blotos.ru Open in urlscan Pro
157.90.211.187 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://blotos.ru/
Effective URL:
https://blotos.ru/
Submission: On July 24 via api (July 24th 2021, 5:33:06 pm UTC) from KR

Summary HTTP 101 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 15 domains to perform 101 HTTP transactions. The main IP is 157.90.211.187, located in Germany and belongs to HETZNER-AS, DE. The main domain is blotos.ru.
TLS certificate: Issued by R3 on July 4th 2021. Valid for: 3 months.

This is the only time blotos.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 36	157.90.211.187 157.90.211.187	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:f000:6:b871:4f00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:215... 2600:9000:2156:ae00:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	92.38.252.165 92.38.252.165	12695 (DINET-AS) (DINET-AS)
3 10	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
8	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
5	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
101	19

36 157.90.211.187 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.187.211.90.157.clients.your-server.de

blotos.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:f000:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:ae00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.38.252.165 (Reutov, Russian Federation)

ASN12695 (DINET-AS, RU)

allstat-pp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.dk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	blotos.ru 1 redirects blotos.ru	354 KB
26	googlesyndication.com pagead2.googlesyndication.com a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com tpc.googlesyndication.com	355 KB
9	doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net	173 KB
8	yandex.com 2 redirects mc.yandex.com	3 KB
8	gstatic.com fonts.gstatic.com	100 KB
4	google.com 1 redirects adservice.google.com www.google.com	2 KB
3	optad360.io cmp.optad360.io get.optad360.io	294 KB
3	googleapis.com fonts.googleapis.com ajax.googleapis.com	97 KB
2	googletagservices.com www.googletagservices.com	65 KB
2	yandex.ru 1 redirects mc.yandex.ru	71 KB
1	google.dk adservice.google.dk	853 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	google.de adservice.google.de	853 B
1	googleadservices.com partner.googleadservices.com	655 B
1	allstat-pp.ru allstat-pp.ru	4 KB
101	15

	Domain	Requested by
36	blotos.ru	1 redirects blotos.ru
16	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com blotos.ru a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com
8	mc.yandex.com	2 redirects blotos.ru mc.yandex.ru
8	fonts.gstatic.com	fonts.googleapis.com
8	pagead2.googlesyndication.com	blotos.ru pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
5	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net blotos.ru
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.googletagservices.com	pagead2.googlesyndication.com a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	mc.yandex.ru	1 redirects blotos.ru
2	get.optad360.io	blotos.ru get.optad360.io
2	ajax.googleapis.com	blotos.ru
1	adservice.google.dk	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	get.optad360.io
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	allstat-pp.ru	blotos.ru
1	cmp.optad360.io	blotos.ru
1	fonts.googleapis.com	blotos.ru
101	21

This site contains links to these domains. Also see Links.

Domain
vk.com

Subject Issuer	Validity	Valid
blotos.ru R3	`2021-07-04` - `2021-10-02`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.optad360.io Amazon	`2020-12-17` - `2022-01-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
allstat-pp.ru R3	`2021-07-10` - `2021-10-08`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
*.google.dk GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://blotos.ru/
Frame ID: C1368934ECBDAE15302F8145493426EF
Requests: 80 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210720/r20190131/zrt_lookup.html
Frame ID: 2AD8E0B867BCC837C459856D064BB704
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2287399150441348&output=html&adk=1812271804&adf=3025194257&lmt=1626880217&plat=1%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fblotos.ru%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627147968021&bpp=3&bdt=311&idt=277&shv=r20210720&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4156121997921&frm=20&pv=2&ga_vid=912804835.1627147968&ga_sid=1627147968&ga_hid=1494596019&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31061847&oid=3&pvsid=1193091768844068&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=294
Frame ID: 06119CC73BDD9C3C59FE48484825C4D0
Requests: 1 HTTP requests in this frame

Frame: https://a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C4B914EC94D56D968578977B670988F8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 4186227B00DBA5CDE32A74EC6EE58632
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 201038EC39FFE12A7C5F17D91857BF5C
Requests: 1 HTTP requests in this frame

Frame: https://a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E27DF3602221BB548BB183727F56DF6C
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2698035891139837770/index.html
Frame ID: B94B81B7A5CE6702BBF4AC26475E3A5A
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 470DF68FA3CC12090A8942304EFC24E0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://blotos.ru/ HTTP 301
https://blotos.ru/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
script /jquery-ui.*\.js/i

Page Statistics

101
Requests

100 %
HTTPS

78 %
IPv6

15
Domains

21
Subdomains

19
IPs

3
Countries

1519 kB
Transfer

3875 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://vk.com/sustav_inf

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://blotos.ru/ HTTP 301
https://blotos.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9344.OqsFgMBI8p23JOjl1I53kTgpdmLi_G9Ht0_3II5-vbdXYIrOBB_AZ7cN74iIC4pm.q0ncKu7jhSSdt0Bj7mp9iMLbxT0%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9344.MlP-gMoPl6XCNFukn5h4_fFuyllGDg0vin-wqsqDsHMTk8H9R_yfYYX_0kmPeXS0pM-2Ilo8ikAJlHtEVgy4NQ%2C%2C.9rQZI0ZgezEljINAjh7cln2WZRo%2C

Request Chain 68

https://mc.yandex.com/watch/51281773?wmode=7&page-url=https%3A%2F%2Fblotos.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A400%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A1593900663310%3Ahid%3A203428091%3Az%3A120%3Ai%3A20210724193248%3Aet%3A1627147968%3Ac%3A1%3Arn%3A1049942552%3Au%3A1627147968657819435%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627147967513%3Ads%3A0%2C78%2C39%2C22%2C78%2C0%2C%2C233%2C25%2C%2C%2C%2C431%3Adsn%3A0%2C79%2C38%2C22%2C78%2C0%2C%2C214%2C25%2C%2C%2C%2C432%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627147968%3At%3A%D0%91%D0%B5%D0%BB%D1%8B%D0%B9%20%D0%BB%D0%BE%D1%82%D0%BE%D1%81%20-%20%D0%90%D0%BF%D1%82%D0%B5%D0%BA%D0%B0%20%D0%BF%D0%BE%20%D0%B0%D0%B4%D1%80%D0%B5%D1%81%D1%83%20-%20%D0%9C%D0%BE%D1%81%D0%BA%D0%B2%D0%B0%2C%20%D0%A8%D0%B0%D0%B1%D0%BE%D0%BB%D0%BE%D0%B2%D0%BA%D0%B0%2C%202 HTTP 302
https://mc.yandex.com/watch/51281773/1?wmode=7&page-url=https%3A%2F%2Fblotos.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A400%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A1593900663310%3Ahid%3A203428091%3Az%3A120%3Ai%3A20210724193248%3Aet%3A1627147968%3Ac%3A1%3Arn%3A1049942552%3Au%3A1627147968657819435%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627147967513%3Ads%3A0%2C78%2C39%2C22%2C78%2C0%2C%2C233%2C25%2C%2C%2C%2C431%3Adsn%3A0%2C79%2C38%2C22%2C78%2C0%2C%2C214%2C25%2C%2C%2C%2C432%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627147968%3At%3A%D0%91%D0%B5%D0%BB%D1%8B%D0%B9%20%D0%BB%D0%BE%D1%82%D0%BE%D1%81%20-%20%D0%90%D0%BF%D1%82%D0%B5%D0%BA%D0%B0%20%D0%BF%D0%BE%20%D0%B0%D0%B4%D1%80%D0%B5%D1%81%D1%83%20-%20%D0%9C%D0%BE%D1%81%D0%BA%D0%B2%D0%B0%2C%20%D0%A8%D0%B0%D0%B1%D0%BE%D0%BB%D0%BE%D0%B2%D0%BA%D0%B0%2C%202

Request Chain 91

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

101 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
blotos.ru/
Redirect Chain

http://blotos.ru/
https://blotos.ru/

93 KB
20 KB

117ms
38ms

Document
text/html

157.90.211.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://blotos.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

157.90.211.187 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.187.211.90.157.clients.your-server.de

Software

nginx/1.18.0 /

Resource Hash

18abab61d44f715d0626897a83020e48b9cfcdcb95cc114f0f2fc159390dd48e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: blotos.ru
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx/1.18.0
date: Sat, 24 Jul 2021 17:32:47 GMT
content-type: text/html; charset=UTF-8
content-length: 20180
last-modified: Wed, 21 Jul 2021 15:10:17 GMT
etag: "60f838d9-4ed4"
expires: Mon, 23 Aug 2021 17:32:47 GMT
cache-control: max-age=2592000
content-encoding: gzip
vary: Accept-Encoding, Cookie
x-rocket-nginx-bypass: Yes
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes

Redirect headers

Server: nginx/1.18.0
Date: Sat, 24 Jul 2021 17:32:47 GMT
Content-Type: text/html
Content-Length: 169
Connection: close
Location: https://blotos.ru/

GET
H2 200 ab2676deb3a578fd23bc3a111f2d51a0.css
blotos.ru/wp-content/cache/min/1/ 172 KB
42 KB 45ms
45ms Stylesheet
text/css 157.90.211.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blotos.ru/wp-content/cache/min/1/ab2676deb3a578fd23bc3a111f2d51a0.css
Requested by: Host: blotos.ru
URL: https://blotos.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.211.187 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.211.90.157.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 91632cd2baf8082abe69718f5d4a15fef41e5e95e612bfe7a65ef7cd0619f1dd

Request headers

:path: /wp-content/cache/min/1/ab2676deb3a578fd23bc3a111f2d51a0.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: blotos.ru
referer: https://blotos.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:47 GMT
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 22:44:36 GMT
server: nginx/1.18.0
etag: W/"60ee1754-2b199"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
x-rocket-nginx-bypass: No
expires: Mon, 23 Aug 2021 17:32:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 17 KB
1 KB 14ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i&subset=cyrillic&display=swap

Requested by

Host: blotos.ru
URL: https://blotos.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

af48c90efd5651be6b42fb0271086b3a44e7a7130c91104d8c4bfc1a98352f1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 24 Jul 2021 17:04:13 GMT
server: ESF
date: Sat, 24 Jul 2021 17:32:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Jul 2021 17:32:47 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1/ 94 KB
33 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js

Requested by

Host: blotos.ru
URL: https://blotos.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 20:11:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 249660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Jul 2022 20:11:47 GMT

