urlscan.io logo urlscan.io
SecurityTrails logo

domaferma.com Open in urlscan Pro
5.253.61.99  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://domaferma.com/
Effective URL: https://domaferma.com/
Submission: On February 14 via manual from RU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 5 countries across 13 domains to perform 97 HTTP transactions. The main IP is 5.253.61.99, located in Russian Federation and belongs to ADMINVPS, RU. The main domain is domaferma.com.
TLS certificate: Issued by R3 on February 4th 2023. Valid for: 3 months.
This is the only time domaferma.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

23    5.253.61.99 (Russian Federation)

ASN211642 (ADMINVPS, RU)
PTR: isp22.adminvps.ru
domaferma.com
1    2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
yandex.ru
12    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
12    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
7    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
7    2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
yastatic.net
2    80.239.201.95 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 80-239-201-95.teliacarrier-cust.com
mc.webvisor.org
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
5    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
www.googletagservices.com
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
17    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
6    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn2.gstatic.com
2    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
2    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn1.gstatic.com
1    2a00:1450:400d:80e::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
29 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 132
tpc.googlesyndication.com — Cisco Umbrella Rank: 174
374 KB
23 domaferma.com
domaferma.com
509 KB
14 gstatic.com
www.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
282 KB
11 yandex.ru
yandex.ru — Cisco Umbrella Rank: 1194
mc.yandex.ru — Cisco Umbrella Rank: 2228
87 KB
7 yastatic.net
yastatic.net — Cisco Umbrella Rank: 4238
183 KB
7 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
86 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 226
144 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 129
www.google.com — Cisco Umbrella Rank: 18
2 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 5587
696 B
2 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 7221
749 B
2 webvisor.org
mc.webvisor.org — Cisco Umbrella Rank: 17214
862 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1072
602 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 468
86 KB
97 13
Domain Requested by
23 domaferma.com 1 redirects domaferma.com
17 tpc.googlesyndication.com 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
12 pagead2.googlesyndication.com domaferma.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
10 mc.yandex.ru 4 redirects domaferma.com
cdn.jsdelivr.net
7 yastatic.net yandex.ru
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
domaferma.com
6 encrypted-tbn2.gstatic.com googleads.g.doubleclick.net
3 www.gstatic.com googleads.g.doubleclick.net
3 www.googletagservices.com googleads.g.doubleclick.net
2 encrypted-tbn0.gstatic.com googleads.g.doubleclick.net
2 encrypted-tbn3.gstatic.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 mc.yandex.com 1 redirects domaferma.com
2 mc.webvisor.org 1 redirects domaferma.com
1 www.google.com tpc.googlesyndication.com
1 encrypted-tbn1.gstatic.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cdn.jsdelivr.net domaferma.com
1 yandex.ru domaferma.com
97 20

This site contains no links.

Subject Issuer Validity Valid
domaferma.com
R3		 2023-02-04 -
2023-05-05		 3 months crt.sh
*.xn--d1acpjx3f.xn--p1ai
GlobalSign ECC OV SSL CA 2018		 2023-02-01 -
2023-08-01		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-10-18 -
2023-03-30		 5 months crt.sh
*.yastatic-net.ru
GlobalSign ECC OV SSL CA 2018		 2023-02-01 -
2023-08-01		 6 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh

This page contains 11 frames:

Primary Page: https://domaferma.com/
Frame ID: B32B1D8BDF762DA828A5DF5542ED8B33
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230209/r20190131/zrt_lookup.html
Frame ID: 7A30F30B099BA4192E9FA8C3356F8F49
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7885105808047817&output=html&adk=1812271804&adf=1573534164&lmt=1676368798&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fdomaferma.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676368798213&bpp=4&bdt=358&idt=235&shv=r20230209&mjsv=m202302080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=796607805997&frm=20&pv=2&ga_vid=259825812.1676368798&ga_sid=1676368798&ga_hid=1182506388&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C44782467%2C31072227%2C31071662&oid=2&pvsid=2332821167241905&tmod=1853219399&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=278
Frame ID: 811287B71268AF425F99724A863731F4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/zrt_lookup.html?fsb=1
Frame ID: 64A1005C30BBFE7C2D6055643EE74C02
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/zrt_lookup.html?fsb=1
Frame ID: 45934E4C1169335B98ECC7CFBF92B7CB
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/zrt_lookup.html?fsb=1
Frame ID: B6E07CDB907398C68684A6E2074D3034
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F935D0B856DA5AD390F4F74FE6AC1E17
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DB5FEC15E81BCCD955AEB267F9B7D2EB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EWloDjzMQOvRZmCEufFfn6ZrYQ_lvyXFrAdKlYrDV_0.js
Frame ID: 3407F0490DC83717BE255D6D0C21876D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EWloDjzMQOvRZmCEufFfn6ZrYQ_lvyXFrAdKlYrDV_0.js
Frame ID: DEF555681C2653A0C760377B3459D717
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EWloDjzMQOvRZmCEufFfn6ZrYQ_lvyXFrAdKlYrDV_0.js
Frame ID: 73FC4A19E0FF21CA815B13AED5837A6D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Содержание и разведение птицы и других животных на собственной ферме с Евгением Кулешовым - DomaFerma.com – реальные советы по разведению животных: уход, лечение, условия содержания, кормление, размножение

Page URL History Show full URLs

  1. http://domaferma.com/ HTTP 301
    https://domaferma.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • select2(?:\.min|\.full)?\.js
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

97
Requests

95 %
HTTPS

89 %
IPv6

13
Domains

20
Subdomains

19
IPs

5
Countries

1752 kB
Transfer

4805 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://domaferma.com/ HTTP 301
    https://domaferma.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fdomaferma.com%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A1130%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A955005807321%3Ahid%3A233293727%3Az%3A0%3Ai%3A20230214095958%3Aet%3A1676368798%3Ac%3A1%3Arn%3A966099941%3Arqn%3A1%3Au%3A1676368798316056249%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C136%2C655%2C2%2C134%2C0%2C%2C236%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1676368796927%3Ast%3A1676368798&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fdomaferma.com%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A1130%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A955005807321%3Ahid%3A233293727%3Az%3A0%3Ai%3A20230214095958%3Aet%3A1676368798%3Ac%3A1%3Arn%3A966099941%3Arqn%3A1%3Au%3A1676368798316056249%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C136%2C655%2C2%2C134%2C0%2C%2C236%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1676368796927%3Ast%3A1676368798&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Request Chain 25
  • https://mc.yandex.ru/watch/49939066?wmode=7&page-url=https%3A%2F%2Fdomaferma.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A1130%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1432781670647%3Ahid%3A233293727%3Az%3A0%3Ai%3A20230214095958%3Aet%3A1676368798%3Ac%3A1%3Arn%3A58401905%3Arqn%3A1%3Au%3A1676368798316056249%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C136%2C655%2C2%2C134%2C0%2C%2C236%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1676368796927%3Arqnl%3A1%3Ast%3A1676368798%3At%3A%D0%A1%D0%BE%D0%B4%D0%B5%D1%80%D0%B6%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%B8%20%D1%80%D0%B0%D0%B7%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%BF%D1%82%D0%B8%D1%86%D1%8B%20%D0%B8%20%D0%B4%D1%80%D1%83%D0%B3%D0%B8%D1%85%20%D0%B6%D0%B8%D0%B2%D0%BE%D1%82%D0%BD%D1%8B%D1%85%20%D0%BD%D0%B0%20%D1%81%D0%BE%D0%B1%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D0%BE%D0%B9%20%D1%84%D0%B5%D1%80%D0%BC%D0%B5%20%D1%81%20%D0%95%D0%B2%D0%B3%D0%B5%D0%BD%D0%B8%D0%B5%D0%BC%20%D0%9A%D1%83%D0%BB%D0%B5%D1%88%D0%BE%D0%B2%D1%8B%D0%BC%20-%20DomaFerma.com%20%E2%80%93%20%D1%80%D0%B5%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%20%D1%81%D0%BE%D0%B2%D0%B5%D1%82%D1%8B%20%D0%BF%D0%BE%20%D1%80%D0%B0%D0%B7%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D1%8E%20%D0%B6%D0%B8%D0%B2%D0%BE%D1%82%D0%BD%D1%8B%D1%85%3A%20%D1%83%D1%85%D0%BE%D0%B4%2C%20%D0%BB%D0%B5%D1%87%D0%B5%D0%BD%D0%B8%D0%B5%2C%20%D1%83%D1%81%D0%BB%D0%BE%D0%B2%D0%B8%D1%8F%20%D1%81%D0%BE%D0%B4%D0%B5%D1%80%D0%B6%D0%B0%D0%BD%D0%B8%D1%8F%2C%20%D0%BA%D0%BE%D1%80%D0%BC%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5%2C%20%D1%80%D0%B0%D0%B7%D0%BC%D0%BD%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D0%B5&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/49939066/1?wmode=7&page-url=https%3A%2F%2Fdomaferma.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A1130%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1432781670647%3Ahid%3A233293727%3Az%3A0%3Ai%3A20230214095958%3Aet%3A1676368798%3Ac%3A1%3Arn%3A58401905%3Arqn%3A1%3Au%3A1676368798316056249%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C136%2C655%2C2%2C134%2C0%2C%2C236%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1676368796927%3Arqnl%3A1%3Ast%3A1676368798%3At%3A%D0%A1%D0%BE%D0%B4%D0%B5%D1%80%D0%B6%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%B8%20%D1%80%D0%B0%D0%B7%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%BF%D1%82%D0%B8%D1%86%D1%8B%20%D0%B8%20%D0%B4%D1%80%D1%83%D0%B3%D0%B8%D1%85%20%D0%B6%D0%B8%D0%B2%D0%BE%D1%82%D0%BD%D1%8B%D1%85%20%D0%BD%D0%B0%20%D1%81%D0%BE%D0%B1%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D0%BE%D0%B9%20%D1%84%D0%B5%D1%80%D0%BC%D0%B5%20%D1%81%20%D0%95%D0%B2%D0%B3%D0%B5%D0%BD%D0%B8%D0%B5%D0%BC%20%D0%9A%D1%83%D0%BB%D0%B5%D1%88%D0%BE%D0%B2%D1%8B%D0%BC%20-%20DomaFerma.com%20%E2%80%93%20%D1%80%D0%B5%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%20%D1%81%D0%BE%D0%B2%D0%B5%D1%82%D1%8B%20%D0%BF%D0%BE%20%D1%80%D0%B0%D0%B7%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D1%8E%20%D0%B6%D0%B8%D0%B2%D0%BE%D1%82%D0%BD%D1%8B%D1%85%3A%20%D1%83%D1%85%D0%BE%D0%B4%2C%20%D0%BB%D0%B5%D1%87%D0%B5%D0%BD%D0%B8%D0%B5%2C%20%D1%83%D1%81%D0%BB%D0%BE%D0%B2%D0%B8%D1%8F%20%D1%81%D0%BE%D0%B4%D0%B5%D1%80%D0%B6%D0%B0%D0%BD%D0%B8%D1%8F%2C%20%D0%BA%D0%BE%D1%80%D0%BC%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5%2C%20%D1%80%D0%B0%D0%B7%D0%BC%D0%BD%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D0%B5&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Request Chain 41
  • https://mc.webvisor.org/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9914.Z9yvfTDuglAgWFgsEcEypF2ShJ0fxhGkgoBRZkeOzMgd-PInxNxFLYh4AJYAd_K-.pz90wfiF7Rd2ozEKV3sibTJyarQ%2C HTTP 302
  • https://mc.webvisor.org/sync_cookie_image_decide?token=9914._jAhMZ-qLOuVJwXRB-0A-20Gucg8o8-bZRHVHB7VM4cZF6J-lEBeKSKpQuEMUeqLHmxN7ppZdqgz2stnBqbAJqKNW2deEJk60rd1t7ZWrPuKHZxloqPI3hv821c-od5HUWwdigNGoV4Z1UrgvtgrRLftgD6bqiPVlj0zatNJl3dLJJF2s82X9M7jaNr0HfEfdsO5LO6dnzJm3kfH9rlQ5W33RDPoeDJwbKdFzdNtQIk%2C.1DqnQjvskD9Lg4a38HWsRefdmjk%2C
Request Chain 42
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9914.F78Q24TXlYDkCMVXda79nxLn_Hdz6gQIoc3xjaZJ7hIQnAJpuqWYtTFJZzdjLwe2.mdnCRgQyBMFnKZEcfcsmfAWMbrY%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9914.RdV7g_UNy838bnwu4xgttGrHrXmmITiKb1mN6ju2tk9GIwP94kNL2PqJFhsd1C7GktvAjYJmh08sZLIFViwGBUtTCuY6IEwCXHclvbf6Dq6BbDyiU1pTVcfZxj7zIH3Tqk0Ro54zevWxGQjdz12uLYyqybRwa21R2TM_t3-Onqj83Y5gRw8z-CWjqwG5Q3GGhPvHx8Z4odKTbL_CYrmhfwGfRkK692Y1fX-7KVTBPHM%2C.QmvyY4946lIhqmeRJDgpJ_N3f_8%2C
Request Chain 89
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC39PXNmgEQ0A8Y9AMyCNipC7SEG4zk HTTP 301
  • https://tpc.googlesyndication.com/simgad/3953431504011786656

