overe3.ru Open in urlscan Pro
45.130.41.31 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://overe3.ru/
Effective URL:
https://overe3.ru/
Submission: On July 11 via manual (July 11th 2023, 11:05:38 am UTC) from RU — Scanned from DE

Summary HTTP 223 Redirects Behaviour Indicators

Summary

This website contacted 31 IPs in 11 countries across 38 domains to perform 223 HTTP transactions. The main IP is 45.130.41.31, located in Russian Federation and belongs to BEGET-AS, RU. The main domain is overe3.ru.
TLS certificate: Issued by R3 on June 28th 2023. Valid for: 3 months.

This is the only time overe3.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 38	45.130.41.31 45.130.41.31	198610 (BEGET-AS) (BEGET-AS)
9	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	85.192.12.170 85.192.12.170	12695 (DINET-AS) (DINET-AS)
9	95.216.65.102 95.216.65.102	24940 (HETZNER-AS) (HETZNER-AS)
1	85.192.12.173 85.192.12.173	12695 (DINET-AS) (DINET-AS)
11	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
3 9	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
13	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3	193.106.92.202 193.106.92.202	48614 (ITSOFT-AS) (ITSOFT-AS)
8	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
5	85.192.12.174 85.192.12.174	12695 (DINET-AS) (DINET-AS)
1 3	185.15.175.157 185.15.175.157	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
2 2	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
1	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
8	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
39	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
1 3	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
4 24	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3 3	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
5 5	213.155.156.166 213.155.156.166	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
1 2	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
5 6	35.156.96.37 35.156.96.37	16509 (AMAZON-02) (AMAZON-02)
2 2	54.72.130.3 54.72.130.3	16509 (AMAZON-02) (AMAZON-02)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	3.120.19.26 3.120.19.26	16509 (AMAZON-02) (AMAZON-02)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:1672:d30d:b59c:db98	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
1	87.236.16.17 87.236.16.17	198610 (BEGET-AS) (BEGET-AS)
223	31

38 45.130.41.31 (Russian Federation) 1 redirects

ASN198610 (BEGET-AS, RU)
PTR: ssl.wasp.beget.com

overe3.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.192.12.170 (Russian Federation)

ASN12695 (DINET-AS, RU)

h5r2dzdwqk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 95.216.65.102 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: frodo.min.org.ua

newrotatormarch23.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.192.12.173 (Russian Federation)

ASN12695 (DINET-AS, RU)

tat3ayogh6.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.106.92.202 (Russian Federation)

ASN48614 (ITSOFT-AS, RU)
PTR: proboard.ru

prodmp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 85.192.12.174 (Russian Federation)

ASN12695 (DINET-AS, RU)

dmpprof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dprof.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.15.175.157 (Russian Federation) 1 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.191.196 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 142.250.184.226 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.3.30 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 213.155.156.166 (Sweden) 5 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.253 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.89.75 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.156.96.37 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-96-37.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.130.3 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-130-3.eu-west-1.compute.amazonaws.com

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.19.26 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-19-26.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:1672:d30d:b59c:db98 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.236.16.17 (Russian Federation)

