&oid=2&pvsid=3969579687426660&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CaEe%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=dHKxgRolGN&p=http%3A//tomovl.ru&dtd=62
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 26 Feb 2023 20:15:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 651C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29dbbf83c5d79269786b7e20a0eddd119ce4839f0cf62b1e5c68361c04884d4c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 651C 0
20 B 110ms
109ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/96e6597bbe8feeef4b24492bd7546dfa.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 20:15:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 651C 15 KB
15 KB 23ms
22ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 13:13:56 GMT
x-content-type-options: nosniff
age: 284519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 13:13:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 651C 15 KB
16 KB 26ms
26ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 12:23:05 GMT
x-content-type-options: nosniff
age: 287570
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 12:23:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 651C 15 KB
15 KB 29ms
29ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 13:40:31 GMT
x-content-type-options: nosniff
age: 282924
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 13:40:31 GMT

GET
H/1.1 200
OK komi_vorkyta.gif
tomovl.ru/images/ 2 KB
2 KB 47ms
46ms Image
image/gif 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/komi_vorkyta.gif
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: 80a888e9bed6c597393c6d698f2596d3e3bde085a4da1cfd484fe511e57a64dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:55 GMT
Last-Modified: Wed, 17 Mar 2010 15:19:05 GMT
Server: openresty
ETag: "4ba0f2e9-6fe"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1790

GET
H/1.1 200
OK komi_inta.gif
tomovl.ru/images/ 1 KB
2 KB 49ms
45ms Image
image/gif 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/komi_inta.gif
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: bc14f528f368120b3978cfabb1684f86e3d2afee918525b5ed54ad1ddaa6396c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:55 GMT
Last-Modified: Wed, 17 Mar 2010 15:19:01 GMT
Server: openresty
ETag: "4ba0f2e5-568"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1384

GET
H/1.1 200
OK komi_pechora.gif
tomovl.ru/images/ 1 KB
2 KB 48ms
44ms Image
image/gif 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/komi_pechora.gif
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: 5f77ff3ae853e97cdfde0db8a61d73850000171f4e24bb114c278d4301ca9fe3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:55 GMT
Last-Modified: Wed, 17 Mar 2010 15:19:02 GMT
Server: openresty
ETag: "4ba0f2e6-5c5"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1477

GET
H/1.1 200
OK komi_yxta.gif
tomovl.ru/images/ 1 KB
1 KB 45ms
42ms Image
image/gif 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/komi_yxta.gif
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: 0f0cd445bb22b33aeb4a529c59a5c05f182ad04e84d94b1ac31bcfaada973b18

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:55 GMT
Last-Modified: Wed, 17 Mar 2010 15:19:08 GMT
Server: openresty
ETag: "4ba0f2ec-43f"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1087

GET
H/1.1 200
OK komi_syktyvkar.gif
tomovl.ru/images/ 905 B
1 KB 43ms
39ms Image
image/gif 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/komi_syktyvkar.gif
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: dbc77324ac8ac6a3c2cc6e5ed8e6462256b7e7139c050e07d9e10ac75920ce4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:55 GMT
Last-Modified: Wed, 17 Mar 2010 15:19:04 GMT
Server: openresty
ETag: "4ba0f2e8-389"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 905

GET
H/1.1 200
OK komi_syktyvdin.gif
tomovl.ru/images/ 1 KB
1 KB 46ms
43ms Image
image/gif 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/komi_syktyvdin.gif
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: ecb0ce72618810f0edf1085b026b45d33ec586f472820b56c6a19512120b5fb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:55 GMT
Last-Modified: Wed, 17 Mar 2010 15:19:04 GMT
Server: openresty
ETag: "4ba0f2e8-444"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1092

GET
H/1.1 200
OK komi_ychilma.gif
tomovl.ru/images/ 2 KB
2 KB 40ms
40ms Image
image/gif 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/komi_ychilma.gif
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: e369729a6df8e3540c9d3159bf7f9a7f7a5082465465636168d484ad33d7ac62

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:55 GMT
Last-Modified: Wed, 17 Mar 2010 15:19:06 GMT
Server: openresty
ETag: "4ba0f2ea-69d"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1693

GET
H/1.1 200
OK komi_ysogorck.gif
tomovl.ru/images/ 2 KB
2 KB 42ms
42ms Image
image/gif 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/komi_ysogorck.gif
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: 8a71e49bc4a1869ad25bdefb418ebdf7f97003ad6cdea52fcadfd4515fef4b69

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:55 GMT
Last-Modified: Wed, 17 Mar 2010 15:19:07 GMT
Server: openresty
ETag: "4ba0f2eb-694"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1684

GET
H/1.1 200
OK komi_troisk.gif
tomovl.ru/images/ 2 KB
2 KB 43ms
43ms Image
image/gif 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/komi_troisk.gif
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: 076fec274b1ebaf4704a5502586a85dc29b658e6b31e580439b1d218ba088312

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:55 GMT
Last-Modified: Wed, 17 Mar 2010 15:19:05 GMT
Server: openresty
ETag: "4ba0f2e9-6e1"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1761

GET
H/1.1 200
OK komi_prilyse.gif
tomovl.ru/images/ 1 KB
1 KB 46ms
46ms Image
image/gif 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/komi_prilyse.gif
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: 7152bae2ae9768a42e58ad044d8285a89ee0b7fec8ae6b61fcff29ca614e43f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:55 GMT
Last-Modified: Wed, 17 Mar 2010 15:19:03 GMT
Server: openresty
ETag: "4ba0f2e7-4d5"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1237

GET
H/1.1 200
OK komi_ysinsk.gif
tomovl.ru/images/ 1 KB
2 KB 45ms
45ms Image
image/gif 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/komi_ysinsk.gif
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: ee42570ce6b101c2aced1cf8b2fa5537ab2f8e11b68d0ef4facf9903ff101d23

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:55 GMT
Last-Modified: Wed, 17 Mar 2010 15:19:07 GMT
Server: openresty
ETag: "4ba0f2eb-532"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1330

GET
H/1.1 200
OK komi_ijma.gif
tomovl.ru/images/ 2 KB
2 KB 45ms
45ms Image
image/gif 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/komi_ijma.gif
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: beb096d961eed810d2c5b624a5969d3036d0eaa0295ede58196e55f478a66a3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:55 GMT
Last-Modified: Wed, 17 Mar 2010 15:19:00 GMT
Server: openresty
ETag: "4ba0f2e4-62b"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1579

GET
H/1.1 200
OK komi_vyctul.gif
tomovl.ru/images/ 1 KB
1 KB 39ms
39ms Image
image/gif 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/komi_vyctul.gif
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: 22d7c4a686d6edcb5d00ec6cf45576936feaa9baedd706e450357a648cd332f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:55 GMT
Last-Modified: Wed, 17 Mar 2010 15:19:05 GMT
Server: openresty
ETag: "4ba0f2e9-4e8"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1256

GET
H/1.1 200
OK komi_rpechora.gif
tomovl.ru/images/ 2 KB
2 KB 42ms
42ms Image
image/gif 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/komi_rpechora.gif
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: f8b9d51181048a330e7dc0596e60626a6b57a4e1bf14582d5a6ad76c1387ac39

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:55 GMT
Last-Modified: Wed, 17 Mar 2010 15:19:03 GMT
Server: openresty
ETag: "4ba0f2e7-8b5"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2229

GET
H/1.1 200
OK komi_knichpogost.gif
tomovl.ru/images/ 2 KB
2 KB 43ms
43ms Image
image/gif 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/komi_knichpogost.gif
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: 42398e5b5f0f3620e24d596156d6bbde7860fc12e792d6a6b0c595ccc23b3228

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:55 GMT
Last-Modified: Wed, 17 Mar 2010 15:19:01 GMT
Server: openresty
ETag: "4ba0f2e5-668"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1640

GET
H/1.1 200
OK komi_yvum.gif
tomovl.ru/images/ 2 KB
2 KB 46ms
45ms Image
image/gif 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/komi_yvum.gif
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: 23dbd7e4a8fa130e1e1c909aa674be13770b100818dafbc4872d280d22a1c019

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:55 GMT
Last-Modified: Wed, 17 Mar 2010 15:19:07 GMT
Server: openresty
ETag: "4ba0f2eb-646"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1606

GET
H/1.1 200
OK komi_susola.gif
tomovl.ru/images/ 1 KB
2 KB 45ms
44ms Image
image/gif 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/komi_susola.gif
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: 46abfed768a0d5ad458c205fbe6cf52c36cf2aedcb4351b3de3ab61045f51963

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:55 GMT
Last-Modified: Wed, 17 Mar 2010 15:19:03 GMT
Server: openresty
ETag: "4ba0f2e7-53c"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1340

GET
H/1.1 200
OK komi_koigorodok.gif
tomovl.ru/images/ 2 KB
2 KB 47ms
47ms Image
image/gif 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/komi_koigorodok.gif
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: 66ab49e4367e89b0fd36b303ac185d5cc4f23f685cda01fb6aff30008fba9aa0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:55 GMT
Last-Modified: Wed, 17 Mar 2010 15:19:02 GMT
Server: openresty
ETag: "4ba0f2e6-6ae"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1710

GET
H/1.1 200
OK komi_kortkeros.gif
tomovl.ru/images/ 2 KB
2 KB 48ms
48ms Image
image/gif 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/komi_kortkeros.gif
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: 488a4627236cc2f23412ad1012415424c826bdbbe811811735b986b2aa71f4ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:55 GMT
Last-Modified: Wed, 17 Mar 2010 15:19:02 GMT
Server: openresty
ETag: "4ba0f2e6-600"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1536

GET
H/1.1 200
OK komi_ycylom.gif
tomovl.ru/images/ 2 KB
2 KB 45ms
45ms Image
image/gif 195.24.68.27
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tomovl.ru/images/komi_ycylom.gif
Protocol: HTTP/1.1
Server: 195.24.68.27 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: 0fe0a58e10ee501d295849f7b8765d2c11600cc6248bfe64c49e3e478c820238