97 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
domaferma.com/
Redirect Chain
  • http://domaferma.com/
  • https://domaferma.com/
146 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://domaferma.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.253.61.99 , Russian Federation, ASN211642 (ADMINVPS, RU),
Reverse DNS
isp22.adminvps.ru
Software
nginx/1.20.1 /
Resource Hash
2befb3b4b146aa2946b5be31a86ff1c99ec138cc6a94edd5b5ae1671666750b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 14 Feb 2023 09:59:57 GMT
expires
Tue, 14 Feb 2023 09:59:57 GMT
server
nginx/1.20.1
strict-transport-security
max-age=31536000;
vary
X-Forwarded-Proto,Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Tue, 14 Feb 2023 09:59:56 GMT
Location
https://domaferma.com:443/
Server
nginx/1.20.1
Transfer-Encoding
chunked
f0709353b0e09032864f56693f47fbb1.css
domaferma.com/wp-content/cache/min/1/ 		434 KB
70 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://domaferma.com/wp-content/cache/min/1/f0709353b0e09032864f56693f47fbb1.css
Requested by
Host: domaferma.com
URL: https://domaferma.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.253.61.99 , Russian Federation, ASN211642 (ADMINVPS, RU),
Reverse DNS
isp22.adminvps.ru
Software
nginx/1.20.1 /
Resource Hash
978b751467062c4f4c30543b1c8a73fece527dbaa8ac5e6c4bb4eaa1d544d1c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domaferma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:57 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Wed, 04 Jan 2023 11:01:10 GMT
server
nginx/1.20.1
etag
W/"63b55c76-6c726"
vary
Accept-Encoding
content-type
text/css
jquery.min.js
domaferma.com/wp-includes/js/jquery/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://domaferma.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: domaferma.com
URL: https://domaferma.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.253.61.99 , Russian Federation, ASN211642 (ADMINVPS, RU),
Reverse DNS
isp22.adminvps.ru
Software
nginx/1.20.1 /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domaferma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:57 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Fri, 04 Nov 2022 12:21:52 GMT
server
nginx/1.20.1
etag
W/"636503e0-15e54"
vary
Accept-Encoding
content-type
application/javascript
flatpickr.min.js
domaferma.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/ 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://domaferma.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=4.5.2
Requested by
Host: domaferma.com
URL: https://domaferma.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.253.61.99 , Russian Federation, ASN211642 (ADMINVPS, RU),
Reverse DNS
isp22.adminvps.ru
Software
nginx/1.20.1 /
Resource Hash
1f77f1c60435921cb2d68ccfb3bf2da81dd35f274014c4cd5a5b9c20c4a46a27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domaferma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:57 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Wed, 04 Jan 2023 10:54:35 GMT
server
nginx/1.20.1
etag
W/"63b55aeb-c5ad"
vary
Accept-Encoding
content-type
application/javascript
select2.min.js
domaferma.com/wp-content/plugins/wp-user-avatar/assets/select2/ 		69 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://domaferma.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=4.5.2
Requested by
Host: domaferma.com
URL: https://domaferma.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.253.61.99 , Russian Federation, ASN211642 (ADMINVPS, RU),
Reverse DNS
isp22.adminvps.ru
Software
nginx/1.20.1 /
Resource Hash
00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domaferma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:57 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Wed, 04 Jan 2023 10:54:35 GMT
server
nginx/1.20.1
etag
W/"63b55aeb-114c3"
vary
Accept-Encoding
content-type
application/javascript
context.js
yandex.ru/ads/system/ 		276 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: domaferma.com
URL: https://domaferma.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
edd2e87319b96c95251f7562f2e4cec823e9d3d88d5d08d3bb8560a730980cbe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domaferma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-yandex-req-id
1676368798189751-14846535755197903544-vla1-2655-vla-l7-balancer-8080-BAL-9716
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Tue, 14 Feb 2023 10:59:58 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7885105808047817
Requested by
Host: domaferma.com
URL: https://domaferma.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2cc14302853152b4cf0190c93c642fd13006bf190b328892bd2644a4a35a97e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://domaferma.com/
Origin
https://domaferma.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50084
x-xss-protection
0
server
cafe
etag
2451756273410037233
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 14 Feb 2023 09:59:58 GMT
roboto-normal-400.woff2
domaferma.com/wp-content/uploads/omgf/google-fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://domaferma.com/wp-content/uploads/omgf/google-fonts/roboto-normal-400.woff2
Requested by
Host: domaferma.com
URL: https://domaferma.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.253.61.99 , Russian Federation, ASN211642 (ADMINVPS, RU),
Reverse DNS
isp22.adminvps.ru
Software
nginx/1.20.1 /
Resource Hash
b84ae544e7ffeecf69601bcec8d1f5e33a7ce1976136a09ff46c4659e1bac7be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://domaferma.com/
Origin
https://domaferma.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000;
last-modified
Tue, 13 Oct 2020 10:38:22 GMT
server
nginx/1.20.1
vary
X-Forwarded-Proto,Accept-Encoding
cache-control
max-age=2592000
accept-ranges
bytes
content-length
22451
expires
Thu, 16 Mar 2023 09:59:57 GMT
roboto-normal-700.woff2
domaferma.com/wp-content/uploads/omgf/google-fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://domaferma.com/wp-content/uploads/omgf/google-fonts/roboto-normal-700.woff2
Requested by
Host: domaferma.com
URL: https://domaferma.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.253.61.99 , Russian Federation, ASN211642 (ADMINVPS, RU),
Reverse DNS
isp22.adminvps.ru
Software
nginx/1.20.1 /
Resource Hash
6f3cfe22a37379062037503f2a92084f531e0478d78946ddbadacb13745cd64e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://domaferma.com/
Origin
https://domaferma.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000;
last-modified
Tue, 13 Oct 2020 10:38:22 GMT
server
nginx/1.20.1
vary
X-Forwarded-Proto,Accept-Encoding
cache-control
max-age=2592000
accept-ranges
bytes
content-length
22559
expires
Thu, 16 Mar 2023 09:59:57 GMT
noto-sans-normal-400.woff2
domaferma.com/wp-content/uploads/omgf/anycomment-google-font/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://domaferma.com/wp-content/uploads/omgf/anycomment-google-font/noto-sans-normal-400.woff2
Requested by
Host: domaferma.com
URL: https://domaferma.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.253.61.99 , Russian Federation, ASN211642 (ADMINVPS, RU),
Reverse DNS
isp22.adminvps.ru
Software
nginx/1.20.1 /
Resource Hash
0090b026b19a84a009268f318823ccec8aa9f9181758eff88073ce3926cf5d42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://domaferma.com/
Origin
https://domaferma.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000;
last-modified
Tue, 13 Oct 2020 10:38:22 GMT
server
nginx/1.20.1
vary
X-Forwarded-Proto,Accept-Encoding
cache-control
max-age=2592000
accept-ranges
bytes
content-length
21955
expires
Thu, 16 Mar 2023 09:59:57 GMT
noto-sans-normal-700.woff2
domaferma.com/wp-content/uploads/omgf/anycomment-google-font/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://domaferma.com/wp-content/uploads/omgf/anycomment-google-font/noto-sans-normal-700.woff2
Requested by
Host: domaferma.com
URL: https://domaferma.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.253.61.99 , Russian Federation, ASN211642 (ADMINVPS, RU),
Reverse DNS
isp22.adminvps.ru
Software
nginx/1.20.1 /
Resource Hash
b1a95eb95ad04a2ab64d58181345e3bc113dcccb89bce32501dda1b6f7e00257
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://domaferma.com/
Origin
https://domaferma.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000;
last-modified
Tue, 13 Oct 2020 10:38:22 GMT
server
nginx/1.20.1
vary
X-Forwarded-Proto,Accept-Encoding
cache-control
max-age=2592000
accept-ranges
bytes
content-length
22079
expires
Thu, 16 Mar 2023 09:59:57 GMT
frontend.min.js
domaferma.com/wp-content/plugins/wp-user-avatar/assets/js/ 		19 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://domaferma.com/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?ver=4.5.2
Requested by
Host: domaferma.com
URL: https://domaferma.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.253.61.99 , Russian Federation, ASN211642 (ADMINVPS, RU),
Reverse DNS
isp22.adminvps.ru
Software
nginx/1.20.1 /
Resource Hash
255bbdc2a44e99169f7196982ff3155cf5631bdc043a1a431e5ea8f51297bb73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domaferma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:57 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Wed, 04 Jan 2023 10:54:35 GMT
server
nginx/1.20.1
etag
W/"63b55aeb-4a87"
vary
Accept-Encoding
content-type
application/javascript
swiper.min.js
domaferma.com/wp-content/themes/root/js/ 		122 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://domaferma.com/wp-content/themes/root/js/swiper.min.js?ver=2.3.2
Requested by
Host: domaferma.com
URL: https://domaferma.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.253.61.99 , Russian Federation, ASN211642 (ADMINVPS, RU),
Reverse DNS
isp22.adminvps.ru
Software
nginx/1.20.1 /
Resource Hash
95d3bbd1f0760fd4fc12ab4266964dc621861314a032e4b7743e55fbc3dcf345
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domaferma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:57 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Fri, 01 Mar 2019 10:49:26 GMT
server
nginx/1.20.1
etag
W/"5c790e36-1e74f"
vary
Accept-Encoding
content-type
application/javascript
scripts.min.js
domaferma.com/wp-content/themes/root/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://domaferma.com/wp-content/themes/root/js/scripts.min.js?ver=2.3.2
Requested by
Host: domaferma.com
URL: https://domaferma.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.253.61.99 , Russian Federation, ASN211642 (ADMINVPS, RU),
Reverse DNS
isp22.adminvps.ru
Software
nginx/1.20.1 /
Resource Hash
2afa6b50234b5ccae90d6a319a030f60ddc30159c95cc4c80258f737ce63cfaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domaferma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:57 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Fri, 01 Mar 2019 10:49:26 GMT
server
nginx/1.20.1
etag
W/"5c790e36-1bc9"
vary
Accept-Encoding
content-type
application/javascript
frontend.min.js
domaferma.com/wp-content/plugins/q2w3-fixed-widget/js/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://domaferma.com/wp-content/plugins/q2w3-fixed-widget/js/frontend.min.js?ver=6.2.3
Requested by
Host: domaferma.com
URL: https://domaferma.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.253.61.99 , Russian Federation, ASN211642 (ADMINVPS, RU),
Reverse DNS
isp22.adminvps.ru
Software
nginx/1.20.1 /
Resource Hash
a69c12ccd186a899db79fce802b46c08e71f69c2c422be2666ed8565e3add026
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domaferma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:57 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Wed, 07 Dec 2022 16:43:38 GMT
server
nginx/1.20.1
etag
W/"6390c2ba-5b89"
vary
Accept-Encoding
content-type
application/javascript
lazyload.min.js
domaferma.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://domaferma.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by
Host: domaferma.com
URL: https://domaferma.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.253.61.99 , Russian Federation, ASN211642 (ADMINVPS, RU),
Reverse DNS
isp22.adminvps.ru
Software
nginx/1.20.1 /
Resource Hash
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domaferma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:57 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Mon, 31 Aug 2020 21:11:02 GMT
server
nginx/1.20.1
etag
W/"5f4d6766-1ed2"
vary
Accept-Encoding
content-type
application/javascript
truncated
/ 		1 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb8eb30eacadbf512e52d63bbb7c903bf1fb3317bb7d9dfe11de4ba96e292546