ASN198610 (BEGET-AS, RU)
PTR: ssl.leela.beget.com

readone.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	784 KB
38	overe3.ru 1 redirects overe3.ru	2 MB
37	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 254	245 KB
19	gstatic.com fonts.gstatic.com www.gstatic.com	244 KB
9	newrotatormarch23.bid newrotatormarch23.bid — Cisco Umbrella Rank: 222773	40 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	6 KB
8	yastatic.net yastatic.net — Cisco Umbrella Rank: 5573	199 KB
7	google.com adservice.google.com — Cisco Umbrella Rank: 113 www.google.com — Cisco Umbrella Rank: 10	1 KB
7	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 9422	3 KB
6	bidswitch.net 5 redirects x.bidswitch.net — Cisco Umbrella Rank: 359	2 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	337 KB
5	de17a.com 5 redirects d5p.de17a.com — Cisco Umbrella Rank: 5037	1 KB
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 1067 r.turn.com — Cisco Umbrella Rank: 3947	2 KB
4	dmpprof.com dmpprof.com — Cisco Umbrella Rank: 22858	1 KB
4	yandex.ru 1 redirects yandex.ru — Cisco Umbrella Rank: 1687 mc.yandex.ru — Cisco Umbrella Rank: 3245 an.yandex.ru — Cisco Umbrella Rank: 4935	160 KB
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 633	2 KB
3	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 893 s.tribalfusion.com — Cisco Umbrella Rank: 1946	2 KB
3	digitaltarget.ru 1 redirects dmg.digitaltarget.ru — Cisco Umbrella Rank: 21230	1 KB
3	prodmp.ru prodmp.ru — Cisco Umbrella Rank: 55498	444 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1044	2 KB
2	criteo.com dis.criteo.com — Cisco Umbrella Rank: 608	725 B
2	avct.cloud 2 redirects ads.avct.cloud — Cisco Umbrella Rank: 4694	1 KB
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3235	207 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1425	450 B
2	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 857	675 B
2	ctnsnet.com 2 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 44074	1 KB
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 862	825 B
2	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1863	1 KB
1	readone.ru readone.ru	147 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 977	759 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1777	584 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 577	728 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 481	716 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 383	265 B
1	dprof.site dprof.site — Cisco Umbrella Rank: 206150	537 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1129	602 B
1	tat3ayogh6.com tat3ayogh6.com — Cisco Umbrella Rank: 124409	49 KB
1	h5r2dzdwqk.com h5r2dzdwqk.com — Cisco Umbrella Rank: 510855	36 KB
223	38

	Domain	Requested by
39	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
38	overe3.ru	1 redirects overe3.ru
24	cm.g.doubleclick.net	4 redirects overe3.ru googleads.g.doubleclick.net
21	pagead2.googlesyndication.com	overe3.ru pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com overe3.ru googleads.g.doubleclick.net
11	fonts.gstatic.com	fonts.googleapis.com
9	newrotatormarch23.bid	overe3.ru
9	fonts.googleapis.com	overe3.ru googleads.g.doubleclick.net
8	www.gstatic.com	googleads.g.doubleclick.net
8	yastatic.net	yandex.ru
7	mc.yandex.com	2 redirects overe3.ru mc.yandex.ru
6	x.bidswitch.net	5 redirects
6	www.googletagservices.com	googleads.g.doubleclick.net
5	d5p.de17a.com	5 redirects
4	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
4	dmpprof.com	tat3ayogh6.com overe3.ru
3	c1.adform.net	3 redirects
3	dmg.digitaltarget.ru	1 redirects tat3ayogh6.com overe3.ru
3	adservice.google.com	pagead2.googlesyndication.com
3	prodmp.ru	tat3ayogh6.com overe3.ru
2	pm.w55c.net	2 redirects
2	dis.criteo.com	googleads.g.doubleclick.net
2	ads.avct.cloud	2 redirects
2	dclk-match.dotomi.com	googleads.g.doubleclick.net
2	r.turn.com	overe3.ru
2	ad.turn.com	2 redirects
2	sync.teads.tv	1 redirects overe3.ru
2	onetag-sys.com	2 redirects
2	gcm.ctnsnet.com	2 redirects
2	a.tribalfusion.com	1 redirects googleads.g.doubleclick.net
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	ads.betweendigital.com	2 redirects
2	mc.yandex.ru	1 redirects overe3.ru
1	readone.ru	overe3.ru
1	p.rfihub.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	sync.mathtag.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	s.tribalfusion.com	overe3.ru
1	dprof.site	tat3ayogh6.com
1	an.yandex.ru	overe3.ru
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	yandex.ru	overe3.ru
1	tat3ayogh6.com	h5r2dzdwqk.com
1	h5r2dzdwqk.com	overe3.ru
223	46

This site contains no links.

