holm.ru Open in urlscan Pro
78.47.205.176 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://s23.h17.ru/crossdomain.xml
Effective URL:
https://holm.ru/
Submission Tags: falconsandbox
Submission: On March 23 via api (March 23rd 2021, 3:17:39 am UTC) from US

Summary HTTP 322 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 35 IPs in 7 countries across 42 domains to perform 322 HTTP transactions. The main IP is 78.47.205.176, located in Germany and belongs to HETZNER-AS, DE. The main domain is holm.ru.
TLS certificate: Issued by R3 on January 28th 2021. Valid for: 3 months.

This is the only time holm.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 33	78.47.205.176 78.47.205.176	24940 (HETZNER-AS) (HETZNER-AS)
18	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 20	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.210 88.212.201.210	39134 (UNITEDNET) (UNITEDNET)
14	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
31	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:303... 2606:4700:3033::ac43:de92	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3033::6815:2384	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
7	51.79.79.65 51.79.79.65	16276 (OVH) (OVH)
5	51.79.79.82 51.79.79.82	16276 (OVH) (OVH)
6	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
84	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
26	51.79.81.39 51.79.81.39	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
1 1	3.125.244.14 3.125.244.14	16509 (AMAZON-02) (AMAZON-02)
6	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	23.218.208.246 23.218.208.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:818d:1690:fda6:a2c4	16509 (AMAZON-02) (AMAZON-02)
1 1	79.137.69.91 79.137.69.91	16276 (OVH) (OVH)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 3	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1	23.218.208.187 23.218.208.187	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.218.208.200 23.218.208.200	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
322	35

33 78.47.205.176 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.176.205.47.78.clients.your-server.de

s23.h17.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
holm.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 6 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.210 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3033::ac43:de92 (United States)

ASN13335 (CLOUDFLARENET, US)

a.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:2384 (United States)

ASN13335 (CLOUDFLARENET, US)

targeting.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 51.79.79.65 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns568718.ip-51-79-79.net

analytics.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 51.79.79.82 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns568735.ip-51-79-79.net

track.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

84 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 51.79.81.39 (Canada)

ASN16276 (OVH, FR)
PTR: ns569753.ip-51-79-81.net

h.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.244.14 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-244-14.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.218.208.246 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:818d:1690:fda6:a2c4 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.137.69.91 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm11.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.53 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.208.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-187.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.208.200 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-200.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
102	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	996 KB
44	vdo.ai a.vdo.ai targeting.vdo.ai analytics.vdo.ai track.vdo.ai h.vdo.ai	3 MB
34	doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	188 KB
32	holm.ru holm.ru	624 KB
24	google.com 6 redirects www.google.com adservice.google.com	58 KB
21	gstatic.com fonts.gstatic.com www.gstatic.com	1 MB
9	googleapis.com fonts.googleapis.com imasdk.googleapis.com	307 KB
7	google-analytics.com www.google-analytics.com	19 KB
7	googletagservices.com www.googletagservices.com	242 KB
5	pubmatic.com 2 redirects image6.pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com	22 KB
4	adnxs.com 1 redirects ib.adnxs.com acdn.adnxs.com	19 KB
4	google.de adservice.google.de	2 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	openx.net 2 redirects rtb.openx.net	761 B
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	cloudflare.com cdnjs.cloudflare.com	82 KB
1	zeotap.com mwzeom.zeotap.com	595 B
1	gemius.pl 1 redirects googlecm.hit.gemius.pl	301 B
1	innovid.com ag.innovid.com	296 B
1	agkn.com 1 redirects d.agkn.com	663 B
1	2mdn.net s0.2mdn.net	17 KB
1	googletagmanager.com www.googletagmanager.com	39 KB
1	googleadservices.com partner.googleadservices.com	639 B
1	h17.ru 1 redirects s23.h17.ru	318 B
0	dotomi.com Failed pubmatic-match.dotomi.com Failed
0	sitescout.com Failed pixel-sync.sitescout.com Failed
0	bidtheatre.com Failed match.adsby.bidtheatre.com Failed
0	everesttech.net Failed sync-tm.everesttech.net Failed
0	turn.com Failed ad.turn.com Failed
0	quantserve.com Failed pixel.quantserve.com Failed
0	yahoo.com Failed pr-bh.ybp.yahoo.com Failed ups.analytics.yahoo.com Failed
0	bidswitch.net Failed x.bidswitch.net Failed
0	mathtag.com Failed sync.mathtag.com Failed
0	adform.net Failed c1.adform.net Failed
0	adsrvr.org Failed match.adsrvr.org Failed
0	simpli.fi Failed um.simpli.fi Failed
0	fiftyt.com Failed visitor.fiftyt.com Failed
0	semasio.net Failed uipglob.semasio.net Failed
0	adition.com Failed dsp.adfarm1.adition.com Failed
0	bidr.io Failed match.prod.bidr.io Failed
0	criteo.com Failed dis.criteo.com Failed
0	de17a.com Failed d5p.de17a.com Failed
322	42

	Domain	Requested by
84	tpc.googlesyndication.com	googleads.g.doubleclick.net holm.ru tpc.googlesyndication.com pagead2.googlesyndication.com
32	holm.ru	holm.ru
28	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net holm.ru imasdk.googleapis.com
26	h.vdo.ai	a.vdo.ai
20	www.google.com	6 redirects holm.ru www.gstatic.com www.google.com googleads.g.doubleclick.net
18	pagead2.googlesyndication.com	holm.ru pagead2.googlesyndication.com googleads.g.doubleclick.net srcdoc tpc.googlesyndication.com www.googletagservices.com
14	www.gstatic.com	www.google.com googleads.g.doubleclick.net
7	analytics.vdo.ai	a.vdo.ai
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com holm.ru
7	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	fonts.gstatic.com	fonts.googleapis.com
7	fonts.googleapis.com	holm.ru googleads.g.doubleclick.net tpc.googlesyndication.com
6	cm.g.doubleclick.net	holm.ru googleads.g.doubleclick.net ads.pubmatic.com
5	track.vdo.ai	holm.ru
5	a.vdo.ai	holm.ru a.vdo.ai
4	adservice.google.com	pagead2.googlesyndication.com imasdk.googleapis.com
4	adservice.google.de	pagead2.googlesyndication.com imasdk.googleapis.com
3	ib.adnxs.com	1 redirects a.vdo.ai acdn.adnxs.com ads.pubmatic.com
3	image6.pubmatic.com	2 redirects ads.pubmatic.com
2	ssum-sec.casalemedia.com	2 redirects
2	rtb.openx.net	2 redirects
2	imasdk.googleapis.com	a.vdo.ai imasdk.googleapis.com
2	counter.yadro.ru	1 redirects holm.ru
2	cdnjs.cloudflare.com	holm.ru cdnjs.cloudflare.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	ads.pubmatic.com	a.vdo.ai
1	acdn.adnxs.com	a.vdo.ai
1	hbopenbid.pubmatic.com	a.vdo.ai
1	googlecm.hit.gemius.pl	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	s0.2mdn.net	imasdk.googleapis.com
1	targeting.vdo.ai	a.vdo.ai
1	www.googletagmanager.com	a.vdo.ai
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s23.h17.ru	1 redirects
0	pubmatic-match.dotomi.com Failed	ads.pubmatic.com
0	pixel-sync.sitescout.com Failed	ads.pubmatic.com
0	match.adsby.bidtheatre.com Failed	ads.pubmatic.com
0	sync-tm.everesttech.net Failed	ads.pubmatic.com
0	ad.turn.com Failed	ads.pubmatic.com
0	pixel.quantserve.com Failed	ads.pubmatic.com
0	ups.analytics.yahoo.com Failed	ads.pubmatic.com
0	pr-bh.ybp.yahoo.com Failed	ads.pubmatic.com
0	x.bidswitch.net Failed	ads.pubmatic.com
0	sync.mathtag.com Failed	ads.pubmatic.com
0	c1.adform.net Failed	ads.pubmatic.com
0	match.adsrvr.org Failed	ads.pubmatic.com
0	um.simpli.fi Failed	ads.pubmatic.com
0	visitor.fiftyt.com Failed	ads.pubmatic.com
0	uipglob.semasio.net Failed	ads.pubmatic.com
0	dsp.adfarm1.adition.com Failed	image6.pubmatic.com
0	match.prod.bidr.io Failed	image6.pubmatic.com
0	dis.criteo.com Failed	image6.pubmatic.com
0	d5p.de17a.com Failed	image6.pubmatic.com
322	55

This site contains links to these domains. Also see Links.

Domain
emanuals.org
oauth.vk.com
www.facebook.com
oauth.yandex.ru
twitter.com
vk.com
connect.ok.ru
plus.google.com
vdo.ai

Subject Issuer	Validity	Valid
holm.ru R3	`2021-01-28` - `2021-04-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
counter.yadro.ru R3	`2021-03-22` - `2021-06-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.vdo.ai Go Daddy Secure Certificate Authority - G2	`2019-10-15` - `2021-10-15`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh

This page contains 38 frames:

Primary Page: https://holm.ru/
Frame ID: 5DA41CDB2E618217284D5D364A23F61A
Requests: 105 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210318/r20190131/zrt_lookup.html
Frame ID: D0115A152EA2EE3FF83E7A704BF6CF58
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&adk=1812271804&adf=3025194257&lmt=1529319118&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fholm.ru%2F&ea=0&flash=0&pra=5&wgl=1&dt=1616469437390&bpp=15&bdt=490&idt=141&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7616610989144&frm=20&pv=2&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=160
Frame ID: 830785DA6B61B374D6867129DF8CFFC7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=280&slotname=2123392814&adk=786900664&adf=833234448&pi=t.ma~as.2123392814&w=896&fwrn=4&fwrnh=100&lmt=1529319118&rafmt=1&psa=0&format=896x280&url=https%3A%2F%2Fholm.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616469437405&bpp=4&bdt=505&idt=171&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=277&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yVW6TUCFWo&p=https%3A//holm.ru&dtd=177
Frame ID: A5925128694DDBC7981E1F1A0D3FAF24
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=1121139433&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437409&bpp=2&bdt=509&idt=181&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=170&ady=1777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=75Xf7JmPhd&p=https%3A//holm.ru&dtd=186
Frame ID: 0AE9B7080BDA36467794BFDF09517F52
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=604429176&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=190&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=830&ady=2045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5Gvl1DGaGa&p=https%3A//holm.ru&dtd=193
Frame ID: 27AA416A8ECA14B8AAB1223C06782D79
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfOp3cUAAAAAA3e2l6pwGbegnANJygOWql3rcp2&co=aHR0cHM6Ly9ob2xtLnJ1OjQ0Mw..&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=normal&cb=rrhii1y1pca5
Frame ID: 5545E66691DAEAFEB67D5256DB4775CF
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfOp3cUAAAAAA3e2l6pwGbegnANJygOWql3rcp2&co=aHR0cHM6Ly9ob2xtLnJ1OjQ0Mw..&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=normal&cb=1k8uczzg5qrt
Frame ID: 0276133A43B4146AC4B01E3E89246CA0
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfOp3cUAAAAAA3e2l6pwGbegnANJygOWql3rcp2&co=aHR0cHM6Ly9ob2xtLnJ1OjQ0Mw..&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=normal&cb=izlatr38bwgc
Frame ID: BF1964E32E42D39EE3A692942108E128
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=252182655&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=257&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=2313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=bwlTHh5nhq&p=https%3A//holm.ru&dtd=261
Frame ID: 7021EAD5F8483EF3A68BD18D459D82C6
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=600&slotname=3819617861&adk=3212866176&adf=2658706387&pi=t.ma~as.3819617861&w=270&fwrn=4&fwrnh=100&lmt=1529319118&rafmt=1&psa=0&format=270x600&url=https%3A%2F%2Fholm.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1616469437412&bpp=1&bdt=512&idt=316&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1160&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&fsb=1&xpc=XXtKPgO7RZ&p=https%3A//holm.ru&dtd=320
Frame ID: 31740182CB1B68812E671AC89BCFFB55
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=280&slotname=1111717567&adk=3464641219&adf=2723329071&pi=t.ma~as.1111717567&w=1200&fwrn=4&fwrnh=100&lmt=1529319118&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fholm.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616469437451&bpp=1&bdt=551&idt=293&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250%2C300x250%2C270x600&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=170&ady=3951&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=nn11tchMnM&p=https%3A//holm.ru&dtd=296
Frame ID: 088E03E6CCC69F1B292D4DEEAABAE694
Requests: 11 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6LfOp3cUAAAAAA3e2l6pwGbegnANJygOWql3rcp2&cb=v64rdc6gnkxb
Frame ID: 4D387B8615330C1E49C11A45EFE07899
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html
Frame ID: BFBA1939A793A679AA8F2E945F4EDA15
Requests: 23 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6LfOp3cUAAAAAA3e2l6pwGbegnANJygOWql3rcp2&cb=vt74i9zhi4dt
Frame ID: 64D1BA556C745833FDFF87943413EC25
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html
Frame ID: 21E1D0917740F71151DF2AF3F2153C6C
Requests: 23 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6LfOp3cUAAAAAA3e2l6pwGbegnANJygOWql3rcp2&cb=nt1a8bf0wvjj
Frame ID: 9D48EDDAD1310DE8516F54EDB19FEBEF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5327029394931728737/300x250_Motiv_Kueche/index.html
Frame ID: FF3707D98033E4159E8ABBAE1D5689D8
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1569060108828469311/nt_s21-DE_300x600_nokian-wetproof/index.html
Frame ID: FE91C7A3007C26D5E2CDFE3AC1811C11
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CE2g3vV1ZYL3LLY_Y7_UPlPS4mAmA0cHtYYOIpOy2DY6k8ozTBxABIP7T4SFglYq4gsgHoAHwnbryA8gBCakCTkf-q5AFtD6oAwHIA0iqBK0BT9ADCYMPpwE2Zd7zZteAyNukCeH8fMeuIdX6vwO3wChiLx05vUThpOsKI_H2WhFVzpeY-jjSAdJYVEzeg3CrquemcYdacY5QYYt3Vn5dtela9QOJhAXt_RIMyzSVK8l3NTefmo4yR-PygRO6eyZnu0AcWwNwaeA-yLeELqtpSSSeW3od2AgEfduPv2Uws_IRVxyJ2VD406ZQIXJAUBPMtiW1YsadvP7MeyGYJQvABLaF1-94kgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_jhxQ2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQnfkj0ggJCIDhgBAQARgfgAoByAsB2BMCshcaChgIABIUcHViLTMzMzkxMzM3MDExNDI2NjE&sigh=cqR1fvxZynI&template_id=419&tpd=AGWhJmtBanlsnhSZOchE3z48NY6q-_GfaOOOoD-7wFkL_iNDgw
Frame ID: 485007EBF42A5AFDAA4A5B463C112B78
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 319D4C7B17A7DF3B00BDA851CD6D687F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 5F4A503A5BFCE730E33AA4D26EBBA4BA
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: C598D64B9E975E32D4EE2654ED75CE7B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 6B345AD623A2B57C77A662B6F2E96B88
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html
Frame ID: 461A49095393FB96E69B40568F5AEE06
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: AB82C3055A0D40100A7D392922C027B2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5084E6D5CB058B89B80C22A33FF3F480
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 70254494C211CC638FE8D0B56BE43792
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 59170CE06C1E2177A65412AA4952BFCC
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Frame ID: E22185C7661DFA2A65D0424FB3FC06AE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Frame ID: 12F6E84658C344C9FA26216853A36ABB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 76BCC1947C50E0F91D68A4047B3D202E
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C7C88D640BCA00C06EC29B359A424AF3
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5F060B4AFEB103E36BFA718AE606987C
Requests: 22 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: 378F39E57EB8EE2B91C6ED8FD6BC8598
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 1BCB8BBD2E704B8D2CA1F29EF62DC4A8
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
Frame ID: 68D5AA96B9770138391A1A9825006CFA
Requests: 1 HTTP requests in this frame

Frame: https://dsp.adfarm1.adition.com/cookie/?ssp=9
Frame ID: 3EB1B1B588D4C4D34C6466E3211620EB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://s23.h17.ru/crossdomain.xml HTTP 301
https://holm.ru/ Page URL

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

322
Requests

91 %
HTTPS

58 %
IPv6

42
Domains

55
Subdomains

35
IPs

7
Countries

7145 kB
Transfer

12794 kB
Size

6
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://emanuals.org/
Title: инструкций по эксплуатации

Search URL Search Domain Scan URL

URL: https://oauth.vk.com/authorize?client_id=006612038&scope=notify,email&redirect_uri=https%3A%2F%2Fholm.ru%2Fauth%2Freg%3Fsocial%3Dvk&response_type=code&v=5.33&state=
Title: Вконтакте

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/oauth?client_id=23652342694190300&scope=email,public_profile&redirect_uri=https%3A%2F%2Fholm.ru%2Fauth%2Freg%3Fsocial%3Dfacebook
Title: Facebook

Search URL Search Domain Scan URL

URL: https://oauth.yandex.ru/authorize?client_id=cd839edeb7e64b8d968c948979debe6800&response_type=code&state=https%3A%2F%2Fholm.ru%2Fauth%2Freg%3Fsocial%3Dyandex
Title: Яндекс

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?app_id=113869198637480&sdk=joey&u=http%3A%2F%2Fholm.ru%2F&display=popup&ref=plugin&src=share_button

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referer=http%3A%2F%2Fholm.ru%2F&ref_src=twsrc%5Etfw&text=&tw_p=tweetbutton&url=http%3A%2F%2Fholm.ru%2F

Search URL Search Domain Scan URL

URL: https://vk.com/share.php?url=http%3A%2F%2Fholm.ru%2F

Search URL Search Domain Scan URL

URL: https://connect.ok.ru/dk?cmd=WidgetSharePreview&st.cmd=WidgetSharePreview&st._aid=ExternalShareWidget_SharePreview&st.shareUrl=http%3A%2F%2Fholm.ru%2F&st.hosterId=47126

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=http%3A%2F%2Fholm.ru%2F

Search URL Search Domain Scan URL

URL: https://vdo.ai/?utm_medium=video&utm_term=holm.ru&utm_source=vdoai_logo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://s23.h17.ru/crossdomain.xml HTTP 301
https://holm.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://holm.ru/photos/120/12286120/img-0.jpg HTTP 301
https://holm.ru/

Request Chain 37

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//holm.ru/;h2437437%20%u043E%u0440%u0433%u0430%u043D%u0438%u0437%u0430%u0446%u0438%u0439%20%u0420%u043E%u0441%u0441%u0438%u0438%20%u043D%u0430%20%u043F%u0440%u043E%u0433%u0440%u0435%u0441%u0441%u0438%u0432%u043D%u043E%u043C%20%u043F%u043E%u0440%u0442%u0430%u043B%u0435%20Holm.ru%21;0.499310688578559 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//holm.ru/;h2437437%20%u043E%u0440%u0433%u0430%u043D%u0438%u0437%u0430%u0446%u0438%u0439%20%u0420%u043E%u0441%u0441%u0438%u0438%20%u043D%u0430%20%u043F%u0440%u043E%u0433%u0440%u0435%u0441%u0441%u0438%u0432%u043D%u043E%u043C%20%u043F%u043E%u0440%u0442%u0430%u043B%u0435%20Holm.ru%21;0.499310688578559

Request Chain 242

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 243

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 245

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 246

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 247

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 248

https://d.agkn.com/pixel/2175/?google_gid=CAESEAZls7-nup1bOInLXIEDMlo&google_cver=1&google_push=AQvitUJCIG2VGq_DmNhAyRZAxX_OakUC4UANDc-sn3yJ_QKx7BQya3RYXD3InddfrUwrpNqp25d_km8gusogUfMsTcRWjhPY8g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VBWmxzNy1udXAxYk9JbkxYSUVETWxv

Request Chain 249

https://rtb.openx.net/sync/dds?google_gid=CAESEGjnNXhmwzRIjLn4E974K4M&google_cver=1&google_push=AQvitULq_CeADbqmDONOy5DyJV8SpwYEqxlsVD-jb3dHzn0DQ3MaXDWU8Ng12cwD4LTImq4cfVl4-LkRJDyrgCAZxmInPKboJQU HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEGjnNXhmwzRIjLn4E974K4M&google_cver=1&google_push=AQvitULq_CeADbqmDONOy5DyJV8SpwYEqxlsVD-jb3dHzn0DQ3MaXDWU8Ng12cwD4LTImq4cfVl4-LkRJDyrgCAZxmInPKboJQU&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULq_CeADbqmDONOy5DyJV8SpwYEqxlsVD-jb3dHzn0DQ3MaXDWU8Ng12cwD4LTImq4cfVl4-LkRJDyrgCAZxmInPKboJQU&google_hm=kv3uaP_6zSIozLuxoE1-2A==

Request Chain 250

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGG5wU1GZcX5dLnNSnPSr1I&google_cver=1&google_push=AQvitUKXDwb18WOEGZuvNmldY2Q4Wa-V6m27YjKInP1WQkmPL7BkJSOV5VWzv7Bl4t2KqWqNj8JBlf-P86corGPoaU_xYLbsT2I HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGG5wU1GZcX5dLnNSnPSr1I&google_cver=1&google_push=AQvitUKXDwb18WOEGZuvNmldY2Q4Wa-V6m27YjKInP1WQkmPL7BkJSOV5VWzv7Bl4t2KqWqNj8JBlf-P86corGPoaU_xYLbsT2I&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5ypJbeUrTPmVdZhoUvvZqQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKXDwb18WOEGZuvNmldY2Q4Wa-V6m27YjKInP1WQkmPL7BkJSOV5VWzv7Bl4t2KqWqNj8JBlf-P86corGPoaU_xYLbsT2I

Request Chain 251

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEODC4jMfvsrySTEUshVTr7E&google_cver=1&google_push=AQvitUL3h-nx45sZOI2fwI2DUGB9lj0_Xa6Wta_mbLlY-DCL7xt8UBGr8_FyXpEcjxwFoQhcjG5UbiRH20LQvdB2P-fzmqqXkhc HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEODC4jMfvsrySTEUshVTr7E&google_cver=1&google_push=AQvitUL3h-nx45sZOI2fwI2DUGB9lj0_Xa6Wta_mbLlY-DCL7xt8UBGr8_FyXpEcjxwFoQhcjG5UbiRH20LQvdB2P-fzmqqXkhc&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFldv28hpN3__zthvMWOKwAABKYAAAAB&google_cver=1&google_gid=CAESEODC4jMfvsrySTEUshVTr7E&google_push=AQvitUL3h-nx45sZOI2fwI2DUGB9lj0_Xa6Wta_mbLlY-DCL7xt8UBGr8_FyXpEcjxwFoQhcjG5UbiRH20LQvdB2P-fzmqqXkhc

Request Chain 253

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEIXYoWHJNx_9D6ZAbR0PFnM&google_cver=1&google_push=AQvitUIitINXsum_bAFRHwhTpMssH3pk1mPYlec_Qdr7uLmkZ4dWsew9klBhSRlreyloF53dGfblPmcsM_kg2vBBrf3nAxQ6auM HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIitINXsum_bAFRHwhTpMssH3pk1mPYlec_Qdr7uLmkZ4dWsew9klBhSRlreyloF53dGfblPmcsM_kg2vBBrf3nAxQ6auM&google_hm=

Request Chain 258

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 303

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 308

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lYSx2CVyQKmp8DltYfH_Kg%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lYSx2CVyQKmp8DltYfH_Kg%3D%3D&google_tc=