GET
H2 200 fotorama.js Show response
blotos.ru/wp-content/plugins/fotorama/ 100 KB
33 KB 65ms
64ms Script
application/javascript 157.90.211.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blotos.ru/wp-content/plugins/fotorama/fotorama.js
Requested by: Host: blotos.ru
URL: https://blotos.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.211.187 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.211.90.157.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: a2f9a51352fb5c581d8b5fe3fa25147c85c66c26b2efe75ded5b4ea51342bc7c

Request headers

:path: /wp-content/plugins/fotorama/fotorama.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: blotos.ru
referer: https://blotos.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:47 GMT
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 18:14:52 GMT
server: nginx/1.18.0
etag: W/"6089a61c-19185"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
x-rocket-nginx-bypass: No
expires: Mon, 23 Aug 2021 17:32:47 GMT

GET
H2 200 fotoramaDefaults.js Show response
blotos.ru/wp-content/plugins/ 174 B
371 B 72ms
70ms Script
application/javascript 157.90.211.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blotos.ru/wp-content/plugins/fotoramaDefaults.js
Requested by: Host: blotos.ru
URL: https://blotos.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.211.187 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.211.90.157.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: d57e151a64573b405219678593c9aa1d68de50c4d787ac8223e403ee9f665364

Request headers

:path: /wp-content/plugins/fotoramaDefaults.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: blotos.ru
referer: https://blotos.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:47 GMT
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 18:14:52 GMT
server: nginx/1.18.0
etag: W/"6089a61c-ae"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
x-rocket-nginx-bypass: No
expires: Mon, 23 Aug 2021 17:32:47 GMT

GET
H2 200 fotorama-wp.js Show response
blotos.ru/wp-content/plugins/fotorama/ 570 B
500 B 72ms
70ms Script
application/javascript 157.90.211.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blotos.ru/wp-content/plugins/fotorama/fotorama-wp.js
Requested by: Host: blotos.ru
URL: https://blotos.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.211.187 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.211.90.157.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: f101d9ae483dee5b393382743223b38763c2c0b2ddda7d54429f9375f489be2e

Request headers

:path: /wp-content/plugins/fotorama/fotorama-wp.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: blotos.ru
referer: https://blotos.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:47 GMT
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 18:14:52 GMT
server: nginx/1.18.0
etag: W/"6089a61c-23a"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
x-rocket-nginx-bypass: No
expires: Mon, 23 Aug 2021 17:32:47 GMT

GET
H2 200 infinite-scroll.pkgd.min.js Show response
blotos.ru/wp-content/plugins/responsive-lightbox/assets/infinitescroll/ 25 KB
8 KB 74ms
73ms Script
application/javascript 157.90.211.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blotos.ru/wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js
Requested by: Host: blotos.ru
URL: https://blotos.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.211.187 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.211.90.157.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 378f79bc8e52dc7c86332d048c8b8f57ad672c3c917ca54b08630bb487b99d3f

Request headers

:path: /wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: blotos.ru
referer: https://blotos.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:47 GMT
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 18:14:53 GMT
server: nginx/1.18.0
etag: W/"6089a61d-64e6"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
x-rocket-nginx-bypass: No
expires: Mon, 23 Aug 2021 17:32:47 GMT

GET
H2 200 responsivescrollingtables.js Show response
blotos.ru/wp-content/plugins/responsive-scrolling-tables/js/ 1 KB
870 B 75ms
74ms Script
application/javascript 157.90.211.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blotos.ru/wp-content/plugins/responsive-scrolling-tables/js/responsivescrollingtables.js
Requested by: Host: blotos.ru
URL: https://blotos.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.211.187 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.211.90.157.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 92567833cdb642f43e56b6907245ce9f595f39c8ca6657a2c4a461d7cc9b3283

Request headers

:path: /wp-content/plugins/responsive-scrolling-tables/js/responsivescrollingtables.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: blotos.ru
referer: https://blotos.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:47 GMT
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 18:14:52 GMT
server: nginx/1.18.0
etag: W/"6089a61c-5a7"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
x-rocket-nginx-bypass: No
expires: Mon, 23 Aug 2021 17:32:47 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/ 235 KB
64 KB 25ms
7ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.js

Requested by

Host: blotos.ru
URL: https://blotos.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 13:02:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16237
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64481
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Jul 2022 13:02:10 GMT

GET
H2 200 script.js Show response
blotos.ru/wp-content/plugins/site-notes/js/ 4 KB
1 KB 75ms
74ms Script
application/javascript 157.90.211.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blotos.ru/wp-content/plugins/site-notes/js/script.js
Requested by: Host: blotos.ru
URL: https://blotos.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.211.187 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.211.90.157.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 39c93d90ab2a8a7ac78307f8ac85fcf970b78f902663003a52fa48a457bb5b11

Request headers

:path: /wp-content/plugins/site-notes/js/script.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: blotos.ru
referer: https://blotos.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:47 GMT
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 18:14:52 GMT
server: nginx/1.18.0
etag: W/"6089a61c-105d"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
x-rocket-nginx-bypass: No
expires: Mon, 23 Aug 2021 17:32:47 GMT

GET
H2 200 2628742d-6691-4c0d-b0d9-3269c17ca15a.min.js Show response
cmp.optad360.io/items/ 253 KB
72 KB 36ms
10ms Script
application/javascript 2600:9000:2156:f000:6:b871:4f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.optad360.io/items/2628742d-6691-4c0d-b0d9-3269c17ca15a.min.js
Requested by: Host: blotos.ru
URL: https://blotos.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f000:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 49946a18a170d273df588b140e8f1c032fb768292c4d638fd112ba02be097dbf

Request headers

Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:28:48 GMT
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 11:59:05 GMT
server: AmazonS3
age: 240
etag: W/"cbba369d8537b39ddbca3a2fa2a4ba59"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: uFublBv0wqGlREj5f3ZNJ--IC5asQ4pQ5pmcJaYjtocQITR_186noA==

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/1a7b6eb4-e68e-4896-9daa-ac04c6c8dd22/ 283 KB
77 KB 44ms
9ms Script
application/javascript 2600:9000:2156:ae00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/1a7b6eb4-e68e-4896-9daa-ac04c6c8dd22/plugin.min.js
Requested by: Host: blotos.ru
URL: https://blotos.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ae00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: abcdfab06f6d269b853cf4595cd1487d641b2fe4a6cc1b6901819f6acd45208e

Request headers

Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:28:48 GMT
content-encoding: gzip
last-modified: Mon, 19 Apr 2021 08:34:27 GMT
server: AmazonS3
age: 240
etag: W/"8f6cc3c71b013305de97c697afbe492a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Z5sO96RBCYesxW4tblP_kaFJsMgMLjInVXU7bG6_g3NhSIx-TrcfCg==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
49 KB 41ms
20ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: blotos.ru
URL: https://blotos.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ddc5f1fc8a5d999b69da547b93f8d5feb974fca65cf84ca15e1ab71d0f1a7e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49264
x-xss-protection: 0
server: cafe
etag: 11165245792214215923
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 24 Jul 2021 17:32:47 GMT

GET
H2 200 a08f0282b4375759ec3d1770f7a1fb23894ad3f7.js Show response
allstat-pp.ru/547/ 14 KB
4 KB 208ms
69ms Script
application/javascript 92.38.252.165
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://allstat-pp.ru/547/a08f0282b4375759ec3d1770f7a1fb23894ad3f7.js
Requested by: Host: blotos.ru
URL: https://blotos.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 92.38.252.165 Reutov, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 236d145ad0b45bce1cd003db9fce24fbad60c56328eee4c9685130a1fd6a5960

Request headers

Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:48 GMT
content-encoding: gzip
last-modified: Tue, 22 Jun 2021 12:58:14 GMT
server: nginx/1.16.1
etag: W/"60d1de66-38b2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 nivo-lightbox.min.js Show response
blotos.ru/wp-content/plugins/responsive-lightbox/assets/nivo/ 7 KB
2 KB 73ms
72ms Script
application/javascript 157.90.211.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blotos.ru/wp-content/plugins/responsive-lightbox/assets/nivo/nivo-lightbox.min.js
Requested by: Host: blotos.ru
URL: https://blotos.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.211.187 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.211.90.157.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 0d4ceaba59083cc562667b22470e132a5c0292da7a3376a9ebacae977ec23caa

Request headers

:path: /wp-content/plugins/responsive-lightbox/assets/nivo/nivo-lightbox.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: blotos.ru
referer: https://blotos.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:47 GMT
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 18:14:53 GMT
server: nginx/1.18.0
etag: W/"6089a61d-1cfc"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
x-rocket-nginx-bypass: No
expires: Mon, 23 Aug 2021 17:32:47 GMT

GET
H2 200 underscore.min.js Show response
blotos.ru/wp-includes/js/ 16 KB
6 KB 75ms
74ms Script
application/javascript 157.90.211.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blotos.ru/wp-includes/js/underscore.min.js
Requested by: Host: blotos.ru
URL: https://blotos.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.211.187 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.211.90.157.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9

Request headers

:path: /wp-includes/js/underscore.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: blotos.ru
referer: https://blotos.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:47 GMT
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 18:14:10 GMT
server: nginx/1.18.0
etag: W/"6089a5f2-3ead"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
x-rocket-nginx-bypass: No
expires: Mon, 23 Aug 2021 17:32:47 GMT

GET
H2 200 front.js Show response
blotos.ru/wp-content/plugins/responsive-lightbox/js/ 26 KB
7 KB 77ms
76ms Script
application/javascript 157.90.211.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blotos.ru/wp-content/plugins/responsive-lightbox/js/front.js
Requested by: Host: blotos.ru
URL: https://blotos.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.211.187 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.211.90.157.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 3c8ba982e1a7629cb5be1c6e7ac909bb494b895a63affce2f6306e5cd244505a

Request headers

:path: /wp-content/plugins/responsive-lightbox/js/front.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: blotos.ru
referer: https://blotos.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:47 GMT
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 18:14:53 GMT
server: nginx/1.18.0
etag: W/"6089a61d-68e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
x-rocket-nginx-bypass: No
expires: Mon, 23 Aug 2021 17:32:47 GMT