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		64 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/svg+xml
bg1.png
domaferma.com/wp-content/uploads/2018/08/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://domaferma.com/wp-content/uploads/2018/08/bg1.png
Requested by
Host: domaferma.com
URL: https://domaferma.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.253.61.99 , Russian Federation, ASN211642 (ADMINVPS, RU),
Reverse DNS
isp22.adminvps.ru
Software
nginx/1.20.1 /
Resource Hash
57f674fb1b56addde694ba2f277e315267ca01ebcbb69e390d2166ca827d3ce3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domaferma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:57 GMT
strict-transport-security
max-age=31536000;
last-modified
Thu, 15 Aug 2019 13:35:40 GMT
server
nginx/1.20.1
etag
"5d555fac-25cd"
content-type
image/png
accept-ranges
bytes
content-length
9677
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
da3760e1ab7990bdc88e8a516bb0dbe91e7e35d4e88c9af8feb0dcf862bf9d38

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b65b1413f361a17b3e080cb2f0e948574f9e0678cb06ebfa00f1b29758ae4941

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b549efe5a81de27a403a362577fd3855d2dea14fbd7309584ee5882bf856aec1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8175c56772af6858dadaaed3096549ef76c980eab1ddb53624f6be293b19d48f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/svg+xml
fontawesome-webfont.woff2
domaferma.com/wp-content/themes/root/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://domaferma.com/wp-content/themes/root/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: domaferma.com
URL: https://domaferma.com/wp-content/cache/min/1/f0709353b0e09032864f56693f47fbb1.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.253.61.99 , Russian Federation, ASN211642 (ADMINVPS, RU),
Reverse DNS
isp22.adminvps.ru
Software
nginx/1.20.1 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://domaferma.com/wp-content/cache/min/1/f0709353b0e09032864f56693f47fbb1.css
Origin
https://domaferma.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000;
last-modified
Fri, 01 Mar 2019 10:49:26 GMT
server
nginx/1.20.1
vary
X-Forwarded-Proto,Accept-Encoding
cache-control
max-age=2592000
accept-ranges
bytes
expires
Thu, 16 Mar 2023 09:59:58 GMT
tag.js
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 		212 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Requested by
Host: domaferma.com
URL: https://domaferma.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ca05a7e60f13e4efd333b5b008b19c73b151ddabb1a73aa69cd88cd6f948bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domaferma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
23197
x-jsd-version
1.257.0
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230060-FRA, cache-yyz4554-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"34e3a-eIUrj6hD3pmnKAQZCp7YaNtM0Rc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AeV41%2FoHKkHYHfIzx7TJKVWd2WQaWqeCpVpuMSCdLnmBkB2AnK3aCwRSsYkkZTveKLJ6SdWsaQaynSUzW%2BH391XdMXdM2F9Xajlomb%2BA0GV%2BaSMtBn5M957OFzN4oIN23fjabcVJaSYnAcSoyyA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7994f43c1cc33a88-FRA
1
mc.yandex.ru/watch/3/
Redirect Chain
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fdomaferma.com%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A1130%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US...
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fdomaferma.com%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A1130%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-U...
264 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fdomaferma.com%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A1130%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A955005807321%3Ahid%3A233293727%3Az%3A0%3Ai%3A20230214095958%3Aet%3A1676368798%3Ac%3A1%3Arn%3A966099941%3Arqn%3A1%3Au%3A1676368798316056249%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C136%2C655%2C2%2C134%2C0%2C%2C236%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1676368796927%3Ast%3A1676368798&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Requested by
Host: domaferma.com
URL: https://domaferma.com/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
4267e33efbdc7d5fbe2f26173c72bdbdf8b5ef201a72794d81f0f8cc0ca13e5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domaferma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 09:59:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Tue, 14-Feb-2023 09:59:58 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://domaferma.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
264
x-xss-protection
1; mode=block
expires
Tue, 14-Feb-2023 09:59:58 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 09:59:58 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14-Feb-2023 09:59:58 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/3/1?wmode=7&page-url=https%3A%2F%2Fdomaferma.com%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A1130%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A955005807321%3Ahid%3A233293727%3Az%3A0%3Ai%3A20230214095958%3Aet%3A1676368798%3Ac%3A1%3Arn%3A966099941%3Arqn%3A1%3Au%3A1676368798316056249%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C136%2C655%2C2%2C134%2C0%2C%2C236%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1676368796927%3Ast%3A1676368798&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
https://domaferma.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 14-Feb-2023 09:59:58 GMT
1
mc.yandex.ru/watch/49939066/
Redirect Chain
  • https://mc.yandex.ru/watch/49939066?wmode=7&page-url=https%3A%2F%2Fdomaferma.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A1130%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3A...
  • https://mc.yandex.ru/watch/49939066/1?wmode=7&page-url=https%3A%2F%2Fdomaferma.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A1130%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%...
447 B
575 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/49939066/1?wmode=7&page-url=https%3A%2F%2Fdomaferma.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A1130%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1432781670647%3Ahid%3A233293727%3Az%3A0%3Ai%3A20230214095958%3Aet%3A1676368798%3Ac%3A1%3Arn%3A58401905%3Arqn%3A1%3Au%3A1676368798316056249%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C136%2C655%2C2%2C134%2C0%2C%2C236%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1676368796927%3Arqnl%3A1%3Ast%3A1676368798%3At%3A%D0%A1%D0%BE%D0%B4%D0%B5%D1%80%D0%B6%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%B8%20%D1%80%D0%B0%D0%B7%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%BF%D1%82%D0%B8%D1%86%D1%8B%20%D0%B8%20%D0%B4%D1%80%D1%83%D0%B3%D0%B8%D1%85%20%D0%B6%D0%B8%D0%B2%D0%BE%D1%82%D0%BD%D1%8B%D1%85%20%D0%BD%D0%B0%20%D1%81%D0%BE%D0%B1%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D0%BE%D0%B9%20%D1%84%D0%B5%D1%80%D0%BC%D0%B5%20%D1%81%20%D0%95%D0%B2%D0%B3%D0%B5%D0%BD%D0%B8%D0%B5%D0%BC%20%D0%9A%D1%83%D0%BB%D0%B5%D1%88%D0%BE%D0%B2%D1%8B%D0%BC%20-%20DomaFerma.com%20%E2%80%93%20%D1%80%D0%B5%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%20%D1%81%D0%BE%D0%B2%D0%B5%D1%82%D1%8B%20%D0%BF%D0%BE%20%D1%80%D0%B0%D0%B7%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D1%8E%20%D0%B6%D0%B8%D0%B2%D0%BE%D1%82%D0%BD%D1%8B%D1%85%3A%20%D1%83%D1%85%D0%BE%D0%B4%2C%20%D0%BB%D0%B5%D1%87%D0%B5%D0%BD%D0%B8%D0%B5%2C%20%D1%83%D1%81%D0%BB%D0%BE%D0%B2%D0%B8%D1%8F%20%D1%81%D0%BE%D0%B4%D0%B5%D1%80%D0%B6%D0%B0%D0%BD%D0%B8%D1%8F%2C%20%D0%BA%D0%BE%D1%80%D0%BC%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5%2C%20%D1%80%D0%B0%D0%B7%D0%BC%D0%BD%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D0%B5&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Requested by
Host: domaferma.com
URL: https://domaferma.com/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
01087a70cede581029d25d54ffe13cf4311273fc1c0753dad616fefa14abc781
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domaferma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 09:59:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Tue, 14-Feb-2023 09:59:58 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://domaferma.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
447
x-xss-protection
1; mode=block
expires
Tue, 14-Feb-2023 09:59:58 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 09:59:58 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14-Feb-2023 09:59:58 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/49939066/1?wmode=7&page-url=https%3A%2F%2Fdomaferma.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A1130%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1432781670647%3Ahid%3A233293727%3Az%3A0%3Ai%3A20230214095958%3Aet%3A1676368798%3Ac%3A1%3Arn%3A58401905%3Arqn%3A1%3Au%3A1676368798316056249%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C136%2C655%2C2%2C134%2C0%2C%2C236%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1676368796927%3Arqnl%3A1%3Ast%3A1676368798%3At%3A%D0%A1%D0%BE%D0%B4%D0%B5%D1%80%D0%B6%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%B8%20%D1%80%D0%B0%D0%B7%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%BF%D1%82%D0%B8%D1%86%D1%8B%20%D0%B8%20%D0%B4%D1%80%D1%83%D0%B3%D0%B8%D1%85%20%D0%B6%D0%B8%D0%B2%D0%BE%D1%82%D0%BD%D1%8B%D1%85%20%D0%BD%D0%B0%20%D1%81%D0%BE%D0%B1%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D0%BE%D0%B9%20%D1%84%D0%B5%D1%80%D0%BC%D0%B5%20%D1%81%20%D0%95%D0%B2%D0%B3%D0%B5%D0%BD%D0%B8%D0%B5%D0%BC%20%D0%9A%D1%83%D0%BB%D0%B5%D1%88%D0%BE%D0%B2%D1%8B%D0%BC%20-%20DomaFerma.com%20%E2%80%93%20%D1%80%D0%B5%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%20%D1%81%D0%BE%D0%B2%D0%B5%D1%82%D1%8B%20%D0%BF%D0%BE%20%D1%80%D0%B0%D0%B7%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D1%8E%20%D0%B6%D0%B8%D0%B2%D0%BE%D1%82%D0%BD%D1%8B%D1%85%3A%20%D1%83%D1%85%D0%BE%D0%B4%2C%20%D0%BB%D0%B5%D1%87%D0%B5%D0%BD%D0%B8%D0%B5%2C%20%D1%83%D1%81%D0%BB%D0%BE%D0%B2%D0%B8%D1%8F%20%D1%81%D0%BE%D0%B4%D0%B5%D1%80%D0%B6%D0%B0%D0%BD%D0%B8%D1%8F%2C%20%D0%BA%D0%BE%D1%80%D0%BC%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5%2C%20%D1%80%D0%B0%D0%B7%D0%BC%D0%BD%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D0%B5&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
https://domaferma.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 14-Feb-2023 09:59:58 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
511 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: domaferma.com
URL: https://domaferma.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domaferma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:58 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 08 Feb 2023 12:45:24 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"63e36f34-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Tue, 14 Feb 2023 10:59:58 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/ 		365 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7885105808047817&plah=domaferma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7885105808047817
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b9d642da8cc8206cb4a440752a1b3220cb2e842b9d95a5fa352de1c91f5ff96a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domaferma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122947
x-xss-protection