Request Chain 312

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTU4NEIxRDgtMjU3Mi00MEE5LUE5RjAtMzk2RDYxRjFGRjJB&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTU4NEIxRDgtMjU3Mi00MEE5LUE5RjAtMzk2RDYxRjFGRjJB&gdpr=0&gdpr_consent=&google_tc=

Request Chain 313

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=

322 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
holm.ru/
Redirect Chain

http://s23.h17.ru/crossdomain.xml
https://holm.ru/

60 KB
14 KB

286ms
206ms

Document
text/html

78.47.205.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://holm.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.205.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.176.205.47.78.clients.your-server.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 689ffebed00e595d467357dbc014545cc604b9317eef5aeb4d96b32fd12630a6

Request headers

Host: holm.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:16 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Mon, 18 Jun 2018 10:51:58 GMT
Cache-Control: max-age=60
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 13558
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Tue, 23 Mar 2021 03:17:16 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Mon, 18 Jun 2018 10:51:58 GMT
Cache-Control: max-age=60
Location: https://holm.ru
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK jquery-1.10.2.min.js Show response
holm.ru/js/ 91 KB
32 KB 116ms
41ms Script
application/javascript 78.47.205.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://holm.ru/js/jquery-1.10.2.min.js
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.205.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.176.205.47.78.clients.your-server.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Nov 2013 12:35:52 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "16bb3-4ec13b892ba00-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 32802

GET
H/1.1 200
OK bootstrap.css
holm.ru/css/bootstrap2/ 197 KB
25 KB 51ms
39ms Stylesheet
text/css 78.47.205.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://holm.ru/css/bootstrap2/bootstrap.css
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.205.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.176.205.47.78.clients.your-server.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 500fbe6708b05fd4fd5b88241aaf14b26a0babcb601c89adaaefffb3284690c2

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Sep 2018 12:46:15 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "315bf-57638cac3996e-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 24838

GET
H/1.1 200
OK main.css
holm.ru/css/ 9 KB
3 KB 95ms
36ms Stylesheet
text/css 78.47.205.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://holm.ru/css/main.css
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.205.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.176.205.47.78.clients.your-server.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 2365a3c528465f78fefaf070696aa7e4c2edd24e9735d4dc467cca8fcf6ffd88

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 May 2019 15:28:40 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "220c-5898fbc915f58-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2592

GET
H/1.1 200
OK formstone.js Show response
holm.ru/js/ 213 KB
67 KB 43ms
43ms Script
application/javascript 78.47.205.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://holm.ru/js/formstone.js
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.205.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.176.205.47.78.clients.your-server.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 2d0974a487ae3b5a348c3b5e03b06a2f04d05539f2df31d053e3d5cb6cf43d00

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Oct 2016 09:38:14 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "354bb-53e1aefa20d80-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK jquery.fancybox.pack.js Show response
holm.ru/js/ 22 KB
9 KB 37ms
36ms Script
application/javascript 78.47.205.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://holm.ru/js/jquery.fancybox.pack.js
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.205.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.176.205.47.78.clients.your-server.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 4330215f7a858522e3186202c41b82ae686c8ad2b5d81664eb0f86a067058e85

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Jan 2013 01:10:42 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "5843-4d35d8c0e2880-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 8465

GET
H/1.1 200
OK slick.js Show response
holm.ru/js/ 83 KB
14 KB 45ms
39ms Script
application/javascript 78.47.205.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://holm.ru/js/slick.js
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.205.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.176.205.47.78.clients.your-server.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: ce84035bf0ed746ee3a41247af81a547bf801c8fe89b944da18b8e4065c06204

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jun 2016 14:31:58 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "14a31-535caaeed3380-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 14444

GET
H/1.1 200
OK jquery.main.js Show response
holm.ru/js/ 6 KB
2 KB 43ms
38ms Script
application/javascript 78.47.205.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://holm.ru/js/jquery.main.js
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.205.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.176.205.47.78.clients.your-server.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 6781df54aefbc2b4447cacbcd5686a3223b12fe1287cd2ba89044aa22b327c6c

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Aug 2018 16:32:12 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "19cc-5737bde577b00-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1649

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
49 KB 48ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: holm.ru
URL: https://holm.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fa191f0798bad44d61ee59928dc469aa9a515998c0a686ebd5e8f55f8fbb8f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:17:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49663
x-xss-protection: 0
server: cafe
etag: 2488594466385152879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 23 Mar 2021 03:17:17 GMT

GET
H/1.1 200
OK thumb_img-0_300_250.jpg
holm.ru/photos/884/10309884/ 23 KB
23 KB 87ms
49ms Image
image/jpeg 78.47.205.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://holm.ru/photos/884/10309884/thumb_img-0_300_250.jpg
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.205.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.176.205.47.78.clients.your-server.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 93487fbc3f5cbf777b1442a78454e714bead0cc1f7be495ba52e354b31e773db

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:17 GMT
Last-Modified: Fri, 19 Oct 2018 10:29:28 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "5b1c-5789260d53a2d"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 23324

GET
H/1.1 200
OK thumb_img-0_300_250.jpg
holm.ru/photos/511/2340511/ 27 KB
27 KB 90ms
47ms Image
image/jpeg 78.47.205.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://holm.ru/photos/511/2340511/thumb_img-0_300_250.jpg
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.205.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.176.205.47.78.clients.your-server.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: f40fe730cfab95415223eb57cbaf108aa1e9893b475bc74ebf47edad99aaf73f

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:17 GMT
Last-Modified: Fri, 19 Oct 2018 10:29:58 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "6a59-57892629fb8b0"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 27225

GET
H/1.1 200
OK thumb_img-0_300_250.jpg
holm.ru/photos/231/10554231/ 36 KB
36 KB 62ms
55ms Image
image/jpeg 78.47.205.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://holm.ru/photos/231/10554231/thumb_img-0_300_250.jpg
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.205.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.176.205.47.78.clients.your-server.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: a4e464cebbf36496921ff82467583a66f4278682e9178ae84e55095cb5f8a2e9

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:17 GMT
Last-Modified: Mon, 01 Oct 2018 17:57:16 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "8e9e-5772e8925a25a"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 36510

GET
H/1.1 200
OK thumb_img-0_300_250.jpg
holm.ru/photos/108/4784108/ 31 KB
31 KB 57ms
38ms Image
image/jpeg 78.47.205.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://holm.ru/photos/108/4784108/thumb_img-0_300_250.jpg
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.205.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.176.205.47.78.clients.your-server.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: bbd7a9595ff698899be43bd05ec7cda39e9ff255da2655f2885a1d1e626450af

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:17 GMT
Last-Modified: Fri, 19 Oct 2018 10:30:25 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "7aed-57892643cfd1e"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 31469

GET
H/1.1 200
OK thumb_img-0_300_250.jpg
holm.ru/photos/733/11351733/ 20 KB
20 KB 71ms
39ms Image
image/jpeg 78.47.205.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://holm.ru/photos/733/11351733/thumb_img-0_300_250.jpg
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.205.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.176.205.47.78.clients.your-server.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: d24d42a1ac6112cdc1e38f243b6958ab290d5fd8b7e79d0ebcafefec3421d8cb

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:17 GMT
Last-Modified: Fri, 19 Oct 2018 10:29:46 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "4f70-5789261e64c22"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 20336

GET
H/1.1 200
OK thumb_img-0_300_250.jpg
holm.ru/photos/216/6957216/ 14 KB
14 KB 59ms
45ms Image
image/jpeg 78.47.205.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://holm.ru/photos/216/6957216/thumb_img-0_300_250.jpg
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.205.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.176.205.47.78.clients.your-server.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 234c1252268f1ba1af0370854b572ee3d1b51a590f017642586f9ae5fe3e48a1

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:17 GMT
Last-Modified: Wed, 26 Sep 2018 09:26:14 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "3804-576c2d055731f"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 14340

GET
H/1.1 200
OK thumb_img-0_300_250.jpg
holm.ru/photos/563/12213563/ 15 KB
15 KB 38ms
38ms Image
image/jpeg 78.47.205.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://holm.ru/photos/563/12213563/thumb_img-0_300_250.jpg
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.205.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.176.205.47.78.clients.your-server.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: bad70c7e07d67ceb285806b4d4f65b376f0861b1389ca4a50e1e08546be531b8

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:17 GMT
Last-Modified: Fri, 19 Oct 2018 10:33:28 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "3a2c-578926f26403f"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 14892

GET
H/1.1 200
OK thumb_img-0_300_250.jpg
holm.ru/photos/655/2975655/ 24 KB
25 KB 52ms
51ms Image
image/jpeg 78.47.205.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://holm.ru/photos/655/2975655/thumb_img-0_300_250.jpg
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.205.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.176.205.47.78.clients.your-server.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 4f234281dfee617c79ca0bfdbae7fe72584493411838474daaa6ecdec6500c6e

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:17 GMT
Last-Modified: Fri, 19 Oct 2018 10:33:33 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "617c-578926f67ae2d"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 24956

GET
H/1.1 200
OK thumb_img-0_300_250.jpg
holm.ru/photos/511/5797511/ 38 KB
38 KB 53ms
53ms Image
image/jpeg 78.47.205.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://holm.ru/photos/511/5797511/thumb_img-0_300_250.jpg
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.205.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.176.205.47.78.clients.your-server.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: b6c7cbf1f73d84853fbd1bbdac117a363a9430d28dedc6df8fd6d18bf1461b78

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:17 GMT
Last-Modified: Fri, 19 Oct 2018 10:31:35 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "97b9-57892685ed87b"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 38841

GET
H/1.1 200
OK thumb_img-0_300_250.jpg
holm.ru/photos/164/13318164/ 22 KB
22 KB 50ms
50ms Image
image/jpeg 78.47.205.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://holm.ru/photos/164/13318164/thumb_img-0_300_250.jpg
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.205.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.176.205.47.78.clients.your-server.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: fecada96ab8e725d6fa16ee729820d05ecae34ae6cf1d3f94fbca4ed9760775b

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:17 GMT
Last-Modified: Mon, 01 Oct 2018 18:02:22 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "573f-5772e9b63c7ce"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 22335

GET
H/1.1 200
OK thumb_img-0_300_250.jpg
holm.ru/photos/21/6320021/ 24 KB
24 KB 47ms
46ms Image
image/jpeg 78.47.205.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://holm.ru/photos/21/6320021/thumb_img-0_300_250.jpg
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.205.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.176.205.47.78.clients.your-server.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 7c26b8c76a0eae84b64ee1eb24b829feaa96d8742155c12e1944aa688da5e9f2

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:17 GMT
Last-Modified: Wed, 05 Dec 2018 02:46:52 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "5f2a-57c3d64fb43d5"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 24362

GET

/
holm.ru/
Redirect Chain

https://holm.ru/photos/120/12286120/img-0.jpg
https://holm.ru/

0
0

GET
H/1.1 200
OK thumb_img-0_300_250.jpg
holm.ru/photos/303/7277303/ 24 KB
24 KB 54ms
54ms Image
image/jpeg 78.47.205.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://holm.ru/photos/303/7277303/thumb_img-0_300_250.jpg
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.205.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.176.205.47.78.clients.your-server.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 6cffb86cbaff5c10aac77374271456dc4f0eb96643f9f8bebe14f76d7edd0f53

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:17 GMT
Last-Modified: Mon, 01 Oct 2018 18:22:26 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "6004-5772ee31e8d2e"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 24580

GET
H/1.1 200
OK thumb_img-0_300_250.jpg
holm.ru/photos/181/7000181/ 32 KB
32 KB 51ms
51ms Image
image/jpeg 78.47.205.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://holm.ru/photos/181/7000181/thumb_img-0_300_250.jpg
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.205.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.176.205.47.78.clients.your-server.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 7ed273360bf71d3a256fff61814859b6d03bf921712d1d61f6335217cc426129

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:17 GMT
Last-Modified: Thu, 11 Oct 2018 23:04:20 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "7e12-577fbfdadc1f2"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 32274

GET
H/1.1 200
OK thumb_img-0_300_250.jpg
holm.ru/photos/699/8133699/ 20 KB
20 KB 55ms
55ms Image
image/jpeg 78.47.205.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://holm.ru/photos/699/8133699/thumb_img-0_300_250.jpg
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.205.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.176.205.47.78.clients.your-server.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 955c91bc8b7cf07b01a56d6d37ea40c78cb8334ab0d5f34c6ed787311251755b

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:17 GMT
Last-Modified: Mon, 01 Oct 2018 17:48:43 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "4f03-5772e6a8872c8"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 20227

GET
H/1.1 200
OK thumb_img-0_300_250.jpg
holm.ru/photos/4/15346004/ 24 KB
25 KB 36ms
36ms Image
image/jpeg 78.47.205.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://holm.ru/photos/4/15346004/thumb_img-0_300_250.jpg
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.205.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.176.205.47.78.clients.your-server.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 1baee734b6357d97cc40af6067c06bf8c104dfc13d35492bcfe00e4e831e87a6

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:17 GMT
Last-Modified: Fri, 19 Oct 2018 10:48:52 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "60f2-57892a6385120"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 24818

GET
H/1.1 200
OK thumb_img-0_300_250.jpg
holm.ru/photos/138/12247138/ 22 KB
22 KB 46ms
46ms Image
image/jpeg 78.47.205.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://holm.ru/photos/138/12247138/thumb_img-0_300_250.jpg
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.205.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.176.205.47.78.clients.your-server.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 3b91268626c0f56872038f97080a543b6658c1d806670c7eea1ec6662d57def6

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:17 GMT
Last-Modified: Fri, 19 Oct 2018 10:32:55 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "5608-578926d29960b"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 22024

GET
H/1.1 200
OK thumb_img-0_300_250.jpg
holm.ru/photos/743/15052743/ 32 KB
32 KB 38ms
38ms Image
image/jpeg 78.47.205.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://holm.ru/photos/743/15052743/thumb_img-0_300_250.jpg
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.205.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.176.205.47.78.clients.your-server.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: ab553261f15ad536b044ed22c43686d1f6476f282444e88507a7c40932eb7437

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:17 GMT
Last-Modified: Fri, 19 Oct 2018 10:29:52 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "7eb8-5789262397cec"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 32440

GET thumb_img-0_300_250.jpg
holm.ru/photos/734/11995734/ 0
0

GET thumb_img-0_300_250.jpg
holm.ru/photos/285/4461285/ 0
0

GET thumb_img-0_300_250.jpg
holm.ru/photos/941/3689941/ 0
0

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 27ms
14ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: holm.ru
URL: https://holm.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:17:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 380825
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
cf-request-id: 08feaf425600002c3e59a41000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=el5jVvXI59axNJpRjLC5x1WT31X9LMj8t30QV%2BUKHc58%2F%2BoBvTOhv2ZgXfcQwIq5lOZmNvRFeBQh3GSmMyeb5L04Af8mvJlx5UFXtzmlgEqvi1MliU85CD57gheZK2lLVg%3D%3D"}],"group":"cf-nel"}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6344817d5bf02c3e-FRA
expires: Sun, 13 Mar 2022 03:17:17 GMT

GET
H/1.1 200
OK main.js Show response
holm.ru/js/ 6 KB
2 KB 38ms
38ms Script
application/javascript 78.47.205.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://holm.ru/js/main.js
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.205.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.176.205.47.78.clients.your-server.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: cee41beb9bd2e324f1d58d2bcdf77a9b4cdbcdcf87dd42b5cef01b636b51eb16

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Oct 2018 18:25:41 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "1733-579765021f4d2-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1577

GET
H/1.1 200
OK popper.min.js Show response
holm.ru/css/bootstrap2/ 20 KB
7 KB 39ms
39ms Script
application/javascript 78.47.205.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://holm.ru/css/bootstrap2/popper.min.js
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.205.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.176.205.47.78.clients.your-server.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Aug 2018 18:42:03 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "4f71-5737daeb8b4c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 7239

GET
H/1.1 200
OK bootstrap.min.js Show response
holm.ru/css/bootstrap2/ 50 KB
14 KB 38ms
37ms Script
application/javascript 78.47.205.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://holm.ru/css/bootstrap2/bootstrap.min.js
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.205.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.176.205.47.78.clients.your-server.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Aug 2018 18:42:03 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "c75f-5737daeb8b4c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 14085

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
647 B 16ms
15ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: holm.ru
URL: https://holm.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ebc6da23752a7ca423fc24f860eeffcd71f7491bf11471c5aa1a29815976d173

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:17:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Tue, 23 Mar 2021 03:17:17 GMT

GET
H/1.1 200
OK postprocessor.js Show response
holm.ru/js2/ 1 KB
940 B 38ms
38ms Script
application/javascript 78.47.205.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://holm.ru/js2/postprocessor.js
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.205.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.176.205.47.78.clients.your-server.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 4cd03e384e49c6a03b386ac9028ba6ce6cf8eb63d7a49d069bdec231e50bd5c7

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Oct 2018 13:42:27 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "492-578449b97781e-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 560

GET
H/1.1 200
OK postprocessor.css
holm.ru/css2/ 294 B
550 B 37ms
37ms Stylesheet
text/css 78.47.205.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://holm.ru/css2/postprocessor.css
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.205.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.176.205.47.78.clients.your-server.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 8de103c7b0e9c0d18261c5d10ffcb20c66403769a36bcf615903c90dc7423a56

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Aug 2018 10:32:59 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "126-5738af7862cc0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 184

GET
H2 200 css
fonts.googleapis.com/ 2 KB
523 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,400italic

Requested by

Host: holm.ru
URL: https://holm.ru/css/bootstrap2/bootstrap.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3233cf8492b92a61a68bb7531498a0157010df7b1db56f14db29eaf24c1d891b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Mar 2021 01:41:34 GMT
server: ESF
date: Tue, 23 Mar 2021 03:17:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Mar 2021 03:17:17 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//holm.ru/;h2437437%20%u043E%u0440%u0433%u0430%u043D%u0438%u0437%u0430%u0446%u0438%u0439%20%u0420%u043E%u0441%u0441%u0438%u0438%20%u043D%u0430%...
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//holm.ru/;h2437437%20%u043E%u0440%u0433%u0430%u043D%u0438%u0437%u0430%u0446%u0438%u0439%20%u0420%u043E%u0441%u0441%u0438%u0438%20%u043D%u043...

43 B
496 B

70ms
70ms

Image
image/gif

88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//holm.ru/;h2437437%20%u043E%u0440%u0433%u0430%u043D%u0438%u0437%u0430%u0446%u0438%u0439%20%u0420%u043E%u0441%u0441%u0438%u0438%20%u043D%u0430%20%u043F%u0440%u043E%u0433%u0440%u0435%u0441%u0441%u0438%u0432%u043D%u043E%u043C%20%u043F%u043E%u0440%u0442%u0430%u043B%u0435%20Holm.ru%21;0.499310688578559

Requested by

Host: holm.ru
URL: https://holm.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host210.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 03:17:17 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 22 Mar 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 03:17:17 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//holm.ru/;h2437437%20%u043E%u0440%u0433%u0430%u043D%u0438%u0437%u0430%u0446%u0438%u0439%20%u0420%u043E%u0441%u0441%u0438%u0438%20%u043D%u0430%20%u043F%u0440%u043E%u0433%u0440%u0435%u0441%u0441%u0438%u0432%u043D%u043E%u043C%20%u043F%u043E%u0440%u0442%u0430%u043B%u0435%20Holm.ru%21;0.499310688578559
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sun, 22 Mar 2020 21:00:00 GMT

GET
H/1.1 200
OK logo.png
holm.ru/images/ 2 KB
2 KB 42ms
36ms Image
image/png 78.47.205.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://holm.ru/images/logo.png
Requested by: Host: holm.ru
URL: https://holm.ru/css/main.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.205.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.176.205.47.78.clients.your-server.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: fae0daf2ed8eaf81ca03fe885a992197d2de319e1bc910f36cdfd307f4862ddd

Request headers

Referer: https://holm.ru/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:17 GMT
Last-Modified: Fri, 06 Oct 2017 12:48:31 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "857-55ae0420ee5c0"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 2135

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 23 KB
23 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://holm.ru
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:17:59 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 388758
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
expires: Fri, 18 Mar 2022 15:17:59 GMT

GET
H3-Q050 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 22 KB
23 KB 53ms
39ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://holm.ru
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 03:49:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:12 GMT
server: sffe
age: 430043
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
expires: Fri, 18 Mar 2022 03:49:54 GMT

GET
H/1.1 200
OK white-pixel.gif
holm.ru/images/ 1 KB
1 KB 36ms
36ms Image
image/gif 78.47.205.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://holm.ru/images/white-pixel.gif
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.205.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.176.205.47.78.clients.your-server.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 0170947f463d372320b05ab8f860a69ba7d24868e2d9feead7a8e60744f9deb4

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:17 GMT
Last-Modified: Tue, 18 Sep 2018 09:11:44 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "445-57621adb6f400"
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1093

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210318/r20190131/ 226 KB
85 KB 55ms
42ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210318/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3339133701142661&plah=holm.ru&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddadd70ae359b0cfe71ee656a546833549e9bd9b97ceb18aa31df7c78d9a8ee4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:17:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86577
x-xss-protection: 0
server: cafe
etag: 9747339956311604466
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 23 Mar 2021 03:17:17 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210318/r20190131/ Frame D011 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210318/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210318/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://holm.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://holm.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 22 Mar 2021 15:27:13 GMT
expires: Mon, 05 Apr 2021 15:27:13 GMT
content-type: text/html; charset=UTF-8
etag: 14488317231655078900
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4661
x-xss-protection: 0
age: 42604
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 14ms
14ms Font
application/octet-stream 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://holm.ru
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:17:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 371156
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
cf-request-id: 08feaf441100001f2542085000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oyjiL6a31cfqr1PkZnxW7GOD%2B0NyJm4Ww3DJtaLRzGWoKpJV4qxY%2Fw47%2BbhfPvemsyQOO674dQC7JW8SGvLeMl7pbO1WO1oDvICjmbCGXZrw0gHfqN5kQZSN3dFm60yssw%3D%3D"}]}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 634481801d3c1f25-FRA
expires: Sun, 13 Mar 2022 03:17:17 GMT

GET
H2 200 vdo.ai.js Show response
a.vdo.ai/core/holm-ru/ 9 KB
4 KB 213ms
193ms Script
text/javascript 2606:4700:3033::ac43:de92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/holm-ru/vdo.ai.js
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:de92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.30
Resource Hash: b764c324f450755797d5595705fefd357c9ccac1c5346c460a557d6b3dcc95ed

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:17:17 GMT
via: 1.1 varnish-v4
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-powered-by: PHP/7.2.30
x-cache: HIT
vdo-server: Tag3
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08feaf443e00004a5662208000000001
x-varnish: 14741044 1867839
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=O1Z4A4gcASBqj4QzTr34Xlj8VyVQBAXru9Z%2Fo%2B4q1ReQdkE94DuHkzguiRdQRbsZR6%2BeZ0vteZLBzYl%2FyLHk7XUksynnqhlq06YAFKiEvB5qFp%2BDlQ%3D%3D"}]}
content-type: text/javascript;charset=UTF-8
cache-control: public, max-age=1800
cf-ray: 634481806aaa4a56-FRA

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ 331 KB
130 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6fcdd11c229160158b2399cfc0524bd1712b0b24e86e9d3432e5eec78d9e518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://holm.ru
Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 16:32:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38684
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132685
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 04:05:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Mar 2022 16:32:33 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 197 B
639 B 94ms
34ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=holm.ru&callback=_gfp_s_&client=ca-pub-3339133701142661