GET
H2 200 q2w3-fixed-widget.min.js Show response
blotos.ru/wp-content/plugins/q2w3-fixed-widget/js/ 4 KB
2 KB 77ms
77ms Script
application/javascript 157.90.211.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blotos.ru/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js
Requested by: Host: blotos.ru
URL: https://blotos.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.211.187 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.211.90.157.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d

Request headers

:path: /wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: blotos.ru
referer: https://blotos.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:47 GMT
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 18:14:52 GMT
server: nginx/1.18.0
etag: W/"6089a61c-1108"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
x-rocket-nginx-bypass: No
expires: Mon, 23 Aug 2021 17:32:47 GMT

GET
H2 200 lazyload.min.js Show response
blotos.ru/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 8 KB
3 KB 39ms
38ms Script
application/javascript 157.90.211.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blotos.ru/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by: Host: blotos.ru
URL: https://blotos.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.211.187 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.211.90.157.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

:path: /wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: blotos.ru
referer: https://blotos.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:47 GMT
content-encoding: gzip
last-modified: Mon, 07 Jun 2021 23:55:55 GMT
server: nginx/1.18.0
etag: W/"60beb20b-1ed2"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
x-rocket-nginx-bypass: No
expires: Mon, 23 Aug 2021 17:32:47 GMT

GET
H2 200 slick.min.js Show response
blotos.ru/wp-content/themes/sky/js/ 41 KB
13 KB 77ms
77ms Script
application/javascript 157.90.211.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blotos.ru/wp-content/themes/sky/js/slick.min.js
Requested by: Host: blotos.ru
URL: https://blotos.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.211.187 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.211.90.157.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 5bd085ae9683aaf57ae67bb6bd1f645359b5a1150b548e79ee0c7be68a2e3a23

Request headers

:path: /wp-content/themes/sky/js/slick.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: blotos.ru
referer: https://blotos.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:47 GMT
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 18:14:10 GMT
server: nginx/1.18.0
etag: W/"6089a5f2-a3f2"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
x-rocket-nginx-bypass: No
expires: Mon, 23 Aug 2021 17:32:47 GMT

GET
H2 200 main.js Show response
blotos.ru/wp-content/themes/sky/js/ 8 KB
3 KB 77ms
77ms Script
application/javascript 157.90.211.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blotos.ru/wp-content/themes/sky/js/main.js
Requested by: Host: blotos.ru
URL: https://blotos.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.211.187 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.211.90.157.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 7c38ac1fc83c2862ab39482ce11dd2cfaefa1a59d46159643521df92d535fbfb

Request headers

:path: /wp-content/themes/sky/js/main.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: blotos.ru
referer: https://blotos.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:47 GMT
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 18:14:10 GMT
server: nginx/1.18.0
etag: W/"6089a5f2-2151"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
x-rocket-nginx-bypass: No
expires: Mon, 23 Aug 2021 17:32:47 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 223 KB
71 KB 147ms
49ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: blotos.ru
URL: https://blotos.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e788c7f07903cd5e96a062aa3ea175c987b0772cce696914daca381dee353dfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:47 GMT
content-encoding: br
last-modified: Fri, 23 Jul 2021 14:42:53 GMT
etag: "60f95590-11a70"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 72304
expires: Sat, 24 Jul 2021 18:32:47 GMT

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5afece9bf79da7f814ff66960a2d66465ae6a44475b6b3ed16f3bf54b5d8635

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b85175c21358b9c4e67033cef7ea98ed3f508ded187fd5a627bf9c77c0f74fb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i&subset=cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://blotos.ru
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 18:26:24 GMT
x-content-type-options: nosniff
age: 428783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 18:26:24 GMT

GET
H2 200 bg-search-btn.png
blotos.ru/wp-content/themes/sky/img/ 1 KB
1 KB 38ms
38ms Image
image/png 157.90.211.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blotos.ru/wp-content/themes/sky/img/bg-search-btn.png
Requested by: Host: blotos.ru
URL: https://blotos.ru/wp-content/cache/min/1/ab2676deb3a578fd23bc3a111f2d51a0.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.211.187 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.211.90.157.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 97306b0946a3f4074a6dbbcdd4bc4a59197a9fa662439be3514bf97e81b006ad

Request headers

:path: /wp-content/themes/sky/img/bg-search-btn.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: blotos.ru
referer: https://blotos.ru/wp-content/cache/min/1/ab2676deb3a578fd23bc3a111f2d51a0.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://blotos.ru/wp-content/cache/min/1/ab2676deb3a578fd23bc3a111f2d51a0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:47 GMT
last-modified: Wed, 28 Apr 2021 18:14:10 GMT
server: nginx/1.18.0
etag: "6089a5f2-4d7"
content-type: image/png
x-rocket-nginx-bypass: No
accept-ranges: bytes
content-length: 1239

GET
H2 200 bullhorn-solid.svg
blotos.ru/wp-content/themes/sky/img/ 911 B
1 KB 39ms
38ms Image
image/svg+xml 157.90.211.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blotos.ru/wp-content/themes/sky/img/bullhorn-solid.svg
Requested by: Host: blotos.ru
URL: https://blotos.ru/wp-content/cache/min/1/ab2676deb3a578fd23bc3a111f2d51a0.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.211.187 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.211.90.157.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 371d734897e2376d2582c4b53235e61fd59d40bc462b8bfebb3990edcfba7905

Request headers

:path: /wp-content/themes/sky/img/bullhorn-solid.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: blotos.ru
referer: https://blotos.ru/wp-content/cache/min/1/ab2676deb3a578fd23bc3a111f2d51a0.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://blotos.ru/wp-content/cache/min/1/ab2676deb3a578fd23bc3a111f2d51a0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:47 GMT
last-modified: Wed, 28 Apr 2021 18:14:10 GMT
server: nginx/1.18.0
etag: "6089a5f2-38f"
content-type: image/svg+xml
x-rocket-nginx-bypass: No
accept-ranges: bytes
content-length: 911

GET
H2 200 bg-list-arrow.png
blotos.ru/wp-content/themes/sky/img/ 296 B
442 B 39ms
38ms Image
image/png 157.90.211.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blotos.ru/wp-content/themes/sky/img/bg-list-arrow.png
Requested by: Host: blotos.ru
URL: https://blotos.ru/wp-content/cache/min/1/ab2676deb3a578fd23bc3a111f2d51a0.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.211.187 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.211.90.157.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: ff6eee8989eb9698ad2beaa9c77e979f5284a57313d3f3fbc5c8730e4746e288

Request headers

:path: /wp-content/themes/sky/img/bg-list-arrow.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: blotos.ru
referer: https://blotos.ru/wp-content/cache/min/1/ab2676deb3a578fd23bc3a111f2d51a0.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://blotos.ru/wp-content/cache/min/1/ab2676deb3a578fd23bc3a111f2d51a0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:47 GMT
last-modified: Wed, 28 Apr 2021 18:14:10 GMT
server: nginx/1.18.0
etag: "6089a5f2-128"
content-type: image/png
x-rocket-nginx-bypass: No
accept-ranges: bytes
content-length: 296

GET
H2 200 exclamation-solid.svg
blotos.ru/wp-content/themes/sky/img/ 527 B
677 B 40ms
38ms Image
image/svg+xml 157.90.211.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blotos.ru/wp-content/themes/sky/img/exclamation-solid.svg
Requested by: Host: blotos.ru
URL: https://blotos.ru/wp-content/cache/min/1/ab2676deb3a578fd23bc3a111f2d51a0.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.211.187 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.211.90.157.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: cec7e9626b08c1d9da2b23a255b7079165354952be758865ee1f8f3338eedf56

Request headers

:path: /wp-content/themes/sky/img/exclamation-solid.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: blotos.ru
referer: https://blotos.ru/wp-content/cache/min/1/ab2676deb3a578fd23bc3a111f2d51a0.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://blotos.ru/wp-content/cache/min/1/ab2676deb3a578fd23bc3a111f2d51a0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:47 GMT
last-modified: Wed, 28 Apr 2021 18:14:10 GMT
server: nginx/1.18.0
etag: "6089a5f2-20f"
content-type: image/svg+xml
x-rocket-nginx-bypass: No
accept-ranges: bytes
content-length: 527

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/ 10 KB
10 KB 16ms
14ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i&subset=cyrillic&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://blotos.ru
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 13:19:34 GMT
x-content-type-options: nosniff
age: 360793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9776
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:34 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 13:19:34 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 25ms
23ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i&subset=cyrillic&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://blotos.ru
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:45:21 GMT
x-content-type-options: nosniff
age: 402446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 01:45:21 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/ 9 KB
9 KB 28ms
27ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i&subset=cyrillic&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://blotos.ru
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:47:10 GMT
x-content-type-options: nosniff
age: 413137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9544
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:11:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 22:47:10 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v27/ 9 KB
9 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i&subset=cyrillic&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://blotos.ru
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 00:58:58 GMT
x-content-type-options: nosniff
age: 405229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:43 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 00:58:58 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 16 KB
16 KB 12ms
12ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i&subset=cyrillic&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://blotos.ru
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 17:17:27 GMT
x-content-type-options: nosniff
age: 346520
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 17:17:27 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i&subset=cyrillic&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb83389ea7513242a9a237454ce7989eb6d84c4ec2fe15c81bad6f89c87fe89e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://blotos.ru
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 07:45:42 GMT
x-content-type-options: nosniff
age: 380825
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9500
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:29 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 07:45:42 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i&subset=cyrillic&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://blotos.ru
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 12:00:01 GMT
x-content-type-options: nosniff
age: 365566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 12:00:01 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c9c2fba328f8c7ceed6a8476a1ea2ad12678d2ff6f3272a4b19db74cf6c2bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf0f9518ff5e24c65147f08bffe5ba4e5bf45b28144677143c132ecbd5c09fa4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a48ba6d11055a2a6f840befa14e603650d8ca3d752e16daccd828d3869fb791

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 bg-icon.png
blotos.ru/wp-content/themes/sky/img/ 2 KB
2 KB 38ms
38ms Image
image/png 157.90.211.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blotos.ru/wp-content/themes/sky/img/bg-icon.png
Requested by: Host: blotos.ru
URL: https://blotos.ru/wp-content/cache/min/1/ab2676deb3a578fd23bc3a111f2d51a0.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.211.187 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.211.90.157.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 9713f64285cc16fe7adcc4af83a3e67fa7aafb2bac4eacc72196197eef9886c7