0
server
cafe
etag
7697109713731293090
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 14 Feb 2023 09:59:58 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230209/r20190131/ Frame 7A30 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230209/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7885105808047817
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://domaferma.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
20006
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 04:26:32 GMT
etag
10353107486223812946
expires
Tue, 28 Feb 2023 04:26:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
logo-1.png
domaferma.com/wp-content/uploads/2018/08/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://domaferma.com/wp-content/uploads/2018/08/logo-1.png
Requested by
Host: domaferma.com
URL: https://domaferma.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.253.61.99 , Russian Federation, ASN211642 (ADMINVPS, RU),
Reverse DNS
isp22.adminvps.ru
Software
nginx/1.20.1 /
Resource Hash
b6219233f75fc81b56f61aa44c87f67e8de0e5dc1e99d892fa794a8300c800bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domaferma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:58 GMT
strict-transport-security
max-age=31536000;
last-modified
Thu, 15 Aug 2019 13:35:44 GMT
server
nginx/1.20.1
etag
"5d555fb0-b89"
content-type
image/png
accept-ranges
bytes
content-length
2953
img_63b6dfa652fb6-e1672929216359-600x330.jpg
domaferma.com/wp-content/uploads/2023/01/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://domaferma.com/wp-content/uploads/2023/01/img_63b6dfa652fb6-e1672929216359-600x330.jpg
Requested by
Host: domaferma.com
URL: https://domaferma.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.253.61.99 , Russian Federation, ASN211642 (ADMINVPS, RU),
Reverse DNS
isp22.adminvps.ru
Software
nginx/1.20.1 /
Resource Hash
6f597967c6180838e5ea9ecb5b4a35c01d96bc5c215a0f58c10706f0e2ec87c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domaferma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:58 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Thu, 05 Jan 2023 14:33:36 GMT
server
nginx/1.20.1
etag
W/"63b6dfc0-1071b"
vary
Accept-Encoding
content-type
image/jpeg
no-avatar.png
domaferma.com/wp-content/plugins/anycomment/assets/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://domaferma.com/wp-content/plugins/anycomment/assets/img/no-avatar.png
Requested by
Host: domaferma.com
URL: https://domaferma.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.253.61.99 , Russian Federation, ASN211642 (ADMINVPS, RU),
Reverse DNS
isp22.adminvps.ru
Software
nginx/1.20.1 /
Resource Hash
55cac6972da166dcaad5f984a01e5500f94035068a2213dd1b9d58f2b70d115b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domaferma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:58 GMT
strict-transport-security
max-age=31536000;
last-modified
Sat, 19 Feb 2022 11:54:30 GMT
server
nginx/1.20.1
etag
"6210da76-f83"
content-type
image/png
accept-ranges
bytes
content-length
3971
odnoklassniki.svg
domaferma.com/wp-content/plugins/anycomment/assets/img/socials/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://domaferma.com/wp-content/plugins/anycomment/assets/img/socials/odnoklassniki.svg
Requested by
Host: domaferma.com
URL: https://domaferma.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.253.61.99 , Russian Federation, ASN211642 (ADMINVPS, RU),
Reverse DNS
isp22.adminvps.ru
Software
nginx/1.20.1 /
Resource Hash
805f20dd851c82879fa1f3b8ca7944e33f0b88b9a59ccfb2a9655c867372a268
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domaferma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:58 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Sat, 19 Feb 2022 11:54:30 GMT
server
nginx/1.20.1
etag
W/"6210da76-879"
vary
Accept-Encoding
content-type
image/svg+xml
img_63b55fa6bec44-745x330.jpg
domaferma.com/wp-content/uploads/2023/01/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://domaferma.com/wp-content/uploads/2023/01/img_63b55fa6bec44-745x330.jpg
Requested by
Host: domaferma.com
URL: https://domaferma.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.253.61.99 , Russian Federation, ASN211642 (ADMINVPS, RU),
Reverse DNS
isp22.adminvps.ru
Software
nginx/1.20.1 /
Resource Hash
6c3ad0ed975d3ac96b33f59894052d2c7fed2477321b30216c583ab5d10334e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domaferma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:58 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Wed, 04 Jan 2023 11:14:47 GMT
server
nginx/1.20.1
etag
W/"63b55fa7-c18b"
vary
Accept-Encoding
content-type
image/jpeg
1c0942547d39e10f5f56.js
yastatic.net/partner-code-bundles/722375/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/722375/1c0942547d39e10f5f56.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
7f224c08a97f9037e65eca4f5d8fde74e657b18a4a065e5c6c3f5f0e3cb5f4a9
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://domaferma.com/
Origin
https://domaferma.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:58 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4802
last-modified
Mon, 13 Feb 2023 19:10:38 GMT
server
nginx/1.17.9
etag
"f6fe8d01174ffbadddb1ca822981d824"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Thu, 13 Feb 2053 16:31:09 GMT
1b111e1e8fc0544f439f.js
yastatic.net/partner-code-bundles/722375/ 		109 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/722375/1b111e1e8fc0544f439f.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
3d9196618edd013039c09125136026811f1cff437e754c4e8b6898159dfea7c4
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://domaferma.com/
Origin
https://domaferma.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:58 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
23705
last-modified
Mon, 13 Feb 2023 19:10:38 GMT
server
nginx/1.17.9
etag
"59b849c66e6bbbc832107707968e3658"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Thu, 13 Feb 2053 16:31:09 GMT
host.js
yastatic.net/safeframe-bundles/0.83/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://domaferma.com/
Origin
https://domaferma.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:58 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8878
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
server
nginx/1.17.9
etag
"f80882bf67cf261aa08d636da095149a"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Thu, 13 Feb 2053 16:33:16 GMT
text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://domaferma.com/
Origin
https://domaferma.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:58 GMT
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
26004
x-amz-meta-owner
{"role":"admin","login":"4eb0da"}
last-modified
Mon, 25 Apr 2022 14:02:39 GMT
server
nginx/1.17.9
etag
"7f0cdaf91230f9789ca4162aedff612e"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31556952
x-nginx-request-id
5c6dd938443fe0be
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Feb 2024 15:46:28 GMT
07cea2bf8567304efc16.js
yastatic.net/partner-code-bundles/722375/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/722375/07cea2bf8567304efc16.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
63bc525a38e0382d714c3d9635193766c1095b3b898e5b490684a75e0a6f6de4
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://domaferma.com/
Origin
https://domaferma.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:58 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
7926
last-modified
Mon, 13 Feb 2023 19:10:38 GMT
server
nginx/1.17.9
etag
"962f95f4398969501a16959b6fd3c332"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Thu, 13 Feb 2053 16:31:09 GMT
2ec9a88e40a26b53acde.js
yastatic.net/partner-code-bundles/722375/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/722375/2ec9a88e40a26b53acde.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
edf2236ca284878d8a1b1c7980664438cbccae0bcdfc0193d8cfbe0d3e90671d
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://domaferma.com/
Origin
https://domaferma.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:58 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
2065
last-modified
Mon, 13 Feb 2023 19:10:38 GMT
server
nginx/1.17.9
etag
"60a8d734542bb3912258f64a2912c5fa"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Thu, 13 Feb 2053 16:31:09 GMT
06d32b9f4d940bf02257.js
yastatic.net/partner-code-bundles/722375/ 		563 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/722375/06d32b9f4d940bf02257.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
01e7bf3b2c1605527749e4413671f688f685082880e67b584f4fb080f71ad564
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://domaferma.com/
Origin
https://domaferma.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:58 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
109561
last-modified
Mon, 13 Feb 2023 19:10:38 GMT
server
nginx/1.17.9
etag
"d1e74286089d96829a53acd02e1dedba"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Thu, 13 Feb 2053 16:31:09 GMT
sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain
  • https://mc.webvisor.org/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9914.Z9yvfTDuglAgWFgsEcEypF2ShJ0fxhGkgoBRZkeOzMgd-PInxNxFLYh4AJYAd_K-.pz90wfiF7Rd2ozEKV3sibTJyarQ%2C
  • https://mc.webvisor.org/sync_cookie_image_decide?token=9914._jAhMZ-qLOuVJwXRB-0A-20Gucg8o8-bZRHVHB7VM4cZF6J-lEBeKSKpQuEMUeqLHmxN7ppZdqgz2stnBqbAJqKNW2deEJk60rd1t7ZWrPuKHZxloqPI3hv821c-od5HUWwdigNGo...
43 B
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.webvisor.org/sync_cookie_image_decide?token=9914._jAhMZ-qLOuVJwXRB-0A-20Gucg8o8-bZRHVHB7VM4cZF6J-lEBeKSKpQuEMUeqLHmxN7ppZdqgz2stnBqbAJqKNW2deEJk60rd1t7ZWrPuKHZxloqPI3hv821c-od5HUWwdigNGoV4Z1UrgvtgrRLftgD6bqiPVlj0zatNJl3dLJJF2s82X9M7jaNr0HfEfdsO5LO6dnzJm3kfH9rlQ5W33RDPoeDJwbKdFzdNtQIk%2C.1DqnQjvskD9Lg4a38HWsRefdmjk%2C
Requested by
Host: domaferma.com
URL: https://domaferma.com/
Protocol
H2
Server
80.239.201.95 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
80-239-201-95.teliacarrier-cust.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domaferma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:58 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.webvisor.org/sync_cookie_image_decide?token=9914._jAhMZ-qLOuVJwXRB-0A-20Gucg8o8-bZRHVHB7VM4cZF6J-lEBeKSKpQuEMUeqLHmxN7ppZdqgz2stnBqbAJqKNW2deEJk60rd1t7ZWrPuKHZxloqPI3hv821c-od5HUWwdigNGoV4Z1UrgvtgrRLftgD6bqiPVlj0zatNJl3dLJJF2s82X9M7jaNr0HfEfdsO5LO6dnzJm3kfH9rlQ5W33RDPoeDJwbKdFzdNtQIk%2C.1DqnQjvskD9Lg4a38HWsRefdmjk%2C
date
Tue, 14 Feb 2023 09:59:58 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9914.F78Q24TXlYDkCMVXda79nxLn_Hdz6gQIoc3xjaZJ7hIQnAJpuqWYtTFJZzdjLwe2.mdnCRgQyBMFnKZEcfcsmfAWMbrY%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9914.RdV7g_UNy838bnwu4xgttGrHrXmmITiKb1mN6ju2tk9GIwP94kNL2PqJFhsd1C7GktvAjYJmh08sZLIFViwGBUtTCuY6IEwCXHclvbf6Dq6BbDyiU1pTVcfZxj7zIH3Tqk0Ro54zevW...
43 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9914.RdV7g_UNy838bnwu4xgttGrHrXmmITiKb1mN6ju2tk9GIwP94kNL2PqJFhsd1C7GktvAjYJmh08sZLIFViwGBUtTCuY6IEwCXHclvbf6Dq6BbDyiU1pTVcfZxj7zIH3Tqk0Ro54zevWxGQjdz12uLYyqybRwa21R2TM_t3-Onqj83Y5gRw8z-CWjqwG5Q3GGhPvHx8Z4odKTbL_CYrmhfwGfRkK692Y1fX-7KVTBPHM%2C.QmvyY4946lIhqmeRJDgpJ_N3f_8%2C
Requested by
Host: domaferma.com