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210318/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3339133701142661&plah=holm.ru&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

1a74a2095c10491d05b60f33dfbd2e5157ee0a85520f5d5c1e66e14af6c8b535

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:17:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 34ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=holm.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 03:17:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 33ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=holm.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 03:17:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8307 4 KB
1 KB 88ms
74ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&adk=1812271804&adf=3025194257&lmt=1529319118&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fholm.ru%2F&ea=0&flash=0&pra=5&wgl=1&dt=1616469437390&bpp=15&bdt=490&idt=141&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7616610989144&frm=20&pv=2&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=160

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ef9cd625272120c403e639ef507c51ac6626688871399831133cfb01b7afb65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3339133701142661&output=html&adk=1812271804&adf=3025194257&lmt=1529319118&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fholm.ru%2F&ea=0&flash=0&pra=5&wgl=1&dt=1616469437390&bpp=15&bdt=490&idt=141&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7616610989144&frm=20&pv=2&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=160
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://holm.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://holm.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 23 Mar 2021 03:17:17 GMT
server: cafe
content-length: 693
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 23-Mar-2021 03:32:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 23 Mar 2021 03:17:17 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1bd0c2f4f5db718b4ffad5433658d98981fbb3479ce8c7a2789406d81d15dd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:17:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176152632151"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Tue, 23 Mar 2021 03:17:17 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A592 69 KB
23 KB 436ms
436ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=280&slotname=2123392814&adk=786900664&adf=833234448&pi=t.ma~as.2123392814&w=896&fwrn=4&fwrnh=100&lmt=1529319118&rafmt=1&psa=0&format=896x280&url=https%3A%2F%2Fholm.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616469437405&bpp=4&bdt=505&idt=171&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=277&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yVW6TUCFWo&p=https%3A//holm.ru&dtd=177

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

038fd00ffbbdb9ba1ad362c823906aad7a3af5441824c1e5860e0b776eed71c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3339133701142661&output=html&h=280&slotname=2123392814&adk=786900664&adf=833234448&pi=t.ma~as.2123392814&w=896&fwrn=4&fwrnh=100&lmt=1529319118&rafmt=1&psa=0&format=896x280&url=https%3A%2F%2Fholm.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616469437405&bpp=4&bdt=505&idt=171&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=277&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yVW6TUCFWo&p=https%3A//holm.ru&dtd=177
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://holm.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://holm.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 23 Mar 2021 03:17:18 GMT
server: cafe
content-length: 23288
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 23-Mar-2021 03:32:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 23 Mar 2021 03:17:18 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0AE9 87 KB
31 KB 362ms
362ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=1121139433&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437409&bpp=2&bdt=509&idt=181&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=170&ady=1777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=75Xf7JmPhd&p=https%3A//holm.ru&dtd=186

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4358b2cd1a164ed12ec0fb5a7ddb7211dc87f8fe27c9dcc378a7458b4f81d1e7

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COua-vS5xe8CFV_KuwgdLfgGSA&gqi=vV1ZYM6WJZuZx_APn8ac8Aw&layout=/sadbundle/%24csp%253Der3%24/9424655380617087832/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=1121139433&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437409&bpp=2&bdt=509&idt=181&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=170&ady=1777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=75Xf7JmPhd&p=https%3A//holm.ru&dtd=186
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://holm.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://holm.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COua-vS5xe8CFV_KuwgdLfgGSA&gqi=vV1ZYM6WJZuZx_APn8ac8Aw&layout=/sadbundle/%24csp%253Der3%24/9424655380617087832/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 23 Mar 2021 03:17:17 GMT
server: cafe
content-length: 31376
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 23-Mar-2021 03:32:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 23 Mar 2021 03:17:17 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 27AA 87 KB
31 KB 446ms
446ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=604429176&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=190&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=830&ady=2045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5Gvl1DGaGa&p=https%3A//holm.ru&dtd=193

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c31539634e554313738e0874297e16c00d5e28da811cb6c9a891d7068ca53bb4

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5327029394931728737/300x250_Motiv_Kueche/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5327029394931728737/300x250_Motiv_Kueche/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJK3-vS5xe8CFUPhuwgd0CUK-g&gqi=vV1ZYOq2Jdq3gQetoLCgBw&layout=/sadbundle/%24csp%253Der3%24/5327029394931728737/300x250_Motiv_Kueche/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=604429176&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=190&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=830&ady=2045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5Gvl1DGaGa&p=https%3A//holm.ru&dtd=193
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://holm.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://holm.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5327029394931728737/300x250_Motiv_Kueche/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5327029394931728737/300x250_Motiv_Kueche/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJK3-vS5xe8CFUPhuwgd0CUK-g&gqi=vV1ZYOq2Jdq3gQetoLCgBw&layout=/sadbundle/%24csp%253Der3%24/5327029394931728737/300x250_Motiv_Kueche/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 23 Mar 2021 03:17:18 GMT
server: cafe
content-length: 31432
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 23-Mar-2021 03:32:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 23 Mar 2021 03:17:18 GMT
cache-control: private

GET
H3-Q050 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 5545 20 KB
11 KB 50ms
35ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfOp3cUAAAAAA3e2l6pwGbegnANJygOWql3rcp2&co=aHR0cHM6Ly9ob2xtLnJ1OjQ0Mw..&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=normal&cb=rrhii1y1pca5

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2ea10cd2c5e962f697e44370fe313ce5563292be875109c9a17ee57d5e4c1c2a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dXo4+WucS85cYniyoMQD4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LfOp3cUAAAAAA3e2l6pwGbegnANJygOWql3rcp2&co=aHR0cHM6Ly9ob2xtLnJ1OjQ0Mw..&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=normal&cb=rrhii1y1pca5
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://holm.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://holm.ru/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 23 Mar 2021 03:17:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-dXo4+WucS85cYniyoMQD4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10934
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 0276 21 KB
12 KB 49ms
38ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfOp3cUAAAAAA3e2l6pwGbegnANJygOWql3rcp2&co=aHR0cHM6Ly9ob2xtLnJ1OjQ0Mw..&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=normal&cb=1k8uczzg5qrt

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4bd42f1d8b20ca695bcf55b002c5cb26c1cbaf73e88d2d07c77614e79edfc500

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vA0eDFGqRh0SColjOWQctw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LfOp3cUAAAAAA3e2l6pwGbegnANJygOWql3rcp2&co=aHR0cHM6Ly9ob2xtLnJ1OjQ0Mw..&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=normal&cb=1k8uczzg5qrt
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://holm.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://holm.ru/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 23 Mar 2021 03:17:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-vA0eDFGqRh0SColjOWQctw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 12053
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 anchor Show response
www.google.com/recaptcha/api2/ Frame BF19 20 KB
11 KB 46ms
37ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfOp3cUAAAAAA3e2l6pwGbegnANJygOWql3rcp2&co=aHR0cHM6Ly9ob2xtLnJ1OjQ0Mw..&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=normal&cb=izlatr38bwgc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ea71ddd1753d1dc6fdd910c6f23b77068734e9bb35a39130543ddda996a4617c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-k32AGqpEFXOwTDwmOCCcrg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LfOp3cUAAAAAA3e2l6pwGbegnANJygOWql3rcp2&co=aHR0cHM6Ly9ob2xtLnJ1OjQ0Mw..&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=normal&cb=izlatr38bwgc
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://holm.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://holm.ru/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 23 Mar 2021 03:17:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-k32AGqpEFXOwTDwmOCCcrg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10893
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
777 B 62ms
48ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=holm.ru

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 03:17:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
531 B 36ms
21ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=holm.ru

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 03:17:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7021 90 KB
33 KB 332ms
331ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=252182655&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=257&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=2313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=bwlTHh5nhq&p=https%3A//holm.ru&dtd=261

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b1538f3665c93fe6374d0935af69398bf0bba5a6197682cac77d853c460d1e1

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMTq_vS5xe8CFc3nuwgdvc8H0Q&gqi=vV1ZYNjYKYucgQe4hJ6YDA&layout=/sadbundle/%24csp%253Der3%24/9424655380617087832/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=252182655&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=257&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=2313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=bwlTHh5nhq&p=https%3A//holm.ru&dtd=261
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://holm.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://holm.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMTq_vS5xe8CFc3nuwgdvc8H0Q&gqi=vV1ZYNjYKYucgQe4hJ6YDA&layout=/sadbundle/%24csp%253Der3%24/9424655380617087832/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 23 Mar 2021 03:17:17 GMT
server: cafe
content-length: 33079
x-xss-protection: 0
set-cookie: IDE=AHWqTUkBsAgxE3UNqd8sUm0M8rHL573YarJ0HNsbWrgeKqxdmn8LqUcE-d-LmPNlwj4; expires=Sun, 17-Apr-2022 03:17:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 23 Mar 2021 03:17:17 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3174 106 KB
35 KB 338ms
338ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=600&slotname=3819617861&adk=3212866176&adf=2658706387&pi=t.ma~as.3819617861&w=270&fwrn=4&fwrnh=100&lmt=1529319118&rafmt=1&psa=0&format=270x600&url=https%3A%2F%2Fholm.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1616469437412&bpp=1&bdt=512&idt=316&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1160&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&fsb=1&xpc=XXtKPgO7RZ&p=https%3A//holm.ru&dtd=320

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e456928c0714107f61a13694f7d5b4074727ea93ff796a52256bc485401bed2

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1569060108828469311/nt_s21-DE_300x600_nokian-wetproof/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1569060108828469311/nt_s21-DE_300x600_nokian-wetproof/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP2dgvW5xe8CFQ_suwgdFDoOkw&gqi=vV1ZYIubLdGtgAed-bmYCw&layout=/sadbundle/%24csp%253Der3%24/1569060108828469311/nt_s21-DE_300x600_nokian-wetproof/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3339133701142661&output=html&h=600&slotname=3819617861&adk=3212866176&adf=2658706387&pi=t.ma~as.3819617861&w=270&fwrn=4&fwrnh=100&lmt=1529319118&rafmt=1&psa=0&format=270x600&url=https%3A%2F%2Fholm.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1616469437412&bpp=1&bdt=512&idt=316&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1160&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&fsb=1&xpc=XXtKPgO7RZ&p=https%3A//holm.ru&dtd=320
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://holm.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://holm.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1569060108828469311/nt_s21-DE_300x600_nokian-wetproof/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1569060108828469311/nt_s21-DE_300x600_nokian-wetproof/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP2dgvW5xe8CFQ_suwgdFDoOkw&gqi=vV1ZYIubLdGtgAed-bmYCw&layout=/sadbundle/%24csp%253Der3%24/1569060108828469311/nt_s21-DE_300x600_nokian-wetproof/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 23 Mar 2021 03:17:18 GMT
server: cafe
content-length: 34645
x-xss-protection: 0
set-cookie: IDE=AHWqTUkZejq5WXnoEsnYYiRkJg0PwNwmsNyucr5qC1Ds9SlrViu9Lqn8bhhJGxNkRYc; expires=Sun, 17-Apr-2022 03:17:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 23 Mar 2021 03:17:18 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 088E 77 KB
25 KB 495ms
495ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=280&slotname=1111717567&adk=3464641219&adf=2723329071&pi=t.ma~as.1111717567&w=1200&fwrn=4&fwrnh=100&lmt=1529319118&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fholm.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616469437451&bpp=1&bdt=551&idt=293&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250%2C300x250%2C270x600&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=170&ady=3951&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=nn11tchMnM&p=https%3A//holm.ru&dtd=296

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2dccf2eb88b07d4f6e1f7baa889f48105d5db7bf48669cd57301e4f6ef275c9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3339133701142661&output=html&h=280&slotname=1111717567&adk=3464641219&adf=2723329071&pi=t.ma~as.1111717567&w=1200&fwrn=4&fwrnh=100&lmt=1529319118&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fholm.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616469437451&bpp=1&bdt=551&idt=293&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250%2C300x250%2C270x600&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=170&ady=3951&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=nn11tchMnM&p=https%3A//holm.ru&dtd=296
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://holm.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://holm.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 23 Mar 2021 03:17:18 GMT
server: cafe
content-length: 25912
x-xss-protection: 0
set-cookie: IDE=AHWqTUlntn_XZS3_LCwoJ50o0umq4AcvGja0BFOYhNC79YPosXCV5vghafp5bD8QP7g; expires=Sun, 17-Apr-2022 03:17:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 23 Mar 2021 03:17:18 GMT
cache-control: private

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113932176-30

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/holm-ru/vdo.ai.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7b02cf771b48e21b5a07764fc1da6b91039776afeace02d6bd5cdd67e2aed845

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:17:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39812
x-xss-protection: 0
last-modified: Tue, 23 Mar 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 23 Mar 2021 03:17:17 GMT

GET
H2 200 vdo.min.js Show response
a.vdo.ai/core/dependencies_hbv4/ 339 KB
104 KB 26ms
25ms Script
application/javascript 2606:4700:3033::ac43:de92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/holm-ru/vdo.ai.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:de92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 134b7f4129a36daa9f8138e83a308f4e4d504629c71ff4b6b5dbe5f52e6322e7

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:17:17 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1026
cf-ray: 63448181fc084a56-FRA
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08feaf453d00004a5662211000000001
last-modified: Mon, 22 Mar 2021 13:51:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ySRvEsQxlRljuTmJ8NwCPSlANVgUHXl%2FbUpTlNTRpbRYNsG%2BcYhRmX44IvQjV9xw1pjUIFg8%2BZHfM0R9ikZQ5Ejldo%2FVA%2Fh0bnx7tRk4g1ondZaIDw%3D%3D"}]}
x-varnish: 31234956 557059
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 330 KB
114 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/holm-ru/vdo.ai.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ab8d4672e4e6dddaffe2961db019619fddee5fdad48793107e3ef3065239f68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:17:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116759
x-xss-protection: 0
expires: Tue, 23 Mar 2021 03:17:17 GMT

GET
H3-Q050 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ Frame 5545 50 KB
25 KB 32ms
15ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfOp3cUAAAAAA3e2l6pwGbegnANJygOWql3rcp2&co=aHR0cHM6Ly9ob2xtLnJ1OjQ0Mw..&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=normal&cb=rrhii1y1pca5

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 16:33:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 04:05:18 GMT
server: sffe
age: 38633
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25479
x-xss-protection: 0
expires: Tue, 22 Mar 2022 16:33:24 GMT

GET
H3-Q050 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ Frame 5545 331 KB
130 KB 28ms
13ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6fcdd11c229160158b2399cfc0524bd1712b0b24e86e9d3432e5eec78d9e518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 16:32:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38684
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132685
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 04:05:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Mar 2022 16:32:33 GMT

GET
H3-Q050 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ Frame BF19 50 KB
25 KB 29ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/styles__ltr.css

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 16:33:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 04:05:18 GMT
server: sffe
age: 38633
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25479
x-xss-protection: 0
expires: Tue, 22 Mar 2022 16:33:24 GMT

GET
H3-Q050 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ Frame BF19 331 KB
130 KB 30ms
14ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6fcdd11c229160158b2399cfc0524bd1712b0b24e86e9d3432e5eec78d9e518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 16:32:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38684
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132685
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 04:05:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Mar 2022 16:32:33 GMT

GET
H3-Q050 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ Frame 0276 50 KB
25 KB 29ms
15ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/styles__ltr.css

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 16:33:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 04:05:18 GMT
server: sffe
age: 38633
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25479
x-xss-protection: 0
expires: Tue, 22 Mar 2022 16:33:24 GMT

GET
H3-Q050 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ Frame 0276 331 KB
130 KB 29ms
15ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6fcdd11c229160158b2399cfc0524bd1712b0b24e86e9d3432e5eec78d9e518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 16:32:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38684
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132685
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 04:05:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Mar 2022 16:32:33 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113932176-30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 4482
date: Tue, 23 Mar 2021 02:02:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Tue, 23 Mar 2021 04:02:35 GMT

GET
H2 200 allowed_url.php Show response
targeting.vdo.ai/ 99 B
971 B 52ms
19ms XHR
application/json 2606:4700:3033::6815:2384
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.vdo.ai/allowed_url.php?type=json&url=holm.ru%2F&tag=holm-ru&domain=holm.ru
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:2384 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75ace966726add1583567ab2520409b8f0518c16bda739e5e736450a02c1458d

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:17:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vyDsSesZ9ydlTttTpFupR30DH9fyt35vfKQmStn52oBJqiNQ8RMb2kGwBfqJfB8n%2BSX3S6kV2GdC9ufA%2BIufbXZ4Q%2Fckp1%2BMZ4kzfsCAJ4wSoRf7RAO98muHnyw2"}],"max_age":604800}
cf-ray: 634481833c25c2d6-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08feaf46020000c2d693b0f000000001

GET
H3-Q050 200 zfNYw6aEUKinKD6R_krurCbR1XjodxrQWHYuXACoA4s.js Show response
www.google.com/js/bg/ Frame 0276 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/zfNYw6aEUKinKD6R_krurCbR1XjodxrQWHYuXACoA4s.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdf358c3a68450a8a7283e91fe4aeeac26d1d578e8771ad058762e5c00a8038b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfOp3cUAAAAAA3e2l6pwGbegnANJygOWql3rcp2&co=aHR0cHM6Ly9ob2xtLnJ1OjQ0Mw..&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=normal&cb=1k8uczzg5qrt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 15:45:03 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 18:00:00 GMT
server: sffe
age: 127934
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5755
x-xss-protection: 0
expires: Mon, 21 Mar 2022 15:45:03 GMT

GET
H3-Q050 200 zfNYw6aEUKinKD6R_krurCbR1XjodxrQWHYuXACoA4s.js Show response
www.google.com/js/bg/ Frame 5545 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/zfNYw6aEUKinKD6R_krurCbR1XjodxrQWHYuXACoA4s.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdf358c3a68450a8a7283e91fe4aeeac26d1d578e8771ad058762e5c00a8038b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfOp3cUAAAAAA3e2l6pwGbegnANJygOWql3rcp2&co=aHR0cHM6Ly9ob2xtLnJ1OjQ0Mw..&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=normal&cb=rrhii1y1pca5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 15:45:03 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 18:00:00 GMT
server: sffe
age: 127934
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5755
x-xss-protection: 0
expires: Mon, 21 Mar 2022 15:45:03 GMT

GET
H3-Q050 200 zfNYw6aEUKinKD6R_krurCbR1XjodxrQWHYuXACoA4s.js Show response
www.google.com/js/bg/ Frame BF19 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/zfNYw6aEUKinKD6R_krurCbR1XjodxrQWHYuXACoA4s.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdf358c3a68450a8a7283e91fe4aeeac26d1d578e8771ad058762e5c00a8038b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfOp3cUAAAAAA3e2l6pwGbegnANJygOWql3rcp2&co=aHR0cHM6Ly9ob2xtLnJ1OjQ0Mw..&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=normal&cb=izlatr38bwgc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 15:45:03 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 18:00:00 GMT
server: sffe
age: 127935
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5755
x-xss-protection: 0
expires: Mon, 21 Mar 2022 15:45:03 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
119 B 13ms
13ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1881586762&t=event&_s=1&dl=https%3A%2F%2Fholm.ru%2F&ul=en-us&de=UTF-8&dt=2437437%20%D0%BE%D1%80%D0%B3%D0%B0%D0%BD%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B9%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B5%D1%81%D1%81%D0%B8%D0%B2%D0%BD%D0%BE%D0%BC%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%D0%B5%20Holm.ru!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=vdoaijs&ea=loaded&ev=1&_u=IAhAAUABAAAAAC~&jid=191338833&gjid=1498205474&cid=833515519.1616469438&tid=UA-113932176-30&_gid=1297932565.1616469438&_r=1&gtm=2ou3h0&z=426636721

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 03:17:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://holm.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 7ms
7ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=1881586762&t=pageview&_s=2&dl=https%3A%2F%2Fholm.ru%2F&ul=en-us&de=UTF-8&dt=2437437%20%D0%BE%D1%80%D0%B3%D0%B0%D0%BD%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B9%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B5%D1%81%D1%81%D0%B8%D0%B2%D0%BD%D0%BE%D0%BC%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%D0%B5%20Holm.ru!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAUABAAAAAC~&jid=&gjid=&cid=833515519.1616469438&tid=UA-113932176-30&_gid=1297932565.1616469438&gtm=2ou3h0&z=1438673471

Requested by

Host: holm.ru
URL: https://holm.ru/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 13:38:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49130
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 webworker.js
www.google.com/recaptcha/api2/ Frame 0276 102 B
263 B 14ms
14ms Other
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9c2464add3c699d2be6d7ec889eed8d56ff71327ce4fc9e43955cea79b117fce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfOp3cUAAAAAA3e2l6pwGbegnANJygOWql3rcp2&co=aHR0cHM6Ly9ob2xtLnJ1OjQ0Mw..&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=normal&cb=1k8uczzg5qrt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 23 Mar 2021 03:17:18 GMT

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
344 B 344ms
111ms XHR
text/html 51.79.79.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.79.65 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns568718.ip-51-79-79.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 23 Mar 2021 03:17:18 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=2

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
344 B 352ms
115ms XHR
text/html 51.79.79.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.79.65 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns568718.ip-51-79-79.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 23 Mar 2021 03:17:18 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=2

GET
H2 200 vdo.player.js Show response
a.vdo.ai/core/assets/ 575 KB
144 KB 30ms
29ms Script
application/javascript 2606:4700:3033::ac43:de92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/assets/vdo.player.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:de92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d3d3d99ec2d1da823e792b3024b24ae723c89a29d46d9cffe4b1d4ba935c0da

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:17:18 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1026
cf-ray: 634481843ddd4a56-FRA
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08feaf46a500004a565f171000000001
last-modified: Mon, 14 Sep 2020 22:24:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PYJb3E%2F3OcvldJKV52BAtZd8CgLtQx1JJ1FnvSlRHm185yzCyStnmRR1Z1uZUlNoEZcZPOM0ttGGhzjpzS29xvxEUpfgJhAnx%2FSZn2pChEWeFcHX2w%3D%3D"}]}
x-varnish: 186226631 2293763
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 rtb.js Show response
a.vdo.ai/core/assets/ 383 KB
106 KB 26ms
24ms Script
application/javascript 2606:4700:3033::ac43:de92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/assets/rtb.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:de92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb9895bb7479d7bd4058bfd781fbf1d27d768a4cba2fbfa0be881b9a78c423d4

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:17:18 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1024
cf-ray: 634481843dde4a56-FRA
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08feaf46a600004a5628aad000000001
last-modified: Thu, 18 Mar 2021 06:17:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uLgvOfGjsIAcU6JJOnK9hzxB6acAvzjo%2BdseNOGVZupoF5Kb6l1KqEGScMtRpq%2BfrAMDrc%2BTjAFfP7mcWhCW777a8v37qoOsMYeb7kFp0hKy08mLIw%3D%3D"}]}
x-varnish: 31379463 1769511
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H/1.1 200
OK pixel.gif
track.vdo.ai/ 43 B
236 B 353ms
114ms Image
image/gif 51.79.79.82
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.vdo.ai/pixel.gif?domainName=holm.ru&tagName=holm-ru&event=blocked_url&uid=24a7ba63-366e-440d-9f76-c2a0c840087c&t=1616469438110
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.79.82 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns568735.ip-51-79-79.net
Software: nginx/1.12.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:18 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.12.2
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK pixel.gif
track.vdo.ai/ 43 B
236 B 380ms
124ms Image
image/gif 51.79.79.82
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.vdo.ai/pixel.gif?domainName=holm.ru&tagName=holm-ru&event=initVdo&uid=24a7ba63-366e-440d-9f76-c2a0c840087c&t=1616469438112
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.79.82 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns568735.ip-51-79-79.net
Software: nginx/1.12.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:18 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.12.2
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 7ms
6ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=1881586762&t=event&_s=3&dl=https%3A%2F%2Fholm.ru%2F&ul=en-us&de=UTF-8&dt=2437437%20%D0%BE%D1%80%D0%B3%D0%B0%D0%BD%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B9%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B5%D1%81%D1%81%D0%B8%D0%B2%D0%BD%D0%BE%D0%BC%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%D0%B5%20Holm.ru!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=initVdo&el=holm-ru&_u=KAhAAUABAAAAAC~&jid=&gjid=&cid=833515519.1616469438&tid=UA-113932176-30&_gid=1297932565.1616469438&gtm=2ou3h0&z=685858521