Request headers

:path: /wp-content/themes/sky/img/bg-icon.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: blotos.ru
referer: https://blotos.ru/wp-content/cache/min/1/ab2676deb3a578fd23bc3a111f2d51a0.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://blotos.ru/wp-content/cache/min/1/ab2676deb3a578fd23bc3a111f2d51a0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:47 GMT
last-modified: Wed, 28 Apr 2021 18:14:10 GMT
server: nginx/1.18.0
etag: "6089a5f2-6f1"
content-type: image/png
x-rocket-nginx-bypass: No
accept-ranges: bytes
content-length: 1777

GET
H2 200 bg-icon-view_white.png
blotos.ru/wp-content/themes/sky/img/ 696 B
842 B 39ms
38ms Image
image/png 157.90.211.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blotos.ru/wp-content/themes/sky/img/bg-icon-view_white.png
Requested by: Host: blotos.ru
URL: https://blotos.ru/wp-content/cache/min/1/ab2676deb3a578fd23bc3a111f2d51a0.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.211.187 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.211.90.157.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e07692e592279c55595e7f12609ce2204e2d35871568c5fa45ee81fe9c8347dd

Request headers

:path: /wp-content/themes/sky/img/bg-icon-view_white.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: blotos.ru
referer: https://blotos.ru/wp-content/cache/min/1/ab2676deb3a578fd23bc3a111f2d51a0.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://blotos.ru/wp-content/cache/min/1/ab2676deb3a578fd23bc3a111f2d51a0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:47 GMT
last-modified: Wed, 28 Apr 2021 18:14:10 GMT
server: nginx/1.18.0
etag: "6089a5f2-2b8"
content-type: image/png
x-rocket-nginx-bypass: No
accept-ranges: bytes
content-length: 696

GET
H2 200 bg-social.jpg
blotos.ru/wp-content/themes/sky/img/ 3 KB
3 KB 38ms
38ms Image
image/jpeg 157.90.211.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blotos.ru/wp-content/themes/sky/img/bg-social.jpg
Requested by: Host: blotos.ru
URL: https://blotos.ru/wp-content/cache/min/1/ab2676deb3a578fd23bc3a111f2d51a0.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.211.187 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.211.90.157.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 5f63940504b4adba3da696b5a107711f4c757e6ae491dbacecce727c335102b6

Request headers

:path: /wp-content/themes/sky/img/bg-social.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: blotos.ru
referer: https://blotos.ru/wp-content/cache/min/1/ab2676deb3a578fd23bc3a111f2d51a0.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://blotos.ru/wp-content/cache/min/1/ab2676deb3a578fd23bc3a111f2d51a0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:47 GMT
last-modified: Wed, 28 Apr 2021 18:14:10 GMT
server: nginx/1.18.0
etag: "6089a5f2-a9b"
content-type: image/jpeg
x-rocket-nginx-bypass: No
accept-ranges: bytes
content-length: 2715

GET
H2 200 long-arrow-alt-left-solid.svg
blotos.ru/wp-content/themes/sky/img/ 507 B
657 B 39ms
38ms Image
image/svg+xml 157.90.211.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blotos.ru/wp-content/themes/sky/img/long-arrow-alt-left-solid.svg
Requested by: Host: blotos.ru
URL: https://blotos.ru/wp-content/cache/min/1/ab2676deb3a578fd23bc3a111f2d51a0.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.211.187 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.211.90.157.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 8386d20cf12f22e11cbd81f021bb0d8b5087bc4e02a4bcb4cf6a06b38ee170c8

Request headers

:path: /wp-content/themes/sky/img/long-arrow-alt-left-solid.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: blotos.ru
referer: https://blotos.ru/wp-content/cache/min/1/ab2676deb3a578fd23bc3a111f2d51a0.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://blotos.ru/wp-content/cache/min/1/ab2676deb3a578fd23bc3a111f2d51a0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:47 GMT
last-modified: Wed, 28 Apr 2021 18:14:10 GMT
server: nginx/1.18.0
etag: "6089a5f2-1fb"
content-type: image/svg+xml
x-rocket-nginx-bypass: No
accept-ranges: bytes
content-length: 507

GET
H2 200 long-arrow-alt-right-solid.svg
blotos.ru/wp-content/themes/sky/img/ 508 B
658 B 38ms
38ms Image
image/svg+xml 157.90.211.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blotos.ru/wp-content/themes/sky/img/long-arrow-alt-right-solid.svg
Requested by: Host: blotos.ru
URL: https://blotos.ru/wp-content/cache/min/1/ab2676deb3a578fd23bc3a111f2d51a0.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.211.187 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.211.90.157.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 57928b5596674ede7a32e01146922b488fb1d53e42da0c892df87af0a371b9f2

Request headers

:path: /wp-content/themes/sky/img/long-arrow-alt-right-solid.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: blotos.ru
referer: https://blotos.ru/wp-content/cache/min/1/ab2676deb3a578fd23bc3a111f2d51a0.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://blotos.ru/wp-content/cache/min/1/ab2676deb3a578fd23bc3a111f2d51a0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:47 GMT
last-modified: Wed, 28 Apr 2021 18:14:10 GMT
server: nginx/1.18.0
etag: "6089a5f2-1fc"
content-type: image/svg+xml
x-rocket-nginx-bypass: No
accept-ranges: bytes
content-length: 508

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/ 250 KB
93 KB 43ms
29ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2287399150441348&plah=blotos.ru&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c83eae7a38656b387443bacfd93af203e31b66bf687c21af1ef00fab98507aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95151
x-xss-protection: 0
server: cafe
etag: 4826816153601596757
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 24 Jul 2021 17:32:48 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210720/r20190131/ Frame 2AD8 10 KB
5 KB 25ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210720/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210720/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://blotos.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://blotos.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 24 Jul 2021 01:46:23 GMT
expires: Sat, 07 Aug 2021 01:46:23 GMT
content-type: text/html; charset=UTF-8
etag: 4389807852502320046
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 56785
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 413423.png
blotos.ru/wp-content/uploads/2018/11/ 3 KB
3 KB 39ms
38ms Image
image/png 157.90.211.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blotos.ru/wp-content/uploads/2018/11/413423.png
Requested by: Host: blotos.ru
URL: https://blotos.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.211.187 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.211.90.157.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 97be7cb19de463e12a10d61b30007be5f8d1032e319e0d4bee843d3b5120c77d

Request headers

:path: /wp-content/uploads/2018/11/413423.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: blotos.ru
referer: https://blotos.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:48 GMT
last-modified: Wed, 28 Apr 2021 18:18:19 GMT
server: nginx/1.18.0
etag: "6089a6eb-cc1"
content-type: image/png
cache-control: max-age=31536000
x-rocket-nginx-bypass: No
accept-ranges: bytes
content-length: 3265
expires: Sun, 24 Jul 2022 17:32:48 GMT

GET
H2 200 742b5fd23e63325_360x260.jpg
blotos.ru/wp-content/cache/thumb/25/ 18 KB
18 KB 41ms
39ms Image
image/jpeg 157.90.211.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blotos.ru/wp-content/cache/thumb/25/742b5fd23e63325_360x260.jpg
Requested by: Host: blotos.ru
URL: https://blotos.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.211.187 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.211.90.157.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e47acb96fa2d7079ec0b17f460053fbc9a891bae68e864e861fb2348fa8774e0

Request headers

:path: /wp-content/cache/thumb/25/742b5fd23e63325_360x260.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: blotos.ru
referer: https://blotos.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:48 GMT
last-modified: Wed, 28 Apr 2021 18:14:41 GMT
server: nginx/1.18.0
etag: "6089a611-47d8"
content-type: image/jpeg
x-rocket-nginx-bypass: No
accept-ranges: bytes
content-length: 18392

GET
H2 200 7e6da23294aa476_360x260.jpg
blotos.ru/wp-content/cache/thumb/76/ 34 KB
34 KB 43ms
41ms Image
image/jpeg 157.90.211.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blotos.ru/wp-content/cache/thumb/76/7e6da23294aa476_360x260.jpg
Requested by: Host: blotos.ru
URL: https://blotos.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.211.187 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.211.90.157.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 3215e43d8143783ca156bb806761950d28ca7eb8f1dae2c6bd9e4e96ddad0151

Request headers

:path: /wp-content/cache/thumb/76/7e6da23294aa476_360x260.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: blotos.ru
referer: https://blotos.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:48 GMT
last-modified: Fri, 02 Jul 2021 16:14:25 GMT
server: nginx/1.18.0
etag: "60df3b61-8798"
content-type: image/jpeg
x-rocket-nginx-bypass: No
accept-ranges: bytes
content-length: 34712

GET
H2 200 54e57b20375e6b9_360x260.jpg
blotos.ru/wp-content/cache/thumb/b9/ 13 KB
13 KB 45ms
44ms Image
image/jpeg 157.90.211.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blotos.ru/wp-content/cache/thumb/b9/54e57b20375e6b9_360x260.jpg
Requested by: Host: blotos.ru
URL: https://blotos.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.211.187 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.211.90.157.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 50c1204ceb884abf875a37f4c4a663c007019759eb04657e47fd08dfacabfaf2

Request headers

:path: /wp-content/cache/thumb/b9/54e57b20375e6b9_360x260.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: blotos.ru
referer: https://blotos.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:48 GMT
last-modified: Wed, 28 Apr 2021 18:14:50 GMT
server: nginx/1.18.0
etag: "6089a61a-345c"
content-type: image/jpeg
x-rocket-nginx-bypass: No
accept-ranges: bytes
content-length: 13404

GET
H2 200 b5c4b995c406133_60x60.jpg
blotos.ru/wp-content/cache/thumb/33/ 1 KB
2 KB 46ms
45ms Image
image/jpeg 157.90.211.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blotos.ru/wp-content/cache/thumb/33/b5c4b995c406133_60x60.jpg
Requested by: Host: blotos.ru
URL: https://blotos.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.211.187 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.211.90.157.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 04055fc4c51004b6d7499e96407c68bf087a6ce5083b9d2ff9b1c982c95d4116

Request headers

:path: /wp-content/cache/thumb/33/b5c4b995c406133_60x60.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: blotos.ru
referer: https://blotos.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:48 GMT
last-modified: Wed, 28 Apr 2021 18:14:52 GMT
server: nginx/1.18.0
etag: "6089a61c-5fd"
content-type: image/jpeg
x-rocket-nginx-bypass: No
accept-ranges: bytes
content-length: 1533