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 20:15:55 GMT
Last-Modified: Wed, 17 Mar 2010 15:19:06 GMT
Server: openresty
ETag: "4ba0f2ea-6e3"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1763

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
49 KB 106ms
105ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7631b16bc768f7a4d7cbe7c5cb5fc09366a104e40115551a0412a22f71dcc65f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 20:15:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49632
x-xss-protection: 0
server: cafe
etag: 8908240716999494689
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 26 Feb 2023 20:15:55 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 72ms
54ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230222&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c4a6aab18dacdf39d247899fc74910cccfa0da29c6948d75abcf019249195d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 20:15:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11314
x-xss-protection: 0

GET
H3 200 6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js Show response
pagead2.googlesyndication.com/bg/ Frame 66B6 36 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8deb16eb44574c11f7fc262b3fb21c23016e46f1d8b8cc4e0184adc0c38d097

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 19:37:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14401
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 19:37:36 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 56ms
56ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 20:15:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 26 Feb 2023 20:15:55 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 651C 0
20 B 111ms
111ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgobCAEqF3NxdWFyZVRocm9uZVdpdGhvdXRCb2R5CgoIAioGc2VydmVyChUIBCoRbXlzaWRpYV9hbmFseXRpY3MKDRAQIQAAAAAAyeBAMAQKDRARIQAAAACAydNAMAQKDRASIQAAAAAAACBAMAQKDRATIQAAAAAAABBAMAQKDRAXIQAAaGZmDopAMAQKDRAUIQAAAABALPFAMAQKDRAVIQAAAAAAAChAMAQKDRAWIQAAAAAAABRAMAQKDRAYIQAAzszMYIpAMAQKDRAyIQAAAEAzM9M_MAQKDRAzIQAAAEAzM9M_MAQKDRA0IQAAAEAzM9M_MAQKDRA1IQAAAEAzM9M_MAQKDRA2IQAAAEAzM9M_MAQKDRA3IQAAAEAzM9M_MAQKDRA4IQAAAM3MzBhAMAQKDRA5IQAAaGZmLoVAMAQKDRA6IQAAzszMRIVAMAQKDRA7IQAAAAAACIpAMAQKDRA8IQAAAAAACIpAMAQKDRA9IQAANDMzD4pAMAQKDRA-IQAAzszMFIpAMAQKDRA_IQAAmpmZFYpAMAQKDRBAIQAAmpmZcYpAMAQSGkNPRHgwcnlBdFAwQ0ZSUEsxUW9kb0lNRUFRIhdzY3JlYW0vdGhyb25lX2ltYWdlX29jaCgR

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/96e6597bbe8feeef4b24492bd7546dfa.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 20:15:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/ Frame 62E4 10 KB
4 KB 8ms
8ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://tomovl.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 22431
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 14:02:04 GMT
etag: 10353107486223812946
expires: Sun, 12 Mar 2023 14:02:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 17ms
15ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tomovl.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 20:15:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 45ms
44ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tomovl.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 20:15:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FC1F 289 KB
82 KB 1562ms
1561ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0940496935639317&output=html&adk=1812271804&adf=3025194257&lmt=1677442555&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_r&format=0x0&url=http%3A%2F%2Ftomovl.ru%2F&ea=0&pra=7&wgl=1&dt=1677442555262&bpp=3&bdt=1326&idt=3&shv=r20230222&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1885e4afc4c91f60-228f4abe1add0090%3AT%3D1677442554%3ART%3D1677442554%3AS%3DALNI_MbAy5ISt6IA9a8w4gUNFxrheZk8Jg&gpic=UID%3D00000bbc520995fb%3AT%3D1677442554%3ART%3D1677442554%3AS%3DALNI_MZ-9uNHaq_gKb3xuKzhX-fG1xU09w&prev_slotnames=6141929750%2C6299305035%2C3069855689&nras=1&correlator=1584292899845&frm=20&pv=1&ga_vid=112705650.1677442554&ga_sid=1677442554&ga_hid=1378862998&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759927%2C44759876%2C44759837%2C31072436%2C31072440&oid=2&psts=AD37Y7uNMH88sk7-bHkhYDMyCrgHBpPNOMsjaedrmTbIWvvURK6OXfsUyEwI5D_PZrMlyUn-eA-2cde-VBweW8xdWw%2CAD37Y7uI695ILcGoQMTRJpVnJUDTp31Eq-gP9cic4ng6d-JJ-5yGEDhBqIlYVR959FvChBs9M_r1eJVwTyzVeH48KaqyTw&pvsid=3969579687426660&tmod=1193491593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=26

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

407c80621cd5d52b2ff0c9e4456c0eaaf6f25db20210260d51e6ee6f2206233f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://tomovl.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 83907
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 20:15:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 30F0 13 KB
5 KB 24ms
24ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://tomovl.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 33310
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 11:00:45 GMT
expires: Mon, 26 Feb 2024 11:00:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7517 783 B
963 B 52ms
51ms Document
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

19ef0cfcfa80b549ae75382262603a2c3aaaf345d153fcc8c42dd828416ec04d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7HbnwN3TVSnOdJajXKDD4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://tomovl.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-7HbnwN3TVSnOdJajXKDD4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 20:15:55 GMT
expires: Sun, 26 Feb 2023 20:15:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js Show response
pagead2.googlesyndication.com/bg/ Frame 30F0 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8deb16eb44574c11f7fc262b3fb21c23016e46f1d8b8cc4e0184adc0c38d097

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 19:37:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14401
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 19:37:36 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7517 0
0 108ms
108ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230222&jk=3969579687426660&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 30F0 0
10 B 24ms
23ms Image
text/plain 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?l-py2g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 20:15:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A865 42 B
64 B 116ms
115ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvVmBw2r2gxrR41ymOduJfkQhbj_m_uW0Q9jU8nm4zSn8KNd21LgJNc02Kd_Aar_ZkxbVcO6N_cjpw2rAQCn12Y8pEZBEpR4rlI3Cvn0PPqZ42IEQpHudTgBKCRjJBspMCVL0DqIw&sai=AMfl-YQre31m3rHYoQwBMOM0xEpC7uvR6bwEmpzqROJNGHRQpsnkW9DXlcywRR4XjuiMLj8GU6oyB7cFLjTl&sig=Cg0ArKJSzDwI13eZmK1rEAE&cid=CAQSGwDUE5ymsWTWQTfmOC8tXUQXxW426y0jZTzKqhgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230222&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4266690709&rs=2&la=0&cr=0&vs=4&r=v&rst=1677442554269&rpt=646&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 20:15:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 116ms
115ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230222&jk=3969579687426660&bg=!4eKl4rbNAAZYlHKzeJQ7ADkAdvg8WjmLs0NyfT-_nzBqTDPaB6CzJ4Jo8BEIcuGVJSgtSFj8v-LlvWNWOq3x_3wMsEBY02UmP2oCAAAAS1IAAAAKaAEHCgCbnYCQ1OeKNiERXrhjLVe7BNAYqXN1srqFDeyXATq06BO8K1fM42v6For0i9rMf6PSO8opwuhWAhirl5GNGFZrBPrXa42UUqK_SdDh3YUyiFO-8G-1fEKR1ixQoWsEFfrV7LFGx94PNRYcOZBHRDNsiqeuyESmanx4nV2sVaKaGp6SNMqsBWwAIvbjZ2RnMJ_ilWmN2-0y7r4N3ciZAplS_rwjwQz_Rlvu3WOnuINuK9uzRI5MXF4W3crk92bxFAKoXgrzht5lWK4R-8mDZKG9LFgi4dk6jP4pG-o89b9Nt5ne3-JXGHWTzRpujZHUhYH2KoP3BUu3lZ12yMtJS4AuyyAzuHW5Ud9Fzan3iDNWhQN27xZCh7Zd8B7TGcM839zpIBqz4xdSa60YVW6SAFcl_G4DLxiCHn85CsYJepVNnvAwxXA9DLJhSsbDmUwfc4Deh3sEaxK-b-Qi3dpPsbPoxDn0JwKf0T-mshpaVuR6KApDL8fcejKxA1ghlwUFcpvksf7qix5g9Drn0Zr2mD9uECjdJcSAR-GRwXtzR_VBBQaNT-KU2p9tTcE90GfUcz86u3lQFvQTZvG7g6D0K4qmrCZjGqhdkl85mGEwnDj_zPLxoyY6Mwt2vqss7TGjiQ5TWHJklCsMEMCqZ7C0itIfE2Mx4xc01ugrFTghzj-2sggiGBjuRFEuofrM_pIcgSRW2I8e77-FnRaqvivvEBIeBch9Oh5Wv_Kb-B5FIXoOaCGUi8fEr9hX-5qJ5pXkB7hdQNCeKYWFMAPGBiC3fSaf6OxaVv80cKLkiWGFU5ZdGymPrL2FMoqVoKJ_AsDmkNlUWpDc2RVAXEnsyxeilIu1sl5qZSM12XoUClOdxMJm7PN7VPWNwZvxge8LXiEdepZnKAWhDjSXec4Z-9zPes81DO4wtY4_Tl_8JlwJayY_T3XFBHZ9lU1ywKWCDKgrEfc06Ac1urjGVhPpZPDB2kpPAsAXrYBIK2w4f9wk6nasR4PDMNjHyvvSH8hudwazZDlO2E5lrulaU8ygJceOvuM9nPsp_MEpeH1cJfpHhxwYffQVw3C9S9XShbsJYqQx27CPrfQELsjQ1A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 651C 42 B
64 B 117ms
116ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHUJb7dHWom8JLUJzIu6Dc64KzvN8YDbabs3L2RgHWRHjZNrJBPIgmMT8TCQefy4yn9ZMLAVKQ_RXEg_Fr0YeOD4x7qFw-UM2HCB175piSW7GOtCid_JCSEwN-5QpP2D8moRzGlw&sai=AMfl-YRr1Bnqm1JEf0l8VvT_NIGhUjBYx2jpeWG6-oUZGaILEgsiam98Beil93DfIKVpiZLHrsGlwSc0zGZ5&sig=Cg0ArKJSzL34u1zlTH1iEAE&cid=CAQSGwDUE5ymfLQ0n5rIT8g0MPQQ7mwTVUmQScs7ExgB&id=lidar2&mcvt=1002&p=0,0,280,336&mtos=0,1002,1002,1002,1002&tos=0,1002,0,0,0&v=20230222&bin=7&avms=nio&bs=0,0&mc=0.85&if=1&vu=1&app=0&itpl=22&adk=168988542&rs=2&la=0&cr=0&vs=4&r=v&rst=1677442554287&rpt=844&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 20:15:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/ 150 KB
51 KB 108ms
108ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/reactive_library_fy2021.js?bust=31072440