Requested by

Host: holm.ru
URL: https://holm.ru/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 13:38:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49130
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 webworker.js
www.google.com/recaptcha/api2/ Frame 5545 102 B
134 B 14ms
14ms Other
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9c2464add3c699d2be6d7ec889eed8d56ff71327ce4fc9e43955cea79b117fce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfOp3cUAAAAAA3e2l6pwGbegnANJygOWql3rcp2&co=aHR0cHM6Ly9ob2xtLnJ1OjQ0Mw..&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=normal&cb=rrhii1y1pca5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 23 Mar 2021 03:17:18 GMT

GET
H3-Q050 200 webworker.js
www.google.com/recaptcha/api2/ Frame BF19 102 B
134 B 15ms
15ms Other
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9c2464add3c699d2be6d7ec889eed8d56ff71327ce4fc9e43955cea79b117fce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfOp3cUAAAAAA3e2l6pwGbegnANJygOWql3rcp2&co=aHR0cHM6Ly9ob2xtLnJ1OjQ0Mw..&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=normal&cb=izlatr38bwgc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 23 Mar 2021 03:17:18 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame A592 4 KB
1 KB 61ms
47ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=280&slotname=2123392814&adk=786900664&adf=833234448&pi=t.ma~as.2123392814&w=896&fwrn=4&fwrnh=100&lmt=1529319118&rafmt=1&psa=0&format=896x280&url=https%3A%2F%2Fholm.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616469437405&bpp=4&bdt=505&idt=171&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=277&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yVW6TUCFWo&p=https%3A//holm.ru&dtd=177

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Mar 2021 01:44:43 GMT
server: ESF
date: Tue, 23 Mar 2021 03:17:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Mar 2021 03:17:18 GMT

GET
H3-Q050 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 4D38 7 KB
1 KB 16ms
15ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6LfOp3cUAAAAAA3e2l6pwGbegnANJygOWql3rcp2&cb=v64rdc6gnkxb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ecbd12dc7d0c1baa5a2cc90a92de2628daf733d5a195a251a953026c45c6cffc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ssztj1KxxgjsUjTETLG1CQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6LfOp3cUAAAAAA3e2l6pwGbegnANJygOWql3rcp2&cb=v64rdc6gnkxb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://holm.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://holm.ru/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 23 Mar 2021 03:17:18 GMT
content-security-policy: script-src 'report-sample' 'nonce-Ssztj1KxxgjsUjTETLG1CQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1112
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame BFBA 10 KB
5 KB 33ms
12ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=1121139433&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437409&bpp=2&bdt=509&idt=181&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=170&ady=1777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=75Xf7JmPhd&p=https%3A//holm.ru&dtd=186

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dae5ce5e624eea85dc85a2a36d08fc8accbc68f88e8ea48a5edb82da577aca55

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/9424655380617087832/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3507
date: Fri, 19 Mar 2021 04:39:04 GMT
expires: Sat, 19 Mar 2022 04:39:04 GMT
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 340694
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0AE9 0
0 20ms
19ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-gK1vV1ZYKvIJd-U7_UPrfCbwAS1sebvYcKzucrADZaCzYWIFhABIP7T4SFglYq4gsgHoAG9sYDZA8gBCakCTkf-q5AFtD6oAwHIA0iqBLkBT9CVsuQfyI2XIzBsD3jUv1k9bjFAhMrrtbKVz5f3TP6AQ5r_7UoPHd7rTxyz5LyFG0OfYPD8JeRkcRdBO7VFbwV04MkM6Cw1PTorUwK1c6AoQ91fPQFicuO5lvCxUXKF49sJvRv0-crxXTuJa-0taz1rNFh2aVDcsQ8LkhklOAmHHYfCiFkw9Tl2gpJPrQ5mZvyAK0oXo4x9MPokLo8BzIgN-zCcZGoSlF1TA660FpTPRnk7lSJv4GHABPqQzNC8A5IFBAgEGAGSBQQIBRgEoAYugAerzv8mqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEJ_uCNIICQiA4YAQEAEYH4AKAcgLAdgTDLIXGgoYCAASFHB1Yi0zMzM5MTMzNzAxMTQyNjYx&sigh=1T-wZUBRjE8&template_id=419&tpd=AGWhJmtt5KznsrfrrnrqAag2m0K-urZjN_GYpijP64hx0H53vg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=1121139433&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437409&bpp=2&bdt=509&idt=181&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=170&ady=1777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=75Xf7JmPhd&p=https%3A//holm.ru&dtd=186
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 23 Mar 2021 03:17:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/ Frame 0AE9 17 KB
7 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6493ea407d79518f1a23cd56abf3877cc95cfef289aa2193e09414befa93915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 02:07:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 10528220335026403715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 02:07:33 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 0AE9 2 KB
1 KB 29ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 02:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1658
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 02:49:40 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0AE9 117 KB
36 KB 62ms
49ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Tue, 23 Mar 2021 03:17:18 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 0AE9 12 KB
5 KB 28ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bafc346d790cb95214543b3f99b58a29e9c020492c68e7121d4dc176463ab9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5518
x-xss-protection: 0
server: cafe
etag: 4273098417856770931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 03:04:32 GMT

GET
H3-Q050 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 64D1 7 KB
1 KB 16ms
16ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6LfOp3cUAAAAAA3e2l6pwGbegnANJygOWql3rcp2&cb=vt74i9zhi4dt

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

76edf7cba89e6aef17faf9c197336a37710e6fcd7f5bc093a877f48f1aaee083

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nQkOD8UA08qoMyGFUHBHKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6LfOp3cUAAAAAA3e2l6pwGbegnANJygOWql3rcp2&cb=vt74i9zhi4dt
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://holm.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://holm.ru/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 23 Mar 2021 03:17:18 GMT
content-security-policy: script-src 'report-sample' 'nonce-nQkOD8UA08qoMyGFUHBHKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1111
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame 21E1 10 KB
5 KB 58ms
44ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=252182655&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=257&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=2313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=bwlTHh5nhq&p=https%3A//holm.ru&dtd=261

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dae5ce5e624eea85dc85a2a36d08fc8accbc68f88e8ea48a5edb82da577aca55

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/9424655380617087832/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3507
date: Fri, 19 Mar 2021 04:39:04 GMT
expires: Sat, 19 Mar 2022 04:39:04 GMT
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 340694
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7021 0
0 18ms
18ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CuKQkvV1ZYISYKs3P7_UPvZ-fiA21sebvYajnjOj5DMmV_pLJIhABIP7T4SFglYq4gsgHoAG9sYDZA8gBCakCKbdQe-4ItD6oAwHIA0iqBLYBT9Ck3ekLZv4AW7FI9t2PSfNVGaEAfe-WUVI4su4E0E5GMVQ1H4ScPM-UqQa9FjiJ86G4EPaPUI1MlJYVuQIpLJoUJYlDKUbOG2b_R6BD59IOTfbz8y57K6QYlaPkR9nkQI07OQxVIa703djRONHnBp7CLSrYp6TEt4JSibgzjR5z5z_5UruUchR2Oal8tBJy2oPAetu4MxW-F53YPpjgemZFVYMMkVNPGR3sM2lzI8rQtMzcpW7ABMuRxey6A5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAerzv8mqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEPukENIICQiA4YAQEAEYH4AKAcgLAdgTDLIXGgoYCAASFHB1Yi0zMzM5MTMzNzAxMTQyNjYx&sigh=zd1HoG8PI04&template_id=419&tpd=AGWhJmvKus-OGg0XX85T8cwkZg9xm5g-pmwEbzGS9qqIJbHDeA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=252182655&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=257&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=2313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=bwlTHh5nhq&p=https%3A//holm.ru&dtd=261

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=252182655&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=257&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=2313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=bwlTHh5nhq&p=https%3A//holm.ru&dtd=261
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 23 Mar 2021 03:17:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/ Frame 7021 17 KB
7 KB 54ms
42ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=252182655&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=257&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=2313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=bwlTHh5nhq&p=https%3A//holm.ru&dtd=261

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6493ea407d79518f1a23cd56abf3877cc95cfef289aa2193e09414befa93915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 02:07:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 10528220335026403715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 02:07:33 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 7021 2 KB
2 KB 51ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=252182655&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=257&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=2313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=bwlTHh5nhq&p=https%3A//holm.ru&dtd=261

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 02:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1658
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 02:49:40 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7021 117 KB
36 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=252182655&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=257&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=2313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=bwlTHh5nhq&p=https%3A//holm.ru&dtd=261

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Tue, 23 Mar 2021 03:17:18 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 7021 12 KB
5 KB 55ms
43ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=252182655&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=257&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=2313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=bwlTHh5nhq&p=https%3A//holm.ru&dtd=261

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bafc346d790cb95214543b3f99b58a29e9c020492c68e7121d4dc176463ab9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5518
x-xss-protection: 0
server: cafe
etag: 4273098417856770931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 03:04:32 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame A592 1 KB
980 B 52ms
41ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 02:49:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 02:49:51 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/ Frame A592 17 KB
7 KB 50ms
40ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6493ea407d79518f1a23cd56abf3877cc95cfef289aa2193e09414befa93915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 02:07:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 10528220335026403715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 02:07:33 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame A592 2 KB
1 KB 48ms
40ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 02:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1658
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 02:49:40 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A592 117 KB
36 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Tue, 23 Mar 2021 03:17:18 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame A592 12 KB
5 KB 50ms
42ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bafc346d790cb95214543b3f99b58a29e9c020492c68e7121d4dc176463ab9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5518
x-xss-protection: 0
server: cafe
etag: 4273098417856770931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 03:04:32 GMT

GET
H3-Q050 200 957c89dfc9e78dd5a0a3956da91f5358.js Show response
www.gstatic.com/mysidia/ Frame A592 25 KB
11 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/957c89dfc9e78dd5a0a3956da91f5358.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74701d1b03dcb606710d7cc01bbf35a36ad5e5e443e33e55894a013f0d65aacf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:46:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Mar 2021 03:37:36 GMT
server: sffe
age: 5437
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10839
x-xss-protection: 0
expires: Mon, 21 Jun 2021 01:46:41 GMT

GET
H3-Q050 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 9D48 7 KB
1 KB 16ms
16ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6LfOp3cUAAAAAA3e2l6pwGbegnANJygOWql3rcp2&cb=nt1a8bf0wvjj

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e65bba6f45034dbd574e171e181878c40e9c1bcb433cb10dc1a39d482088f5b9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5NBNlao390ngm71JZnd1SA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6LfOp3cUAAAAAA3e2l6pwGbegnANJygOWql3rcp2&cb=nt1a8bf0wvjj
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://holm.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://holm.ru/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 23 Mar 2021 03:17:18 GMT
content-security-policy: script-src 'report-sample' 'nonce-5NBNlao390ngm71JZnd1SA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1109
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5327029394931728737/300x250_Motiv_Kueche/ Frame FF37 40 KB
5 KB 15ms
15ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5327029394931728737/300x250_Motiv_Kueche/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=604429176&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=190&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=830&ady=2045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5Gvl1DGaGa&p=https%3A//holm.ru&dtd=193

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35e4564a58a59da1f39f7cf765f01ab538727a6f321a8541e8b15c1262906e6f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/5327029394931728737/300x250_Motiv_Kueche/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Wed, 17 Mar 2021 08:58:06 GMT
expires: Thu, 17 Mar 2022 08:58:06 GMT
last-modified: Mon, 22 Feb 2021 14:36:44 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 5161
age: 497952
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 27AA 0
0 18ms
18ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C5nqYvV1ZYNLkJcPC7_UP0Muo0A-1sebvYfqxucrADZaCzYWIFhABIP7T4SFglYq4gsgHoAG9sYDZA8gBCakCTkf-q5AFtD6oAwHIA0iqBLkBT9B9rpipIPmSqy6V4FLZVlVZeLBBDqgCIVrMMi1ESPinFl-luwDTXhZWrg2qALfSDlTZjqirVns5v4ns64NtaPNdOybWik7cRQUGEpsYb59ohoE0KloZ2JiMteXyhiI6W6sfUnHE4GDc3y7ztPV2Ba1tAqrXn1rwgXG1rPnpo6PUnlAMdgXiR3k_FcHLu5YtblO7CSzo1Xe1sNMwKlv65UgJu0McFv6h74V5c8Lm3Nd4d9zNwRGsc43ABPqQzNC8A5IFBAgEGAGSBQQIBRgEoAYugAerzv8mqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEOaDCNIICQiA4YAQEAEYH4AKAcgLAdgTDLIXGgoYCAASFHB1Yi0zMzM5MTMzNzAxMTQyNjYx&sigh=5BUNZprf9y0&template_id=419&tpd=AGWhJmsh8sbePVH1iBOCtWSIdsK2aCbeP6uZwAllIDCoITwZ4A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=604429176&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=190&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=830&ady=2045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5Gvl1DGaGa&p=https%3A//holm.ru&dtd=193

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=604429176&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=190&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=830&ady=2045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5Gvl1DGaGa&p=https%3A//holm.ru&dtd=193
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 23 Mar 2021 03:17:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/ Frame 27AA 17 KB
7 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=604429176&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=190&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=830&ady=2045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5Gvl1DGaGa&p=https%3A//holm.ru&dtd=193

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6493ea407d79518f1a23cd56abf3877cc95cfef289aa2193e09414befa93915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 02:07:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 10528220335026403715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 02:07:33 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 27AA 2 KB
1 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=604429176&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=190&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=830&ady=2045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5Gvl1DGaGa&p=https%3A//holm.ru&dtd=193

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 02:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1658
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 02:49:40 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 27AA 117 KB
36 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=604429176&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=190&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=830&ady=2045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5Gvl1DGaGa&p=https%3A//holm.ru&dtd=193

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Tue, 23 Mar 2021 03:17:18 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 27AA 12 KB
5 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=604429176&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=190&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=830&ady=2045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5Gvl1DGaGa&p=https%3A//holm.ru&dtd=193

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bafc346d790cb95214543b3f99b58a29e9c020492c68e7121d4dc176463ab9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5518
x-xss-protection: 0
server: cafe
etag: 4273098417856770931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 03:04:32 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame A592 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CXXkyvV1ZYJvJJfzH7_UPrdSpgAG0ibnpYaiizbfUDeyC6sHUHBABIP7T4SFglYq4gsgHoAHy2dGMA8gBAagDAcgDywSqBKQBT9CFi8krDhketFfSsiEdcOudKbPVBydfbmd5dc3vtLWtK1o_Tm5DyRqyEP2TxtIQ7dKm8SrBZR-PiJEbjMebj6vi3mAGmZpwc-J92srhzYkuYQaD2nbMcp37yVkMZt35emlpxEMXtTSRCCJ9N7RIOXf_LMZDmGUU7Vmd_R3weG6NBHHj-GdhyQXom7sDIFSM9Z4bkvqp4SeJTmRHdFXnlzy_cyXABK2qiqywA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBgAf2pa5zqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEJPxa9IICQiA4YAQEAEYH4AKAcgLAdgTCrIXGgoYCAASFHB1Yi0zMzM5MTMzNzAxMTQyNjYx&sigh=6azB1kF6tgI&tpd=AGWhJmsmWUNJGLd2gTCi93Fb96E4QDVJpNiLGdosTQ3tm9zJ8g

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=280&slotname=2123392814&adk=786900664&adf=833234448&pi=t.ma~as.2123392814&w=896&fwrn=4&fwrnh=100&lmt=1529319118&rafmt=1&psa=0&format=896x280&url=https%3A%2F%2Fholm.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616469437405&bpp=4&bdt=505&idt=171&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=277&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yVW6TUCFWo&p=https%3A//holm.ru&dtd=177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 23 Mar 2021 03:17:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
BLOB 200
OK d6cce504-c86a-4d62-ad5a-8099b1315c1e
https://holm.ru/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://holm.ru/d6cce504-c86a-4d62-ad5a-8099b1315c1e
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

OPTIONS
H/1.1 204
No Content news2.m3u8
h.vdo.ai/videos/categories/ Frame 0
0 352ms
115ms Preflight
text/plain 51.79.81.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/news2.m3u8
Protocol: HTTP/1.1
Server: 51.79.81.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns569753.ip-51-79-81.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: vdoai
Origin: https://holm.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Tue, 23 Mar 2021 03:17:18 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H/1.1 200
OK news2.m3u8 Show response
h.vdo.ai/videos/categories/ 36 KB
36 KB 218ms
211ms XHR
application/vnd.apple.mpegurl 51.79.81.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/news2.m3u8
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.81.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns569753.ip-51-79-81.net
Software: nginx/1.16.1 /
Resource Hash: d417a744e6a944755dc8458b6592c542e2408ab6d847338a6cc2c731d4b36476

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
vdoai: true

Response headers

Date: Tue, 23 Mar 2021 03:17:19 GMT
Last-Modified: Tue, 04 Aug 2020 05:54:55 GMT
Server: nginx/1.16.1
ETag: "5f28f82f-8e3e"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36414

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1569060108828469311/nt_s21-DE_300x600_nokian-wetproof/ Frame FE91 72 KB
45 KB 8ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1569060108828469311/nt_s21-DE_300x600_nokian-wetproof/index.html

Requested by

Host: holm.ru
URL: https://holm.ru/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

babe67d1c1539228202362ae754dc43b8e8a79a290c039b8dbde2c1e319e52d5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/1569060108828469311/nt_s21-DE_300x600_nokian-wetproof/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Wed, 17 Mar 2021 22:00:31 GMT
expires: Thu, 17 Mar 2022 22:00:31 GMT
last-modified: Wed, 17 Mar 2021 19:11:42 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 44788
age: 451007
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4850 0
0 21ms
20ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CE2g3vV1ZYL3LLY_Y7_UPlPS4mAmA0cHtYYOIpOy2DY6k8ozTBxABIP7T4SFglYq4gsgHoAHwnbryA8gBCakCTkf-q5AFtD6oAwHIA0iqBK0BT9ADCYMPpwE2Zd7zZteAyNukCeH8fMeuIdX6vwO3wChiLx05vUThpOsKI_H2WhFVzpeY-jjSAdJYVEzeg3CrquemcYdacY5QYYt3Vn5dtela9QOJhAXt_RIMyzSVK8l3NTefmo4yR-PygRO6eyZnu0AcWwNwaeA-yLeELqtpSSSeW3od2AgEfduPv2Uws_IRVxyJ2VD406ZQIXJAUBPMtiW1YsadvP7MeyGYJQvABLaF1-94kgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_jhxQ2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQnfkj0ggJCIDhgBAQARgfgAoByAsB2BMCshcaChgIABIUcHViLTMzMzkxMzM3MDExNDI2NjE&sigh=cqR1fvxZynI&template_id=419&tpd=AGWhJmtBanlsnhSZOchE3z48NY6q-_GfaOOOoD-7wFkL_iNDgw

Requested by

Host: holm.ru
URL: https://holm.ru/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=600&slotname=3819617861&adk=3212866176&adf=2658706387&pi=t.ma~as.3819617861&w=270&fwrn=4&fwrnh=100&lmt=1529319118&rafmt=1&psa=0&format=270x600&url=https%3A%2F%2Fholm.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1616469437412&bpp=1&bdt=512&idt=316&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1160&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&fsb=1&xpc=XXtKPgO7RZ&p=https%3A//holm.ru&dtd=320
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 23 Mar 2021 03:17:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/ Frame 4850 17 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=600&slotname=3819617861&adk=3212866176&adf=2658706387&pi=t.ma~as.3819617861&w=270&fwrn=4&fwrnh=100&lmt=1529319118&rafmt=1&psa=0&format=270x600&url=https%3A%2F%2Fholm.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1616469437412&bpp=1&bdt=512&idt=316&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1160&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&fsb=1&xpc=XXtKPgO7RZ&p=https%3A//holm.ru&dtd=320

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6493ea407d79518f1a23cd56abf3877cc95cfef289aa2193e09414befa93915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 02:07:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 10528220335026403715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 02:07:33 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 4850 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 02:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1658
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 02:49:40 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4850 117 KB
36 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Tue, 23 Mar 2021 03:17:18 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 4850 12 KB
5 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bafc346d790cb95214543b3f99b58a29e9c020492c68e7121d4dc176463ab9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5518
x-xss-protection: 0
server: cafe
etag: 4273098417856770931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 03:04:32 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 4850 0
0 14ms
13ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT4fjehLnKjMj-xvJqRtPnqipt07YwFMXCo2ttHlOO7nlIFhDyxd-_sVu_qtoIyNpf15UGOtNDs8dxHdJhevo9s99sWMQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=600&slotname=3819617861&adk=3212866176&adf=2658706387&pi=t.ma~as.3819617861&w=270&fwrn=4&fwrnh=100&lmt=1529319118&rafmt=1&psa=0&format=270x600&url=https%3A%2F%2Fholm.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1616469437412&bpp=1&bdt=512&idt=316&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1160&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&fsb=1&xpc=XXtKPgO7RZ&p=https%3A//holm.ru&dtd=320
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 319D 143 B
220 B 7ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=1121139433&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437409&bpp=2&bdt=509&idt=181&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=170&ady=1777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=75Xf7JmPhd&p=https%3A//holm.ru&dtd=186
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlntn_XZS3_LCwoJ50o0umq4AcvGja0BFOYhNC79YPosXCV5vghafp5bD8QP7g
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=1121139433&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437409&bpp=2&bdt=509&idt=181&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=170&ady=1777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=75Xf7JmPhd&p=https%3A//holm.ru&dtd=186

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 23 Mar 2021 02:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3238
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 0AE9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fcb95d01f025f43bc42bf3fc43881bb54d6be8e85fb2fda3469b289e76c7e3fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5F4A 143 B
165 B 6ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=280&slotname=2123392814&adk=786900664&adf=833234448&pi=t.ma~as.2123392814&w=896&fwrn=4&fwrnh=100&lmt=1529319118&rafmt=1&psa=0&format=896x280&url=https%3A%2F%2Fholm.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616469437405&bpp=4&bdt=505&idt=171&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=277&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yVW6TUCFWo&p=https%3A//holm.ru&dtd=177
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlntn_XZS3_LCwoJ50o0umq4AcvGja0BFOYhNC79YPosXCV5vghafp5bD8QP7g
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=280&slotname=2123392814&adk=786900664&adf=833234448&pi=t.ma~as.2123392814&w=896&fwrn=4&fwrnh=100&lmt=1529319118&rafmt=1&psa=0&format=896x280&url=https%3A%2F%2Fholm.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616469437405&bpp=4&bdt=505&idt=171&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=277&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yVW6TUCFWo&p=https%3A//holm.ru&dtd=177