GET
H2 200 414d15d7be7d97d_60x60.jpg
blotos.ru/wp-content/cache/thumb/7d/ 1 KB
1 KB 46ms
45ms Image
image/jpeg 157.90.211.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blotos.ru/wp-content/cache/thumb/7d/414d15d7be7d97d_60x60.jpg
Requested by: Host: blotos.ru
URL: https://blotos.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.211.187 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.211.90.157.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 622f2e36d6488911fdb9e0dbda4c832da14ae73375165a6829c6ccf07445c07e

Request headers

:path: /wp-content/cache/thumb/7d/414d15d7be7d97d_60x60.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: blotos.ru
referer: https://blotos.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:48 GMT
last-modified: Wed, 28 Apr 2021 18:14:51 GMT
server: nginx/1.18.0
etag: "6089a61b-452"
content-type: image/jpeg
x-rocket-nginx-bypass: No
accept-ranges: bytes
content-length: 1106

GET
H2 200 pechen-vzroslogo-cheloveka-300x237.png
blotos.ru/wp-content/uploads/2018/11/ 92 KB
92 KB 47ms
46ms Image
image/png 157.90.211.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blotos.ru/wp-content/uploads/2018/11/pechen-vzroslogo-cheloveka-300x237.png
Requested by: Host: blotos.ru
URL: https://blotos.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.211.187 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.211.90.157.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 213eeb104c4192c123ab28a61459490566cafe5fd451a58c0ee720195e445ec9

Request headers

:path: /wp-content/uploads/2018/11/pechen-vzroslogo-cheloveka-300x237.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: blotos.ru
referer: https://blotos.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:48 GMT
last-modified: Wed, 28 Apr 2021 18:18:19 GMT
server: nginx/1.18.0
etag: "6089a6eb-16f5c"
content-type: image/png
cache-control: max-age=31536000
x-rocket-nginx-bypass: No
accept-ranges: bytes
content-length: 94044
expires: Sun, 24 Jul 2022 17:32:48 GMT

GET
H2 200 bioculist.jpg
blotos.ru/wp-content/uploads/offers/ 12 KB
12 KB 60ms
60ms Image
image/jpeg 157.90.211.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blotos.ru/wp-content/uploads/offers/bioculist.jpg
Requested by: Host: blotos.ru
URL: https://blotos.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.211.187 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.211.90.157.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 7dfc1acf162b778215cc87c0ec8048821383bcedfc9891a527e8b6ea8d23f2e7

Request headers

:path: /wp-content/uploads/offers/bioculist.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: blotos.ru
referer: https://blotos.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:48 GMT
last-modified: Wed, 28 Apr 2021 18:19:18 GMT
server: nginx/1.18.0
etag: "6089a726-2edc"
content-type: image/jpeg
cache-control: max-age=31536000
x-rocket-nginx-bypass: No
accept-ranges: bytes
content-length: 11996
expires: Sun, 24 Jul 2022 17:32:48 GMT

GET
H2 200 arterial.jpg
blotos.ru/wp-content/uploads/offers/ 8 KB
8 KB 61ms
61ms Image
image/jpeg 157.90.211.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blotos.ru/wp-content/uploads/offers/arterial.jpg
Requested by: Host: blotos.ru
URL: https://blotos.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.211.187 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.211.90.157.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 3fc2c42e06f531d6340397ba6fe2407ccce3bdc8ba0f9a7c2a744408391f87aa

Request headers

:path: /wp-content/uploads/offers/arterial.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: blotos.ru
referer: https://blotos.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:48 GMT
last-modified: Wed, 28 Apr 2021 18:19:18 GMT
server: nginx/1.18.0
etag: "6089a726-2030"
content-type: image/jpeg
cache-control: max-age=31536000
x-rocket-nginx-bypass: No
accept-ranges: bytes
content-length: 8240
expires: Sun, 24 Jul 2022 17:32:48 GMT

GET
H2 200 gold-osteopak.jpg
blotos.ru/wp-content/uploads/offers/ 13 KB
14 KB 62ms
62ms Image
image/jpeg 157.90.211.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blotos.ru/wp-content/uploads/offers/gold-osteopak.jpg
Requested by: Host: blotos.ru
URL: https://blotos.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.211.187 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.211.90.157.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: c4935f7318ecaf9c95c1040b04fac686d13e94bb2ea52baf69d2a5707b60372e

Request headers

:path: /wp-content/uploads/offers/gold-osteopak.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: blotos.ru
referer: https://blotos.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:48 GMT
last-modified: Wed, 28 Apr 2021 18:19:18 GMT
server: nginx/1.18.0
etag: "6089a726-3587"
content-type: image/jpeg
cache-control: max-age=31536000
x-rocket-nginx-bypass: No
accept-ranges: bytes
content-length: 13703
expires: Sun, 24 Jul 2022 17:32:48 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9344.OqsFgMBI8p23JOjl1I53kTgpdmLi_G9Ht0_3II5-vbdXYIrOBB_AZ7cN74iIC4pm.q0ncKu7jhSSdt0Bj7mp9iMLbxT0%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9344.MlP-gMoPl6XCNFukn5h4_fFuyllGDg0vin-wqsqDsHMTk8H9R_yfYYX_0kmPeXS0pM-2Ilo8ikAJlHtEVgy4NQ%2C%2C.9rQZI0ZgezEljINAjh7cln2WZRo%2C

75 B
75 B

49ms
48ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9344.MlP-gMoPl6XCNFukn5h4_fFuyllGDg0vin-wqsqDsHMTk8H9R_yfYYX_0kmPeXS0pM-2Ilo8ikAJlHtEVgy4NQ%2C%2C.9rQZI0ZgezEljINAjh7cln2WZRo%2C

Requested by

Host: blotos.ru
URL: https://blotos.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:48 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9344.MlP-gMoPl6XCNFukn5h4_fFuyllGDg0vin-wqsqDsHMTk8H9R_yfYYX_0kmPeXS0pM-2Ilo8ikAJlHtEVgy4NQ%2C%2C.9rQZI0ZgezEljINAjh7cln2WZRo%2C
date: Sat, 24 Jul 2021 17:32:48 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 199 B
655 B 122ms
44ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=blotos.ru&callback=_gfp_s_&client=ca-pub-2287399150441348

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2287399150441348&plah=blotos.ru&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

c06494572ed18af3178f22951b019d07d016bb5db35d64b74572812b7d24185b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 189
x-xss-protection: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
39ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fblotos.ru%2F&tn=DIV&cls=f_ontop&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: blotos.ru
URL: https://blotos.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jul 2021 17:32:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 35ms
14ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=blotos.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Jul 2021 17:32:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 35ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=blotos.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Jul 2021 17:32:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0611 0
19 B 90ms
89ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2287399150441348&output=html&adk=1812271804&adf=3025194257&lmt=1626880217&plat=1%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fblotos.ru%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627147968021&bpp=3&bdt=311&idt=277&shv=r20210720&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4156121997921&frm=20&pv=2&ga_vid=912804835.1627147968&ga_sid=1627147968&ga_hid=1494596019&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31061847&oid=3&pvsid=1193091768844068&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=294

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2287399150441348&output=html&adk=1812271804&adf=3025194257&lmt=1626880217&plat=1%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fblotos.ru%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627147968021&bpp=3&bdt=311&idt=277&shv=r20210720&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4156121997921&frm=20&pv=2&ga_vid=912804835.1627147968&ga_sid=1627147968&ga_hid=1494596019&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31061847&oid=3&pvsid=1193091768844068&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=294
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://blotos.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://blotos.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 24 Jul 2021 17:32:48 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 24-Jul-2021 17:47:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 24 Jul 2021 17:32:48 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 36ms
15ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5073fab4fddb9f037315ac9c663dce6681b03976250cab681638dfe17475466f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:48 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627039897272555"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27998
x-xss-protection: 0
expires: Sat, 24 Jul 2021 17:32:48 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
136 B 49ms
49ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: blotos.ru
URL: https://blotos.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:48 GMT
last-modified: Fri, 23 Jul 2021 14:42:53 GMT
etag: "60f95590-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 24 Jul 2021 18:32:48 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 68 KB
24 KB 190ms
66ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/1a7b6eb4-e68e-4896-9daa-ac04c6c8dd22/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

c9669dc08c346457c8a4d388965bd811020bff7939449368f677267822f23182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "938 / 558 of 1000 / last-modified: 1627140646"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24038
x-xss-protection: 0
expires: Sat, 24 Jul 2021 17:32:48 GMT

GET
H2 200 prebid4.28.1.js Show response
get.optad360.io/sf/ 463 KB
145 KB 7ms
7ms Script
application/javascript 2600:9000:2156:ae00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid4.28.1.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/1a7b6eb4-e68e-4896-9daa-ac04c6c8dd22/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ae00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b1efea1ea1d5dacd4e53c4d220663ec89ebc5c91f6b99c4d7e8f3a670e901ff4

Request headers

Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 17:02:20 GMT
content-encoding: gzip
last-modified: Tue, 02 Mar 2021 09:09:00 GMT
server: AmazonS3
age: 5963429
etag: W/"584a9977889abad1ce606050f709f6b5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
cache-control: public, max-age=360000000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Wo5wPYlQR96-P0gQvIX8DCqnihUQPhCCGjy7rEBA-B0KQRpnB6C4fw==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 18ms
5ms XHR
application/json 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210724

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.28.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

53f0a09105985bc90ccabdd296ce7597542f5b0a9773fd22c37702a9006903ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 8659
x-jsd-version: 1.0.1048
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 949
etag: W/"69d-ivs490kLrVIz1Cw10G6wNnJuVjY"
x-served-by: cache-fra19175-FRA
x-jsd-version-type: version
date: Sat, 24 Jul 2021 17:32:48 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2

200

1 Show response
mc.yandex.com/watch/51281773/
Redirect Chain

https://mc.yandex.com/watch/51281773?wmode=7&page-url=https%3A%2F%2Fblotos.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A400%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US...
https://mc.yandex.com/watch/51281773/1?wmode=7&page-url=https%3A%2F%2Fblotos.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A400%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-...