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c68fa57296a23747840558f1cb1ba3734918ed07a19279c127a7d84bd606c777

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 20:15:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52043
x-xss-protection: 0
server: cafe
etag: 6967701424386853029
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Feb 2023 20:15:56 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tomovl.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 20:15:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 47ms
46ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tomovl.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tomovl.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 20:15:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/ Frame D3CD 10 KB
4 KB 10ms
9ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://tomovl.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 80598
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Feb 2023 21:52:39 GMT
etag: 10353107486223812946
expires: Sat, 11 Mar 2023 21:52:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/ Frame F677 10 KB
4 KB 9ms
7ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://tomovl.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 80598
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Feb 2023 21:52:39 GMT
etag: 10353107486223812946
expires: Sat, 11 Mar 2023 21:52:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame D3CD 4 KB
636 B 46ms
46ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 26 Feb 2023 20:15:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 26 Feb 2023 18:34:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Feb 2023 20:15:57 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D3CD 205 B
229 B 8ms
7ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 18:45:04 GMT
x-content-type-options: nosniff
age: 5453
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 26 Feb 2024 18:45:04 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D3CD 604 B
628 B 8ms
8ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 19:24:10 GMT
x-content-type-options: nosniff
age: 3107
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 26 Feb 2024 19:24:10 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/elements/html/ Frame D3CD 19 KB
8 KB 24ms
24ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e14ff3e75a1030bfcc4f49ce62a2036c3f239b81339024d1745b581ca4e76b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 20:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8251
x-xss-protection: 0
server: cafe
etag: 12882883664474914621
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Mar 2023 20:51:46 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C9DB 624 B
245 B 49ms
45ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLHVxd0BMAE&v=APEucNXQJ9PYPwsgp1acZSWvNAyBqnnGs1jh2Qy2jtHvx7Q9lIU0j1VAB8gCJh0x2_5z4qYXF-GU8LEDk8rAXUtk_UO6RojzMHRcomsf_6Zq4Us5Mxt5zlEQD6liHF4r-jRFPfGnFNIoArxWW_OZr8yu3FXhyVSLLOzhrX49nEmZ3gIQYZpJ8mM

Requested by

Host: tomovl.ru
URL: http://tomovl.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 20:15:57 GMT
expires: Sun, 26 Feb 2023 20:15:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame BD06 22 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js

Requested by

Host: tomovl.ru
URL: http://tomovl.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 19:10:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 19:10:03 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230222/r20110914/elements/html/ Frame BD06 6 KB
2 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230222/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: tomovl.ru
URL: http://tomovl.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 19:05:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2477
x-xss-protection: 0
server: cafe
etag: 8436122973860808490
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 19:05:56 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BD06 0
0 718ms
55ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstJIiPeVuC8fwSZ7vfKjhwz-VHF1wC-mHwl9s5wCikuzFKOmfZM8RzHEZGIss_afACtjYqtDInA9gkIDiiDkb82cMJ7R_x0i9CpdRhzsUh6XN8EoyM78kRatk6Arlu7KE3GRmV09YaQLeD4DyFoOmfa1PyD-t19DmEDuOTRJiezd_RzomJCYKg3JBJSZQ9P5OeDDhlZo5nTSF_U1hv5r_0WVD7SDLsh6fgxdSWJXRrSB2o4pdSjASXivw4BonHzSywv30XHmcc95X4vqlVX_0G71SFvRW-oE-5SSzEmpdsuyxkS4ifI5KZJtmHP9sXh2FguasCF9m_dzHC83fymZAdCbDiHBBfRyQKGK2XkXSATMFq0eIPwtu7ZeIF6UQf5j7eyG74W1RTRsEewBZ8ceOYywO_Nz-EdsXu6NN7NiRa2HSfgfhY4kdQuR6WRjs_W02U2DyOpy7avZ79wNJv1qKwgdXhZ584hBQizlW5EhNOExnfq_xjOkBkohtkJ3FyNcFeiMfV0z64aXnPD437eFWsvk2Xqyq_C8lELjYYY7gjdozTNAoru-ZrwdZ0H8h97qLSHgwp0hAFxSG9nJcTwfmwLk3l0htpIb7BTzN0AMZXOusffKsDnJuS5WbXuZWaWJWqgHlw1TmiBjqs0iNpN1VTqenrF3nAmG_zRicyNsoEOkM4MggQ67F-1Pho2zM2GMT4P9Jb6JRfjaqYHbXLpnU5INC9FBA6DHPmv6UfaP-Vt-q_nzCP9W4c1Bs2ylEC0AKjsX_ndEmoIviP4wMeL-xQLJWF86jxgpItXP2jJbi-AGW66d8DoCYBgF-poNyqC-cXIRA5wmU76wB36YyfAv--d-gWkXuBZV88tH2H6oXzStQ7fGgwa3VQ6irXPbDLu1zqeUJ23BqQqC2hlIV4ub2OPr8kxmyOe8N5T6myIVcsM0cmPFjnwtNsSuOgKozeQGbQRIjPi9iRnMHniqt8txeGmhw-AWmUm4MDfYqZwgXoABv7HvHfjDAJW4O9a0v78pIM6vppm7Zft_KVrWIMWmOmMz2mrw67ZAGXfaaUA1SH-26kzd-_46q6Nl2_KIbzGromTL02SQG6hMSgPIERYtFJOcmEJsfB-fP79ETxEWFK3VwQY70Ym87zYBAowUVwihnpQoasebgk0f7-D6El0-4jY1NZXCNac-lfaMPMkNlFAboyl&sai=AMfl-YSkgX8oNdl6_O9Rp7Hwm9_WgNJ8tCG2dSl6oc0ff_2OoAEVjebEFsQkI17hr7DnNGuL0ROxgs8zIH--GLgiEa1nHmlyICCyiO9MFK9N6TELDgSxceAW-BKebUQ237eHo-JhsxvvIhxnsledtaxZkU1XdaqWj31rn0B2F7TmjlSxwdvf3kQADMSFXWnX6_CP1zDl4MJQBc_ldWVNWhOoqlJ2ldYtS59QqfnQ8o_jABRl62ZZxVCSoA73F7EO8Ammxfaodqfl5tIeAfR3ZeAZKv_BbEbFMOhnh1mhr8whfjm8RviaI_GeNDbp5UvXIfxYYBLyZ5W1gh6117hjOy1DDH191JTWtrTyMq76aCW7-rQRQJsN1b8ecX_KfRy-hPUzBbd7oAM8O38&sig=Cg0ArKJSzN1Q4CyI14aQEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230222.63009&arae=0&ftch=1&adurl=

Requested by

Host: tomovl.ru
URL: http://tomovl.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 26 Feb 2023 20:15:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 26 Feb 2023 20:15:57 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame BD06 41 KB
15 KB 24ms
24ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: tomovl.ru
URL: http://tomovl.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 11:08:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32837
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Feb 2024 11:08:40 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame BD06 3 KB
1 KB 37ms
36ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Host: tomovl.ru
URL: http://tomovl.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 11:00:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33314
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 11:00:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame BD06 20 KB
8 KB 25ms
24ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: tomovl.ru
URL: http://tomovl.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 11:00:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33314
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 11:00:43 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BD06 0
0 46ms
45ms Image
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTgYP-pddO9LnBk2T7-GFmezCm0IuNh6FisSnsG6ktUYfW4X0TC8WEIaDwwr0QGNXU4f_SvJ3mpj_v8fzJScPHLJ9X-Nw
Requested by: Host: tomovl.ru
URL: http://tomovl.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BD06 158 KB
48 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tomovl.ru
URL: http://tomovl.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 20:15:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 26 Feb 2023 20:15:57 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BD06 42 B
63 B 109ms
108ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BpL12TcRwACa0_kbkJtqo-QptefLoh4vZOWtplvOPsoHHCzgIgoQO0rkTzUnXZha4iLs7MAdH5PJD2Do9nPnDkKX3eGxv6wAu_8IZBA9UFFlI_L6I

Requested by

Host: tomovl.ru
URL: http://tomovl.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 20:15:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 8802555451024282535
s0.2mdn.net/simgad/ Frame BD06 25 KB
25 KB 684ms
23ms Image
image/png 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8802555451024282535?sqp=uqWu0g0HCFoQ2AVAZA&rs=AOga4qn9dLCnIM3w6ulqrjvJ2Foxod0rgQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42bfcc13f63c3b068a4f59c188ad224ab48d2e3d91ce033311da926be2327249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 06:04:53 GMT
x-content-type-options: nosniff
age: 310264
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25554
x-xss-protection: 0
last-modified: Fri, 30 Dec 2022 14:21:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Feb 2024 06:04:53 GMT