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 23 Mar 2021 02:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3238
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C598 143 B
165 B 6ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=252182655&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=257&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=2313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=bwlTHh5nhq&p=https%3A//holm.ru&dtd=261

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=252182655&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=257&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=2313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=bwlTHh5nhq&p=https%3A//holm.ru&dtd=261
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlntn_XZS3_LCwoJ50o0umq4AcvGja0BFOYhNC79YPosXCV5vghafp5bD8QP7g
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=252182655&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=257&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=2313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=bwlTHh5nhq&p=https%3A//holm.ru&dtd=261

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 23 Mar 2021 02:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3238
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame A592 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e3574fa4899114f49a63900b2ac11b900bb852944ab86c0ca72c94fc7f2a3d5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7021 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b875df2e781b7289c5d242153ef9bc7318c2b4b8503d617c56de14a5c0e39c6e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6B34 143 B
165 B 6ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=604429176&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=190&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=830&ady=2045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5Gvl1DGaGa&p=https%3A//holm.ru&dtd=193

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=604429176&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=190&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=830&ady=2045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5Gvl1DGaGa&p=https%3A//holm.ru&dtd=193
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlntn_XZS3_LCwoJ50o0umq4AcvGja0BFOYhNC79YPosXCV5vghafp5bD8QP7g
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=604429176&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=190&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=830&ady=2045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5Gvl1DGaGa&p=https%3A//holm.ru&dtd=193

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 23 Mar 2021 02:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3238
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 27AA 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e929a05387abe42a1a3928e798bda2988128c951218482f3c49524dad89232af

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 2a797143-5059-4c0d-b720-d60445b9312e
https://holm.ru/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://holm.ru/2a797143-5059-4c0d-b720-d60445b9312e
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0d2bb46c68e084f258f3728375c0351cb47075647142ba7df6f0059ae0b2581

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 5409
Content-Type: application/javascript

GET
H3-Q050 200 bridge3.447.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 461A 576 KB
188 KB 27ms
13ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

559004a545a13667b7f7b0abdec7892df86ae2d2b36536c76ca37cbbf1b5bccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.447.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://holm.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://holm.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192496
date: Sun, 21 Mar 2021 23:50:08 GMT
expires: Mon, 21 Mar 2022 23:50:08 GMT
last-modified: Mon, 15 Mar 2021 15:51:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 98830
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 36ms
15ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Tue, 23 Mar 2021 03:17:18 GMT

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
344 B 115ms
115ms XHR
text/html 51.79.79.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.79.65 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns568718.ip-51-79-79.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 23 Mar 2021 03:17:18 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=2

GET
H2 200 logo.svg
a.vdo.ai/core/assets/img/ 1 KB
995 B 11ms
10ms Image
image/svg+xml 2606:4700:3033::ac43:de92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vdo.ai/core/assets/img/logo.svg
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:de92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:17:18 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1024
cf-ray: 63448188b96d4a56-FRA
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08feaf496e00004a5651aef000000001
last-modified: Mon, 02 Mar 2020 08:12:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tCUc6Sv0Bnpl5YEZLjxuqmcyuhQOL7FD0MPLksPfJr8ShMDsd4onM6F07iueVVNLJ8h2p3ENRuBpbJ%2BqNrw4ryQ8nwAd1xhq71qtqJx5DYuUOJxDfQ%3D%3D"}]}
x-varnish: 190615890 851989
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
content-type: image/svg+xml
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H/1.1 200
OK pixel.gif
track.vdo.ai/ 43 B
236 B 124ms
124ms Image
image/gif 51.79.79.82
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.vdo.ai/pixel.gif?domainName=holm.ru&tagName=holm-ru&event=forceplay&uid=24a7ba63-366e-440d-9f76-c2a0c840087c&t=1616469438825
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.79.82 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns568735.ip-51-79-79.net
Software: nginx/1.12.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:18 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.12.2
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3-Q050 200 spam_signals_bundle_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/elements/html/spam_signals/ Frame 088E 6 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/elements/html/spam_signals/spam_signals_bundle_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=280&slotname=1111717567&adk=3464641219&adf=2723329071&pi=t.ma~as.1111717567&w=1200&fwrn=4&fwrnh=100&lmt=1529319118&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fholm.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616469437451&bpp=1&bdt=551&idt=293&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250%2C300x250%2C270x600&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=170&ady=3951&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=nn11tchMnM&p=https%3A//holm.ru&dtd=296

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ac2a84edd7b8ec119d4edb1171dba25189ad3f5a223c0c3292481e1d805e52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:42:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16484
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2856
x-xss-protection: 0
server: cafe
etag: 3990243853910081088
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Apr 2021 22:42:34 GMT

GET
H3-Q050 200 14428213327540906823
tpc.googlesyndication.com/simgad/ Frame 088E 47 KB
47 KB 8ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14428213327540906823?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4ql9V8IjKbqwVvAoGlqHBc0F6zzCRA

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c173158f72f8478a50bca94d075b111635f25cd4b59646513d0770ae28cff66d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 00:33:11 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Dec 2020 10:21:19 GMT
server: sffe
age: 528247
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47884
x-xss-protection: 0
expires: Thu, 17 Mar 2022 00:33:11 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/ Frame 088E 17 KB
7 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6493ea407d79518f1a23cd56abf3877cc95cfef289aa2193e09414befa93915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 02:07:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 10528220335026403715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 02:07:33 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 088E 2 KB
2 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 02:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1659
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 02:49:40 GMT

GET
H3-Q050 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 088E 67 B
282 B 8ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Mar 2021 03:52:27 GMT
x-content-type-options: nosniff
server: cafe
age: 84292
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Tue, 23 Mar 2021 03:52:27 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 088E 117 KB
36 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:17:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Tue, 23 Mar 2021 03:17:19 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 088E 12 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bafc346d790cb95214543b3f99b58a29e9c020492c68e7121d4dc176463ab9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 767
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5518
x-xss-protection: 0
server: cafe
etag: 4273098417856770931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 03:04:32 GMT

GET
H3-Q050 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 088E 24 KB
10 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae7ac02dac97a4d3cfc9e53b94b29e957300756be95d93ac7dbc5c1ff1bd4f8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 15:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44097
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10336
x-xss-protection: 0
server: cafe
etag: 2466886026629934609
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Apr 2021 15:02:22 GMT

POST
H3-Q050 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 7021 0
433 B 71ms
14ms Other
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMTq_vS5xe8CFc3nuwgdvc8H0Q&gqi=vV1ZYNjYKYucgQe4hJ6YDA&layout=/sadbundle/%24csp%253Der3%24/9424655380617087832/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=252182655&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=257&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=2313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=bwlTHh5nhq&p=https%3A//holm.ru&dtd=261

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 03:17:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame A592 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 06:36:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 247262
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15872
x-xss-protection: 0
expires: Sun, 20 Mar 2022 06:36:16 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v20/ Frame A592 10 KB
10 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6bbcc62f3b6a3ada1215006f0f6c04dbcc035efe815caf60e6a26eafc335b7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:27:43 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 571775
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10048
x-xss-protection: 0
expires: Wed, 16 Mar 2022 12:27:43 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame A592 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 22:46:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 534645
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Wed, 16 Mar 2022 22:46:33 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v20/ Frame A592 10 KB
10 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

491158614c16e4a767df0f1ddbb82a8462b6ba308b8774c698b82e850a425291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 22:49:56 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:51 GMT
server: sffe
age: 534442
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9900
x-xss-protection: 0
expires: Wed, 16 Mar 2022 22:49:56 GMT

GET
H3-Q050 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ Frame 4D38 50 KB
25 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6LfOp3cUAAAAAA3e2l6pwGbegnANJygOWql3rcp2&cb=v64rdc6gnkxb

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 16:33:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 04:05:18 GMT
server: sffe
age: 38634
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25479
x-xss-protection: 0
expires: Tue, 22 Mar 2022 16:33:24 GMT

GET
H3-Q050 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ Frame 4D38 331 KB
130 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6LfOp3cUAAAAAA3e2l6pwGbegnANJygOWql3rcp2&cb=v64rdc6gnkxb

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6fcdd11c229160158b2399cfc0524bd1712b0b24e86e9d3432e5eec78d9e518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 16:32:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38685
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132685
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 04:05:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Mar 2022 16:32:33 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AB82 143 B
165 B 6ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=600&slotname=3819617861&adk=3212866176&adf=2658706387&pi=t.ma~as.3819617861&w=270&fwrn=4&fwrnh=100&lmt=1529319118&rafmt=1&psa=0&format=270x600&url=https%3A%2F%2Fholm.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1616469437412&bpp=1&bdt=512&idt=316&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1160&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&fsb=1&xpc=XXtKPgO7RZ&p=https%3A//holm.ru&dtd=320
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlntn_XZS3_LCwoJ50o0umq4AcvGja0BFOYhNC79YPosXCV5vghafp5bD8QP7g
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=600&slotname=3819617861&adk=3212866176&adf=2658706387&pi=t.ma~as.3819617861&w=270&fwrn=4&fwrnh=100&lmt=1529319118&rafmt=1&psa=0&format=270x600&url=https%3A%2F%2Fholm.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1616469437412&bpp=1&bdt=512&idt=316&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1160&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&fsb=1&xpc=XXtKPgO7RZ&p=https%3A//holm.ru&dtd=320

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 23 Mar 2021 02:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3238
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame BFBA 9 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 04:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80876
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 23 Mar 2021 04:49:22 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame BFBA 22 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 13:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50988
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 23 Mar 2021 13:07:30 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame BFBA 2 KB
585 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:700&subset=latin

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb1e12ac9d633c7e6ae486f98fb41f44662d371d1af97d44f0400e8478a6f45d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Mar 2021 01:57:14 GMT
server: ESF
date: Tue, 23 Mar 2021 03:17:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Mar 2021 03:17:18 GMT

GET
H3-Q050 200 HYPE-712.thin.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame BFBA 55 KB
25 KB 12ms
11ms Script
application/x-javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/HYPE-712.thin.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b32fb196b8de979c40886c7230e9d3a39f291f281fdf2e82c99c038607747c48

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 545807
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24394
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Tue, 16 Mar 2021 19:40:31 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Mar 2022 19:40:31 GMT

GET
H3-Q050 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ Frame 64D1 50 KB
25 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6LfOp3cUAAAAAA3e2l6pwGbegnANJygOWql3rcp2&cb=vt74i9zhi4dt

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 16:33:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 04:05:18 GMT
server: sffe
age: 38634
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25479
x-xss-protection: 0
expires: Tue, 22 Mar 2022 16:33:24 GMT

GET
H3-Q050 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ Frame 64D1 331 KB
130 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6LfOp3cUAAAAAA3e2l6pwGbegnANJygOWql3rcp2&cb=vt74i9zhi4dt

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6fcdd11c229160158b2399cfc0524bd1712b0b24e86e9d3432e5eec78d9e518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 16:32:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38685
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132685
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 04:05:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Mar 2022 16:32:33 GMT

GET
H3-Q050 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ Frame 9D48 50 KB
25 KB 14ms
13ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6LfOp3cUAAAAAA3e2l6pwGbegnANJygOWql3rcp2&cb=nt1a8bf0wvjj

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 16:33:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 04:05:18 GMT
server: sffe
age: 38634
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25479
x-xss-protection: 0
expires: Tue, 22 Mar 2022 16:33:24 GMT

GET
H3-Q050 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ Frame 9D48 331 KB
130 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6LfOp3cUAAAAAA3e2l6pwGbegnANJygOWql3rcp2&cb=nt1a8bf0wvjj

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6fcdd11c229160158b2399cfc0524bd1712b0b24e86e9d3432e5eec78d9e518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 16:32:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38685
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132685
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 04:05:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Mar 2022 16:32:33 GMT

GET
DATA 200
OK truncated
/ Frame 4850 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d1a88d9413ee1ff6bfd3e8a6763ca4703d4898251c4aa49aa2a82527109eb47

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 21E1 9 KB
3 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 04:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80876
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 23 Mar 2021 04:49:22 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 21E1 22 KB
9 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 13:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50988
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 23 Mar 2021 13:07:30 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 21E1 2 KB
585 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:700&subset=latin

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb1e12ac9d633c7e6ae486f98fb41f44662d371d1af97d44f0400e8478a6f45d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Mar 2021 01:55:52 GMT
server: ESF
date: Tue, 23 Mar 2021 03:17:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Mar 2021 03:17:18 GMT

GET
H3-Q050 200 HYPE-712.thin.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame 21E1 55 KB
24 KB 17ms
16ms Script
application/x-javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/HYPE-712.thin.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b32fb196b8de979c40886c7230e9d3a39f291f281fdf2e82c99c038607747c48

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 545807
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24394
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Tue, 16 Mar 2021 19:40:31 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Mar 2022 19:40:31 GMT

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame FF37 9 KB
3 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5327029394931728737/300x250_Motiv_Kueche/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 04:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80876
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 23 Mar 2021 04:49:22 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame FF37 22 KB
9 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5327029394931728737/300x250_Motiv_Kueche/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 13:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50988
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 23 Mar 2021 13:07:30 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame FF37 2 KB
466 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Maven+Pro:500,700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5327029394931728737/300x250_Motiv_Kueche/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3c9c1c2091e7a2c0a6b82f0b878f92f0ad0645ec625f28352f4546b33dea0344

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Mar 2021 02:03:16 GMT
server: ESF
date: Tue, 23 Mar 2021 03:17:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Mar 2021 03:17:18 GMT

GET
H3-Q050 200 bild_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5327029394931728737/300x250_Motiv_Kueche/ Frame FF37 18 KB
20 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5327029394931728737/300x250_Motiv_Kueche/bild_1.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5327029394931728737/300x250_Motiv_Kueche/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88904a0501d3ef2c47b96e0c3e4db135c32d3e8860d51a26f3ea03a438a00cfa

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 71866
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18919
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 14:36:44 GMT
server: sffe
date: Mon, 22 Mar 2021 07:19:33 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 07:19:33 GMT

GET
H3-Q050 200 stoerer_1.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5327029394931728737/300x250_Motiv_Kueche/ Frame FF37 7 KB
2 KB 6ms
6ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5327029394931728737/300x250_Motiv_Kueche/stoerer_1.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5327029394931728737/300x250_Motiv_Kueche/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9fec41e2d9737c8a957c1542399d6001813efc30a6cf043157e76ef2245aecc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 246174
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1995
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 14:36:44 GMT
server: sffe
date: Sat, 20 Mar 2021 06:54:25 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Mar 2022 06:54:25 GMT

GET
H3-Q050 200 bild_2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5327029394931728737/300x250_Motiv_Kueche/ Frame FF37 25 KB
25 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5327029394931728737/300x250_Motiv_Kueche/bild_2.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5327029394931728737/300x250_Motiv_Kueche/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fa78d81b53370f50a66fd8839c55666a21cafbe3afc5f04591450bf64711b1b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 518401
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25786
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 14:36:44 GMT
server: sffe
date: Wed, 17 Mar 2021 03:17:18 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 03:17:18 GMT

GET
H3-Q050 200 haken.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5327029394931728737/300x250_Motiv_Kueche/ Frame FF37 165 B
239 B 7ms
6ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5327029394931728737/300x250_Motiv_Kueche/haken.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5327029394931728737/300x250_Motiv_Kueche/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c4f42e925bfc3d0c8fbb885fd85bf99cdcdcdff4f139216c8016fcaf950f406

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 521048
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 154
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 14:36:44 GMT
server: sffe
date: Wed, 17 Mar 2021 02:33:11 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 02:33:11 GMT

GET
H3-Q050 200 stoerer_2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5327029394931728737/300x250_Motiv_Kueche/ Frame FF37 8 KB
8 KB 8ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5327029394931728737/300x250_Motiv_Kueche/stoerer_2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5327029394931728737/300x250_Motiv_Kueche/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22d9530d0a9f4e89e8f2471cfa2d59c3500c57c0ec17d4684c023175d323798a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 246174
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8411
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 14:36:44 GMT
server: sffe
date: Sat, 20 Mar 2021 06:54:25 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Mar 2022 06:54:25 GMT

GET
H3-Q050 200 logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5327029394931728737/300x250_Motiv_Kueche/ Frame FF37 3 KB
3 KB 8ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5327029394931728737/300x250_Motiv_Kueche/logo.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5327029394931728737/300x250_Motiv_Kueche/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

570faafa1cdab955360c64299317136f485106367d0542796b06ce764248b25a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 533634
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3407
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 14:36:44 GMT
server: sffe
date: Tue, 16 Mar 2021 23:03:25 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Mar 2022 23:03:25 GMT

POST
H3-Q050 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 4850 0
46 B 14ms
14ms Other
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP2dgvW5xe8CFQ_suwgdFDoOkw&gqi=vV1ZYIubLdGtgAed-bmYCw&layout=/sadbundle/%24csp%253Der3%24/1569060108828469311/nt_s21-DE_300x600_nokian-wetproof/index.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 03:17:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 088E 0
0 18ms
18ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cg4KZvV1ZYKbDLrSL7_UPopqwgA6N4azpYauAjLL9DJSX88uUDhABIP7T4SFglYq4gsgHoAG17tKLA8gBAqkChShonR-uTD6oAwHIA8kEqgSmAU_QV0nBQNZdtKUXmTMIZFTvIiLV9Sej-AxcDg7k7IYJgy68eGNfeWcQpl019lxUuTNMRk_LOD8-cMtlU_dx5oS2eXv9ZF2qyTshM0uBC5OrGogPy3rWwPXIxdm-rywk_y-J4bdutMMGeHtkF_qi5r_LMLWFjEqAe5GxXxZLbfwAmDPE11UFoGd5DVSjFBkORtMQJobxg08lug9nyp6D0I9iLk8bIjjABKXsz7CtA5IFBAgEGAGSBQQIBRgEoAYCgAezka10qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEELe9EdIICQiA4YAQEAEYH4AKAcgLAdgTDZgWAbIXGgoYCAASFHB1Yi0zMzM5MTMzNzAxMTQyNjYx&sigh=a_GxKzdFsEs&tpd=AGWhJmuWcPhcpg7qlk93Ki1rIJp0mhDdlaikjlwaq19YtzpQZA

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=280&slotname=1111717567&adk=3464641219&adf=2723329071&pi=t.ma~as.1111717567&w=1200&fwrn=4&fwrnh=100&lmt=1529319118&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fholm.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616469437451&bpp=1&bdt=551&idt=293&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250%2C300x250%2C270x600&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=170&ady=3951&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=nn11tchMnM&p=https%3A//holm.ru&dtd=296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 23 Mar 2021 03:17:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
344 B 115ms
115ms XHR
text/html 51.79.79.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.79.65 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns568718.ip-51-79-79.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 23 Mar 2021 03:17:19 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=2

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
344 B 111ms
111ms XHR
text/html 51.79.79.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.79.65 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns568718.ip-51-79-79.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 23 Mar 2021 03:17:19 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=2

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
344 B 221ms
111ms XHR
text/html 51.79.79.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.79.65 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns568718.ip-51-79-79.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 23 Mar 2021 03:17:19 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=2

GET
H/1.1 200
OK pixel.gif
track.vdo.ai/ 43 B
236 B 125ms
123ms Image
image/gif 51.79.79.82
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.vdo.ai/pixel.gif?domainName=holm.ru&tagName=holm-ru&event=pageview&uid=24a7ba63-366e-440d-9f76-c2a0c840087c&t=1616469439066
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.79.82 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns568735.ip-51-79-79.net
Software: nginx/1.12.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:19 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.12.2
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 7ms
6ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=1881586762&t=event&_s=4&dl=https%3A%2F%2Fholm.ru%2F&ul=en-us&de=UTF-8&dt=2437437%20%D0%BE%D1%80%D0%B3%D0%B0%D0%BD%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B9%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B5%D1%81%D1%81%D0%B8%D0%B2%D0%BD%D0%BE%D0%BC%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%D0%B5%20Holm.ru!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=pageview&el=holm-ru&_u=KAhAAUABAAAAAC~&jid=&gjid=&cid=833515519.1616469438&tid=UA-113932176-30&_gid=1297932565.1616469438&gtm=2ou3h0&z=309745172

Requested by

Host: holm.ru
URL: https://holm.ru/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 13:38:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49131
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel.gif
track.vdo.ai/ 43 B
236 B 116ms
115ms Image
image/gif 51.79.79.82
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.vdo.ai/pixel.gif?domainName=holm.ru&tagName=holm-ru&event=website_pageview&uid=24a7ba63-366e-440d-9f76-c2a0c840087c&t=1616469439069
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.79.82 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns568735.ip-51-79-79.net
Software: nginx/1.12.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:19 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.12.2
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 8ms
6ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=1881586762&t=event&_s=5&dl=https%3A%2F%2Fholm.ru%2F&ul=en-us&de=UTF-8&dt=2437437%20%D0%BE%D1%80%D0%B3%D0%B0%D0%BD%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B9%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B5%D1%81%D1%81%D0%B8%D0%B2%D0%BD%D0%BE%D0%BC%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%D0%B5%20Holm.ru!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=website_pageview&el=holm-ru&_u=KAhAAUABAAAAAC~&jid=&gjid=&cid=833515519.1616469438&tid=UA-113932176-30&_gid=1297932565.1616469438&gtm=2ou3h0&z=916420785

Requested by

Host: holm.ru
URL: https://holm.ru/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 13:38:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49131
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 8ms
7ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=1881586762&t=event&_s=6&dl=https%3A%2F%2Fholm.ru%2F&ul=en-us&de=UTF-8&dt=2437437%20%D0%BE%D1%80%D0%B3%D0%B0%D0%BD%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B9%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B5%D1%81%D1%81%D0%B8%D0%B2%D0%BD%D0%BE%D0%BC%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%D0%B5%20Holm.ru!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=began_atf&el=holm-ru&_u=KAhAAUABAAAAAC~&jid=&gjid=&cid=833515519.1616469438&tid=UA-113932176-30&_gid=1297932565.1616469438&gtm=2ou3h0&z=117203951

Requested by

Host: holm.ru
URL: https://holm.ru/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 13:38:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49131
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5084 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 02:23:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 3229
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 23 Mar 2021 03:23:30 GMT

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame FE91 9 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1569060108828469311/nt_s21-DE_300x600_nokian-wetproof/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 04:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80877
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 23 Mar 2021 04:49:22 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame FE91 22 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1569060108828469311/nt_s21-DE_300x600_nokian-wetproof/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 13:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50989
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 23 Mar 2021 13:07:30 GMT

GET
H3-Q050 200 logo_d.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1569060108828469311/nt_s21-DE_300x600_nokian-wetproof/ Frame FE91 1 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1569060108828469311/nt_s21-DE_300x600_nokian-wetproof/logo_d.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1569060108828469311/nt_s21-DE_300x600_nokian-wetproof/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d29ff1a0d107b4a6a4508c99edb4b7783e2813b98d0a999ac4fbce8915b1cd66

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 451008
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1450
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 19:11:42 GMT
server: sffe
date: Wed, 17 Mar 2021 22:00:31 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 22:00:31 GMT

GET
H3-Q050 200 logo_tire-guarantee.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1569060108828469311/nt_s21-DE_300x600_nokian-wetproof/ Frame FE91 3 KB
4 KB 7ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1569060108828469311/nt_s21-DE_300x600_nokian-wetproof/logo_tire-guarantee.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1569060108828469311/nt_s21-DE_300x600_nokian-wetproof/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdd7dc76bbaab8db1dd3b2291a9b1b52b1891f1f427984f3ac3c43c85a5044f3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 451008
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2817
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 19:11:42 GMT
server: sffe
date: Wed, 17 Mar 2021 22:00:31 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 22:00:31 GMT