335 B
417 B

52ms
52ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/51281773/1?wmode=7&page-url=https%3A%2F%2Fblotos.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A400%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A1593900663310%3Ahid%3A203428091%3Az%3A120%3Ai%3A20210724193248%3Aet%3A1627147968%3Ac%3A1%3Arn%3A1049942552%3Au%3A1627147968657819435%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627147967513%3Ads%3A0%2C78%2C39%2C22%2C78%2C0%2C%2C233%2C25%2C%2C%2C%2C431%3Adsn%3A0%2C79%2C38%2C22%2C78%2C0%2C%2C214%2C25%2C%2C%2C%2C432%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627147968%3At%3A%D0%91%D0%B5%D0%BB%D1%8B%D0%B9%20%D0%BB%D0%BE%D1%82%D0%BE%D1%81%20-%20%D0%90%D0%BF%D1%82%D0%B5%D0%BA%D0%B0%20%D0%BF%D0%BE%20%D0%B0%D0%B4%D1%80%D0%B5%D1%81%D1%83%20-%20%D0%9C%D0%BE%D1%81%D0%BA%D0%B2%D0%B0%2C%20%D0%A8%D0%B0%D0%B1%D0%BE%D0%BB%D0%BE%D0%B2%D0%BA%D0%B0%2C%202

Requested by

Host: blotos.ru
URL: https://blotos.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

fa3c0335611da7c2c0726ef75a6f7511f9e90798dd08f2dfd30c0a88c1001442

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jul 2021 17:32:48 GMT
x-content-type-options: nosniff
last-modified: Sat, 24-Jul-2021 17:32:48 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://blotos.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 335
x-xss-protection: 1; mode=block
expires: Sat, 24-Jul-2021 17:32:48 GMT

Redirect headers

pragma: no-cache
date: Sat, 24 Jul 2021 17:32:48 GMT
last-modified: Sat, 24-Jul-2021 17:32:48 GMT
location: /watch/51281773/1?wmode=7&page-url=https%3A%2F%2Fblotos.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A400%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A1593900663310%3Ahid%3A203428091%3Az%3A120%3Ai%3A20210724193248%3Aet%3A1627147968%3Ac%3A1%3Arn%3A1049942552%3Au%3A1627147968657819435%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627147967513%3Ads%3A0%2C78%2C39%2C22%2C78%2C0%2C%2C233%2C25%2C%2C%2C%2C431%3Adsn%3A0%2C79%2C38%2C22%2C78%2C0%2C%2C214%2C25%2C%2C%2C%2C432%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627147968%3At%3A%D0%91%D0%B5%D0%BB%D1%8B%D0%B9%20%D0%BB%D0%BE%D1%82%D0%BE%D1%81%20-%20%D0%90%D0%BF%D1%82%D0%B5%D0%BA%D0%B0%20%D0%BF%D0%BE%20%D0%B0%D0%B4%D1%80%D0%B5%D1%81%D1%83%20-%20%D0%9C%D0%BE%D1%81%D0%BA%D0%B2%D0%B0%2C%20%D0%A8%D0%B0%D0%B1%D0%BE%D0%BB%D0%BE%D0%B2%D0%BA%D0%B0%2C%202
strict-transport-security: max-age=31536000
access-control-allow-origin: https://blotos.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 24-Jul-2021 17:32:48 GMT

GET
H3-29 200 pubads_impl_2021071401.js Show response
securepubads.g.doubleclick.net/gpt/ 329 KB
115 KB 111ms
57ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

65506c87a4e71875a107df7ca37f45ccfd40688cf8e01f65c7e71792dbd6818c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Jul 2021 08:38:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117283
x-xss-protection: 0
expires: Sat, 24 Jul 2021 17:32:48 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 62 B
93 B 129ms
64ms XHR
application/json 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=blotos.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

cec7894577bb9b498085df1d9974123f0baec860eef2ed0fd58fc8ee2d7ab21b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Jul 2021 17:32:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
expires: Sat, 24 Jul 2021 17:32:48 GMT

GET
H2 200 integrator.js Show response
adservice.google.dk/adsid/ 107 B
853 B 37ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.dk/adsid/integrator.js?domain=blotos.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Jul 2021 17:32:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=blotos.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Jul 2021 17:32:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 90 KB
29 KB 377ms
377ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1193091768844068&correlator=2409432525922561&output=ldjh&impl=fif&eid=31061843%2C44741899%2C20211866&vrg=2021071401&ptt=17&sc=1&sfv=1-0-38&ecs=20210724&iu_parts=121764058%2Cblotos.ru%2Cblotos.ru_ATF&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90%7C970x250%7C970x300%7C750x300%7C750x200%7C750x100%7C728x90&cookie=ID%3D546b2a41490d76ce-224d07d776c90030%3AT%3D1627147968%3ART%3D1627147968%3AS%3DALNI_MYNAZaxt8WwbcqeAYYXheQpZ4tpvg&bc=31&abxe=1&lmt=1626880217&dt=1627147968800&dlt=1627147967711&idt=1070&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=628&adks=1558438133&ucis=1&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fblotos.ru%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=970x0&ga_vid=912804835.1627147968&ga_sid=1627147968&ga_hid=1494596019&ga_fc=false&fws=128&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

93a1d48d1918896b5f22b51197adeaac1e5091bc01b4c8cc32c2868d430d6e2a

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2698035891139837770/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2698035891139837770/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMHrucWe_PECFVkJiwodZ_EN7g&gqi=&layout=/sadbundle/%24csp%253Der3%24/2698035891139837770/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2698035891139837770/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2698035891139837770/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMHrucWe_PECFVkJiwodZ_EN7g&gqi=&layout=/sadbundle/%24csp%253Der3%24/2698035891139837770/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29713
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Sat, 24 Jul 2021 17:32:49 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blotos.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C4B9 6 KB
3 KB 47ms
13ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://blotos.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://blotos.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 24 Jul 2021 17:32:48 GMT
expires: Sun, 24 Jul 2022 17:32:48 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 30ms
17ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210720&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f01da164b7aca1c98236304876830445b526e3dc9c0a91cbf7126018e975db9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Jul 2021 17:32:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8403
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sat, 24 Jul 2021 17:32:48 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 4186 12 KB
5 KB 20ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://blotos.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://blotos.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Sat, 24 Jul 2021 15:52:24 GMT
expires: Sun, 24 Jul 2022 15:52:24 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6024
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2010 783 B
1 KB 34ms
15ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2322bf09b69268b922c92daf387db0bc2baff16f1a66d93b4f0e68d9b751ea9a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-/eKhFly/3Ney/6VKkPok5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://blotos.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://blotos.ru/

Response headers

expires: Sat, 24 Jul 2021 17:32:48 GMT
date: Sat, 24 Jul 2021 17:32:48 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-/eKhFly/3Ney/6VKkPok5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 rC_9MNdzujh4BoSBgapm_dys7sQE8JDGlsbaQBHCCWU.js Show response
pagead2.googlesyndication.com/bg/ Frame 4186 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rC_9MNdzujh4BoSBgapm_dys7sQE8JDGlsbaQBHCCWU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac2ffd30d773ba387806848181aa66fddcaceec404f090c696c6da4011c20965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 20:14:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76691
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13334
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 07:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Jul 2022 20:14:37 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210720&jk=1193091768844068&bg=!jo2ljcnNAAbnC78O5ws7ACkAdvg8WgOfZ91M8YSbMOuGV3hLXJKLiGmrKODCTKn7ieK6jvv78GKNEAIAAABcUgAAAAtoAQeZAoCoQQq0zRO_S3vO26ZTRg_IThxUsIRCpVqp1FUcjxAW1KaQApNtlTmZkYUtFpIg97H5XkZY2AoOeuZv5vT8V_Y9fG_g8Ryae-hdDsFjm_yga69Xd4FOIuyI9Z4CQkU03ix8i0rDIbHExGUfB22PiMcNvmfr7kuzhsm5dCKtZc98GRXR6dam0oe9TYl9EXzx6jhOYo-mJvVvhRFP7K9sRQHc1IJo1Ek5iNCPvLWyEzTaGs3u-5wM__ynJ3OgMAnEXu52flLM-tgONA-3NAh9etXISt9iNLUpvW-zQe3_F2aWXbGI6YafCpEyn66yvwZhd6B2M3VibHHHo6ATRSIDweYwPz-9BgWPpnk3wnGc6Ucqsn5XAytC7zsFOeLJlRuH-VcopcKHgdz2ZcPC391LkQBJ_IUJB0YtszXrJ7bedYO5ZS5p7-KryQxyl27QRrpUU6Y8PeLACItom_24cwOjENIJtuyCB9xx2UqvbJOoPDn92GDtoWyWGo2-tVvKSFaNJ4mkBiWuwVofYwTjtxFw0rV6bb_HrahIKde2Yzw4IKfvIcF-WSV6Z5YlQ-n1mPzFoLd9CFwRV--zGiAJ_UHTh_DoeTScVhsPEtDNmnyGKFa4jcWjcwi6T8V9Nv9VYH0XilGj-oAYvemQWpTOJpWTWuRlpRB4M7DEjHfWETWJE9u8dercU4NNXPbl-BQNm-0Y91GcSuxErrkJ5YokXJ4wJJGQTRUH0_ZeCI3lHx8YvoGbAEIoqUlPjZb2lyUgJDMIucfe2h5YJjm0PY-fTpd4uGNi6FA7OVc37y6eyrtCsOD1uHRojb2p2RMKUHBpzoQh9ygTRZ6FZKhhIjJflMoY_jTt

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jul 2021 17:32:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 container.html Show response
a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E27D 6 KB
3 KB 19ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://blotos.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://blotos.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 24 Jul 2021 17:32:48 GMT
expires: Sun, 24 Jul 2022 17:32:48 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2698035891139837770/ Frame B94B 96 KB
20 KB 7ms
7ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2698035891139837770/index.html