GET
H3 200 030db783cd93f01ccad1528166361a91.js Show response
www.gstatic.com/mysidia/ Frame 4757 9 KB
4 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/030db783cd93f01ccad1528166361a91.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3deda25f1d4dacb2dcb6291e32e305b3390f6225a657f45ce798101dcfcb9865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4099
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 21:21:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 27 May 2023 14:02:07 GMT

GET
H3 200 0faeecb3a309cf165ac6d2c796b7ad67.js Show response
www.gstatic.com/mysidia/ Frame 4757 150 KB
56 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0faeecb3a309cf165ac6d2c796b7ad67.js?tag=gpa/dynamic_fig_web_banner_v2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

343ff5df036dc162413e715d2c8cbb2864126b3bdbd748ebbb342067e2acda1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 03:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 405719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56814
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 01:49:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 23 May 2023 03:33:58 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4757 6 KB
919 B 47ms
46ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%7CGoogle%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e5868a14238ba3fd43b1922aa6db736f4b05970b5162451f6e89c0fd70e84b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 26 Feb 2023 20:15:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 26 Feb 2023 18:57:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Feb 2023 20:15:57 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 4757 2 KB
765 B 25ms
24ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 11:08:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32858
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 11:08:19 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame 4757 22 KB
9 KB 25ms
24ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 11:00:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33313
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 11:00:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 4757 3 KB
1 KB 30ms
29ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 11:00:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33314
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 11:00:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 4757 20 KB
8 KB 26ms
25ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 11:00:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33314
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 11:00:43 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4757 0
0 44ms
44ms Image
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRwjmTuBQz8099FGlV-ike0khWCYJpENRZqXOQ67Z1qgrYiBOpVLox1r-OWdZEtgI4dSSAoJTI-rEFma7Wl4fhEK5UgDA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4757 158 KB
48 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 20:15:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 26 Feb 2023 20:15:57 GMT

GET
H3 200 ed8ae2896763956dad3710d8730c1299.js Show response
www.gstatic.com/mysidia/ Frame 4757 33 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ed8ae2896763956dad3710d8730c1299.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:01:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14007
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 21:21:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 27 May 2023 14:01:05 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FAAC 1 KB
643 B 8ms
8ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 22426
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 14:02:11 GMT
etag: 48472445140208031
expires: Mon, 27 Feb 2023 14:02:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 4757 0
234 B 327ms
127ms Ping
image/gif 2a00:1450:4028:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&puid=1~leltzl9b&c=8746527550743&slotId=4373263775371.5&qqid=CPbVl72AtP0CFS2G6QUdtyAISQ&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/0faeecb3a309cf165ac6d2c796b7ad67.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4028:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 20:15:58 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hqdefault.jpg
i1.ytimg.com/vi/MrYZbKCngbE/ Frame 4757 13 KB
13 KB 162ms
62ms Image
image/jpeg 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.ytimg.com/vi/MrYZbKCngbE/hqdefault.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a89e1646dc0dc84af5c8df4ebf3c2fc2b840dd141010f693366f5f522ea0aed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 20:15:57 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12890
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 26 Feb 2023 22:15:57 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4E54 1 KB
643 B 8ms
7ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 22426
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 14:02:11 GMT
etag: 48472445140208031
expires: Mon, 27 Feb 2023 14:02:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BD06 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2018c2c7be49718e4f9f69ed0d251bde53e474abf7447a48df75ca3679d35d99

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame AD8A 22 KB
8 KB 25ms
24ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 33314
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 11:00:43 GMT
expires: Mon, 26 Feb 2024 11:00:43 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 206
Partial Content videoplayback
rr1---sn-n02xgoxufvg3-2gb6.googlevideo.com/ Frame 4757 1 MB
1 MB 374ms
275ms Media
video/mp4 2a01:28:cb6:5::c
SUPERNETWORK ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-n02xgoxufvg3-2gb6.googlevideo.com/videoplayback?expire=1677471356&ei=_L37Y8vCJMC02roP45e50Ag&ip=2a02:6ea0:c71b:0:1012:bab1:483e:7a3d&id=32b6196ca0a781b1&itag=18&source=youtube&requiressl=yes&mh=OO&mm=31&mn=sn-n02xgoxufvg3-2gb6&ms=au&mv=m&mvi=1&pl=48&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=27.654&lmt=1659445754293028&mt=1677442154&txp=5530434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgCixTuNsIj83pYSMAsAqsAXjPvk-6EtZ4UXHy3Z9gR4cCIEm0G1AC2dZATdFVbNB0Me9c1pph5xI0itjd-pSkYyBA&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgWy5rMbzmDhO04nod4lwfgtU52pOVCWedqixz5kwLuQMCIQDOQu4fvswD2kiXwFPX0nIuTS5Wjy_sYS9Vn3siEX3-AA==&cpn=OFLlnR_Zth7JmVB3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a01:28:cb6:5::c Prague, Czech Republic, ASN39392 (SUPERNETWORK ^_^, CZ),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

40977f0162072cd56fc196d9485be2ab86166842349f7d883dceec9d74eae5fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 26 Feb 2023 20:15:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Aug 2022 13:09:14 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-1264214/1264215
Cache-Control: private, max-age=28498
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1264215
Expires: Sun, 26 Feb 2023 20:15:58 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C9DB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHFSsCNa6KnFaCV57d50OXU&google_cver=1

43 B
766 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHFSsCNa6KnFaCV57d50OXU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLHVxd0BMAE&v=APEucNXQJ9PYPwsgp1acZSWvNAyBqnnGs1jh2Qy2jtHvx7Q9lIU0j1VAB8gCJh0x2_5z4qYXF-GU8LEDk8rAXUtk_UO6RojzMHRcomsf_6Zq4Us5Mxt5zlEQD6liHF4r-jRFPfGnFNIoArxWW_OZr8yu3FXhyVSLLOzhrX49nEmZ3gIQYZpJ8mM
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Feb 2023 20:15:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 26 Feb 2023 20:15:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHFSsCNa6KnFaCV57d50OXU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C9DB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y-u9-VHcSf9USX9cdxj2fAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHFSsCNa6KnFaCV57d50OXU&google_cver=1

43 B
766 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHFSsCNa6KnFaCV57d50OXU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLHVxd0BMAE&v=APEucNXQJ9PYPwsgp1acZSWvNAyBqnnGs1jh2Qy2jtHvx7Q9lIU0j1VAB8gCJh0x2_5z4qYXF-GU8LEDk8rAXUtk_UO6RojzMHRcomsf_6Zq4Us5Mxt5zlEQD6liHF4r-jRFPfGnFNIoArxWW_OZr8yu3FXhyVSLLOzhrX49nEmZ3gIQYZpJ8mM
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Feb 2023 20:15:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 26 Feb 2023 20:15:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHFSsCNa6KnFaCV57d50OXU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame C9DB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEF0AT1h45WEXv9IQh415gJg&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEF0AT1h45WEXv9IQh415gJg%26google_cver%3D1

43 B
1 KB

14ms
13ms

Image
image/gif

185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEF0AT1h45WEXv9IQh415gJg%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLHVxd0BMAE&v=APEucNXQJ9PYPwsgp1acZSWvNAyBqnnGs1jh2Qy2jtHvx7Q9lIU0j1VAB8gCJh0x2_5z4qYXF-GU8LEDk8rAXUtk_UO6RojzMHRcomsf_6Zq4Us5Mxt5zlEQD6liHF4r-jRFPfGnFNIoArxWW_OZr8yu3FXhyVSLLOzhrX49nEmZ3gIQYZpJ8mM

Protocol

HTTP/1.1

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Feb 2023 20:15:58 GMT
AN-X-Request-Uuid: 1177dbd7-4c8f-4da1-80ab-787cc995c86a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 26 Feb 2023 20:15:57 GMT
AN-X-Request-Uuid: 983015e5-0554-49b9-bb0c-d82a1d7ae9f1
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEF0AT1h45WEXv9IQh415gJg%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C9DB
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY4OTgwMTI5NjAxMTEwMDEw

170 B
188 B

17ms
16ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY4OTgwMTI5NjAxMTEwMDEw