Subject Issuer	Validity	Valid
overe3.ru R3	`2023-06-28` - `2023-09-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
ybz1jsblbv.com R3	`2023-06-16` - `2023-09-14`	3 months	crt.sh
newrotatormarch23.bid R3	`2023-05-19` - `2023-08-17`	3 months	crt.sh
pwrlkyotm.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2023-06-21` - `2023-12-19`	6 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh
prodmp.ru R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2023-02-01` - `2023-08-01`	6 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
dmpprof.com R3	`2023-05-20` - `2023-08-18`	3 months	crt.sh
*.digitaltarget.ru R3	`2023-06-15` - `2023-09-13`	3 months	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-04-08` - `2023-10-07`	6 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
readone.ru R3	`2023-05-25` - `2023-08-23`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://overe3.ru/
Frame ID: 631CB8872591B3579B22D22E8A19EBD9
Requests: 105 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20190131/zrt_lookup.html
Frame ID: E9CEEE75AC74A223C1D82BC0389B420F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&adk=1812271804&adf=3025194257&lmt=1689067909&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fovere3.ru%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073531034&bpp=5&bdt=15953&idt=317&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1709386457570&frm=20&pv=2&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=1&uci=a!1&fsb=1&dtd=357
Frame ID: 89C0786F7779D0A57F1B36CD81501274
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&h=280&adk=1429781565&adf=1653867669&pi=t.aa~a.2326922678~i.13~rp.4&w=670&fwrn=4&fwrnh=100&lmt=1689067909&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9426705499&ad_type=text_image&format=670x280&url=https%3A%2F%2Fovere3.ru%2F&fwr=0&pra=3&rh=168&rw=670&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073532494&bpp=3&bdt=17413&idt=-M&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d5b989245e2fcbc-22098f5226de0078%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MarFxYIZG0BqfYfM-nQk3ElE6WP4A&gpic=UID%3D00000c3baf5158fa%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MYTOTOjFML7KxSCbEjH4KlVRFLAKQ&prev_fmts=0x0&nras=2&correlator=1709386457570&frm=20&pv=1&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1485&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=17Cje1krWo&p=https%3A//overe3.ru&dtd=11
Frame ID: DC162EC36458FC80DBCC148CFAE9E1B8
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&h=280&adk=1429781565&adf=826453495&pi=t.aa~a.2326922678~i.19~rp.4&w=670&fwrn=4&fwrnh=100&lmt=1689067909&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9426705499&ad_type=text_image&format=670x280&url=https%3A%2F%2Fovere3.ru%2F&fwr=0&pra=3&rh=168&rw=670&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073532494&bpp=1&bdt=17413&idt=1&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d5b989245e2fcbc-22098f5226de0078%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MarFxYIZG0BqfYfM-nQk3ElE6WP4A&gpic=UID%3D00000c3baf5158fa%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MYTOTOjFML7KxSCbEjH4KlVRFLAKQ&prev_fmts=0x0%2C670x280&nras=3&correlator=1709386457570&frm=20&pv=1&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1485&ady=1998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=GSKQ2HMEdF&p=https%3A//overe3.ru&dtd=22
Frame ID: C9BBAD79ACC5EAA19733FB08B62094BE
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&h=600&adk=855582837&adf=289116493&pi=t.aa~a.342020180~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1689067909&rafmt=1&to=qs&pwprc=9426705499&format=300x600&url=https%3A%2F%2Fovere3.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073532538&bpp=1&bdt=17458&idt=-M&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d5b989245e2fcbc-22098f5226de0078%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MarFxYIZG0BqfYfM-nQk3ElE6WP4A&gpic=UID%3D00000c3baf5158fa%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MYTOTOjFML7KxSCbEjH4KlVRFLAKQ&prev_fmts=0x0%2C670x280%2C670x280&nras=4&correlator=1709386457570&frm=20&pv=1&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=2245&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=C66t7ZZ5V9&p=https%3A//overe3.ru&dtd=20
Frame ID: 63DBAD78773249961EB09A19F9C7085A
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&h=60&adk=3575611420&adf=1730821504&pi=t.aa~a.1372487962~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689067909&rafmt=1&to=qs&pwprc=9426705499&format=1200x60&url=https%3A%2F%2Fovere3.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073532538&bpp=1&bdt=17458&idt=1&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d5b989245e2fcbc-22098f5226de0078%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MarFxYIZG0BqfYfM-nQk3ElE6WP4A&gpic=UID%3D00000c3baf5158fa%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MYTOTOjFML7KxSCbEjH4KlVRFLAKQ&prev_fmts=0x0%2C670x280%2C670x280%2C300x600&nras=5&correlator=1709386457570&frm=20&pv=1&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1400&ady=3735&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=ZOgG5ttFx7&p=https%3A//overe3.ru&dtd=27
Frame ID: 74A0C2FB4881F011F432608050DD3ED9
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1
Frame ID: F61B24B63C9864A49ECEBCC10DBCF1F3
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1
Frame ID: EAB26361FEFD20868EACFFE2BE763B30
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Frame ID: C746E0269437E0593BE68A4802F035E4
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
Frame ID: 0F6FF2B8C85D319DDB1484B4F7FE8D27
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
Frame ID: 2661201BDD20CC18E61C101EDDA948E0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 22B89617753FCAD248AF938B8CA823A7
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
Frame ID: 594990D5BE0538E0F89101DA0C554BDD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AC55F3DB1B817298F9ECB1343044BA4C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 251E1B183F677B71AC773F814DE5491E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
Frame ID: FE6D7374130E78B5BFCFDE59BB542508
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 991A6443F74EB272B325C885ADD75647
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
Frame ID: 20EED10C1973A4FE6A9F0AF0AF814EE7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
Frame ID: 0A6DB78F95B5050F7DB04E6055A90289
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 188336A7E90FFF4B681AAFC41FE85F0E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 494872E8B2B609DE9A951E44B7B2ABE7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Интернет издание о вере и православной культуре