GET
H3-Q050 200 logo_auto-motor-und-sport.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1569060108828469311/nt_s21-DE_300x600_nokian-wetproof/ Frame FE91 4 KB
4 KB 8ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1569060108828469311/nt_s21-DE_300x600_nokian-wetproof/logo_auto-motor-und-sport.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1569060108828469311/nt_s21-DE_300x600_nokian-wetproof/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc150e868bccce8dbdf83d6e3d06638833eeccc2b9735ff6e58aff7c2e604df5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 451008
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3874
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 19:11:42 GMT
server: sffe
date: Wed, 17 Mar 2021 22:00:31 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 22:00:31 GMT

GET
H3-Q050 200 tyre.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1569060108828469311/nt_s21-DE_300x600_nokian-wetproof/ Frame FE91 17 KB
17 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1569060108828469311/nt_s21-DE_300x600_nokian-wetproof/tyre.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1569060108828469311/nt_s21-DE_300x600_nokian-wetproof/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd02724ce784c8b273e88c3f80dca01a8747634d2155d29790ed2e3660d259a7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 451008
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17698
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 19:11:42 GMT
server: sffe
date: Wed, 17 Mar 2021 22:00:31 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 22:00:31 GMT

GET
H3-Q050 200 bg.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1569060108828469311/nt_s21-DE_300x600_nokian-wetproof/ Frame FE91 57 KB
58 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1569060108828469311/nt_s21-DE_300x600_nokian-wetproof/bg.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1569060108828469311/nt_s21-DE_300x600_nokian-wetproof/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5551275c440f2b3b0f1e7a995994b2f816d3528894e522baadc814bc644cebcf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 451008
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58806
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 19:11:42 GMT
server: sffe
date: Wed, 17 Mar 2021 22:00:31 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 22:00:31 GMT

GET
H3-Q050 200 logo_l.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1569060108828469311/nt_s21-DE_300x600_nokian-wetproof/ Frame FE91 1 KB
1 KB 10ms
9ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1569060108828469311/nt_s21-DE_300x600_nokian-wetproof/logo_l.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1569060108828469311/nt_s21-DE_300x600_nokian-wetproof/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f714fe4238276cbacceb8400a76d9c33a9fb83e4abecdc52aebe8ee87772781

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 451008
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1497
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 19:11:42 GMT
server: sffe
date: Wed, 17 Mar 2021 22:00:31 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 22:00:31 GMT

GET
H3-Q050 200 logo_tire-guarantee_white.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1569060108828469311/nt_s21-DE_300x600_nokian-wetproof/ Frame FE91 3 KB
3 KB 11ms
10ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1569060108828469311/nt_s21-DE_300x600_nokian-wetproof/logo_tire-guarantee_white.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1569060108828469311/nt_s21-DE_300x600_nokian-wetproof/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6872ccf73a7cae5986d7d38380caea758cb0b7ed8478f61bcf389259d31bbc67

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 451008
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2908
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 19:11:42 GMT
server: sffe
date: Wed, 17 Mar 2021 22:00:31 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 22:00:31 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7025 143 B
169 B 6ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=280&slotname=1111717567&adk=3464641219&adf=2723329071&pi=t.ma~as.1111717567&w=1200&fwrn=4&fwrnh=100&lmt=1529319118&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fholm.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616469437451&bpp=1&bdt=551&idt=293&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250%2C300x250%2C270x600&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=170&ady=3951&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=nn11tchMnM&p=https%3A//holm.ru&dtd=296
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlntn_XZS3_LCwoJ50o0umq4AcvGja0BFOYhNC79YPosXCV5vghafp5bD8QP7g
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=280&slotname=1111717567&adk=3464641219&adf=2723329071&pi=t.ma~as.1111717567&w=1200&fwrn=4&fwrnh=100&lmt=1529319118&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fholm.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616469437451&bpp=1&bdt=551&idt=293&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250%2C300x250%2C270x600&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=170&ady=3951&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=nn11tchMnM&p=https%3A//holm.ru&dtd=296

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 23 Mar 2021 02:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3239
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5917 1 KB
854 B 6ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 22 Mar 2021 16:59:40 GMT
expires: Tue, 23 Mar 2021 16:59:40 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 37059
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame BFBA 2 KB
631 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:700&subset=latin

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/HYPE-712.thin.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb1e12ac9d633c7e6ae486f98fb41f44662d371d1af97d44f0400e8478a6f45d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Mar 2021 01:42:37 GMT
server: ESF
date: Tue, 23 Mar 2021 03:17:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Mar 2021 03:17:19 GMT

GET
H3-Q050 200 pf.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame BFBA 1 KB
3 KB 9ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/pf.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c976135f44cdeee049ca7163fc671c369c7cf1a93de5e1151fc8d8fc6a33b080

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 328757
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1313
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Fri, 19 Mar 2021 07:58:02 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Mar 2022 07:58:02 GMT

GET
H3-Q050 200 bg300-1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame BFBA 8 KB
8 KB 12ms
10ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/bg300-1.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7eab1a8b40da1c5bc4647e55ebfc210432a2373ceb71ae566792a0a6e0fbad1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 73206
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8190
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Mon, 22 Mar 2021 06:57:13 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 06:57:13 GMT

GET
H3-Q050 200 logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame BFBA 2 KB
3 KB 11ms
9ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/logo.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ea171e60023ef7c77e4921f88d2a7ce39ea05447b0bbec4d0af23f2ba0278f7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 569930
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2477
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Tue, 16 Mar 2021 12:58:29 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Mar 2022 12:58:29 GMT

GET
H3-Q050 200 stoerer3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame BFBA 18 KB
18 KB 14ms
13ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/stoerer3.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4acff57c24e409bbd7c5f1f2660fc6ea316c4d1e4fe2af39c656c00a78a7971c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 554846
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18257
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Tue, 16 Mar 2021 17:09:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Mar 2022 17:09:53 GMT

GET
H3-Q050 200 maxtra1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame BFBA 2 KB
2 KB 9ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/maxtra1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f12b9249b11a594f39bfa09343bc6d216e64d9861f8de21f328be7fb903377ac

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 250566
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1778
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Sat, 20 Mar 2021 05:41:13 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Mar 2022 05:41:13 GMT

GET
H3-Q050 200 m1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame BFBA 18 KB
18 KB 13ms
11ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/m1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60e57c7f7829ba085103c21646e616624a5394948ce84711f041f04e853066cf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 328757
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18009
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Fri, 19 Mar 2021 07:58:02 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Mar 2022 07:58:02 GMT

GET
H3-Q050 200 m2-1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame BFBA 17 KB
17 KB 12ms
11ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/m2-1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cb8456f6b447cf329c5ccc322c42a80c2ae8573b286b151be7027c2253ca921

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 533630
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17376
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Tue, 16 Mar 2021 23:03:29 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Mar 2022 23:03:29 GMT

GET
H3-Q050 200 m3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame BFBA 17 KB
17 KB 14ms
13ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/m3.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af39439984f197376c872227bc359f7a1eeb6369c23cdca3754bcb415f0af64d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 520191
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17428
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Wed, 17 Mar 2021 02:47:28 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 02:47:28 GMT

GET
H3-Q050 200 7Au9p_AqnyWWAxW2Wk3GzWQI.woff2
fonts.gstatic.com/s/mavenpro/v22/ Frame FF37 18 KB
18 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mavenpro/v22/7Au9p_AqnyWWAxW2Wk3GzWQI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Maven+Pro:500,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e10684028a44797b734c232e01ae86a2da170d7586b6aacde7df81557ce35eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 06:54:31 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:56:07 GMT
server: sffe
age: 246168
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18292
x-xss-protection: 0
expires: Sun, 20 Mar 2022 06:54:31 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 21E1 2 KB
585 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:700&subset=latin

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/HYPE-712.thin.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb1e12ac9d633c7e6ae486f98fb41f44662d371d1af97d44f0400e8478a6f45d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Mar 2021 01:56:36 GMT
server: ESF
date: Tue, 23 Mar 2021 03:17:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Mar 2021 03:17:19 GMT

GET
H3-Q050 200 pf.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame 21E1 1 KB
1 KB 7ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/pf.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/HYPE-712.thin.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c976135f44cdeee049ca7163fc671c369c7cf1a93de5e1151fc8d8fc6a33b080

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 328757
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1313
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Fri, 19 Mar 2021 07:58:02 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Mar 2022 07:58:02 GMT

GET
H3-Q050 200 bg300-1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame 21E1 8 KB
9 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/bg300-1.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/HYPE-712.thin.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7eab1a8b40da1c5bc4647e55ebfc210432a2373ceb71ae566792a0a6e0fbad1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 73206
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8190
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Mon, 22 Mar 2021 06:57:13 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 06:57:13 GMT

GET
H3-Q050 200 logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame 21E1 2 KB
3 KB 9ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/logo.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/HYPE-712.thin.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ea171e60023ef7c77e4921f88d2a7ce39ea05447b0bbec4d0af23f2ba0278f7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 569930
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2477
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Tue, 16 Mar 2021 12:58:29 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Mar 2022 12:58:29 GMT

GET
H3-Q050 200 stoerer3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame 21E1 18 KB
18 KB 9ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/stoerer3.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/HYPE-712.thin.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4acff57c24e409bbd7c5f1f2660fc6ea316c4d1e4fe2af39c656c00a78a7971c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 554846
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18257
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Tue, 16 Mar 2021 17:09:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Mar 2022 17:09:53 GMT

GET
H3-Q050 200 maxtra1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame 21E1 2 KB
2 KB 10ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/maxtra1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/HYPE-712.thin.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f12b9249b11a594f39bfa09343bc6d216e64d9861f8de21f328be7fb903377ac

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 250566
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1778
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Sat, 20 Mar 2021 05:41:13 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Mar 2022 05:41:13 GMT

GET
H3-Q050 200 m1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame 21E1 18 KB
18 KB 11ms
9ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/m1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/HYPE-712.thin.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60e57c7f7829ba085103c21646e616624a5394948ce84711f041f04e853066cf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 328757
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18009
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Fri, 19 Mar 2021 07:58:02 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Mar 2022 07:58:02 GMT

GET
H3-Q050 200 m2-1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame 21E1 17 KB
17 KB 11ms
10ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/m2-1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/HYPE-712.thin.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cb8456f6b447cf329c5ccc322c42a80c2ae8573b286b151be7027c2253ca921

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 533630
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17376
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Tue, 16 Mar 2021 23:03:29 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Mar 2022 23:03:29 GMT

GET
H3-Q050 200 m3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame 21E1 17 KB
17 KB 11ms
10ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/m3.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/HYPE-712.thin.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af39439984f197376c872227bc359f7a1eeb6369c23cdca3754bcb415f0af64d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 520191
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17428
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Wed, 17 Mar 2021 02:47:28 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 02:47:28 GMT

GET
DATA 200
OK truncated
/ Frame 088E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4e9f0662db5b733f792eb40c94664b8daf5b09a3cdeb84db992af9450d83630

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FE91 34 KB
34 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e7ba7486df51b247d667ddfef156c72ed4f149a3693b1ca9be424f2ea680a50

Request headers

Origin: null
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
BLOB 200
OK b12c80c4-1272-49d8-ae65-b67b9b0032fb
https://holm.ru/ 52 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://holm.ru/b12c80c4-1272-49d8-ae65-b67b9b0032fb
Requested by: Host: holm.ru
URL: https://holm.ru/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27b6996a0f7ea420886fcb7b079d023a65391f41b283c92c38b60e8a157d6559

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 52893
Content-Type: application/javascript

GET
H/1.1 206
Partial Content news2.ts Show response
h.vdo.ai/videos/categories/ 336 KB
336 KB 120ms
120ms XHR
video/mp2t 51.79.81.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/news2.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.81.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns569753.ip-51-79-81.net
Software: nginx/1.16.1 /
Resource Hash: 5f84ea91c7008513372b2254dbf9434ae540b8adfbbb3d8a420e1e706575d008

Request headers

Referer: https://holm.ru/
vdoai: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-343851

Response headers

Date: Tue, 23 Mar 2021 03:17:19 GMT
Last-Modified: Tue, 04 Aug 2020 05:56:04 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5f28f874-99a964c"
Content-Type: video/mp2t
Content-Range: bytes 0-343851/161125964
Connection: keep-alive
Content-Length: 343852

OPTIONS
H/1.1 204
No Content news2.ts
h.vdo.ai/videos/categories/ Frame 0
0 114ms
114ms Preflight
text/plain 51.79.81.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/news2.ts
Protocol: HTTP/1.1
Server: 51.79.81.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns569753.ip-51-79-81.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://holm.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Tue, 23 Mar 2021 03:17:19 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H3-Q050 200 bg300-1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame BFBA 8 KB
8 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/bg300-1.jpg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7eab1a8b40da1c5bc4647e55ebfc210432a2373ceb71ae566792a0a6e0fbad1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 73206
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8190
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Mon, 22 Mar 2021 06:57:13 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 06:57:13 GMT

GET
H3-Q050 200 logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame BFBA 2 KB
3 KB 9ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/logo.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ea171e60023ef7c77e4921f88d2a7ce39ea05447b0bbec4d0af23f2ba0278f7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 569930
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2477
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Tue, 16 Mar 2021 12:58:29 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Mar 2022 12:58:29 GMT

GET
H3-Q050 200 stoerer3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame BFBA 18 KB
18 KB 9ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/stoerer3.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4acff57c24e409bbd7c5f1f2660fc6ea316c4d1e4fe2af39c656c00a78a7971c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 554846
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18257
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Tue, 16 Mar 2021 17:09:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Mar 2022 17:09:53 GMT

GET
H3-Q050 200 m1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame BFBA 18 KB
18 KB 9ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/m1.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60e57c7f7829ba085103c21646e616624a5394948ce84711f041f04e853066cf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 328757
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18009
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Fri, 19 Mar 2021 07:58:02 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Mar 2022 07:58:02 GMT

GET
H3-Q050 200 m3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame BFBA 17 KB
17 KB 9ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/m3.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af39439984f197376c872227bc359f7a1eeb6369c23cdca3754bcb415f0af64d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 520191
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17428
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Wed, 17 Mar 2021 02:47:28 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 02:47:28 GMT

GET
H3-Q050 200 m2-1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame BFBA 17 KB
17 KB 10ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/m2-1.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cb8456f6b447cf329c5ccc322c42a80c2ae8573b286b151be7027c2253ca921

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 533630
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17376
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Tue, 16 Mar 2021 23:03:29 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Mar 2022 23:03:29 GMT

GET
H3-Q050 200 maxtra1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame BFBA 2 KB
3 KB 10ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/maxtra1.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f12b9249b11a594f39bfa09343bc6d216e64d9861f8de21f328be7fb903377ac

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 250566
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1778
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Sat, 20 Mar 2021 05:41:13 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Mar 2022 05:41:13 GMT

GET
H3-Q050 200 pf.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame BFBA 1 KB
1 KB 10ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/pf.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c976135f44cdeee049ca7163fc671c369c7cf1a93de5e1151fc8d8fc6a33b080

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 328757
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1313
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Fri, 19 Mar 2021 07:58:02 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Mar 2022 07:58:02 GMT

GET
H3-Q050 200 bg300-1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame 21E1 8 KB
8 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/bg300-1.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=252182655&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=257&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=2313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=bwlTHh5nhq&p=https%3A//holm.ru&dtd=261

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7eab1a8b40da1c5bc4647e55ebfc210432a2373ceb71ae566792a0a6e0fbad1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 73206
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8190
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Mon, 22 Mar 2021 06:57:13 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 06:57:13 GMT

GET
H3-Q050 200 logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame 21E1 2 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/logo.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=252182655&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=257&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=2313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=bwlTHh5nhq&p=https%3A//holm.ru&dtd=261

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ea171e60023ef7c77e4921f88d2a7ce39ea05447b0bbec4d0af23f2ba0278f7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 569930
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2477
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Tue, 16 Mar 2021 12:58:29 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Mar 2022 12:58:29 GMT

GET
H3-Q050 200 stoerer3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame 21E1 18 KB
18 KB 8ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/stoerer3.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=252182655&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=257&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=2313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=bwlTHh5nhq&p=https%3A//holm.ru&dtd=261

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4acff57c24e409bbd7c5f1f2660fc6ea316c4d1e4fe2af39c656c00a78a7971c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 554846
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18257
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Tue, 16 Mar 2021 17:09:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Mar 2022 17:09:53 GMT

GET
H3-Q050 200 m1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame 21E1 18 KB
18 KB 9ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/m1.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=252182655&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=257&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=2313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=bwlTHh5nhq&p=https%3A//holm.ru&dtd=261

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60e57c7f7829ba085103c21646e616624a5394948ce84711f041f04e853066cf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 328757
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18009
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Fri, 19 Mar 2021 07:58:02 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Mar 2022 07:58:02 GMT

GET
H3-Q050 200 m3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame 21E1 17 KB
17 KB 9ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/m3.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=252182655&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=257&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=2313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=bwlTHh5nhq&p=https%3A//holm.ru&dtd=261

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af39439984f197376c872227bc359f7a1eeb6369c23cdca3754bcb415f0af64d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 520191
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17428
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Wed, 17 Mar 2021 02:47:28 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 02:47:28 GMT

GET
H3-Q050 200 m2-1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame 21E1 17 KB
17 KB 9ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/m2-1.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=252182655&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=257&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=2313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=bwlTHh5nhq&p=https%3A//holm.ru&dtd=261

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cb8456f6b447cf329c5ccc322c42a80c2ae8573b286b151be7027c2253ca921

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 533630
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17376
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Tue, 16 Mar 2021 23:03:29 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Mar 2022 23:03:29 GMT

GET
H3-Q050 200 maxtra1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame 21E1 2 KB
3 KB 10ms
9ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/maxtra1.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=252182655&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=257&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=2313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=bwlTHh5nhq&p=https%3A//holm.ru&dtd=261

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f12b9249b11a594f39bfa09343bc6d216e64d9861f8de21f328be7fb903377ac

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 250566
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1778
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Sat, 20 Mar 2021 05:41:13 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Mar 2022 05:41:13 GMT

GET
H3-Q050 200 pf.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame 21E1 1 KB
1 KB 10ms
9ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/pf.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=252182655&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=257&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=2313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=bwlTHh5nhq&p=https%3A//holm.ru&dtd=261

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c976135f44cdeee049ca7163fc671c369c7cf1a93de5e1151fc8d8fc6a33b080

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 328757
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1313
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Fri, 19 Mar 2021 07:58:02 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Mar 2022 07:58:02 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 319D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
133 B

14ms
14ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlntn_XZS3_LCwoJ50o0umq4AcvGja0BFOYhNC79YPosXCV5vghafp5bD8QP7g
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 23 Mar 2021 03:17:19 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 23-Mar-2021 04:17:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 23 Mar 2021 03:17:19 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 23 Mar 2021 03:17:19 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5F4A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

14ms
14ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlntn_XZS3_LCwoJ50o0umq4AcvGja0BFOYhNC79YPosXCV5vghafp5bD8QP7g; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 23 Mar 2021 03:17:19 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 23-Mar-2021 04:17:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 23 Mar 2021 03:17:19 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 23 Mar 2021 03:17:19 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame E221 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 14:16:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 133223
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 14:16:56 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C598
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

14ms
14ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=252182655&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=257&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=2313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=bwlTHh5nhq&p=https%3A//holm.ru&dtd=261

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlntn_XZS3_LCwoJ50o0umq4AcvGja0BFOYhNC79YPosXCV5vghafp5bD8QP7g; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 23 Mar 2021 03:17:19 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 23-Mar-2021 04:17:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 23 Mar 2021 03:17:19 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 23 Mar 2021 03:17:19 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6B34
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

21ms
21ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=250&slotname=6162215333&adk=230021152&adf=604429176&pi=t.ma~as.6162215333&w=300&lmt=1529319118&psa=0&format=300x250&url=https%3A%2F%2Fholm.ru%2F&flash=0&wgl=1&dt=1616469437411&bpp=1&bdt=511&idt=190&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=830&ady=2045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5Gvl1DGaGa&p=https%3A//holm.ru&dtd=193

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlntn_XZS3_LCwoJ50o0umq4AcvGja0BFOYhNC79YPosXCV5vghafp5bD8QP7g; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 23 Mar 2021 03:17:19 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 23-Mar-2021 04:17:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 23 Mar 2021 03:17:19 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 23 Mar 2021 03:17:19 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AB82
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

14ms
14ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlntn_XZS3_LCwoJ50o0umq4AcvGja0BFOYhNC79YPosXCV5vghafp5bD8QP7g; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 23 Mar 2021 03:17:19 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 23-Mar-2021 04:17:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 23 Mar 2021 03:17:19 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 23 Mar 2021 03:17:19 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 5917
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEAZls7-nup1bOInLXIEDMlo&google_cver=1&google_push=AQvitUJCIG2VGq_DmNhAyRZAxX_OakUC4UANDc-sn3yJ_QKx7BQya3RYXD3InddfrUwrpNqp25d_km8gusogUfMsTcRWjhPY8g
https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VBWmxzNy1udXAxYk9JbkxYSUVETWxv

170 B
484 B

118ms
86ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VBWmxzNy1udXAxYk9JbkxYSUVETWxv

Requested by

Host: holm.ru
URL: https://holm.ru/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 03:17:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 03:17:19 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VBWmxzNy1udXAxYk9JbkxYSUVETWxv
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 5917
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEGjnNXhmwzRIjLn4E974K4M&google_cver=1&google_push=AQvitULq_CeADbqmDONOy5DyJV8SpwYEqxlsVD-jb3dHzn0DQ3MaXDWU8Ng12cwD4LTImq4cfVl4-LkRJDyrgCAZxmInPKboJQU
https://rtb.openx.net/sync/dds?google_gid=CAESEGjnNXhmwzRIjLn4E974K4M&google_cver=1&google_push=AQvitULq_CeADbqmDONOy5DyJV8SpwYEqxlsVD-jb3dHzn0DQ3MaXDWU8Ng12cwD4LTImq4cfVl4-LkRJDyrgCAZxmInPKboJQU&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULq_CeADbqmDONOy5DyJV8SpwYEqxlsVD-jb3dHzn0DQ3MaXDWU8Ng12cwD4LTImq4cfVl4-LkRJDyrgCAZxmInPKboJQU&google_hm=kv3uaP_6zSIozLuxoE1-2A==

170 B
190 B

35ms
34ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULq_CeADbqmDONOy5DyJV8SpwYEqxlsVD-jb3dHzn0DQ3MaXDWU8Ng12cwD4LTImq4cfVl4-LkRJDyrgCAZxmInPKboJQU&google_hm=kv3uaP_6zSIozLuxoE1-2A==

Requested by

Host: holm.ru
URL: https://holm.ru/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 03:17:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Mar 2021 03:17:19 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULq_CeADbqmDONOy5DyJV8SpwYEqxlsVD-jb3dHzn0DQ3MaXDWU8Ng12cwD4LTImq4cfVl4-LkRJDyrgCAZxmInPKboJQU&google_hm=kv3uaP_6zSIozLuxoE1-2A==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 2pfmtaoil7fq9dccn24nirhucj3die8l

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 5917
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5ypJbeUrTPmVdZhoUvvZqQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
190 B

35ms
34ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5ypJbeUrTPmVdZhoUvvZqQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKXDwb18WOEGZuvNmldY2Q4Wa-V6m27YjKInP1WQkmPL7BkJSOV5VWzv7Bl4t2KqWqNj8JBlf-P86corGPoaU_xYLbsT2I

Requested by

Host: holm.ru
URL: https://holm.ru/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 03:17:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5ypJbeUrTPmVdZhoUvvZqQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKXDwb18WOEGZuvNmldY2Q4Wa-V6m27YjKInP1WQkmPL7BkJSOV5VWzv7Bl4t2KqWqNj8JBlf-P86corGPoaU_xYLbsT2I
Date: Tue, 23 Mar 2021 03:17:20 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 5917
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEODC4jMfvsrySTEUshVTr7E&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEODC4jMfvsrySTEUshVTr7E&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFldv28hpN3__zthvMWOKwAABKYAAAAB&google_cver=1&google_gid=CAESEODC4jMfvsrySTEUshVTr7E&google_push=AQvitUL3h-nx45sZOI2fwI2DUGB9lj0_Xa6Wt...