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 20:15:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 26 Feb 2023 20:15:58 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 0d12a690-3e6f-4f53-b235-4fc4d8e92f78
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY4OTgwMTI5NjAxMTEwMDEw
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BD06 0
0 45ms
44ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstJIiPeVuC8fwSZ7vfKjhwz-VHF1wC-mHwl9s5wCikuzFKOmfZM8RzHEZGIss_afACtjYqtDInA9gkIDiiDkb82cMJ7R_x0i9CpdRhzsUh6XN8EoyM78kRatk6Arlu7KE3GRmV09YaQLeD4DyFoOmfa1PyD-t19DmEDuOTRJiezd_RzomJCYKg3JBJSZQ9P5OeDDhlZo5nTSF_U1hv5r_0WVD7SDLsh6fgxdSWJXRrSB2o4pdSjASXivw4BonHzSywv30XHmcc95X4vqlVX_0G71SFvRW-oE-5SSzEmpdsuyxkS4ifI5KZJtmHP9sXh2FguasCF9m_dzHC83fymZAdCbDiHBBfRyQKGK2XkXSATMFq0eIPwtu7ZeIF6UQf5j7eyG74W1RTRsEewBZ8ceOYywO_Nz-EdsXu6NN7NiRa2HSfgfhY4kdQuR6WRjs_W02U2DyOpy7avZ79wNJv1qKwgdXhZ584hBQizlW5EhNOExnfq_xjOkBkohtkJ3FyNcFeiMfV0z64aXnPD437eFWsvk2Xqyq_C8lELjYYY7gjdozTNAoru-ZrwdZ0H8h97qLSHgwp0hAFxSG9nJcTwfmwLk3l0htpIb7BTzN0AMZXOusffKsDnJuS5WbXuZWaWJWqgHlw1TmiBjqs0iNpN1VTqenrF3nAmG_zRicyNsoEOkM4MggQ67F-1Pho2zM2GMT4P9Jb6JRfjaqYHbXLpnU5INC9FBA6DHPmv6UfaP-Vt-q_nzCP9W4c1Bs2ylEC0AKjsX_ndEmoIviP4wMeL-xQLJWF86jxgpItXP2jJbi-AGW66d8DoCYBgF-poNyqC-cXIRA5wmU76wB36YyfAv--d-gWkXuBZV88tH2H6oXzStQ7fGgwa3VQ6irXPbDLu1zqeUJ23BqQqC2hlIV4ub2OPr8kxmyOe8N5T6myIVcsM0cmPFjnwtNsSuOgKozeQGbQRIjPi9iRnMHniqt8txeGmhw-AWmUm4MDfYqZwgXoABv7HvHfjDAJW4O9a0v78pIM6vppm7Zft_KVrWIMWmOmMz2mrw67ZAGXfaaUA1SH-26kzd-_46q6Nl2_KIbzGromTL02SQG6hMSgPIERYtFJOcmEJsfB-fP79ETxEWFK3VwQY70Ym87zYBAowUVwihnpQoasebgk0f7-D6El0-4jY1NZXCNac-lfaMPMkNlFAboyl&sai=AMfl-YSkgX8oNdl6_O9Rp7Hwm9_WgNJ8tCG2dSl6oc0ff_2OoAEVjebEFsQkI17hr7DnNGuL0ROxgs8zIH--GLgiEa1nHmlyICCyiO9MFK9N6TELDgSxceAW-BKebUQ237eHo-JhsxvvIhxnsledtaxZkU1XdaqWj31rn0B2F7TmjlSxwdvf3kQADMSFXWnX6_CP1zDl4MJQBc_ldWVNWhOoqlJ2ldYtS59QqfnQ8o_jABRl62ZZxVCSoA73F7EO8Ammxfaodqfl5tIeAfR3ZeAZKv_BbEbFMOhnh1mhr8whfjm8RviaI_GeNDbp5UvXIfxYYBLyZ5W1gh6117hjOy1DDH191JTWtrTyMq76aCW7-rQRQJsN1b8ecX_KfRy-hPUzBbd7oAM8O38&sig=Cg0ArKJSzN1Q4CyI14aQEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=774&vt=11&dtpt=773&dett=2&cstd=0&cisv=r20230222.63009&arae=0&ftch=1&adurl=

Requested by

Host: tomovl.ru
URL: http://tomovl.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 20:15:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 26 Feb 2023 20:15:57 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame FAAC
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESELNGzdN9kADE0tFbBQDmfDw&google_cver=1&google_push=Aa02lx8ZwyA7R2FU0F_NvZZRo3TTf23SQmmeLjdKLzCEZsuKTcEtTgCRRKp6fmNLIeSSLkHRfk1z8-1fArJ8GAvZPgP1IG3Qx_4Q
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjcwNzk5MTU3NDM1MjgwMjAzMQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELNGzdN9kADE0tFbBQDmfDw&google_cver=1

43 B
398 B

85ms
15ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELNGzdN9kADE0tFbBQDmfDw&google_cver=1
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 26 Feb 2023 20:15:57 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 26 Feb 2023 20:15:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELNGzdN9kADE0tFbBQDmfDw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame FAAC 35 B
465 B 46ms
11ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKoVIS8bQy1L7HUn5l2Zi10&google_cver=1&google_push=Aa02lx-WU4eH016RdjlBuqWXHJsLR6Shtix_7mQ-UhCosKLQYvsXqo9Nbs37n-1dtpgtmixtJXPYshuB34ov6MhgUc0bIJAMIdHGAw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 20:15:57 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FAAC
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPi51QADm6xKFZFydIgJT7M&google_cver=1&google_push=Aa02lx_9Z67O-bhUaqgIDSK3UsLlyc3mtXUkbJtKIr-ofl3BZ0rRK3nOu0zfdqHlfkDJNpfzcMZz00ukCGoJqzuV...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_9Z67O-bhUaqgIDSK3UsLlyc3mtXUkbJtKIr-ofl3BZ0rRK3nOu0zfdqHlfkDJNpfzcMZz00ukCGoJqzuVo9kY-3J8rrd3

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_9Z67O-bhUaqgIDSK3UsLlyc3mtXUkbJtKIr-ofl3BZ0rRK3nOu0zfdqHlfkDJNpfzcMZz00ukCGoJqzuVo9kY-3J8rrd3

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 20:15:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 26 Feb 2023 20:15:58 GMT
Server: MT3 530 4e92630 master cdg-pixel-x15 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_9Z67O-bhUaqgIDSK3UsLlyc3mtXUkbJtKIr-ofl3BZ0rRK3nOu0zfdqHlfkDJNpfzcMZz00ukCGoJqzuVo9kY-3J8rrd3
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 26 Feb 2023 20:15:57 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame FAAC
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEHIf2Omd50SqSSUj9BeRmsM&google_cver=1&google_push=Aa02lx_aP7PWrfYO8UK9Q8Ikz0lBEyiNa1hLulA_-NlREozAX71AZBcE29joijSM8icyfhWmIUATJcV1T866GDKmUq6_TvoxpGSbQ...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHIf2Omd50SqSSUj9BeRmsM&google_cver=1&google_push=Aa02lx_aP7PWrfYO8UK9Q8Ikz0lBEyiNa1hLulA_-NlREozAX71AZBcE29joijSM8icyfhWmIUATJcV1T866GDKmUq6_TvoxpGS...

43 B
411 B

187ms
164ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHIf2Omd50SqSSUj9BeRmsM&google_cver=1&google_push=Aa02lx_aP7PWrfYO8UK9Q8Ikz0lBEyiNa1hLulA_-NlREozAX71AZBcE29joijSM8icyfhWmIUATJcV1T866GDKmUq6_TvoxpGSbQg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_aP7PWrfYO8UK9Q8Ikz0lBEyiNa1hLulA_-NlREozAX71AZBcE29joijSM8icyfhWmIUATJcV1T866GDKmUq6_TvoxpGSbQg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 20:15:58 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 79fb5b142cea9024-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 26 Feb 2023 20:15:58 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 406
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHIf2Omd50SqSSUj9BeRmsM&google_cver=1&google_push=Aa02lx_aP7PWrfYO8UK9Q8Ikz0lBEyiNa1hLulA_-NlREozAX71AZBcE29joijSM8icyfhWmIUATJcV1T866GDKmUq6_TvoxpGSbQg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_aP7PWrfYO8UK9Q8Ikz0lBEyiNa1hLulA_-NlREozAX71AZBcE29joijSM8icyfhWmIUATJcV1T866GDKmUq6_TvoxpGSbQg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 79fb5b130ba69024-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FAAC
Redirect Chain

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEMyIi6eXHPo1yoVgTjg0O2U&google_cver=1&google_push=Aa02lx8fVKkkXroTfT2KcXAfct0vRW42wgm-UnGznuYiVSmrzAURYmk2CXZmQcUoWzriu36FT8XH6lG...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=Aa02lx8fVKkkXroTfT2KcXAfct0vRW42wgm-UnGznuYiVSmrzAURYmk2CXZmQcUoWzriu36FT8XH6lG08qaIgr1a4sBE_H_L8wnS&google_hm=gIa8NIG-SuuevVbXW...

170 B
243 B

19ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=Aa02lx8fVKkkXroTfT2KcXAfct0vRW42wgm-UnGznuYiVSmrzAURYmk2CXZmQcUoWzriu36FT8XH6lG08qaIgr1a4sBE_H_L8wnS&google_hm=gIa8NIG-SuuevVbXWInC6IQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 20:15:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 26 Feb 2023 20:15:57 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=Aa02lx8fVKkkXroTfT2KcXAfct0vRW42wgm-UnGznuYiVSmrzAURYmk2CXZmQcUoWzriu36FT8XH6lG08qaIgr1a4sBE_H_L8wnS&google_hm=gIa8NIG-SuuevVbXWInC6IQ
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FAAC
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBo9XpPSBQ_PR7B7p2s4KTQ&google_cver=1&google_push=Aa02lx9-ht8WMYXi8lDzkbAQHthmdmgc4pu_WY_AgbWjw0T3wnwpmWzrFYzml8hdenlQZfr9-gRkDQpo_rQYpsgLnBSD...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBo9XpPSBQ_PR7B7p2s4KTQ&google_cver=1&google_push=Aa02lx9-ht8WMYXi8lDzkbAQHthmdmgc4pu_WY_AgbWjw0T3wnwpmWzrFYzml8hdenlQZfr9-gRkDQpo_rQYps...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9-ht8WMYXi8lDzkbAQHthmdmgc4pu_WY_AgbWjw0T3wnwpmWzrFYzml8hdenlQZfr9-gRkDQpo_rQYpsgLnBSDnS85dgcFrA&google_hm=0kBZr1c1SsiKA7nySyktdQ==

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9-ht8WMYXi8lDzkbAQHthmdmgc4pu_WY_AgbWjw0T3wnwpmWzrFYzml8hdenlQZfr9-gRkDQpo_rQYpsgLnBSDnS85dgcFrA&google_hm=0kBZr1c1SsiKA7nySyktdQ==

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 20:15:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9-ht8WMYXi8lDzkbAQHthmdmgc4pu_WY_AgbWjw0T3wnwpmWzrFYzml8hdenlQZfr9-gRkDQpo_rQYpsgLnBSDnS85dgcFrA&google_hm=0kBZr1c1SsiKA7nySyktdQ==
date: Sun, 26 Feb 2023 20:15:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

report
sync.teads.tv/um/ Frame FAAC
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECA6GsFduV5ygYZjMzd0LLM&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx_oNlkkvTQhFAxIajhxAMXtzyA6TtKu7dUZs52yxbHoVDyHTpzz6ykXVRu974YjU_4NT7UJufEqz82B1eUpU9_CexC42-M9zQ
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