URL: https://domaferma.com/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domaferma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:58 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9914.RdV7g_UNy838bnwu4xgttGrHrXmmITiKb1mN6ju2tk9GIwP94kNL2PqJFhsd1C7GktvAjYJmh08sZLIFViwGBUtTCuY6IEwCXHclvbf6Dq6BbDyiU1pTVcfZxj7zIH3Tqk0Ro54zevWxGQjdz12uLYyqybRwa21R2TM_t3-Onqj83Y5gRw8z-CWjqwG5Q3GGhPvHx8Z4odKTbL_CYrmhfwGfRkK692Y1fX-7KVTBPHM%2C.QmvyY4946lIhqmeRJDgpJ_N3f_8%2C
date
Tue, 14 Feb 2023 09:59:58 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
cookie.js
partner.googleadservices.com/gampad/ 		393 B
602 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=domaferma.com&callback=_gfp_s_&client=ca-pub-7885105808047817
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7885105808047817&plah=domaferma.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3748e1b45a957a4389e5f4c7b7b5ff08530674e68de7299507d19919334891f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domaferma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
251
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=domaferma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7885105808047817&plah=domaferma.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domaferma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=domaferma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7885105808047817&plah=domaferma.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domaferma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8112 		425 KB
69 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7885105808047817&output=html&adk=1812271804&adf=1573534164&lmt=1676368798&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fdomaferma.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676368798213&bpp=4&bdt=358&idt=235&shv=r20230209&mjsv=m202302080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=796607805997&frm=20&pv=2&ga_vid=259825812.1676368798&ga_sid=1676368798&ga_hid=1182506388&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C44782467%2C31072227%2C31071662&oid=2&pvsid=2332821167241905&tmod=1853219399&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=278
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7885105808047817&plah=domaferma.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
95d12a1595fd434ac6fa173dabf4073eab5f782e5c4f97fb76f8f5afe78064a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://domaferma.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
70179
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 09:59:59 GMT
expires
Tue, 14 Feb 2023 09:59:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230209&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7885105808047817&plah=domaferma.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a691fa5c4d88270bd48832a2e1116e9b52a987116dd36b391acaddaf4a7aa8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domaferma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11299
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7885105808047817&plah=domaferma.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce8bfce61f4236b148b166f59562980da11e19c78c04e8dc4984ff43464e4683
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domaferma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52313
x-xss-protection
0
server
cafe
etag
11134074644421939382
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Feb 2023 09:59:59 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7885105808047817&plah=domaferma.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domaferma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 14 Feb 2023 09:59:59 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=domaferma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7885105808047817&plah=domaferma.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domaferma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=domaferma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7885105808047817&plah=domaferma.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domaferma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/ Frame 64A1 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7885105808047817&plah=domaferma.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://domaferma.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16749
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 05:20:50 GMT
etag
10353107486223812946
expires
Tue, 28 Feb 2023 05:20:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/ Frame 4593 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7885105808047817&plah=domaferma.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://domaferma.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16749
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 05:20:50 GMT
etag
10353107486223812946
expires
Tue, 28 Feb 2023 05:20:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/ Frame B6E0 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7885105808047817&plah=domaferma.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://domaferma.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16749
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 05:20:50 GMT
etag
10353107486223812946
expires
Tue, 28 Feb 2023 05:20:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230209/r20110914/client/ Frame 64A1 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230209/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 03:21:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
23904
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Feb 2023 03:21:35 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 64A1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C4eJJnlvrY4jsIPis7APfkZWAAuiz_cdu7byHyIcQ9LjdmLowEAEgr6SJEmCVgoCAwAegAb69v_sDyAEJqQJ4ZoygCwSyPqgDAcgDywSqBMEBT9DSxM6Zlz2mya0Q0jAK8NVxmoOrgaiF2RHadD9RM5LkgTTSpnp0TgfICnvyZmc2T8WxfCfpA1l8nlMV24AzGZA4OsO8E0WeYxJW1bCnQLNc_fTjxCPWCpMJCGKljASsEt_e_BBfMe0UznUuajCM0E8Ayi4IDdgj8AgJzbeRNIe0-bfpPfGUE4NgXs4DZ4naZ_HcYkAfNY6R0x9F87D_dYUeDC4adRzdrpdU3jN_3CVS360DzA8KRJpVTdfAkS9al8AEuZaCrY0EkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB6rCwASoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQm6kq0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItNzg4NTEwNTgwODA0NzgxNxgA&sigh=vTaAlUsQKUM&uach_m=[UACH]&cid=CAQSGwDUE5ymM3xxRSJNUmD586idW72GXgxhlJM3JBgB&template_id=494
Requested by
Host: domaferma.com
URL: https://domaferma.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 14 Feb 2023 09:59:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 14 Feb 2023 09:59:59 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230209/r20110914/ Frame 64A1 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230209/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
284cc0215846e0177a71374a6b5edfc803d932978413faca489263984d2866fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 03:19:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
24050
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9046
x-xss-protection
0
server
cafe
etag
3345793926543552485
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Feb 2023 03:19:09 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230209/r20110914/client/ Frame 64A1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230209/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:49:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
620
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Feb 2023 09:49:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230209/r20110914/client/ Frame 64A1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230209/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2020e8a3c910eca0ba278da98160214b0798a0bf37269ea5426e5a97d3f123bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 03:15:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
24243
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8507
x-xss-protection
0
server
cafe
etag
4276712384950353844
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Feb 2023 03:15:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 64A1 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48910
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675860536307976"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 14 Feb 2023 09:59:59 GMT
3fa5291869997d20adf47a02a7a75d04.js
www.gstatic.com/mysidia/ Frame 64A1 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3fa5291869997d20adf47a02a7a75d04.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 00:43:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
378977
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14191
x-xss-protection
0
last-modified
Fri, 10 Feb 2023 00:05:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 11 May 2023 00:43:42 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 64A1 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQ2Iaz7VpTj2lBltQKr8sCUpz78ipobhgl5uJWoD7kqkEP3qbVWHI30FtFuoWc&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad19787d6918da31389c40e7a0f575d175511aef25ec1d6aa7339e091e0d00f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 04:40:52 GMT
x-content-type-options
nosniff
age
364747
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21035
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 01:31:20 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 10 Feb 2024 04:40:52 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 64A1 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTpvY9dPQ-drlMu3bcVr_WM9Nghj4HdalpLTY3faL-6MnDL4qp4-mvgIZPh3w&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea0d45058b7aeeba5ef19747b39017bbc9658614d9d5d4cadda29272d097005b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 02:19:32 GMT
x-content-type-options
nosniff
age
373227
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25333
x-xss-protection
0
last-modified
Wed, 01 Feb 2023 04:42:56 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 10 Feb 2024 02:19:32 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 64A1 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQw7vVMBfYohPJ8H6dZr82T7QTSL9ODSJRKeuUjG86C_mNjc4MPe2DZS8H_X9E&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e59f576fb077be32309f57e24d0371f7af27a3f82e91aee4a727f573ee9ccdb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:54:06 GMT
x-content-type-options
nosniff
age
479153
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20024
x-xss-protection
0
last-modified
Sat, 02 Apr 2022 02:18:10 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 08 Feb 2024 20:54:06 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 64A1 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcS5lWKasmk5MPb2OEPLmneZrgRJTYosi7rD-7t1AzfpBzhOoNMbErZLw-JziKs&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bdb237071a14f533562572623932556799d8f62080ec40b2af57cf673b4d043
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 09:21:20 GMT
x-content-type-options
nosniff
age
520719
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21343
x-xss-protection
0
last-modified
Fri, 22 Apr 2022 03:21:39 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 08 Feb 2024 09:21:20 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 64A1 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRjhnb_yD9_7LgKW0SpL-JkiZF8mopGbnaUlCx8A0ISN5Fjp7rp2MKs2C7GTQ&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e50a175497d44d3bfb764d99541821c913fef8630d0f7a6f78fb31efb64f96d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 19:50:45 GMT