170 B
190 B

35ms
35ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFldv28hpN3__zthvMWOKwAABKYAAAAB&google_cver=1&google_gid=CAESEODC4jMfvsrySTEUshVTr7E&google_push=AQvitUL3h-nx45sZOI2fwI2DUGB9lj0_Xa6Wta_mbLlY-DCL7xt8UBGr8_FyXpEcjxwFoQhcjG5UbiRH20LQvdB2P-fzmqqXkhc

Requested by

Host: holm.ru
URL: https://holm.ru/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 03:17:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 03:17:19 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFldv28hpN3__zthvMWOKwAABKYAAAAB&google_cver=1&google_gid=CAESEODC4jMfvsrySTEUshVTr7E&google_push=AQvitUL3h-nx45sZOI2fwI2DUGB9lj0_Xa6Wta_mbLlY-DCL7xt8UBGr8_FyXpEcjxwFoQhcjG5UbiRH20LQvdB2P-fzmqqXkhc
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 459
Expires: Tue, 23 Mar 2021 03:17:19 GMT

GET
H2 200 trk
ag.innovid.com/ Frame 5917 43 B
296 B 111ms
19ms Image
image/gif 2a05:d01c:1d8:8100:818d:1690:fda6:a2c4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEGFQaxsb0-8T2cnfi4ZrQwU&google_cver=1&google_push=AQvitULp_jH6YbH2_ok0hKqO-o7ZeDjnYpVRMhP3e3mbfdTAy0-f2PiA0eXIA08EUfNFYorfjpeprgDWtu03gIeWFNye5VbUE5Y
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339133701142661&output=html&h=280&slotname=1111717567&adk=3464641219&adf=2723329071&pi=t.ma~as.1111717567&w=1200&fwrn=4&fwrnh=100&lmt=1529319118&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fholm.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616469437451&bpp=1&bdt=551&idt=293&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C896x280%2C300x250%2C300x250%2C300x250%2C270x600&nras=1&correlator=7616610989144&frm=20&pv=1&ga_vid=833515519.1616469438&ga_sid=1616469438&ga_hid=1881586762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=170&ady=3951&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=4258952092698428&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=nn11tchMnM&p=https%3A//holm.ru&dtd=296
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:818d:1690:fda6:a2c4 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 03:17:19 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 5917
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEIXYoWHJNx_9D6ZAbR0PFnM&google_cver=1&google_push=AQvitUIitINXsum_bAFRHwhT...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIitINXsum_bAFRHwhTpMssH3pk1mPYlec_Qdr7uLmkZ4dWsew9klBhSRlreyloF53dGfblPmcsM_kg2vBBrf3nAxQ6auM&google_hm=

170 B
190 B

44ms
44ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIitINXsum_bAFRHwhTpMssH3pk1mPYlec_Qdr7uLmkZ4dWsew9klBhSRlreyloF53dGfblPmcsM_kg2vBBrf3nAxQ6auM&google_hm=

Requested by

Host: holm.ru
URL: https://holm.ru/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 03:17:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Mar 2021 03:17:19 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIitINXsum_bAFRHwhTpMssH3pk1mPYlec_Qdr7uLmkZ4dWsew9klBhSRlreyloF53dGfblPmcsM_kg2vBBrf3nAxQ6auM&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Mon, 22 Mar 2021 03:17:19 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5917 0
236 B 93ms
32ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KgKntFM_mk07XvzMlrGlU7cOU_iG42R2L9A_bQtGxZ7MLPwmLkCBeKmJv0usME9MQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:17:19 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame BFBA 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 14:16:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 133223
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 14:16:56 GMT

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame FF37 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 14:16:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 133223
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 14:16:56 GMT

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 21E1 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 14:16:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 133223
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 14:16:56 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7025
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

15ms
14ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlntn_XZS3_LCwoJ50o0umq4AcvGja0BFOYhNC79YPosXCV5vghafp5bD8QP7g; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 23 Mar 2021 03:17:19 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 23-Mar-2021 04:17:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 23 Mar 2021 03:17:19 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 23 Mar 2021 03:17:19 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 12F6 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 14:16:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 133223
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 14:16:56 GMT

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame FE91 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 14:16:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 133223
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 14:16:56 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4850 42 B
94 B 26ms
26ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssDV-inAtZz9K-LJrzxK85aiuXBqDPu22eLCxIE8fnjXvJ5t1IcNDJfLquYLe2E2HxdB8Oa2enUpK9fq9dfoX-4zGublUJUdD5NYAjqNdsgk5jbYxzIH_qgMKX7YiLlQzA2R0d_J61-wXAk-1UgjSBR&sai=AMfl-YRADgDFrih9Vs40J98qT88v_vwO1Q9_8fII9haSge_-2vn4_VHAxWjDgR5ixR1wZbp1TutZPaqWI6jBNhttt8klITo82Fr4HKo&sig=Cg0ArKJSzL9vASrb7wZUEAE&cid=CAASF-RoyaB0CRSUr-7ZxTLmimQl21A-4Jpz&id=osdim&mcvt=1133&p=85,1160,625,1430&mtos=1133,1133,1133,1133,1133&tos=1133,0,0,0,0&v=20210319&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=3212866176&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616469437734&dlt=775&rpt=3&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 03:17:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
146 B 15ms
14ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=holm.ru

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 03:17:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
146 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=holm.ru

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 03:17:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A592 42 B
66 B 17ms
17ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssmH3eb41o24BTU-6mt3g2cNL0aQzmNNG72XXwu4GJH7EaydTq9ZQnoj5qdC-R9UMzIGVUNxjtAlwkOh1NaAHJYBmits-upd4t4p54U76c4hdbTHs0VYHdDwhpaCw&sai=AMfl-YQr1_4bdSLArIRS2NGfuVIYkbwqQgC4eJzIqh0ctQbWfb7ySY1x3xal_6rNJ50THsWu5TtZ0ay9Jg6L&sig=Cg0ArKJSzC7VZukO5Fh7EAE&id=osdim&mcvt=1028&p=277,202,557,1098&mtos=1028,1028,1028,1028,1028&tos=1028,0,0,0,0&v=20210319&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=786900664&rs=2&met=mue&la=1&cr=0&osd=1&vs=4&rst=1616469437586&dlt=539&rpt=122&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 03:17:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 461A 156 B
230 B 63ms
62ms XHR
text/xml 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-7094677798399606&slotname=holm-ru&ad_type=video&description_url=http%3A%2F%2Fholm.ru&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&sdkv=h.3.447.1&video_product_type=0&min_ad_duration=0&sz=498x280&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&mpt=videojs-ima&mpv=1.8.0&sdki=44d&adk=2857885619&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fholm.ru%2F21f7060a-0d98-48c4-84f8-292cd3d3a51e&eid=21061893%2C44729226&url=https%3A%2F%2Fholm.ru%2F&dlt=1616469436900&idt=3173&dt=1616469440539&cookie=ID%3D778fff621c0a5231-223e0a9f2ba70046%3AT%3D1616469437%3ART%3D1616469437%3AS%3DALNI_MaDWwqkqL3fAyEJNXvH2YQ1SFPmOg&correlator=3178901630217140&ad_block=1&ged=ve4_td4_tt2_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 03:17:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 17ms
16ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210318&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c94a26645f3dd2cd33a610bbe7a8699d7576a3f903273e1ba2a5ef356caf1e31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 03:17:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6555
x-xss-protection: 0

GET
H/1.1 206
Partial Content news2.ts Show response
h.vdo.ai/videos/categories/ 233 KB
233 KB 115ms
115ms XHR
video/mp2t 51.79.81.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/news2.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.81.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns569753.ip-51-79-81.net
Software: nginx/1.16.1 /
Resource Hash: 90225c8456a96a73e431ece4e40bbb502906967cae661b706a3831130b64f960

Request headers

Referer: https://holm.ru/
vdoai: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=343852-582047

Response headers

Date: Tue, 23 Mar 2021 03:17:20 GMT
Last-Modified: Tue, 04 Aug 2020 05:56:04 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5f28f874-99a964c"
Content-Type: video/mp2t
Content-Range: bytes 343852-582047/161125964
Connection: keep-alive
Content-Length: 238196

OPTIONS
H/1.1 204
No Content news2.ts
h.vdo.ai/videos/categories/ Frame 0
0 115ms
115ms Preflight
text/plain 51.79.81.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/news2.ts
Protocol: HTTP/1.1
Server: 51.79.81.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns569753.ip-51-79-81.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://holm.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Tue, 23 Mar 2021 03:17:20 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:17:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 23 Mar 2021 03:17:20 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 76BC 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://holm.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://holm.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Wed, 17 Mar 2021 18:49:30 GMT
expires: Thu, 17 Mar 2022 18:49:30 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 462470
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
123 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=holm.ru

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 03:17:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
123 B 14ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=holm.ru

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 03:17:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 461A 156 B
136 B 54ms
54ms XHR
text/xml 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-7094677798399606&slotname=holm-ru-mid-2&ad_type=video&description_url=http%3A%2F%2Fholm.ru&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&sdkv=h.3.447.1&video_product_type=0&min_ad_duration=0&sz=498x280&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&mpt=videojs-ima&mpv=1.8.0&sdki=44d&adk=2857885619&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fholm.ru%2F21f7060a-0d98-48c4-84f8-292cd3d3a51e&eid=21061893%2C44729226&url=https%3A%2F%2Fholm.ru%2F&dlt=1616469436900&idt=3173&dt=1616469440635&cookie=ID%3D778fff621c0a5231-223e0a9f2ba70046%3AT%3D1616469437%3ART%3D1616469437%3AS%3DALNI_MaDWwqkqL3fAyEJNXvH2YQ1SFPmOg&correlator=4237543967461526&ad_block=1&ged=ve4_td4_tt2_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 03:17:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 76BC 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 14:16:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 133224
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 14:16:56 GMT

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
344 B 112ms
111ms XHR
text/html 51.79.79.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.79.65 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns568718.ip-51-79-79.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 23 Mar 2021 03:17:20 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=2

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
111 B 15ms
15ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210318&jk=4258952092698428&bg=!Dg2lDUnNAAbUo7L91KM7ACkAdvg8WuBvXXpD_rRzYH6_HT-Jot1Np_GA_rctPdQM1AoxsO1cEJG_pgIAAAB1UgAAAA1oAQcKAOn4XYpH5r54xxLBCDEH_TGzDCoblVzzAWeP3eNLW9deB8ceJD18zHLS4gkdBgudGHMQtGhbUu08V8ZBPXPCvyvc9rFIG6QsOzbsSoBzirSYAQkKP-tpJAQPtIloswZxGhEo89rkOVqOCeEL9s81eCW0PdneIsjJJfmIpzrKZuXI3_3iSUctTfBiO4I-h3dy004rFvlwr97fgfuuS9ZRMEgikoE2X2mr8sFM3ETGbcrcFxUyNADd3w0yZN6hz7NInAVX1XTaA1MLZQt4FhAkLm0ZUMgk6vjXxRwcJq0UdaSHYUXKEdBDWDiyipkBxa1nrklv6mkEEg_Y_UKDcypZaQS5o8h8gg7dPtamNi-qFY1s5_ShFeB9L8TSduRACJERQiXyHXJwplGl02WpseQ2638wJXbjUdWJvXxTnzelEZ6oq1TnPCeUQBjme1kZ1mpKRqLB-LK8Atum-vtYFbkp96y7nfCxTMb8lJbnUeT-7x8v5AqQhdgEvisyzXV5T_Ma48m65qExe9q5LGt-TGTd_jScj623vFNe2JT_bnaFK-7pNJ0ydKIVz7Xtm5X-QlivBybsOiN8TssY3TN1kqff1-TS1xZaWxQ2nmzb6M1vlDvsQ44_PBk4gRkPVIqpzCbgRtUpLY99WbZDX8YJXDJsdpl6Ot6mTX39c_r5uPYvIIwhb0QvlKTUc9uWBHlsC79lYys6U28X70q0gmW64aLZC-su7m6TcXReMMOBEsMXOABqq51Spxh4LlbhElvuRpNo7nkyzIRo8I7kdS1JBrPKZxuSPxQB3wtZPcgJTrKG-NQzWNkImpm1bI7lLUkexEPmxzUjYTGrx-SrRczToj1IzKLLf2cwUg2noncrN4xWt_xFiEwh94RLxXuhVZAHScXa9oo9VvnA-usOIWlqQTrxZh_vVQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 03:17:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content news2.ts Show response
h.vdo.ai/videos/categories/ 293 KB
294 KB 115ms
115ms XHR
video/mp2t 51.79.81.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/news2.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.81.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns569753.ip-51-79-81.net
Software: nginx/1.16.1 /
Resource Hash: 8fa5e6babaad1c27ca828b66bbeb735590e7b698d301ae97ebf631e436c55814

Request headers

Referer: https://holm.ru/
vdoai: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=582048-882471

Response headers

Date: Tue, 23 Mar 2021 03:17:21 GMT
Last-Modified: Tue, 04 Aug 2020 05:56:04 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5f28f874-99a964c"
Content-Type: video/mp2t
Content-Range: bytes 582048-882471/161125964
Connection: keep-alive
Content-Length: 300424

OPTIONS
H/1.1 204
No Content news2.ts
h.vdo.ai/videos/categories/ Frame 0
0 114ms
114ms Preflight
text/plain 51.79.81.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/news2.ts
Protocol: HTTP/1.1
Server: 51.79.81.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns569753.ip-51-79-81.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://holm.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Tue, 23 Mar 2021 03:17:20 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H/1.1 206
Partial Content news2.ts Show response
h.vdo.ai/videos/categories/ 218 KB
219 KB 115ms
115ms XHR
video/mp2t 51.79.81.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/news2.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.81.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns569753.ip-51-79-81.net
Software: nginx/1.16.1 /
Resource Hash: 3466b7656d00411e08dd5ecac2648710967dd6cd41bd84fc07181cbadfb05d45

Request headers

Referer: https://holm.ru/
vdoai: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=882472-1106191

Response headers

Date: Tue, 23 Mar 2021 03:17:21 GMT
Last-Modified: Tue, 04 Aug 2020 05:56:04 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5f28f874-99a964c"
Content-Type: video/mp2t
Content-Range: bytes 882472-1106191/161125964
Connection: keep-alive
Content-Length: 223720

OPTIONS
H/1.1 204
No Content news2.ts
h.vdo.ai/videos/categories/ Frame 0
0 114ms
114ms Preflight
text/plain 51.79.81.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/news2.ts
Protocol: HTTP/1.1
Server: 51.79.81.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns569753.ip-51-79-81.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://holm.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Tue, 23 Mar 2021 03:17:21 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H/1.1 206
Partial Content news2.ts Show response
h.vdo.ai/videos/categories/ 257 KB
257 KB 115ms
115ms XHR
video/mp2t 51.79.81.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/news2.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.81.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns569753.ip-51-79-81.net
Software: nginx/1.16.1 /
Resource Hash: 4282f57042bc131dda57b156d4619530bb6ec2fb5f94b07f000afb9aa83faa18

Request headers

Referer: https://holm.ru/
vdoai: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=1106192-1369015

Response headers

Date: Tue, 23 Mar 2021 03:17:21 GMT
Last-Modified: Tue, 04 Aug 2020 05:56:04 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5f28f874-99a964c"
Content-Type: video/mp2t
Content-Range: bytes 1106192-1369015/161125964
Connection: keep-alive
Content-Length: 262824

OPTIONS
H/1.1 204
No Content news2.ts
h.vdo.ai/videos/categories/ Frame 0
0 115ms
114ms Preflight
text/plain 51.79.81.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/news2.ts
Protocol: HTTP/1.1
Server: 51.79.81.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns569753.ip-51-79-81.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://holm.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Tue, 23 Mar 2021 03:17:21 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H/1.1 206
Partial Content news2.ts Show response
h.vdo.ai/videos/categories/ 314 KB
315 KB 115ms
115ms XHR
video/mp2t 51.79.81.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/news2.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.81.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns569753.ip-51-79-81.net
Software: nginx/1.16.1 /
Resource Hash: 2c3a1ad02c150bb54808fb2aa986e8b0131d822699d774d2b8b91616810b5343

Request headers

Referer: https://holm.ru/
vdoai: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=1369016-1690871

Response headers

Date: Tue, 23 Mar 2021 03:17:21 GMT
Last-Modified: Tue, 04 Aug 2020 05:56:04 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5f28f874-99a964c"
Content-Type: video/mp2t
Content-Range: bytes 1369016-1690871/161125964
Connection: keep-alive
Content-Length: 321856

OPTIONS
H/1.1 204
No Content news2.ts
h.vdo.ai/videos/categories/ Frame 0
0 116ms
116ms Preflight
text/plain 51.79.81.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/news2.ts
Protocol: HTTP/1.1
Server: 51.79.81.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns569753.ip-51-79-81.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://holm.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Tue, 23 Mar 2021 03:17:21 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H/1.1 206
Partial Content news2.ts Show response
h.vdo.ai/videos/categories/ 242 KB
242 KB 115ms
114ms XHR
video/mp2t 51.79.81.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/news2.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.81.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns569753.ip-51-79-81.net
Software: nginx/1.16.1 /
Resource Hash: 8d9d61ac4c116c6819ea28b6be113a17225f1b734536bb5a7058df2485a732ea

Request headers

Referer: https://holm.ru/
vdoai: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=1690872-1938843

Response headers

Date: Tue, 23 Mar 2021 03:17:22 GMT
Last-Modified: Tue, 04 Aug 2020 05:56:04 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5f28f874-99a964c"
Content-Type: video/mp2t
Content-Range: bytes 1690872-1938843/161125964
Connection: keep-alive
Content-Length: 247972

OPTIONS
H/1.1 204
No Content news2.ts
h.vdo.ai/videos/categories/ Frame 0
0 115ms
115ms Preflight
text/plain 51.79.81.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/news2.ts
Protocol: HTTP/1.1
Server: 51.79.81.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns569753.ip-51-79-81.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://holm.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Tue, 23 Mar 2021 03:17:22 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H/1.1 206
Partial Content news2.ts Show response
h.vdo.ai/videos/categories/ 250 KB
250 KB 115ms
115ms XHR
video/mp2t 51.79.81.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/news2.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.81.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns569753.ip-51-79-81.net
Software: nginx/1.16.1 /
Resource Hash: d7993ba8863b6e76a839d2c4ddccee842c4572f9ccd796698708924652630d6d

Request headers

Referer: https://holm.ru/
vdoai: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=1938844-2194335

Response headers

Date: Tue, 23 Mar 2021 03:17:23 GMT
Last-Modified: Tue, 04 Aug 2020 05:56:04 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5f28f874-99a964c"
Content-Type: video/mp2t
Content-Range: bytes 1938844-2194335/161125964
Connection: keep-alive
Content-Length: 255492

OPTIONS
H/1.1 204
No Content news2.ts
h.vdo.ai/videos/categories/ Frame 0
0 114ms
114ms Preflight
text/plain 51.79.81.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/news2.ts
Protocol: HTTP/1.1
Server: 51.79.81.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns569753.ip-51-79-81.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://holm.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Tue, 23 Mar 2021 03:17:23 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

OPTIONS
H/1.1 204
No Content news2.ts
h.vdo.ai/videos/categories/ Frame 0
0 115ms
114ms Preflight
text/plain 51.79.81.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/news2.ts
Protocol: HTTP/1.1
Server: 51.79.81.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns569753.ip-51-79-81.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://holm.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Tue, 23 Mar 2021 03:17:26 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H/1.1 206
Partial Content news2.ts Show response
h.vdo.ai/videos/categories/ 250 KB
250 KB 212ms
212ms XHR
video/mp2t 51.79.81.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/news2.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.81.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns569753.ip-51-79-81.net
Software: nginx/1.16.1 /
Resource Hash: f1ff28e985786835c73f72fefd321f105c36ec40ba66efb45a2f50ee83a31855

Request headers

Referer: https://holm.ru/
vdoai: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=2194336-2450203

Response headers

Date: Tue, 23 Mar 2021 03:17:26 GMT
Last-Modified: Tue, 04 Aug 2020 05:56:04 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5f28f874-99a964c"
Content-Type: video/mp2t
Content-Range: bytes 2194336-2450203/161125964
Connection: keep-alive
Content-Length: 255868

GET
H/1.1 206
Partial Content news2.ts Show response
h.vdo.ai/videos/categories/ 257 KB
257 KB 212ms
211ms XHR
video/mp2t 51.79.81.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/news2.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.81.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns569753.ip-51-79-81.net
Software: nginx/1.16.1 /
Resource Hash: b0cd5050c5cb6bbc24cd6ed1fbc6af294c7739b6865104daeba3c243ef65825b

Request headers

Referer: https://holm.ru/
vdoai: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=2450204-2713403

Response headers

Date: Tue, 23 Mar 2021 03:17:28 GMT
Last-Modified: Tue, 04 Aug 2020 05:56:04 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5f28f874-99a964c"
Content-Type: video/mp2t
Content-Range: bytes 2450204-2713403/161125964
Connection: keep-alive
Content-Length: 263200

OPTIONS
H/1.1 204
No Content news2.ts
h.vdo.ai/videos/categories/ Frame 0
0 115ms
114ms Preflight
text/plain 51.79.81.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/news2.ts
Protocol: HTTP/1.1
Server: 51.79.81.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns569753.ip-51-79-81.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://holm.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Tue, 23 Mar 2021 03:17:28 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FF37 0
121 B 14ms
14ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=html5-mon&a0=layout&f0=layout&s0=0&d0=1333.0000&a1=https&f1=layout_html&s1=0&d1=19.0000&i=500058481656&t=419&c=p&lp=%2Fsadbundle%2F%24csp%253Der3%24%2F5327029394931728737%2F300x250_Motiv_Kueche%2Findex.html&gqi=vV1ZYOq2Jdq3gQetoLCgBw&qqi=CJK3-vS5xe8CFUPhuwgd0CUK-g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 03:17:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
110 B 226ms
154ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://holm.ru
date: Tue, 23 Mar 2021 03:17:30 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
707 B 113ms
38ms XHR
application/json 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://holm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 03:17:30 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.185:80
AN-X-Request-Uuid: b196d589-e3d6-41bd-a0e6-f496a17aa4ed
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://holm.ru
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 206
Partial Content news2.ts Show response
h.vdo.ai/videos/categories/ 264 KB
265 KB 211ms
211ms XHR
video/mp2t 51.79.81.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/news2.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.81.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns569753.ip-51-79-81.net
Software: nginx/1.16.1 /
Resource Hash: 9ee015875311c68a694d9110662117b652475fb8926a10ba6526cbfcdf253a53