167ms
167ms

Image
image/gif

23.35.209.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 23.35.209.30 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-209-30.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Sun, 26 Feb 2023 20:15:58 GMT
pragma: no-cache
date: Sun, 26 Feb 2023 20:15:58 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 26 Feb 2023 20:15:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame FAAC 0
130 B 42ms
16ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LKabxRShWw8S5vbB4e-dtiyhfxja0GLQqePU_d4qAsWzjTMOjtmi6ODLQeQazVxIRWeVJfIA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 20:15:57 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 4E54
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESELNGzdN9kADE0tFbBQDmfDw&google_cver=1&google_push=Aa02lx_IGYmKaN3dS6EQF9j7B6thmLCdXVWGpv_byAKZcF-bNx47vimt7SP6dFh1fbwj-hdhGC9sBweb5L8olBo_zJy2fuGbiuR4Z9g
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjYzNTkzMzk4MDMxNDg3NDA5NQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELNGzdN9kADE0tFbBQDmfDw&google_cver=1

43 B
398 B

101ms
14ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELNGzdN9kADE0tFbBQDmfDw&google_cver=1
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 26 Feb 2023 20:15:57 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 26 Feb 2023 20:15:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELNGzdN9kADE0tFbBQDmfDw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 4E54 35 B
464 B 43ms
11ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKoVIS8bQy1L7HUn5l2Zi10&google_cver=1&google_push=Aa02lx8H2seM-k4qc1vkwBuh4ahy6T45d1-Wx-MhnQ7oeATB9wlOgnUV9ldrnpjUj3dr1TR8C7LnPE9iJuKXGLsMOIH3iueHsVtBlQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 20:15:57 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 4E54 0
104 B 89ms
23ms Image
text/plain 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECHVNVnkDgySYRd7qj_vbgg&google_cver=1&google_push=Aa02lx_EkjdJ6UwUItgm72mRKzFVrsEZKGUwL9xG8wgknvW7J10IMliRsnT4J_ZlcPF7h5uBq-hsmORFJ1IYHyXz0vKj4VnxTD2lCg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 20:15:57 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4E54
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPi51QADm6xKFZFydIgJT7M&google_cver=1&google_push=Aa02lx-blQhEfl98ghPqHyZjZ3DD4ZvtagXGQG3k0oek3JezXToAvbEtH-e8FwpEOPF9O7WrQenpPuSCUJ0w5orO...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-blQhEfl98ghPqHyZjZ3DD4ZvtagXGQG3k0oek3JezXToAvbEtH-e8FwpEOPF9O7WrQenpPuSCUJ0w5orOmWveJx8YIX19Uak

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-blQhEfl98ghPqHyZjZ3DD4ZvtagXGQG3k0oek3JezXToAvbEtH-e8FwpEOPF9O7WrQenpPuSCUJ0w5orOmWveJx8YIX19Uak

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 20:15:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 26 Feb 2023 20:15:58 GMT
Server: MT3 530 4e92630 master cdg-pixel-x31 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-blQhEfl98ghPqHyZjZ3DD4ZvtagXGQG3k0oek3JezXToAvbEtH-e8FwpEOPF9O7WrQenpPuSCUJ0w5orOmWveJx8YIX19Uak
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 26 Feb 2023 20:15:57 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4E54
Redirect Chain

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEMyIi6eXHPo1yoVgTjg0O2U&google_cver=1&google_push=Aa02lx8e_QSq2HUCGssfRMlREE4YkHKmSmgWVaWO7f3x3UCyXwLOY2EsHnkLJV5nYD1RnEJTLvs6QO1...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=Aa02lx8e_QSq2HUCGssfRMlREE4YkHKmSmgWVaWO7f3x3UCyXwLOY2EsHnkLJV5nYD1RnEJTLvs6QO1IKyGTOFP2j5h0YEYFTieEdw0&google_hm=E3pcX3HiRLuI1q...

170 B
232 B

23ms
22ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=Aa02lx8e_QSq2HUCGssfRMlREE4YkHKmSmgWVaWO7f3x3UCyXwLOY2EsHnkLJV5nYD1RnEJTLvs6QO1IKyGTOFP2j5h0YEYFTieEdw0&google_hm=E3pcX3HiRLuI1q-tFt3b7IQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 20:15:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 26 Feb 2023 20:15:56 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=Aa02lx8e_QSq2HUCGssfRMlREE4YkHKmSmgWVaWO7f3x3UCyXwLOY2EsHnkLJV5nYD1RnEJTLvs6QO1IKyGTOFP2j5h0YEYFTieEdw0&google_hm=E3pcX3HiRLuI1q-tFt3b7IQ
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4E54
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBo9XpPSBQ_PR7B7p2s4KTQ&google_cver=1&google_push=Aa02lx8cpDSyeVP63gHXtbQFvIreHvy7PGnLZf8yNYD8dPvgD5vNTeiZ-Q-vmMqjmwPtg_0Ak_4G6ZYLHYVpnnlZDNfP...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBo9XpPSBQ_PR7B7p2s4KTQ&google_cver=1&google_push=Aa02lx8cpDSyeVP63gHXtbQFvIreHvy7PGnLZf8yNYD8dPvgD5vNTeiZ-Q-vmMqjmwPtg_0Ak_4G6ZYLHYVpnn...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx8cpDSyeVP63gHXtbQFvIreHvy7PGnLZf8yNYD8dPvgD5vNTeiZ-Q-vmMqjmwPtg_0Ak_4G6ZYLHYVpnnlZDNfP3t8mHTWfdv8&google_hm=b_KyGokITcasyIGm3N65...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx8cpDSyeVP63gHXtbQFvIreHvy7PGnLZf8yNYD8dPvgD5vNTeiZ-Q-vmMqjmwPtg_0Ak_4G6ZYLHYVpnnlZDNfP3t8mHTWfdv8&google_hm=b_KyGokITcasyIGm3N65iw==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 20:15:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx8cpDSyeVP63gHXtbQFvIreHvy7PGnLZf8yNYD8dPvgD5vNTeiZ-Q-vmMqjmwPtg_0Ak_4G6ZYLHYVpnnlZDNfP3t8mHTWfdv8&google_hm=b_KyGokITcasyIGm3N65iw==
date: Sun, 26 Feb 2023 20:15:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4E54
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEYcx_vooYwL8azk3zpqEEQ&google_cver=1&google_push=Aa02lx_x6O6g_FGQMR0RD5JrUv2wj0-Pj3KrS1kGfYfjpKeLKSEtmVtnFwFNcCHHD2e5YUuedZ5MvBun...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEYcx_vooYwL8azk3zpqEEQ&google_cver=1&google_push=Aa02lx_x6O6g_FGQMR0RD5JrUv2wj0-Pj3KrS1kGfYfjpKeLKSEtmVtnFwFNcCHHD2e5YUuedZ5...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTA0NjU2MDUyMzI5NTI0NTE3Mw&google_push=Aa02lx_x6O6g_FGQMR0RD5JrUv2wj0-Pj3KrS1kGfYfjpKeLKSEtmVtnFwFNcCHHD2e5YUuedZ5MvB...

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTA0NjU2MDUyMzI5NTI0NTE3Mw&google_push=Aa02lx_x6O6g_FGQMR0RD5JrUv2wj0-Pj3KrS1kGfYfjpKeLKSEtmVtnFwFNcCHHD2e5YUuedZ5MvBunGv8UieiV_XIpKxyZRdQBFA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 20:15:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 26 Feb 2023 20:15:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTA0NjU2MDUyMzI5NTI0NTE3Mw&google_push=Aa02lx_x6O6g_FGQMR0RD5JrUv2wj0-Pj3KrS1kGfYfjpKeLKSEtmVtnFwFNcCHHD2e5YUuedZ5MvBunGv8UieiV_XIpKxyZRdQBFA
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 4E54 0
49 B 46ms
24ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L2VVercTTs2QDpaYQRdYQ9wkUbXkg-WfjWLsByxgvGoSlINzPIKkXvTqtJundTJsf_4has

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 20:15:57 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js Show response
pagead2.googlesyndication.com/bg/ Frame AD8A 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8deb16eb44574c11f7fc262b3fb21c23016e46f1d8b8cc4e0184adc0c38d097