Page URL History Show full URLs

http://overe3.ru/ HTTP 301
https://overe3.ru/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

223
Requests

88 %
HTTPS

44 %
IPv6

38
Domains

46
Subdomains

31
IPs

11
Countries

3951 kB
Transfer

11113 kB
Size

55
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://overe3.ru/ HTTP 301
https://overe3.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10061.UR_doWG3XNTrmJCpEr55zc1wnjsCjr0ZaBLcRloF4XSb60LjWlMYa998CadqoMxj.W7d0CsqtmDgKHfxZlAQBZTzUmpc%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10061.5GwMmvsw3hpaQpYEgGKccF-JOxvLAk57ntEGbZPEf2WtgK6OOW-QMV4RTC5DjZ_0dBFQzL_fufpw0YG1-6VBIymNr3ZVTMD8xkmvZOMXcZYXu8Dc3HX_JZ9rjOmgJfAr6MJvVrDbmjWQBQNIwd7pN38tL3jSUEhyL9PS4FWGAcg8jVmOcf53rNSs8Rb9hfCuiiSJA56Wk6Ptp60p7Zc-9-AlpXtUMt3IT_0FkqUVXUA%2C.kJe-IpmyjJRbHS4QtTkB78hynhY%2C

Request Chain 84

https://mc.yandex.com/watch/48681353?wmode=7&page-url=https%3A%2F%2Fovere3.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Afp%3A40791%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1074%3Acn%3A1%3Adp%3A0%3Als%3A792247665888%3Ahid%3A588564477%3Az%3A0%3Ai%3A20230711110531%3Aet%3A1689073531%3Ac%3A1%3Arn%3A532988842%3Arqn%3A1%3Au%3A1689073531267902218%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C17261%2C6930%2C13879%2C566%2C0%2C%2C1978%2C15%2C%2C%2C%2C40867%3Aco%3A0%3Acpf%3A1%3Ans%3A1689073490068%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1689073532%3At%3A%D0%98%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%20%D0%B8%D0%B7%D0%B4%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%BE%20%D0%B2%D0%B5%D1%80%D0%B5%20%D0%B8%20%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D1%81%D0%BB%D0%B0%D0%B2%D0%BD%D0%BE%D0%B9%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D1%83%D1%80%D0%B5&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
https://mc.yandex.com/watch/48681353/1?wmode=7&page-url=https%3A%2F%2Fovere3.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Afp%3A40791%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1074%3Acn%3A1%3Adp%3A0%3Als%3A792247665888%3Ahid%3A588564477%3Az%3A0%3Ai%3A20230711110531%3Aet%3A1689073531%3Ac%3A1%3Arn%3A532988842%3Arqn%3A1%3Au%3A1689073531267902218%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C17261%2C6930%2C13879%2C566%2C0%2C%2C1978%2C15%2C%2C%2C%2C40867%3Aco%3A0%3Acpf%3A1%3Ans%3A1689073490068%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1689073532%3At%3A%D0%98%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%20%D0%B8%D0%B7%D0%B4%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%BE%20%D0%B2%D0%B5%D1%80%D0%B5%20%D0%B8%20%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D1%81%D0%BB%D0%B0%D0%B2%D0%BD%D0%BE%D0%B9%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D1%83%D1%80%D0%B5&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