x-content-type-options
nosniff
age
482954
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17112
x-xss-protection
0
last-modified
Fri, 22 Apr 2022 02:38:34 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 08 Feb 2024 19:50:45 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 64A1 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSBbO8sEYE0p46K-2ygiJSolAwpD7mA13O7JwVjQGZeKNwTE8RhFZQBAEUwKA&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa1dedeb3fe5848da17a5d5aa5eb6b57f51955c4a3222a98c906672d34836bfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 16:37:04 GMT
x-content-type-options
nosniff
age
580975
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20765
x-xss-protection
0
last-modified
Sat, 02 Jul 2022 18:44:26 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 07 Feb 2024 16:37:04 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 64A1 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSgoJOF5LZJgqAOg1zg15t-qG-H6CRHwHH-JJQ4md4gZETBKbaPpdMYHVHrISA&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b37d2fd70b0f0c895f11604434cf1afdf1922e008bbcd806d2e8fcff49e1b993
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 08:24:01 GMT
x-content-type-options
nosniff
age
351358
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20407
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 16:08:54 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 10 Feb 2024 08:24:01 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 64A1 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTja2Hj4B7NKq2qll6lvvZkG05N59DpQoSEdFt-9_hd0Q2R8-dw&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b81416ab5204fa3aa472276b4b205fa5a4e3a527ae484e533c150c5813bc2c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 21:50:30 GMT
x-content-type-options
nosniff
age
389369
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9175
x-xss-protection
0
last-modified
Wed, 09 Sep 2020 14:07:45 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 09 Feb 2024 21:50:30 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230209/r20110914/client/ Frame 4593 		2 KB
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230209/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 03:21:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
23904
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Feb 2023 03:21:35 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230209/r20110914/ Frame 4593 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230209/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
284cc0215846e0177a71374a6b5edfc803d932978413faca489263984d2866fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 03:19:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
24050
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9046
x-xss-protection
0
server
cafe
etag
3345793926543552485
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Feb 2023 03:19:09 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230209/r20110914/client/ Frame 4593 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230209/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:49:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
620
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Feb 2023 09:49:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230209/r20110914/client/ Frame 4593 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230209/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2020e8a3c910eca0ba278da98160214b0798a0bf37269ea5426e5a97d3f123bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 03:15:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
24243
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8507
x-xss-protection
0
server
cafe
etag
4276712384950353844
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Feb 2023 03:15:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4593 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48910
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675860536307976"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 14 Feb 2023 09:59:59 GMT
3fa5291869997d20adf47a02a7a75d04.js
www.gstatic.com/mysidia/ Frame 4593 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3fa5291869997d20adf47a02a7a75d04.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 00:43:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
378977
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14191
x-xss-protection
0
last-modified
Fri, 10 Feb 2023 00:05:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 11 May 2023 00:43:42 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230209/r20110914/client/ Frame B6E0 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230209/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 03:21:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
23904
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Feb 2023 03:21:35 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230209/r20110914/ Frame B6E0 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230209/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
284cc0215846e0177a71374a6b5edfc803d932978413faca489263984d2866fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 03:19:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
24050
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9046
x-xss-protection
0
server
cafe
etag
3345793926543552485
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Feb 2023 03:19:09 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230209/r20110914/client/ Frame B6E0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230209/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 08:01:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
7133
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Feb 2023 08:01:06 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230209/r20110914/client/ Frame B6E0 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230209/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2020e8a3c910eca0ba278da98160214b0798a0bf37269ea5426e5a97d3f123bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 03:15:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
24243
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8507
x-xss-protection
0
server
cafe
etag
4276712384950353844
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Feb 2023 03:15:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B6E0 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48910
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675860536307976"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 14 Feb 2023 09:59:59 GMT
3fa5291869997d20adf47a02a7a75d04.js
www.gstatic.com/mysidia/ Frame B6E0 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3fa5291869997d20adf47a02a7a75d04.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 00:43:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
378977
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14191
x-xss-protection
0
last-modified
Fri, 10 Feb 2023 00:05:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 11 May 2023 00:43:42 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F935 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://domaferma.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2169
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 09:23:50 GMT
expires
Wed, 14 Feb 2024 09:23:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DB5F 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7bbf86c4ceb94c35d1240c15fd6f15a8a20ebb38b91ec8c38836fd1b4a75c6dc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hUETa-w04tjO6UnYL5IWbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://domaferma.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-hUETa-w04tjO6UnYL5IWbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 09:59:59 GMT
expires
Tue, 14 Feb 2023 09:59:59 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
EWloDjzMQOvRZmCEufFfn6ZrYQ_lvyXFrAdKlYrDV_0.js
pagead2.googlesyndication.com/bg/ Frame F935 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EWloDjzMQOvRZmCEufFfn6ZrYQ_lvyXFrAdKlYrDV_0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1169680e3ccc40ebd1666084b9f15f9fa66b610fe5bf25c5ac074a958ac357fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 08:31:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
5315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14328
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 17:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Feb 2024 08:31:24 GMT
truncated
/ Frame 64A1 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1eed93f12dca8e490a614551c9f816a0587fc11eba55a4dccc9610bceb545a2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/png
shopping
encrypted-tbn2.gstatic.com/ Frame 4593 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRbPev11AbK6-aZXzbViiSHwWOHtR_pRdD19DqopIlZwDc1Crn9PrH7zq_zBA&usqp=CAI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b134c42e6a841ce8ae1960efe994c55ffab22682cfe5c824da2c9418b710b99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sun, 12 Feb 2023 02:02:46 GMT
x-content-type-options
nosniff
age
201433
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32332
x-xss-protection
0
last-modified
Thu, 10 Nov 2022 06:08:18 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 12 Feb 2024 02:02:46 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 4593 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQWo37UKbejngL98xxGrhX5wiIsvTk03cVFpuTMORNKtKK5t7NT-44KiHanals&usqp=CAI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f6f2d793420e52deff293787e25eca74b0b3b43e8c95951902e91871317fcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 02:09:29 GMT
x-content-type-options
nosniff
age
373830
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25321
x-xss-protection
0
last-modified
Thu, 14 Jul 2022 04:18:46 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 10 Feb 2024 02:09:29 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 4593 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQBTQzWjl_syMt9p9UoL67KxmPXXl_WbD_cOaTfqU6vA_ILSUHAcGSQQgBJDfA&usqp=CAI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
794eefadd20836f8151c0923502248ce0fe145c4e5dacd5ca80775751dae1060
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 23:02:14 GMT
x-content-type-options
nosniff
age
385065
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30193
x-xss-protection
0
last-modified
Sat, 16 Jul 2022 11:36:49 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 09 Feb 2024 23:02:14 GMT
3953431504011786656
tpc.googlesyndication.com/simgad/ Frame 4593
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC39PXNmgEQ0A8Y9AMyCNipC7SEG4zk
  • https://tpc.googlesyndication.com/simgad/3953431504011786656
17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3953431504011786656
Protocol
H3
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b47bfd80aa185f0903315ae94aeb3e6d20b8c183b3d07ff9986983f4faa440a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 23:02:23 GMT
x-content-type-options
nosniff
age
298656
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17114
x-xss-protection
0
last-modified
Tue, 18 Aug 2020 06:51:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 10 Feb 2024 23:02:23 GMT