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 19:37:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14401
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 19:37:36 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AD8A 0
20 B 115ms
114ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BhTk7-737Y7jsGq2Mpt8Pt8GgyAQAAAAAOAHgBAI&bg=!QkGlQRXNAAZYlHKzeJQ7ADkAdvg8WtCFqeR6yng3KFjyiL2Bx7Bta_ZEt6J965NrU9A62-xIrjO8qcvkbqJCje9PfzVhjyjN_-8CAAAATlIAAAADaAEHmQLsDeoN4XYATO-5XT4Wez46o8nH6OIsvVo2-pEVuxJ1f5yrHfe2yI3g6EzXKp38y-itTb_BZsMqyN7TncO67g0w0u6xjUOYVsAt6tAQ9p1xtNmNigSLe2swIWf66Pf6JwstMVWlZy2V79EJKuruZxWpIGLnOthm2SY4wnFHO-g9u3oQhE1i4zqTPEmgZU9pPr03ZEkjaAhYH0QphAm3rNT35oKRq0Kws_pc0-k0EApaEjC4U2ZWBIDwvAknLOHjO1XFy9WGlJ40nY-Z_dqS3oYee1vHLhTCAT7jXizTk4v74fj3Lq4oYnyRDYKg8g9AplhYgl6eDuQQLOFUe9lgyh9ajurLBXrbBXHuS49-oIcqC_jCA3vFpe49BaXmWyhgAizJEjTmSbHZedoKlrdCmG5auNANpi3tfzCbstgHhbnD5rMQbg3Uxx4G-ir39Sx4h3WaoCZsY7S5v9EaMI-AK93Rw7Crfa3lRLn3M1aP_g53_qpKqDb5TE8Q_GunjXLtvG12hCwlnmpyva6YA8SKiwGcOB4aTjyp-716_HrKj8jS4OGbBwfxwfU_BVUIVWR257QUnk0yxRr0a1Y_z4rYrx9RwRiU6yMwtxVZlEkGW1l5wtBwEsx0T0PqORU4YFlWxsCxSHWOKa_KzShtK-RQ79F3k0ubZ3FVLg2-2nnvmBTec2deOZo1YoPKlJYmYWcjWQb2aKHRZ30P7Ve8_NDkNB1d8457OrDz8Yp5CVMktVYqWMCoMeSi94jD5bDjz8tBWXbd0qLSNYR_5nJ6P4Lt3tcE1l8Ri1ihDUDEAv29oY2_tn8_fL5lcnYGU6zASceCYofjrC-47jnywsNFONW0edG4nkyuiiFlMD9Z7JGNPF9PUTq7qlFIRPRVTliBvCdKhc9ntZ01b69xUX3RkF33MnDsUKa33am-YjIVK-TkR0iZhic0UgtA0DR6370L1ZkqvyCbuBdjXZUwvro6W7hGmyNqaOE4J6HMlqETYdKpZg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 20:15:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js Show response
pagead2.googlesyndication.com/bg/ Frame 9688 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8deb16eb44574c11f7fc262b3fb21c23016e46f1d8b8cc4e0184adc0c38d097

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 19:37:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14401
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 19:37:36 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BD06 42 B
64 B 122ms
122ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssfDLvUCciL3u-vOurTQWop8O7gnn-pGPcZ3GB3z57-bRgV2XEZ_TeDOU4uy5bLxDmgzDByecO6BJ7YXZOyszXMdhwKs_ZIchqfEU4_ZWdezEbEAZj8CvtsPhJNK8Eg_gTl81ccBw&sai=AMfl-YSkc5xlJIPhgZNU4YHjbL4Oxrt5d2gF4VxR3FHEh6wUhgQtmCqQtt7pZ9gmYKpuiISpP3MjZ_nub0XgdaDjK6Actjp1Rpov9PjftRmLK2NepuhVpBACnitfoCI&sig=Cg0ArKJSzOfGN49fP-3PEAE&cid=CAQSOwDUE5ymTFVIPCRZ_AyaEJlYLrn6pP8jf7mfikpcgpjF3KjnMEJ_iBFZE6CMQxyStpPvG-2bxRSgTlX4GAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=843,1000,1000,1000,1000&tos=843,157,0,0,0&v=20230222&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1677442557095&rpt=789&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 20:15:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 4757 0
54 B 124ms
124ms Ping
image/gif 2a00:1450:4028:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&puid=2~leltzl9i&c=8746527550743&slotId=4373263775371.5&qqid=CPbVl72AtP0CFS2G6QUdtyAISQ&umsem=0&ple=1&ape=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/0faeecb3a309cf165ac6d2c796b7ad67.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4028:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 20:15:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

288 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tomovl.ru/	1969-12-31 23:59:59	Name: hotlog Value: 1
.yandex.ru/	1970-01-20 19:33:22	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-20 19:33:22	Name: is_gdpr_b Value: CIG7UxD3qAEYAQ==
.yandex.ru/	1970-01-20 19:33:22	Name: i Value: vBfXKdxmXEuaYHvENZpZKSZL4QRn1UdQ3HGCPR5NrcBfPP+M2Q0reYGzEslF3LD52e7rEDvuCMJI/PzPw7cG0AEbe2c=
.yandex.ru/	1970-01-20 18:42:58	Name: yashr Value: 8733551531677442554
.rambler.ru/	1970-01-20 19:33:22	Name: ruid Value: 1CIAAPq9+2PQSEQ3AQDNbAB=
.tomovl.ru/	1970-01-20 18:42:58	Name: adtech_uid Value: 2ab358ab-22ab-4640-80b4-82300bead0ac%3Atomovl.ru
.tomovl.ru/	1970-01-20 18:42:58	Name: top100_id Value: t1.1230048.1017430967.1677442554354
.tomovl.ru/	1970-01-20 19:33:22	Name: last_visit Value: 1677442554356%3A%3A1677442554356
.tomovl.ru/	1970-01-20 18:42:58	Name: t3_sid_1230048 Value: s1.978916524.1677442554355.1677442554357.1.2
.tomovl.ru/	1970-01-20 19:18:58	Name: __gads Value: ID=1885e4afc4c91f60-228f4abe1add0090:T=1677442554:RT=1677442554:S=ALNI_MbAy5ISt6IA9a8w4gUNFxrheZk8Jg
.tomovl.ru/	1970-01-20 19:18:58	Name: __gpi Value: UID=00000bbc520995fb:T=1677442554:RT=1677442554:S=ALNI_MZ-9uNHaq_gKb3xuKzhX-fG1xU09w
.tomovl.ru/	1969-12-31 23:59:59	Name: __utmc Value: 180340513
.tomovl.ru/	1970-01-20 14:20:10	Name: __utmz Value: 180340513.1677442554.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.tomovl.ru/	1970-01-20 09:57:23	Name: __utmt Value: 1
.tomovl.ru/	1970-01-20 19:33:22	Name: __utma Value: 180340513.112705650.1677442554.1677442554.1677442554.1
.tomovl.ru/	1970-01-20 09:57:24	Name: __utmb Value: 180340513.1.10.1677442554
.yadro.ru/	1970-01-20 18:41:34	Name: FTID Value: 1Z-xtw3dXW8V1Z-xtw003SV4
.yadro.ru/	1970-01-20 18:41:34	Name: VID Value: 1UENEb1LjtOV1Z-xtw003SVh
.mail.ru/	1970-01-20 18:44:24	Name: VID Value: 0epNQp1WOsIF00000p1cP4IF:::0-0-0-91616ba:CAASEDenzyg4ENj-DHk5UIGtAb4aYIL3izRxV6nMIua9oQdZ20IvBFODgrOgJauDoHLOWupqmybOpyrTPyj-aOmeRWnC8PKnvrBU24UXzEB7QSP8ppOqwHOquak7z0rm6HP6fo5yR1i7b9ZdNG13D49Ss3uSew
.doubleclick.net/	1970-01-20 19:18:58	Name: IDE Value: AHWqTUlTS19wkWswLYdql8SVldCuX9_08Ai86lw3OroxRqpYevPIF_l8luW3UK97VCM
.casalemedia.com/	1970-01-20 18:42:58	Name: CMID Value: Y-u9-VHcSf9USX9cdxj2fAAA
.casalemedia.com/	1970-01-20 12:06:58	Name: CMPS Value: 2163
.casalemedia.com/	1970-01-20 12:06:58	Name: CMPRO Value: 2163
.ctnsnet.com/	1970-01-20 18:42:58	Name: cid_8086bc3481be4aeb9ebd56d75889c2e8 Value: 1
.ctnsnet.com/	1970-01-20 18:42:58	Name: gid_CAESEMyIi6eXHPo1yoVgTjg0O2U Value: 1
.ctnsnet.com/	1970-01-20 18:42:58	Name: cid_137a5c5f71e244bb88d6afad16dddbec Value: 1
.quantserve.com/	1970-01-20 12:06:58	Name: d Value: EAEBCQGxKIEA
.quantserve.com/	1970-01-20 19:27:36	Name: mc Value: 63fbbdfd-e48d1-91be2-a3c36
.adform.net/	1970-01-20 10:37:41	Name: C Value: 1
.adnxs.com/	1970-01-20 12:06:58	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In8vvd68!]tbPl1M>e)ZlrFUfJ+tGXxp2NVfPIP8F[WGMJWjF70MRXpZ+Bb#q+@s+lwN3If)y3KL9D3I?+vDn%Lq
.adform.net/	1970-01-20 11:23:46	Name: uid Value: 5046560523295245173
.adnxs.com/	1970-01-20 12:06:58	Name: uuid2 Value: 868980129601110010
.bidswitch.net/	1970-01-20 18:42:58	Name: c Value: 1677442558
.bidswitch.net/	1970-01-20 18:42:58	Name: tuuid_lu Value: 1677442558
.bidswitch.net/	1970-01-20 18:42:58	Name: tuuid Value: 6ff2b21a-8908-4dc6-acc8-81a6dcdeb98b
.bidswitch.net/	1970-01-20 09:57:22	Name: google_push Value: Aa02lx8cpDSyeVP63gHXtbQFvIreHvy7PGnLZf8yNYD8dPvgD5vNTeiZ-Q-vmMqjmwPtg_0Ak_4G6ZYLHYVpnnlZDNfP3t8mHTWfdv8
.tribalfusion.com/	1970-01-20 12:06:58	Name: ANON_ID Value: aVnseFpyXahbqiVREF6pmhxaYc3kA5U6Lnhb2cYorub409aGZaSZaRvbcY6M4Ie8BDq1vNuJUBj51Cf9elNUZd7
.turn.com/	1970-01-20 14:16:34	Name: uid Value: 2707991574352802031
.mathtag.com/	1970-01-20 10:40:34	Name: mt_mop Value: 4:1677442558
.mathtag.com/	1970-01-20 19:23:17	Name: uuid Value: 6b1063fb-bdfe-4600-b9e4-531fca0b1927