Requested by

Host: blotos.ru
URL: https://blotos.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c006b3a587bf71b9581f8f38dc922bc0630e2ae61885d334833cd77d9c58155e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/2698035891139837770/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Tue, 20 Jul 2021 05:10:32 GMT
expires: Wed, 20 Jul 2022 05:10:32 GMT
last-modified: Tue, 06 Jul 2021 08:50:14 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 20791
age: 390137
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E27D 0
0 83ms
82ms Fetch
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CBOYLwE78YMGLNdmSrATn4rfwDsLhydFj0-iouJcOyIuFngsQASCqgMMiYNGBuYLQB6ABheyz7wPIAQmpAnZ8Qq3nPoU-4AIAqAMByAMIqgTJAU_QYu1qDHEQKoE5ZtUUX1u1muZdczfJGwHdZtADLR4KYFfojNpKhJ_iA3100_-Tc96ORSgJuiqqGe1_vXbHvKSloCBnNPyNQ3mn3zV-Tkf9nHuXOVu-8u__MDsmAKfTGnWb03_26Ed38zUQLFppguXus8jgllZRenftM4sEQO_Ah_3MoxbvsV0o4Glcr8Qh5HJjUVSL6LlTUVov1-UXak3DoJS0_8zB90kwB8GNEt2MZNtVNimdvCu-0PWryOPLXW2MrvgDkcVscMAEq8rYu9AD4AQBkgUECAQYAZIFBAgFGASgBi6AB-OTzBCoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwUQ8PWZA9IICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNTg3MDYxMjQxODIzNDgzOIAKA8gLAdgTDdAVAYAXAbIXGgoYCAASFHB1Yi01NTEyMzkwNzA1MTM3NTA3&sigh=VGsw8Iu5f7I&template_id=419
Requested by: Host: blotos.ru
URL: https://blotos.ru/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/ Frame E27D 18 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/abg_lite_fy2019.js

Requested by

Host: a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com
URL: https://a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:30:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 16178317465966918049
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 07 Aug 2021 17:30:50 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame E27D 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js

Requested by

Host: a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com
URL: https://a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:28:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 07 Aug 2021 17:28:58 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E27D 124 KB
37 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com
URL: https://a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:49 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627039891503395"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Sat, 24 Jul 2021 17:32:49 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame E27D 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com
URL: https://a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:31:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6195
x-xss-protection: 0
server: cafe
etag: 10716856519410487149
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 07 Aug 2021 17:31:49 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 470D 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com
URL: https://a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlXp95k-M85nJguekv1r_jHFSy0Eb7kBB_7vP-M1qM6qIoVOn_VtMKKXIXeoYU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 24 Jul 2021 17:16:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 985
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B94B 16 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2698035891139837770/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 18:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83942
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 24 Jul 2021 18:13:47 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B94B 26 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2698035891139837770/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 12:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17716
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 25 Jul 2021 12:37:33 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 470D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
38ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com
URL: https://a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlXp95k-M85nJguekv1r_jHFSy0Eb7kBB_7vP-M1qM6qIoVOn_VtMKKXIXeoYU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 24 Jul 2021 17:32:49 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 24-Jul-2021 18:32:49 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 24 Jul 2021 17:32:49 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 24 Jul 2021 17:32:49 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 btn_2020_laes_mere.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2698035891139837770/ Frame B94B 6 KB
2 KB 8ms
7ms Image
image/svg+xml 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2698035891139837770/btn_2020_laes_mere.svg

Requested by

Host: a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com
URL: https://a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115d8d7a164e6b0d93f35dcd52fbed5204fcece29a5152f96db30df8e7f889fe

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 390137
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1960
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 08:50:14 GMT
server: sffe
date: Tue, 20 Jul 2021 05:10:32 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 05:10:32 GMT

GET
H3-29 200 btn_2020_laes_mere_hover.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2698035891139837770/ Frame B94B 5 KB
2 KB 10ms
9ms Image
image/svg+xml 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2698035891139837770/btn_2020_laes_mere_hover.svg

Requested by

Host: a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com
URL: https://a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a65d3fcd06d241492c78fdfd2d2b14cfccfa51216594f2c763fe8b2c47edd9a3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 390137
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1948
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 08:50:14 GMT
server: sffe
date: Tue, 20 Jul 2021 05:10:32 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 05:10:32 GMT

GET
H3-29 200 Humac_Logo_APR.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2698035891139837770/ Frame B94B 7 KB
3 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2698035891139837770/Humac_Logo_APR.svg

Requested by

Host: a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com
URL: https://a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea90a093cbff0a5b7999d514388139a6bfb5089da6b700c5a3969af730297706

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 390137
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2787
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 08:50:14 GMT
server: sffe
date: Tue, 20 Jul 2021 05:10:32 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 05:10:32 GMT

GET
H3-29 200 Apple_Watch_Series_6_GPS_44mm_Hero_2-Up_Horizontal_Screen__USEN_copy_2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2698035891139837770/ Frame B94B 108 KB
108 KB 11ms
10ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2698035891139837770/Apple_Watch_Series_6_GPS_44mm_Hero_2-Up_Horizontal_Screen__USEN_copy_2.png

Requested by

Host: a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com
URL: https://a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ac6e10b0ba49d2d5ee51706d584e0e02984681f80aba4c039854b7cc88697d1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 394664
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111009
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 08:50:14 GMT
server: sffe
date: Tue, 20 Jul 2021 03:55:05 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 03:55:05 GMT

GET
H3-29 200 pris.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2698035891139837770/ Frame B94B 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2698035891139837770/pris.png

Requested by

Host: a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com
URL: https://a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e8e0c1da18c58232ff2d5a5ef115f0ff4b988dfdda24e5ab4c442d02f41480f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 394664
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2033
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 08:50:14 GMT
server: sffe
date: Tue, 20 Jul 2021 03:55:05 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 03:55:05 GMT

GET
H3-29 200 tekst1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2698035891139837770/ Frame B94B 2 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2698035891139837770/tekst1.png

Requested by

Host: a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com
URL: https://a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd47210899757ba95e274890326aee62b11fc244aa32eb9973bf64dac08aeb6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 394664
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2554
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 08:50:14 GMT
server: sffe
date: Tue, 20 Jul 2021 03:55:05 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 03:55:05 GMT

GET
H3-29 200 watch.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2698035891139837770/ Frame B94B 1 KB
846 B 10ms
9ms Image
image/svg+xml 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2698035891139837770/watch.svg

Requested by

Host: a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com
URL: https://a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e888db8378272f20d5995ca650729128aabbfaf5a063e689eeaad507dde8f30f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 390137
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 818
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 08:50:14 GMT
server: sffe
date: Tue, 20 Jul 2021 05:10:32 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 05:10:32 GMT

GET
DATA 200
OK truncated
/ Frame E27D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e54ec543862fd8218f8820d34c5a7889dbbaeb8c9d7d23cd98baea9689a3793

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B94B 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 tekst1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2698035891139837770/ Frame B94B 2 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2698035891139837770/tekst1.png

Requested by

Host: a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com
URL: https://a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd47210899757ba95e274890326aee62b11fc244aa32eb9973bf64dac08aeb6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 394664
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2554
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 08:50:14 GMT
server: sffe
date: Tue, 20 Jul 2021 03:55:05 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 03:55:05 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E27D 42 B
64 B 50ms
50ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssTAuosxkBXnsNdToUwKGcvwqn2No6MT21SoVYMcBcbtYme-V91T7t5reJxUMlviE7sA9cLGePe0uPdEvQXkzEgXrtObBLtvc74TcDFm1PYreiZzVipUbxpV4oYkpZHDxQE6KQ1NZBRRG0MTOIK38IU&sai=AMfl-YTACLhA1YDYfsY77_lFDvaviCn9SHXRaJ6gY2I6QJS2FBXmCO0A0QCXjbjO48UAI2OU1IYbSyfktP_-f-xV_5Ti6mrWuF-TuLd0kYPd65ANr0gBGXq5-mGQXU8&sig=Cg0ArKJSzPAI7mi50HglEAE&cid=CAASF-Rogrrmg3NiAeq487GPG8Dg3ekM5Nv6&id=lidar2&mcvt=1001&p=613,436,703,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210723&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=1558438133&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627147969208&dlt=20&rpt=1&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jul 2021 17:32:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 51281773 Show response
mc.yandex.com/webvisor/ 43 B
73 B 288ms
50ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/51281773?wmode=0&wv-part=1&wv-hit=203428091&page-url=https%3A%2F%2Fblotos.ru%2F&rn=270810543&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1627147971%3Aw%3A1600x1200%3Av%3A591%3Az%3A120%3Ai%3A20210724193250%3Au%3A1627147968657819435%3Avf%3A4uzkmd4e35cd16k0n%3Awe%3A1%3Ati%3A2%3Ast%3A1627147971

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 24 Jul 2021 17:32:51 GMT
last-modified: Sat, 24-Jul-2021 17:32:51 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://blotos.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 24-Jul-2021 17:32:51 GMT

POST
H2 200 51281773 Show response
mc.yandex.com/webvisor/ 43 B
145 B 191ms
52ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/51281773?wmode=0&wv-part=1&wv-hit=203428091&page-url=https%3A%2F%2Fblotos.ru%2F&rn=316270064&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1627147971%3Aw%3A1600x1200%3Av%3A591%3Az%3A120%3Ai%3A20210724193250%3Au%3A1627147968657819435%3Avf%3A4uzkmd4e35cd16k0n%3Awe%3A1%3Ati%3A2%3Ast%3A1627147971

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 24 Jul 2021 17:32:51 GMT
last-modified: Sat, 24-Jul-2021 17:32:51 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://blotos.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 24-Jul-2021 17:32:51 GMT

GET
H2 200 acddb2cb430ef82_60x60.jpg
blotos.ru/wp-content/cache/thumb/82/ 3 KB
3 KB 43ms
43ms Image
image/jpeg 157.90.211.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blotos.ru/wp-content/cache/thumb/82/acddb2cb430ef82_60x60.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.211.187 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.211.90.157.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 6e32ea8984a917dbef71a331ce068eee5e333baaf145697e710f7af4667f587a

Request headers

:path: /wp-content/cache/thumb/82/acddb2cb430ef82_60x60.jpg
pragma: no-cache
cookie: _ym_uid=1627147968657819435; _ym_d=1627147968; _ym_isad=2; _ym_visorc=w; __gads=ID=546b2a41490d76ce:T=1627147968:S=ALNI_MbED9kGE9jpQwcBhsvJ_kY47fSdyQ
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: blotos.ru
referer: https://blotos.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:32:56 GMT
last-modified: Wed, 28 Apr 2021 18:14:43 GMT
server: nginx/1.18.0
etag: "6089a613-b93"
content-type: image/jpeg
x-rocket-nginx-bypass: No
accept-ranges: bytes
content-length: 2963