Redirect headers

date
Tue, 14 Feb 2023 06:41:56 GMT
x-content-type-options
nosniff
server
cafe
age
11883
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/3953431504011786656
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 16 Mar 2023 06:41:56 GMT
truncated
/ Frame 4593 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7fca0f20cf56296584339dd4d8a36c253aa6654f3f110e9f53e2adaf983773c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/png
EWloDjzMQOvRZmCEufFfn6ZrYQ_lvyXFrAdKlYrDV_0.js
pagead2.googlesyndication.com/bg/ Frame 3407 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EWloDjzMQOvRZmCEufFfn6ZrYQ_lvyXFrAdKlYrDV_0.js
Requested by
Host: domaferma.com
URL: https://domaferma.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1169680e3ccc40ebd1666084b9f15f9fa66b610fe5bf25c5ac074a958ac357fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 08:31:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
5315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14328
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 17:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Feb 2024 08:31:24 GMT
EWloDjzMQOvRZmCEufFfn6ZrYQ_lvyXFrAdKlYrDV_0.js
pagead2.googlesyndication.com/bg/ Frame DEF5 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EWloDjzMQOvRZmCEufFfn6ZrYQ_lvyXFrAdKlYrDV_0.js
Requested by
Host: domaferma.com
URL: https://domaferma.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1169680e3ccc40ebd1666084b9f15f9fa66b610fe5bf25c5ac074a958ac357fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 08:31:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
5315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14328
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 17:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Feb 2024 08:31:24 GMT
EWloDjzMQOvRZmCEufFfn6ZrYQ_lvyXFrAdKlYrDV_0.js
pagead2.googlesyndication.com/bg/ Frame 73FC 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EWloDjzMQOvRZmCEufFfn6ZrYQ_lvyXFrAdKlYrDV_0.js
Requested by
Host: domaferma.com
URL: https://domaferma.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1169680e3ccc40ebd1666084b9f15f9fa66b610fe5bf25c5ac074a958ac357fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 08:31:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
5315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14328
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 17:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Feb 2024 08:31:24 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 4593 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CDSkqnlvrY4nsIPis7APfkZWAAsvFhspuz_H41YQMlKHw5MQbEAEgr6SJEmCVgoCAwAegAfLl45EDyAEJqQJ4ZoygCwSyPqgDAcgDywSqBMsBT9CPsf0JDA8tmAFMDqfjqIgXOpdJbUfqlcyNEoA8umBk3CVV5R_2_iZFV8n2A875KW8fYNjiaJF7aIPUrDAabDQ2ZskC07QuscY_semsNW2UwykYt0RYuXjrm-QKvVAURMpi07MzazprVGzJFhulKfa1No3sNGYRc27YtsZKMdEMlbVcdwTmk0inTH8mcIO8V8vuuULbu48GKdDoApk4mrhhJHwrs0V1xfmlO2PAGtScTeoLXgFx0Jq52TFtE5oUKTB2H05a6H08km_ABOvUmcqTA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAf_j_ZvqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEOTQB9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMMiBQC0BUBgBcBshccChoIABIUcHViLTc4ODUxMDU4MDgwNDc4MTcYAA&sigh=w_4aJvX_4Cs&uach_m=[UACH]&cid=CAQSGwDUE5ymM3xxRSJNUmD586idW72GXgxhlJM3JBgB&template_id=494&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230209/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 14 Feb 2023 09:59:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame DB5F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230209&jk=2332821167241905&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame F935 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?BWZ0ZA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 09:59:59 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ajax.php
domaferma.com/wp-content/plugins/kama-postviews/count-handler/ 		137 B
433 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://domaferma.com/wp-content/plugins/kama-postviews/count-handler/ajax.php
Requested by
Host: domaferma.com
URL: https://domaferma.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.253.61.99 , Russian Federation, ASN211642 (ADMINVPS, RU),
Reverse DNS
isp22.adminvps.ru
Software
nginx/1.20.1 / PHP/7.4.29
Resource Hash
5e2bd2477e3cbe4f338e883c21f9db1954a77216d7dd1eb6311b43eef8ef9be0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://domaferma.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 09:59:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000;
server
nginx/1.20.1
x-powered-by
PHP/7.4.29
vary
X-Forwarded-Proto,Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, must-revalidate, max-age=0, smax-age=0
x-robots-tag
noindex
content-length
140
expires
Wed, 11 Jan 1984 05:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230209&jk=2332821167241905&bg=!c3ClcCTNAAYuhb89DoU7ADkAdvg8WkVnSkt8qGXfOVPXZwjQBqcNRIlC3V2hJvEXg4EPSBUDyxK1sofeZR9tUYnhQhqhoGPoe7ICAAABO1IAAAADaAEHCgCqPJNPXov3l6dNUwi6LjfIUdare7BN2CxxLJTQv3BUU1ysqz53NLn9QA19Nnzt4_WvJD2f6HFn5ePofVxLML83aqyZYXNYjLDMwmcpbGIit_VNeCyRExNzCxktBYqjvUA1AUzYu73M2xOHb9P-LC1pRD4XA5ft51zSKLDZ1d7iL-VRSia0tvdrOCKH-0djaX8h98FA0AXVCvGqni0NSTYyGnNUmp00o0PMprGZAptcxAsMM3toRcIc5aD8I40Sou-r9ZjzYkHIbDjWibifsY6079WYJA638KLbpqHIxOKZyB41owAHVqRdKPqtvkSq46zhSnAK4DAGSBwHr0Guw5nuYr-2ZrZkVgArEjIgyGr7kbosbStDpn8CJKAQRaZ74bJ3XEa81DARVufWRixPweG8q5iA0qIacr2uE5631yEzExVaIqZFlCo-JV0HOfAtXHVnOXz37ontwYvL6Af8DBPJb8Fr5Oy4EBCamK4gQSY8nqc6xjttta5SeyAVstBVGoCyK9praoYWmS1FP1VtHnk_8V1-5N2ywLF-lbUqo5Emkp6zbLdUMo7Dc28SRWZyIN4EWFDHipdnWVduyXJuwoLCMUFJBsC9Z_eKs01e0amtP5Zc48DU86ztaZPOhI9oh1E4HiAQT9XKN3ViWkzLN2lDhXxQiROcZIHopLQXYuPxRVYdkO5Fjncs8qo_zdN1Gmgvk32mhCiB9_Fk8hlYe44epYaH1bXnU0-wVJmuOwKgh-c1id2ZFcKgqGV_C5iRsh-nd9yxy7Jlh8IvMZOnuUJ24uefKxvgcdTP4cTAHHQchx4f1HUVdhiD4cM_vQHwvIMWIe-HzoECRRBI-9VC6ycP_KoyXH0gmG44JeX-zC_HP1p4kPs_GYXnmS4Nw_P7UZc4OhGgHIy4I1NxuFJ0RsV0K4grBVqxhkCCx-JN4Ts8bc6Rw1i11B6jP2a1ytkNCkPeyyjhtIJcxQuv6gKWe4lzzvlFS30_1VETZlIXSakM5WjpGZ5oF1GtCUJaGju8Rs03zyMedETsyTO6QgnBBzKJUfJHpnXLiY83pRQ3IwQaaLDyfSbTlHzmMUWq1P-ZiRQ9bVNpo6Dim32Upng8FeNYmLUmrTTJL9Z-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domaferma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 64A1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsugEHHdAE47mdrpSU5qRprLaHGis0gfZM0p92TUxsRHJKUIONMmg9Ah-lI3P48gA5cj5dOK7YuTg1oOMls0jIB5VZsRXzycpRoBNTLUNEn988lzSaS8oo2oWshIXUsZtfUWtlHqAw&sai=AMfl-YSvtehXTUKfuoyC7AQC9lHeVqsD1XtrIcYiEfvqx-sUvSf9Eg-y4pDHqcmnMGOBZ1RDsgsVFPCbTJTB&sig=Cg0ArKJSzIhfh-vx-SsHEAE&cid=CAQSGwDUE5ymM3xxRSJNUmD586idW72GXgxhlJM3JBgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=137,778,1000,1024,1024&tos=137,641,222,24,0&v=20230208&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676368799263&rpt=349&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 10:00:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4593 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssK4FZ0Jq3VdAwYolWwniffNK0LOzjC02wo3XpkjSEoUx8Ekh6aH-T9VNi2GPoO32XfOWH6OEGTGo7gJ4VSX3CXRFqX7i_WIo-H44uK79whBJ41Tb0NKSHrLGRtwtu00CpKpss8Fg&sai=AMfl-YS60iugMwAwLBYGr3AFx89u7Ue1akFomyurY_OCkasK6p4yAJqwCpaNyWkDx_6unLwrseYHMsmMyM49&sig=Cg0ArKJSzJ4sM-4o6qcCEAE&cid=CAQSGwDUE5ymM3xxRSJNUmD586idW72GXgxhlJM3JBgB&id=lidar2&mcvt=1003&p=0,0,500,180&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20230208&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676368799289&rpt=367&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 10:00:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
49939066
mc.yandex.ru/webvisor/ 		43 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/49939066?wmode=0&wv-part=1&wv-hit=233293727&page-url=https%3A%2F%2Fdomaferma.com%2F&rn=1031832316&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1676368801%3Aw%3A1600x1200%3Av%3A960%3Az%3A0%3Ai%3A20230214100001%3Au%3A1676368798316056249%3Avf%3A14qzoz81s4a176hik6jd9j%3Ast%3A1676368801&t=gdpr(14)ti(2)
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://domaferma.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 10:00:01 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14-Feb-2023 10:00:01 GMT
content-type
image/gif
access-control-allow-origin
https://domaferma.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 14-Feb-2023 10:00:01 GMT
49939066
mc.yandex.ru/webvisor/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/49939066?wmode=0&wv-part=1&wv-hit=233293727&page-url=https%3A%2F%2Fdomaferma.com%2F&rn=877754862&wv-type=3&browser-info=we%3A1%3Aet%3A1676368801%3Aw%3A1600x1200%3Av%3A960%3Az%3A0%3Ai%3A20230214100001%3Au%3A1676368798316056249%3Avf%3A14qzoz81s4a176hik6jd9j%3Ast%3A1676368801&t=gdpr(14)ti(2)
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://domaferma.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 10:00:01 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14-Feb-2023 10:00:01 GMT
content-type
image/gif
access-control-allow-origin
https://domaferma.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 14-Feb-2023 10:00:01 GMT
49939066
mc.yandex.ru/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/49939066?wmode=0&wv-part=2&wv-hit=233293727&page-url=https%3A%2F%2Fdomaferma.com%2F&rn=426813481&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1676368803%3Aw%3A1600x1200%3Av%3A960%3Az%3A0%3Ai%3A20230214100002%3Au%3A1676368798316056249%3Avf%3A14qzoz81s4a176hik6jd9j%3Ast%3A1676368803&t=gdpr(14)ti(2)
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://domaferma.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 10:00:02 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14-Feb-2023 10:00:02 GMT
content-type
image/gif
access-control-allow-origin
https://domaferma.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 14-Feb-2023 10:00:02 GMT