Request headers

Referer: https://holm.ru/
vdoai: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=2713404-2983935

Response headers

Date: Tue, 23 Mar 2021 03:17:31 GMT
Last-Modified: Tue, 04 Aug 2020 05:56:04 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5f28f874-99a964c"
Content-Type: video/mp2t
Content-Range: bytes 2713404-2983935/161125964
Connection: keep-alive
Content-Length: 270532

OPTIONS
H/1.1 204
No Content news2.ts
h.vdo.ai/videos/categories/ Frame 0
0 114ms
114ms Preflight
text/plain 51.79.81.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/news2.ts
Protocol: HTTP/1.1
Server: 51.79.81.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns569753.ip-51-79-81.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://holm.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Tue, 23 Mar 2021 03:17:31 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H/1.1 206
Partial Content news2.ts
h.vdo.ai/videos/categories/ 96 KB
0 211ms
211ms XHR
video/mp2t 51.79.81.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/news2.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.81.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns569753.ip-51-79-81.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Referer: https://holm.ru/
vdoai: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=2983936-3245819

Response headers

Date: Tue, 23 Mar 2021 03:17:33 GMT
Last-Modified: Tue, 04 Aug 2020 05:56:04 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5f28f874-99a964c"
Content-Type: video/mp2t
Content-Range: bytes 2983936-3245819/161125964
Connection: keep-alive
Content-Length: 261884

OPTIONS
H/1.1 204
No Content news2.ts
h.vdo.ai/videos/categories/ Frame 0
0 114ms
114ms Preflight
text/plain 51.79.81.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/news2.ts
Protocol: HTTP/1.1
Server: 51.79.81.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns569753.ip-51-79-81.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://holm.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Tue, 23 Mar 2021 03:17:33 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame C7C8 52 KB
17 KB 95ms
34ms Document
text/html 23.218.208.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-187.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://holm.ru/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://holm.ru/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Wed, 24 Mar 2021 03:17:36 GMT
Date: Tue, 23 Mar 2021 03:17:34 GMT
Connection: keep-alive

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 5F06 37 KB
14 KB 91ms
34ms Document
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://holm.ru/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://holm.ru/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=69268
Expires: Tue, 23 Mar 2021 22:32:02 GMT
Date: Tue, 23 Mar 2021 03:17:34 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 5F06 5 KB
6 KB 40ms
39ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=28676200&p=159175&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: edcc9ce20c01a1bcf4cca398ed4bcecb1ffdd9c44caf2a5d0e4e4d9264fed094

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 03:17:34 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame C7C8
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
820 B

48ms
48ms

Script
text/html

185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 03:17:34 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.54:80
AN-X-Request-Uuid: a9e6a569-9ced-43a9-9459-a9c781ee4bed
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 03:17:34 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.103:80
AN-X-Request-Uuid: efebd1e3-6a9c-420b-9ef5-463d858b5e20
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET pubmatic
d5p.de17a.com/getuid/ Frame 378F 0
0

GET usersync.aspx
dis.criteo.com/dis/ Frame 1BCB 0
0

GET pm&gdpr=0&gdpr_consent=
match.prod.bidr.io/cookie-sync/ Frame 68D5 0
0

GET /
dsp.adfarm1.adition.com/cookie/ Frame 3EB1 0
0

GET

pixel
cm.g.doubleclick.net/ Frame 5F06
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lYSx2CVyQKmp8DltYfH_Kg%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lYSx2CVyQKmp8DltYfH_Kg%3D%3D&google_tc=

0
0

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 5F06 95 B
595 B 46ms
24ms Image
image/png 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=9584B1D8-2572-40A9-A9F0-396D61F1FF2A
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 03:17:34 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 634481e859df3240-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 08feaf853b00003240bf8a6000000001

GET info
uipglob.semasio.net/pubmatic/1/ Frame 5F06 0
0

GET p.gif
visitor.fiftyt.com/ Frame 5F06 0
0

GET

pixel
cm.g.doubleclick.net/ Frame 5F06
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTU4NEIxRDgtMjU3Mi00MEE5LUE5RjAtMzk2RDYxRjFGRjJB&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTU4NEIxRDgtMjU3Mi00MEE5LUE5RjAtMzk2RDYxRjFGRjJB&gdpr=0&gdpr_consent=&google_tc=

0
0

GET

pixel
cm.g.doubleclick.net/ Frame 5F06
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=

0
0

GET pubmatic
um.simpli.fi/ Frame 5F06 0
0

GET generic
match.adsrvr.org/track/cmf/ Frame 5F06 0
0

GET match
c1.adform.net/serving/cookie/ Frame 5F06 0
0

GET img
sync.mathtag.com/sync/ Frame 5F06 0
0

GET getuid
ib.adnxs.com/ Frame 5F06 0
0

GET sync
x.bidswitch.net/ Frame 5F06 0
0

GET 9584B1D8-2572-40A9-A9F0-396D61F1FF2A
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 5F06 0
0

GET sync
ups.analytics.yahoo.com/ups/58292/ Frame 5F06 0
0

GET p-5aWVS_roA1dVM.gif
pixel.quantserve.com/pixel/ Frame 5F06 0
0

GET cs
ad.turn.com/r/ Frame 5F06 0
0

GET b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 5F06 0
0

GET pubmaticmatch
match.adsby.bidtheatre.com/ Frame 5F06 0
0

GET pixelSync
pixel-sync.sitescout.com/dmp/ Frame 5F06 0
0

GET current
pubmatic-match.dotomi.com/match/bounce/ Frame 5F06 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: holm.ru
URL: https://holm.ru/

Domain: holm.ru
URL: https://holm.ru/photos/734/11995734/thumb_img-0_300_250.jpg

Domain: holm.ru
URL: https://holm.ru/photos/285/4461285/thumb_img-0_300_250.jpg

Domain: holm.ru
URL: https://holm.ru/photos/941/3689941/thumb_img-0_300_250.jpg

Domain: d5p.de17a.com
URL: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID

Domain: dis.criteo.com
URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=

Domain: dsp.adfarm1.adition.com
URL: https://dsp.adfarm1.adition.com/cookie/?ssp=9

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lYSx2CVyQKmp8DltYfH_Kg%3D%3D&google_tc=

Domain: uipglob.semasio.net
URL: https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=9584B1D8-2572-40A9-A9F0-396D61F1FF2A&sInitiator=external&gdpr=0&gdpr_consent=

Domain: visitor.fiftyt.com
URL: https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=9584B1D8-2572-40A9-A9F0-396D61F1FF2A&gdpr=

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTU4NEIxRDgtMjU3Mi00MEE5LUE5RjAtMzk2RDYxRjFGRjJB&gdpr=0&gdpr_consent=&google_tc=

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=

Domain: um.simpli.fi
URL: https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=

Domain: c1.adform.net
URL: https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=

Domain: sync.mathtag.com
URL: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=

Domain: pr-bh.ybp.yahoo.com
URL: https://pr-bh.ybp.yahoo.com/sync/pubmatic/9584B1D8-2572-40A9-A9F0-396D61F1FF2A?gdpr=0&gdpr_consent=

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9584B1D8-2572-40A9-A9F0-396D61F1FF2A&redir=true&gdpr=0&gdpr_consent=

Domain: pixel.quantserve.com
URL: https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=

Domain: ad.turn.com
URL: https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D

Domain: match.adsby.bidtheatre.com
URL: https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Domain: pixel-sync.sitescout.com
URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=

Domain: pubmatic-match.dotomi.com
URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=9584B1D8-2572-40A9-A9F0-396D61F1FF2A&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 02:22:45	Name: IDE Value: AHWqTUlntn_XZS3_LCwoJ50o0umq4AcvGja0BFOYhNC79YPosXCV5vghafp5bD8QP7g
.holm.ru/	1970-01-19 17:01:09	Name: _gat_gtag_UA_113932176_30 Value: 1
.holm.ru/	1970-01-19 17:02:35	Name: _gid Value: GA1.2.1297932565.1616469438
.holm.ru/	1970-01-20 10:32:21	Name: _ga Value: GA1.2.833515519.1616469438
.doubleclick.net/	1970-01-19 17:01:13	Name: DSID Value: NO_DATA
.holm.ru/	1970-01-20 02:22:45	Name: __gads Value: ID=778fff621c0a5231-223e0a9f2ba70046:T=1616469437:RT=1616469437:S=ALNI_MaDWwqkqL3fAyEJNXvH2YQ1SFPmOg

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://a.vdo.ai/core/assets/rtb.js(Line 4) Message: fun-hooks: referenced 'registerAdserver' but it was never created

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.vdo.ai
acdn.adnxs.com
ad.turn.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
ag.innovid.com
analytics.vdo.ai
c1.adform.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
counter.yadro.ru
d.agkn.com
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
h.vdo.ai
hbopenbid.pubmatic.com
holm.ru
ib.adnxs.com
image6.pubmatic.com
imasdk.googleapis.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
mwzeom.zeotap.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
rtb.openx.net
s0.2mdn.net
s23.h17.ru
ssum-sec.casalemedia.com
sync-tm.everesttech.net
sync.mathtag.com
targeting.vdo.ai
tpc.googlesyndication.com
track.vdo.ai
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
visitor.fiftyt.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ad.turn.com
c1.adform.net
cm.g.doubleclick.net
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
holm.ru
ib.adnxs.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
pixel-sync.sitescout.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
sync-tm.everesttech.net
sync.mathtag.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
visitor.fiftyt.com
x.bidswitch.net
142.250.185.226
142.250.186.34
185.33.221.53
185.64.189.112
185.64.190.78
23.218.208.187
23.218.208.200
23.218.208.246
2606:4700:10::6816:1957
2606:4700:3033::6815:2384
2606:4700:3033::ac43:de92
2606:4700::6810:125e
2606:4700::6810:135e
2a00:1450:4001:800::200a
2a00:1450:4001:802::2003
2a00:1450:4001:802::200e
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2006
2a00:1450:4001:810::200e
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200a
2a05:d01c:1d8:8100:818d:1690:fda6:a2c4
3.125.244.14
35.186.253.211
51.79.79.65
51.79.79.82
51.79.81.39
78.47.205.176
79.137.69.91
88.212.201.210
0170947f463d372320b05ab8f860a69ba7d24868e2d9feead7a8e60744f9deb4
038fd00ffbbdb9ba1ad362c823906aad7a3af5441824c1e5860e0b776eed71c0
0ac2a84edd7b8ec119d4edb1171dba25189ad3f5a223c0c3292481e1d805e52d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d3d3d99ec2d1da823e792b3024b24ae723c89a29d46d9cffe4b1d4ba935c0da
0e3574fa4899114f49a63900b2ac11b900bb852944ab86c0ca72c94fc7f2a3d5
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
134b7f4129a36daa9f8138e83a308f4e4d504629c71ff4b6b5dbe5f52e6322e7
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a74a2095c10491d05b60f33dfbd2e5157ee0a85520f5d5c1e66e14af6c8b535
1baee734b6357d97cc40af6067c06bf8c104dfc13d35492bcfe00e4e831e87a6
1e7ba7486df51b247d667ddfef156c72ed4f149a3693b1ca9be424f2ea680a50
22d9530d0a9f4e89e8f2471cfa2d59c3500c57c0ec17d4684c023175d323798a
234c1252268f1ba1af0370854b572ee3d1b51a590f017642586f9ae5fe3e48a1
2365a3c528465f78fefaf070696aa7e4c2edd24e9735d4dc467cca8fcf6ffd88
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
27b6996a0f7ea420886fcb7b079d023a65391f41b283c92c38b60e8a157d6559
2bafc346d790cb95214543b3f99b58a29e9c020492c68e7121d4dc176463ab9c
2c3a1ad02c150bb54808fb2aa986e8b0131d822699d774d2b8b91616810b5343
2c4f42e925bfc3d0c8fbb885fd85bf99cdcdcdff4f139216c8016fcaf950f406
2d0974a487ae3b5a348c3b5e03b06a2f04d05539f2df31d053e3d5cb6cf43d00
2dccf2eb88b07d4f6e1f7baa889f48105d5db7bf48669cd57301e4f6ef275c9a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ea10cd2c5e962f697e44370fe313ce5563292be875109c9a17ee57d5e4c1c2a
3233cf8492b92a61a68bb7531498a0157010df7b1db56f14db29eaf24c1d891b
3466b7656d00411e08dd5ecac2648710967dd6cd41bd84fc07181cbadfb05d45
35e4564a58a59da1f39f7cf765f01ab538727a6f321a8541e8b15c1262906e6f
3b91268626c0f56872038f97080a543b6658c1d806670c7eea1ec6662d57def6
3c9c1c2091e7a2c0a6b82f0b878f92f0ad0645ec625f28352f4546b33dea0344
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e10684028a44797b734c232e01ae86a2da170d7586b6aacde7df81557ce35eb
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fa191f0798bad44d61ee59928dc469aa9a515998c0a686ebd5e8f55f8fbb8f6
4282f57042bc131dda57b156d4619530bb6ec2fb5f94b07f000afb9aa83faa18
4330215f7a858522e3186202c41b82ae686c8ad2b5d81664eb0f86a067058e85
4358b2cd1a164ed12ec0fb5a7ddb7211dc87f8fe27c9dcc378a7458b4f81d1e7
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
491158614c16e4a767df0f1ddbb82a8462b6ba308b8774c698b82e850a425291
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4ab8d4672e4e6dddaffe2961db019619fddee5fdad48793107e3ef3065239f68
4acff57c24e409bbd7c5f1f2660fc6ea316c4d1e4fe2af39c656c00a78a7971c
4b1538f3665c93fe6374d0935af69398bf0bba5a6197682cac77d853c460d1e1
4bd42f1d8b20ca695bcf55b002c5cb26c1cbaf73e88d2d07c77614e79edfc500
4cd03e384e49c6a03b386ac9028ba6ce6cf8eb63d7a49d069bdec231e50bd5c7
4d1a88d9413ee1ff6bfd3e8a6763ca4703d4898251c4aa49aa2a82527109eb47
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea171e60023ef7c77e4921f88d2a7ce39ea05447b0bbec4d0af23f2ba0278f7
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
4f234281dfee617c79ca0bfdbae7fe72584493411838474daaa6ecdec6500c6e
500fbe6708b05fd4fd5b88241aaf14b26a0babcb601c89adaaefffb3284690c2
5551275c440f2b3b0f1e7a995994b2f816d3528894e522baadc814bc644cebcf
559004a545a13667b7f7b0abdec7892df86ae2d2b36536c76ca37cbbf1b5bccc
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
570faafa1cdab955360c64299317136f485106367d0542796b06ce764248b25a
5ef9cd625272120c403e639ef507c51ac6626688871399831133cfb01b7afb65
5f84ea91c7008513372b2254dbf9434ae540b8adfbbb3d8a420e1e706575d008
60e57c7f7829ba085103c21646e616624a5394948ce84711f041f04e853066cf
6493ea407d79518f1a23cd56abf3877cc95cfef289aa2193e09414befa93915b
6781df54aefbc2b4447cacbcd5686a3223b12fe1287cd2ba89044aa22b327c6c
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6872ccf73a7cae5986d7d38380caea758cb0b7ed8478f61bcf389259d31bbc67
689ffebed00e595d467357dbc014545cc604b9317eef5aeb4d96b32fd12630a6
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cffb86cbaff5c10aac77374271456dc4f0eb96643f9f8bebe14f76d7edd0f53
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74701d1b03dcb606710d7cc01bbf35a36ad5e5e443e33e55894a013f0d65aacf
75ace966726add1583567ab2520409b8f0518c16bda739e5e736450a02c1458d
76edf7cba89e6aef17faf9c197336a37710e6fcd7f5bc093a877f48f1aaee083
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b02cf771b48e21b5a07764fc1da6b91039776afeace02d6bd5cdd67e2aed845
7c26b8c76a0eae84b64ee1eb24b829feaa96d8742155c12e1944aa688da5e9f2
7e456928c0714107f61a13694f7d5b4074727ea93ff796a52256bc485401bed2
7ed273360bf71d3a256fff61814859b6d03bf921712d1d61f6335217cc426129
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88904a0501d3ef2c47b96e0c3e4db135c32d3e8860d51a26f3ea03a438a00cfa
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8d9d61ac4c116c6819ea28b6be113a17225f1b734536bb5a7058df2485a732ea
8de103c7b0e9c0d18261c5d10ffcb20c66403769a36bcf615903c90dc7423a56
8fa5e6babaad1c27ca828b66bbeb735590e7b698d301ae97ebf631e436c55814
8fa78d81b53370f50a66fd8839c55666a21cafbe3afc5f04591450bf64711b1b
90225c8456a96a73e431ece4e40bbb502906967cae661b706a3831130b64f960
911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376
93487fbc3f5cbf777b1442a78454e714bead0cc1f7be495ba52e354b31e773db
955c91bc8b7cf07b01a56d6d37ea40c78cb8334ab0d5f34c6ed787311251755b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b
9c2464add3c699d2be6d7ec889eed8d56ff71327ce4fc9e43955cea79b117fce
9cb8456f6b447cf329c5ccc322c42a80c2ae8573b286b151be7027c2253ca921
9ee015875311c68a694d9110662117b652475fb8926a10ba6526cbfcdf253a53
9f714fe4238276cbacceb8400a76d9c33a9fb83e4abecdc52aebe8ee87772781
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a1bd0c2f4f5db718b4ffad5433658d98981fbb3479ce8c7a2789406d81d15dd5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e464cebbf36496921ff82467583a66f4278682e9178ae84e55095cb5f8a2e9
ab553261f15ad536b044ed22c43686d1f6476f282444e88507a7c40932eb7437
ae7ac02dac97a4d3cfc9e53b94b29e957300756be95d93ac7dbc5c1ff1bd4f8f
af39439984f197376c872227bc359f7a1eeb6369c23cdca3754bcb415f0af64d
b0cd5050c5cb6bbc24cd6ed1fbc6af294c7739b6865104daeba3c243ef65825b
b32fb196b8de979c40886c7230e9d3a39f291f281fdf2e82c99c038607747c48
b4e9f0662db5b733f792eb40c94664b8daf5b09a3cdeb84db992af9450d83630
b6c7cbf1f73d84853fbd1bbdac117a363a9430d28dedc6df8fd6d18bf1461b78
b6fcdd11c229160158b2399cfc0524bd1712b0b24e86e9d3432e5eec78d9e518
b764c324f450755797d5595705fefd357c9ccac1c5346c460a557d6b3dcc95ed
b875df2e781b7289c5d242153ef9bc7318c2b4b8503d617c56de14a5c0e39c6e
babe67d1c1539228202362ae754dc43b8e8a79a290c039b8dbde2c1e319e52d5
bad70c7e07d67ceb285806b4d4f65b376f0861b1389ca4a50e1e08546be531b8
bbd7a9595ff698899be43bd05ec7cda39e9ff255da2655f2885a1d1e626450af
bd02724ce784c8b273e88c3f80dca01a8747634d2155d29790ed2e3660d259a7
bdd7dc76bbaab8db1dd3b2291a9b1b52b1891f1f427984f3ac3c43c85a5044f3
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c0d2bb46c68e084f258f3728375c0351cb47075647142ba7df6f0059ae0b2581
c173158f72f8478a50bca94d075b111635f25cd4b59646513d0770ae28cff66d
c31539634e554313738e0874297e16c00d5e28da811cb6c9a891d7068ca53bb4
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c94a26645f3dd2cd33a610bbe7a8699d7576a3f903273e1ba2a5ef356caf1e31
c976135f44cdeee049ca7163fc671c369c7cf1a93de5e1151fc8d8fc6a33b080
cc150e868bccce8dbdf83d6e3d06638833eeccc2b9735ff6e58aff7c2e604df5
cdf358c3a68450a8a7283e91fe4aeeac26d1d578e8771ad058762e5c00a8038b
ce84035bf0ed746ee3a41247af81a547bf801c8fe89b944da18b8e4065c06204
cee41beb9bd2e324f1d58d2bcdf77a9b4cdbcdcf87dd42b5cef01b636b51eb16
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d24d42a1ac6112cdc1e38f243b6958ab290d5fd8b7e79d0ebcafefec3421d8cb
d29ff1a0d107b4a6a4508c99edb4b7783e2813b98d0a999ac4fbce8915b1cd66
d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc
d417a744e6a944755dc8458b6592c542e2408ab6d847338a6cc2c731d4b36476
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d7993ba8863b6e76a839d2c4ddccee842c4572f9ccd796698708924652630d6d
d7eab1a8b40da1c5bc4647e55ebfc210432a2373ceb71ae566792a0a6e0fbad1
dae5ce5e624eea85dc85a2a36d08fc8accbc68f88e8ea48a5edb82da577aca55
ddadd70ae359b0cfe71ee656a546833549e9bd9b97ceb18aa31df7c78d9a8ee4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e65bba6f45034dbd574e171e181878c40e9c1bcb433cb10dc1a39d482088f5b9
e6bbcc62f3b6a3ada1215006f0f6c04dbcc035efe815caf60e6a26eafc335b7f
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e929a05387abe42a1a3928e798bda2988128c951218482f3c49524dad89232af
e9fec41e2d9737c8a957c1542399d6001813efc30a6cf043157e76ef2245aecc
ea71ddd1753d1dc6fdd910c6f23b77068734e9bb35a39130543ddda996a4617c
eb9895bb7479d7bd4058bfd781fbf1d27d768a4cba2fbfa0be881b9a78c423d4
ebc6da23752a7ca423fc24f860eeffcd71f7491bf11471c5aa1a29815976d173
ecbd12dc7d0c1baa5a2cc90a92de2628daf733d5a195a251a953026c45c6cffc
edcc9ce20c01a1bcf4cca398ed4bcecb1ffdd9c44caf2a5d0e4e4d9264fed094
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f12b9249b11a594f39bfa09343bc6d216e64d9861f8de21f328be7fb903377ac
f1ff28e985786835c73f72fefd321f105c36ec40ba66efb45a2f50ee83a31855
f40fe730cfab95415223eb57cbaf108aa1e9893b475bc74ebf47edad99aaf73f
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
fae0daf2ed8eaf81ca03fe885a992197d2de319e1bc910f36cdfd307f4862ddd
fb1e12ac9d633c7e6ae486f98fb41f44662d371d1af97d44f0400e8478a6f45d
fcb95d01f025f43bc42bf3fc43881bb54d6be8e85fb2fda3469b289e76c7e3fa
fecada96ab8e725d6fa16ee729820d05ecae34ae6cf1d3f94fbca4ed9760775b

holm.ru Open in urlscan Pro 78.47.205.176 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

322 Requests

91 %HTTPS

58 %IPv6

42 Domains

55 Subdomains

35 IPs

7 Countries

7145 kBTransfer

12794 kBSize

6 Cookies

10 Outgoing links

Page URL History

Redirected requests

322 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

holm.ru Open in urlscan Pro
78.47.205.176 Public Scan

Screenshot
Live screenshot

Full Image

322
Requests

91 %
HTTPS

58 %
IPv6

42
Domains

55
Subdomains

35
IPs

7
Countries

7145 kB
Transfer

12794 kB
Size

6
Cookies

322 HTTP transactions
7 data transactions