POST
H2 200 51281773 Show response
mc.yandex.com/webvisor/ 43 B
176 B 52ms
51ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/51281773?wmode=0&wv-part=2&wv-hit=203428091&page-url=https%3A%2F%2Fblotos.ru%2F&rn=397967787&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1627147977%3Aw%3A1600x1200%3Av%3A591%3Az%3A120%3Ai%3A20210724193256%3Au%3A1627147968657819435%3Avf%3A4uzkmd4e35cd16k0n%3Awe%3A1%3Ati%3A2%3Ast%3A1627147977

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blotos.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 24 Jul 2021 17:32:56 GMT
last-modified: Sat, 24-Jul-2021 17:32:56 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://blotos.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 24-Jul-2021 17:32:56 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B94B 0
20 B 39ms
38ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=html5-mon&a0=layout&f0=layout&s0=0&d0=43.0000&a1=https&f1=layout_html&s1=0&d1=11.0000&i=531946823455&t=419&c=p&lp=%2Fsadbundle%2F%24csp%253Der3%24%2F2698035891139837770%2Findex.html&qqi=CMHrucWe_PECFVkJiwodZ_EN7g

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jul 2021 17:32:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 19:59:08	Name: test_cookie Value: CheckForPermission
.blotos.ru/	1970-01-19 19:59:09	Name: _ym_visorc Value: w
.blotos.ru/	1970-01-19 20:00:19	Name: _ym_isad Value: 2
.blotos.ru/	1970-01-20 04:44:43	Name: _ym_d Value: 1627147968
.blotos.ru/	1970-01-20 05:20:43	Name: __gads Value: ID=546b2a41490d76ce-224d07d776c90030:T=1627147968:RT=1627147968:S=ALNI_MYNAZaxt8WwbcqeAYYXheQpZ4tpvg
.blotos.ru/	1970-01-20 04:44:43	Name: _ym_uid Value: 1627147968657819435

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js(Line 6) Message: [GPT] Ignoring the PubAdsService.enableSingleRequest() call since the service is already enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a4accce7174fd2d65e3ca9344f6470b4.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
adservice.google.dk
ajax.googleapis.com
allstat-pp.ru
blotos.ru
cdn.jsdelivr.net
cmp.optad360.io
fonts.googleapis.com
fonts.gstatic.com
get.optad360.io
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
142.250.184.226
157.90.211.187
216.58.212.162
2600:9000:2156:ae00:11:a4de:2580:93a1
2600:9000:2156:f000:6:b871:4f00:93a1
2a00:1450:4001:800::2003
2a00:1450:4001:801::2001
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2004
2a00:1450:4001:830::2002
2a00:1450:4001:831::200a
2a02:6b8::1:119
2a04:4e42:3::485
92.38.252.165
04055fc4c51004b6d7499e96407c68bf087a6ce5083b9d2ff9b1c982c95d4116
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
0bd47210899757ba95e274890326aee62b11fc244aa32eb9973bf64dac08aeb6
0d4ceaba59083cc562667b22470e132a5c0292da7a3376a9ebacae977ec23caa
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
115d8d7a164e6b0d93f35dcd52fbed5204fcece29a5152f96db30df8e7f889fe
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18abab61d44f715d0626897a83020e48b9cfcdcb95cc114f0f2fc159390dd48e
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
213eeb104c4192c123ab28a61459490566cafe5fd451a58c0ee720195e445ec9
2322bf09b69268b922c92daf387db0bc2baff16f1a66d93b4f0e68d9b751ea9a
236d145ad0b45bce1cd003db9fce24fbad60c56328eee4c9685130a1fd6a5960
2b85175c21358b9c4e67033cef7ea98ed3f508ded187fd5a627bf9c77c0f74fb
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
2ddc5f1fc8a5d999b69da547b93f8d5feb974fca65cf84ca15e1ab71d0f1a7e0
3215e43d8143783ca156bb806761950d28ca7eb8f1dae2c6bd9e4e96ddad0151
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
371d734897e2376d2582c4b53235e61fd59d40bc462b8bfebb3990edcfba7905
378f79bc8e52dc7c86332d048c8b8f57ad672c3c917ca54b08630bb487b99d3f
39c93d90ab2a8a7ac78307f8ac85fcf970b78f902663003a52fa48a457bb5b11
3a48ba6d11055a2a6f840befa14e603650d8ca3d752e16daccd828d3869fb791
3c8ba982e1a7629cb5be1c6e7ac909bb494b895a63affce2f6306e5cd244505a
3e8e0c1da18c58232ff2d5a5ef115f0ff4b988dfdda24e5ab4c442d02f41480f
3fc2c42e06f531d6340397ba6fe2407ccce3bdc8ba0f9a7c2a744408391f87aa
4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb
49946a18a170d273df588b140e8f1c032fb768292c4d638fd112ba02be097dbf
4ac6e10b0ba49d2d5ee51706d584e0e02984681f80aba4c039854b7cc88697d1
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5073fab4fddb9f037315ac9c663dce6681b03976250cab681638dfe17475466f
50c1204ceb884abf875a37f4c4a663c007019759eb04657e47fd08dfacabfaf2
53f0a09105985bc90ccabdd296ce7597542f5b0a9773fd22c37702a9006903ca
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
57928b5596674ede7a32e01146922b488fb1d53e42da0c892df87af0a371b9f2
5bd085ae9683aaf57ae67bb6bd1f645359b5a1150b548e79ee0c7be68a2e3a23
5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f63940504b4adba3da696b5a107711f4c757e6ae491dbacecce727c335102b6
622f2e36d6488911fdb9e0dbda4c832da14ae73375165a6829c6ccf07445c07e
65506c87a4e71875a107df7ca37f45ccfd40688cf8e01f65c7e71792dbd6818c
6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9
6e32ea8984a917dbef71a331ce068eee5e333baaf145697e710f7af4667f587a
6e54ec543862fd8218f8820d34c5a7889dbbaeb8c9d7d23cd98baea9689a3793
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca
7c38ac1fc83c2862ab39482ce11dd2cfaefa1a59d46159643521df92d535fbfb
7dfc1acf162b778215cc87c0ec8048821383bcedfc9891a527e8b6ea8d23f2e7
8386d20cf12f22e11cbd81f021bb0d8b5087bc4e02a4bcb4cf6a06b38ee170c8
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
91632cd2baf8082abe69718f5d4a15fef41e5e95e612bfe7a65ef7cd0619f1dd
92567833cdb642f43e56b6907245ce9f595f39c8ca6657a2c4a461d7cc9b3283
93a1d48d1918896b5f22b51197adeaac1e5091bc01b4c8cc32c2868d430d6e2a
9713f64285cc16fe7adcc4af83a3e67fa7aafb2bac4eacc72196197eef9886c7
97306b0946a3f4074a6dbbcdd4bc4a59197a9fa662439be3514bf97e81b006ad
97be7cb19de463e12a10d61b30007be5f8d1032e319e0d4bee843d3b5120c77d
9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d
9c9c2fba328f8c7ceed6a8476a1ea2ad12678d2ff6f3272a4b19db74cf6c2bda
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2f9a51352fb5c581d8b5fe3fa25147c85c66c26b2efe75ded5b4ea51342bc7c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a65d3fcd06d241492c78fdfd2d2b14cfccfa51216594f2c763fe8b2c47edd9a3
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
abcdfab06f6d269b853cf4595cd1487d641b2fe4a6cc1b6901819f6acd45208e
ac2ffd30d773ba387806848181aa66fddcaceec404f090c696c6da4011c20965
af48c90efd5651be6b42fb0271086b3a44e7a7130c91104d8c4bfc1a98352f1c
b1efea1ea1d5dacd4e53c4d220663ec89ebc5c91f6b99c4d7e8f3a670e901ff4
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bf0f9518ff5e24c65147f08bffe5ba4e5bf45b28144677143c132ecbd5c09fa4
c006b3a587bf71b9581f8f38dc922bc0630e2ae61885d334833cd77d9c58155e
c06494572ed18af3178f22951b019d07d016bb5db35d64b74572812b7d24185b
c4935f7318ecaf9c95c1040b04fac686d13e94bb2ea52baf69d2a5707b60372e
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
c83eae7a38656b387443bacfd93af203e31b66bf687c21af1ef00fab98507aef
c9669dc08c346457c8a4d388965bd811020bff7939449368f677267822f23182
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cec7894577bb9b498085df1d9974123f0baec860eef2ed0fd58fc8ee2d7ab21b
cec7e9626b08c1d9da2b23a255b7079165354952be758865ee1f8f3338eedf56
d57e151a64573b405219678593c9aa1d68de50c4d787ac8223e403ee9f665364
d5afece9bf79da7f814ff66960a2d66465ae6a44475b6b3ed16f3bf54b5d8635
e07692e592279c55595e7f12609ce2204e2d35871568c5fa45ee81fe9c8347dd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47acb96fa2d7079ec0b17f460053fbc9a891bae68e864e861fb2348fa8774e0
e788c7f07903cd5e96a062aa3ea175c987b0772cce696914daca381dee353dfa
e888db8378272f20d5995ca650729128aabbfaf5a063e689eeaad507dde8f30f
ea90a093cbff0a5b7999d514388139a6bfb5089da6b700c5a3969af730297706
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01da164b7aca1c98236304876830445b526e3dc9c0a91cbf7126018e975db9e
f101d9ae483dee5b393382743223b38763c2c0b2ddda7d54429f9375f489be2e
fa3c0335611da7c2c0726ef75a6f7511f9e90798dd08f2dfd30c0a88c1001442
fb83389ea7513242a9a237454ce7989eb6d84c4ec2fe15c81bad6f89c87fe89e
ff6eee8989eb9698ad2beaa9c77e979f5284a57313d3f3fbc5c8730e4746e288

blotos.ru Open in urlscan Pro 157.90.211.187 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

101 Requests

100 %HTTPS

78 %IPv6

15 Domains

21 Subdomains

19 IPs

3 Countries

1519 kBTransfer

3875 kBSize

6 Cookies

1 Outgoing links

Page URL History

Redirected requests

101 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

blotos.ru Open in urlscan Pro
157.90.211.187 Public Scan

Screenshot
Live screenshot

Full Image

101
Requests

100 %
HTTPS

78 %
IPv6

15
Domains

21
Subdomains

19
IPs

3
Countries

1519 kB
Transfer

3875 kB
Size

6
Cookies

101 HTTP transactions
8 data transactions