Verdicts & Comments Add Verdict or Comment

158 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 boolean| credentialless object| oncontentvisibilityautostatechange undefined| $ function| jQuery object| yaContextCb string| ajaxUrlFlatPM boolean| duplicateFlatPM string| untilscrollFlatPM object| pseudo_links function| kpvChartPopup object| anyCommentApiSettings object| pp_ajax_form function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker function| RocketLazyLoadScripts object| lang_array object| wps_ajax object| q2w3_sidebar_options boolean| duplicateMode string| untilscroll function| ff object| flat_body object| flat_stack_scripts object| flat_pm_then object| flat_date string| flat_titles number| flat_dateYear string| flat_dateMonth number| flat_dateDay string| flat_dateHours number| flat_dateMinutes object| flat_userVars function| parseHTML function| flatPM_sticky function| flatPM_addDays function| flatPM_adbDetect function| flatPM_setCookie function| flatPM_getCookie function| flatPM_testCookie function| flatPM_grep function| flatPM_randomString function| flatPM_random function| flatPM_sanitizeUrlParams function| flatPM_getAllUrlParams function| flatPM_ajax function| flatPM_then function| flatPM_persentWrapper function| flatPM_setWrap function| flatPM_next function| flatPM_start function| flatPM_ping function| flatPM_setSCRIPT function| flatPM_setHTML function| flatPM_video object| flat_pm_arr function| jQueryLoaded_flatpm_123 function| jQueryLoading_flatpm_123 object| lazyLoadOptions function| lazyLoadThumb function| lazyLoadYoutubeIframe undefined| swiper function| ym function| flatpickr object| Ya object| yaCounter49939066 function| ppFormRecaptchaLoadCallback object| ppressCheckoutForm function| Swiper function| GoTo function| base64_decode function| createCookie function| readCookie function| eraseCookie object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| extendStatics function| __extends function| __assign function| reactive function| StaticOffsets function| DynamicOffsets string| StopWidgetClassName string| FixedWidgetClassName function| BaseWidget function| getWidgetContainer function| compatabilty_FW_v5 function| queryElements function| findWithProperty function| PositionWidget function| FixedWidget function| StickyWidget function| StopWidget function| Sidebar function| Sidebars function| onDocumentLoaded function| LazyLoad function| cnc object| webpackChunkyandex_pcode object| __activeTestIds object| __vasActiveTestIds object| __pcodeAllActiveTestIds number| pr function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| ya object| yaads function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy boolean| yandex_context_perf_logging object| $sf object| yaSafeFrameAsyncCallbacks object| google_llp object| GoogleGcLKhOms number| google_lpabyc object| googletag object| google_image_requests

25 Cookies

Domain/Path Name / Value
.domaferma.com/ Name: _ym_uid
Value: 1676368798316056249
.domaferma.com/ Name: _ym_d
Value: 1676368798
.yandex.ru/ Name: yashr
Value: 275286211676368798
.domaferma.com/ Name: _ym_isad
Value: 2
.yandex.ru/ Name: ymex
Value: 1707904798.yc.1676368798#1707904798.yrts.1676368798#1707904798.yrtsi.1676368798
mc.yandex.ru/ Name: yabs-sid
Value: 938203771676368798
.yandex.ru/ Name: i
Value: c77QIQ2lcPrHo+mgqV9N4EhiXhTnTxTXXl5bq+YxbuD6jxzYZRWPAvm0Eph7ZdY/S975YQ1P8EdKUktgJSX1hejZD6Y=
.yandex.ru/ Name: yandexuid
Value: 9918837311676368798
.yandex.ru/ Name: yuidss
Value: 9918837311676368798
.domaferma.com/ Name: _ym_visorc
Value: w
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2652150483fake
.domaferma.com/ Name: __gads
Value: ID=44516e11a3478046-22c0327291dc00b9:T=1676368798:RT=1676368798:S=ALNI_Mago_dqHmAZMzrgSrh3Hp2NNOLa_A
.domaferma.com/ Name: __gpi
Value: UID=00000bb55cafd972:T=1676368798:RT=1676368798:S=ALNI_MamxMuZWIvr9Fg_MLQ97T-iTID6tg
.mc.webvisor.org/ Name: sync_cookie_csrf
Value: 26531038fake
.yandex.com/ Name: yandexuid
Value: 9918837311676368798
.yandex.com/ Name: yuidss
Value: 9918837311676368798
.yandex.com/ Name: i
Value: c77QIQ2lcPrHo+mgqV9N4EhiXhTnTxTXXl5bq+YxbuD6jxzYZRWPAvm0Eph7ZdY/S975YQ1P8EdKUktgJSX1hejZD6Y=
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1718808629fake
.webvisor.org/ Name: yandexuid
Value: 9918837311676368798
.webvisor.org/ Name: yuidss
Value: 9918837311676368798
.webvisor.org/ Name: i
Value: c77QIQ2lcPrHo+mgqV9N4EhiXhTnTxTXXl5bq+YxbuD6jxzYZRWPAvm0Eph7ZdY/S975YQ1P8EdKUktgJSX1hejZD6Y=
.mc.webvisor.org/ Name: sync_cookie_ok
Value: synced
.doubleclick.net/ Name: IDE
Value: AHWqTUmK0fes4p5GAobsO8uh3ZHaMB7o71zsZFsEk34cDuORhyqzoseUB-3Gsz82_5I
domaferma.com/ Name: flat_r_mb
Value: %2F%2F%2F%3Adirect

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.jsdelivr.net
domaferma.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
googleads.g.doubleclick.net
mc.webvisor.org
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
yandex.ru
yastatic.net
2606:4700::6810:5614
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:811::200e
2a00:1450:4001:812::200e
2a00:1450:4001:813::2003
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:830::200e
2a00:1450:400d:80e::2004
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8:a::a
5.253.61.99
80.239.201.95
00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b
0090b026b19a84a009268f318823ccec8aa9f9181758eff88073ce3926cf5d42
01087a70cede581029d25d54ffe13cf4311273fc1c0753dad616fefa14abc781
01e7bf3b2c1605527749e4413671f688f685082880e67b584f4fb080f71ad564
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
0bdb237071a14f533562572623932556799d8f62080ec40b2af57cf673b4d043
1169680e3ccc40ebd1666084b9f15f9fa66b610fe5bf25c5ac074a958ac357fd
1eed93f12dca8e490a614551c9f816a0587fc11eba55a4dccc9610bceb545a2b
1f77f1c60435921cb2d68ccfb3bf2da81dd35f274014c4cd5a5b9c20c4a46a27
2020e8a3c910eca0ba278da98160214b0798a0bf37269ea5426e5a97d3f123bc
255bbdc2a44e99169f7196982ff3155cf5631bdc043a1a431e5ea8f51297bb73
284cc0215846e0177a71374a6b5edfc803d932978413faca489263984d2866fc
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2afa6b50234b5ccae90d6a319a030f60ddc30159c95cc4c80258f737ce63cfaa
2b134c42e6a841ce8ae1960efe994c55ffab22682cfe5c824da2c9418b710b99
2befb3b4b146aa2946b5be31a86ff1c99ec138cc6a94edd5b5ae1671666750b8
2cc14302853152b4cf0190c93c642fd13006bf190b328892bd2644a4a35a97e3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
3748e1b45a957a4389e5f4c7b7b5ff08530674e68de7299507d19919334891f2
3d9196618edd013039c09125136026811f1cff437e754c4e8b6898159dfea7c4
3e50a175497d44d3bfb764d99541821c913fef8630d0f7a6f78fb31efb64f96d
4267e33efbdc7d5fbe2f26173c72bdbdf8b5ef201a72794d81f0f8cc0ca13e5a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55cac6972da166dcaad5f984a01e5500f94035068a2213dd1b9d58f2b70d115b
57f674fb1b56addde694ba2f277e315267ca01ebcbb69e390d2166ca827d3ce3
5b81416ab5204fa3aa472276b4b205fa5a4e3a527ae484e533c150c5813bc2c5
5e2bd2477e3cbe4f338e883c21f9db1954a77216d7dd1eb6311b43eef8ef9be0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63bc525a38e0382d714c3d9635193766c1095b3b898e5b490684a75e0a6f6de4
68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e
6a691fa5c4d88270bd48832a2e1116e9b52a987116dd36b391acaddaf4a7aa8c
6c3ad0ed975d3ac96b33f59894052d2c7fed2477321b30216c583ab5d10334e1
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
6f3cfe22a37379062037503f2a92084f531e0478d78946ddbadacb13745cd64e
6f597967c6180838e5ea9ecb5b4a35c01d96bc5c215a0f58c10706f0e2ec87c4
794eefadd20836f8151c0923502248ce0fe145c4e5dacd5ca80775751dae1060
7bbf86c4ceb94c35d1240c15fd6f15a8a20ebb38b91ec8c38836fd1b4a75c6dc
7f224c08a97f9037e65eca4f5d8fde74e657b18a4a065e5c6c3f5f0e3cb5f4a9
7fca0f20cf56296584339dd4d8a36c253aa6654f3f110e9f53e2adaf983773c1
805f20dd851c82879fa1f3b8ca7944e33f0b88b9a59ccfb2a9655c867372a268
8175c56772af6858dadaaed3096549ef76c980eab1ddb53624f6be293b19d48f
87ca05a7e60f13e4efd333b5b008b19c73b151ddabb1a73aa69cd88cd6f948bb
95d12a1595fd434ac6fa173dabf4073eab5f782e5c4f97fb76f8f5afe78064a5
95d3bbd1f0760fd4fc12ab4266964dc621861314a032e4b7743e55fbc3dcf345
978b751467062c4f4c30543b1c8a73fece527dbaa8ac5e6c4bb4eaa1d544d1c8
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a69c12ccd186a899db79fce802b46c08e71f69c2c422be2666ed8565e3add026
aa1dedeb3fe5848da17a5d5aa5eb6b57f51955c4a3222a98c906672d34836bfb
ad19787d6918da31389c40e7a0f575d175511aef25ec1d6aa7339e091e0d00f5
b1a95eb95ad04a2ab64d58181345e3bc113dcccb89bce32501dda1b6f7e00257
b37d2fd70b0f0c895f11604434cf1afdf1922e008bbcd806d2e8fcff49e1b993
b47bfd80aa185f0903315ae94aeb3e6d20b8c183b3d07ff9986983f4faa440a4
b549efe5a81de27a403a362577fd3855d2dea14fbd7309584ee5882bf856aec1
b6219233f75fc81b56f61aa44c87f67e8de0e5dc1e99d892fa794a8300c800bb
b65b1413f361a17b3e080cb2f0e948574f9e0678cb06ebfa00f1b29758ae4941
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c
b84ae544e7ffeecf69601bcec8d1f5e33a7ce1976136a09ff46c4659e1bac7be
b9d642da8cc8206cb4a440752a1b3220cb2e842b9d95a5fa352de1c91f5ff96a
bb8eb30eacadbf512e52d63bbb7c903bf1fb3317bb7d9dfe11de4ba96e292546
c8f6f2d793420e52deff293787e25eca74b0b3b43e8c95951902e91871317fcb
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
ce8bfce61f4236b148b166f59562980da11e19c78c04e8dc4984ff43464e4683
da3760e1ab7990bdc88e8a516bb0dbe91e7e35d4e88c9af8feb0dcf862bf9d38
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59f576fb077be32309f57e24d0371f7af27a3f82e91aee4a727f573ee9ccdb3
ea0d45058b7aeeba5ef19747b39017bbc9658614d9d5d4cadda29272d097005b
edd2e87319b96c95251f7562f2e4cec823e9d3d88d5d08d3bb8560a730980cbe
edf2236ca284878d8a1b1c7980664438cbccae0bcdfc0193d8cfbe0d3e90671d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f