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.translate.ru/App_Themes/Default/promt_transl.css Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: http://tomovl.ru/(Line 1346) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://tomovl.ru/(Line 1346) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: http://hit24.hotlog.ru/cgi-bin/hotlog/count?0.17588335701911095&s=466520&im=33&r=&pg=http%3A//tomovl.ru/&c=Y&j=N&wh=1600x1200&px=24&js=1.3& Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
adservice.google.com
adservice.google.de
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
counter.rambler.ru
counter.yadro.ru
csi.gstatic.com
d1.c8.b8.a0.top.mail.ru
dclk-match.dotomi.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hit24.hotlog.ru
i1.ytimg.com
ib.adnxs.com
ipac.ctnsnet.com
kraken.rambler.ru
pagead2.googlesyndication.com
partner.googleadservices.com
r.turn.com
rr1---sn-n02xgoxufvg3-2gb6.googlevideo.com
s.tribalfusion.com
s0.2mdn.net
sync.mathtag.com
sync.teads.tv
tomovl.ru
top-fwz1.mail.ru
top100-images.rambler.ru
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.translate.ru
www.yandex.ru
x.bidswitch.net
141.95.147.42
142.250.186.98
142.250.74.194
185.29.134.244
185.80.39.216
185.89.210.20
195.24.68.27
23.35.209.30
2606:4700::6812:18ad
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:802::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:828::2002
2a00:1450:400d:803::2002
2a00:1450:400d:806::2003
2a00:1450:400d:806::200e
2a00:1450:400d:807::2006
2a00:1450:400d:80a::2001
2a00:1450:400d:80c::200a
2a00:1450:400d:80c::200e
2a00:1450:400d:80d::2002
2a00:1450:400d:80d::2004
2a00:1450:4028:808::2003
2a01:28:cb6:5::c
2a02:6b8:a::a
2a02:fa8:8806:12::1400
35.158.143.193
35.186.193.173
37.157.3.29
46.228.164.11
81.19.89.1
81.19.89.18
88.212.202.52
89.208.236.251
95.163.52.67
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
07445ff60f0a3cb761a2342d0b83604e328f609f096b81a0728f7d81ee58a1f7
076fec274b1ebaf4704a5502586a85dc29b658e6b31e580439b1d218ba088312
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f
0f0cd445bb22b33aeb4a529c59a5c05f182ad04e84d94b1ac31bcfaada973b18
0fe0a58e10ee501d295849f7b8765d2c11600cc6248bfe64c49e3e478c820238
109212df25a909956bddefd27408d87d863d929667168d2aeb91d48c956af626
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15bd50925667bd5e94a81241ee34d7c2880e52622736a3deb5db79dc790aec3c
15e749617a3856bfaa4d2cea0c50d88366d2b579841bd5a45bd2d34062babc51
1943f297415551e3b9bfb317eb4b00fd40a5bd4a661360092d2cf50fb4c49ce1
19ef0cfcfa80b549ae75382262603a2c3aaaf345d153fcc8c42dd828416ec04d
1a89e1646dc0dc84af5c8df4ebf3c2fc2b840dd141010f693366f5f522ea0aed
2018c2c7be49718e4f9f69ed0d251bde53e474abf7447a48df75ca3679d35d99
22d7c4a686d6edcb5d00ec6cf45576936feaa9baedd706e450357a648cd332f1
23dbd7e4a8fa130e1e1c909aa674be13770b100818dafbc4872d280d22a1c019
246a708a3f728535719fa61f7229afa4f6024ab8d09c67d7906902ce017ebd1f
29dbbf83c5d79269786b7e20a0eddd119ce4839f0cf62b1e5c68361c04884d4c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
343ff5df036dc162413e715d2c8cbb2864126b3bdbd748ebbb342067e2acda1b
3cbc92b67087ed9141a3c50762fa0e426492e6b042607f8af5606969ee2160b5
3deda25f1d4dacb2dcb6291e32e305b3390f6225a657f45ce798101dcfcb9865
3e13369e5c528a4598007330a7d572dadd181e268d0cf87ba7b62fd7668597f8
407c80621cd5d52b2ff0c9e4456c0eaaf6f25db20210260d51e6ee6f2206233f
40977f0162072cd56fc196d9485be2ab86166842349f7d883dceec9d74eae5fc
42398e5b5f0f3620e24d596156d6bbde7860fc12e792d6a6b0c595ccc23b3228
42bfcc13f63c3b068a4f59c188ad224ab48d2e3d91ce033311da926be2327249
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
46abfed768a0d5ad458c205fbe6cf52c36cf2aedcb4351b3de3ab61045f51963
488a4627236cc2f23412ad1012415424c826bdbbe811811735b986b2aa71f4ae
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bada45d6d0bde61a8a829f491881ceefb14c569f30da6f7971b355204e869d7
4c4a6aab18dacdf39d247899fc74910cccfa0da29c6948d75abcf019249195d2
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51407eb068a051c1910a368920d4f4736465d43a5f108948881baafb2223086e
523a762a2e0f2f38da68673442e1f2101cd4e62f8a6309313a0b04b6ba42889e
53625dc9abafe6198e9a4d0d5df429f4c73a072a6ecba60217aa8875bafba5e8
55a10e0744127dab3fe0bc5861569205a5c3854b77613ca6df25932477374ca8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d7f54ff45ad4a33437a8d5fe6ade75b855e6f74c5048961cbd2544f10bf24df
5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140
5f77ff3ae853e97cdfde0db8a61d73850000171f4e24bb114c278d4301ca9fe3
605a577ce3ca37a29c4e3ce5714654baf0af9fb0d92775561f06a32c43257d92
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62e173614a753fa54f2bceff8f2ecf868e0567984e5877b4c789bcac18d03988
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
66ab49e4367e89b0fd36b303ac185d5cc4f23f685cda01fb6aff30008fba9aa0
7152bae2ae9768a42e58ad044d8285a89ee0b7fec8ae6b61fcff29ca614e43f4
7627e9cb7246cb72b4e386eae36497ab07ea6df3fcfb04681d958e62ba59dbf0
7631b16bc768f7a4d7cbe7c5cb5fc09366a104e40115551a0412a22f71dcc65f
80a888e9bed6c597393c6d698f2596d3e3bde085a4da1cfd484fe511e57a64dd
82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8395ed638bdee890040856d2713be31d39911b72ed1973b13c9d13806b7c4af5
8a71e49bc4a1869ad25bdefb418ebdf7f97003ad6cdea52fcadfd4515fef4b69
909e4f36928b8676e7947d125e90b8c2baee1afc6c0dead2ddc05a665811470a
9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858
95db653da5f6f9f12916173fdb139aaac0810118bd91139c07f9555b68745489
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9caa515b5db246102b0c0c032412af5597502959c5aba329431b8f19870efc0a
9cdb4dd08ba584cdf21b63932a8834d79969701403ef62afb63f0c6f436e6c0f
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ae837c647be3e7bbabd9cb8942bcf5032f33cecdb04c458523400179094b1773
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3cb29a8eda26f3e359882e0ca26fb5a9bd853a665f734398b18adfd67deadb8
b66c4541d058a2005ca27becc4eef3ad8402fa18bb8792549c9e7436e42b8392
b756a0698ba982c931f30408cd7ce52cbeb839a9d97033e1527bd8a9d71b650a
b98aa71b757c146f181b798bcb8df45190bf5c8a6604f71c50ab470c9246dc66
bc14f528f368120b3978cfabb1684f86e3d2afee918525b5ed54ad1ddaa6396c
bcb8e9667fee5c5c7234c9dd4c1d013347f1a71301a4d531c5e9708eb5e1c7ec
beb096d961eed810d2c5b624a5969d3036d0eaa0295ede58196e55f478a66a3c
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c68fa57296a23747840558f1cb1ba3734918ed07a19279c127a7d84bd606c777
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d02edc01eacfb2e82a4b6b586e457eb9e1eb13c3bab2379d53a4c5bb0ad57497
d1406c6bb5d4abd04fd6aed26ffae6fa80646d37fa39c8e2d8aefa549b095d9a
d615794db5b7f748f8f0bd791358c0bfa209d08f225ca508f85c096fbe7e9e6e
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d898033d8910149c3f11ca9adff9e0c0da00b5fd33af3e44064b1a1591cf040b
dbc77324ac8ac6a3c2cc6e5ed8e6462256b7e7139c050e07d9e10ac75920ce4c
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e14ff3e75a1030bfcc4f49ce62a2036c3f239b81339024d1745b581ca4e76b35
e369729a6df8e3540c9d3159bf7f9a7f7a5082465465636168d484ad33d7ac62
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5868a14238ba3fd43b1922aa6db736f4b05970b5162451f6e89c0fd70e84b08
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8deb16eb44574c11f7fc262b3fb21c23016e46f1d8b8cc4e0184adc0c38d097
ecb0ce72618810f0edf1085b026b45d33ec586f472820b56c6a19512120b5fb1
ed5cd04f9084bbb3748bade55d29d3904653211c5570598a3c973f7aeea4cba9
eded262e09382cfeea00c85a3c7275601aefe6f5ed388acd844f6eaae755c424
ee42570ce6b101c2aced1cf8b2fa5537ab2f8e11b68d0ef4facf9903ff101d23
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f063882869b6ccb71a081601c8660bb0713d2d337c223942f2cc5ad4e6752a53
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8b9d51181048a330e7dc0596e60626a6b57a4e1bf14582d5a6ad76c1387ac39
fd6eae323e7aedddd74ed7b76319dc6999a86e0e9170ade28c887bcf9b0063b8

tomovl.ru Open in urlscan Pro 195.24.68.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

167 Requests

61 %HTTPS

54 %IPv6

30 Domains

41 Subdomains

34 IPs

11 Countries

2597 kBTransfer

4439 kBSize

41 Cookies

6 Outgoing links

Redirected requests

167 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tomovl.ru Open in urlscan Pro
195.24.68.27 Public Scan

Screenshot
Live screenshot

Full Image

167
Requests

61 %
HTTPS

54 %
IPv6

30
Domains

41
Subdomains

34
IPs

11
Countries

2597 kB
Transfer

4439 kB
Size

41
Cookies

167 HTTP transactions
6 data transactions