Request Chain 88

https://ads.betweendigital.com/match?bidder_id=44931&callback_url=https%3A%2F%2Fdmpprof.com%2Fmatching%2Fexternal%3Fsid%3D44931%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=44931&callback_url=https%3A%2F%2Fdmpprof.com%2Fmatching%2Fexternal%3Fsid%3D44931%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://dmpprof.com/matching/external?sid=44931&uid=07ef122f-4d93-52c0-828f-7ca9e6224bd5

Request Chain 91

https://dmg.digitaltarget.ru/1/7114/i/i?a=923&e=fb8e0056-c728-4b32-a7d0-09ad724fbf09 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/7114/i/i?call_source=awg&ts=1689073532380&a=923&e=fb8e0056-c728-4b32-a7d0-09ad724fbf09

Request Chain 143

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIkmehr7HxALT3yWjO4iYUo&google_cver=1&google_push=AaAOQGFzmJnzgx2pDTcJg3ogxkFWtlufcJqx__bYed-nRHxRmCu0FbIN3PZVJ1QD_v4e5D-HTt9aBZLjUd6MXPPWVw2MLge7DJI94Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGFzmJnzgx2pDTcJg3ogxkFWtlufcJqx__bYed-nRHxRmCu0FbIN3PZVJ1QD_v4e5D-HTt9aBZLjUd6MXPPWVw2MLge7DJI94Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIkmehr7HxALT3yWjO4iYUo&google_cver=1&google_push=AaAOQGFzmJnzgx2pDTcJg3ogxkFWtlufcJqx__bYed-nRHxRmCu0FbIN3PZVJ1QD_v4e5D-HTt9aBZLjUd6MXPPWVw2MLge7DJI94Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGFzmJnzgx2pDTcJg3ogxkFWtlufcJqx__bYed-nRHxRmCu0FbIN3PZVJ1QD_v4e5D-HTt9aBZLjUd6MXPPWVw2MLge7DJI94Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 144

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEOQTTK2-0RL65NCoviwjIwI&google_cver=1&google_push=AaAOQGGOe8kMT5ePX1_-x7pqhsjXiEQHwYZzPARrXaN_PqWF3wVPFrAq0sPNqjbSIDjhQozFcTiSBl583eyGOYdceLAyNGifB3Qtfg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGGOe8kMT5ePX1_-x7pqhsjXiEQHwYZzPARrXaN_PqWF3wVPFrAq0sPNqjbSIDjhQozFcTiSBl583eyGOYdceLAyNGifB3Qtfg&google_hm=unHzKuqbToyXaLWdrC1s0bc

Request Chain 145

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDMpNswKZBV1f6qinmf7xE0&google_cver=1&google_push=AaAOQGFW1qXdor7FETNRUvYZQoZoI-GfKKOCocyy4ztjKs-KO8X8v2VrxhvRaAUzisaHO0ssc-ggYib-CvdlnndVwYjKUokgsBJuSg HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDMpNswKZBV1f6qinmf7xE0&google_cver=1&google_push=AaAOQGFW1qXdor7FETNRUvYZQoZoI-GfKKOCocyy4ztjKs-KO8X8v2VrxhvRaAUzisaHO0ssc-ggYib-CvdlnndVwYjKUokgsBJuSg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODM3OTA3Mzg0MDIwNzAyNDIxOA&google_push=AaAOQGFW1qXdor7FETNRUvYZQoZoI-GfKKOCocyy4ztjKs-KO8X8v2VrxhvRaAUzisaHO0ssc-ggYib-CvdlnndVwYjKUokgsBJuSg

Request Chain 146

https://d5p.de17a.com/cookies/google?google_gid=CAESEOTOEVaEaFLH2Kzo0wIXo-c&google_cver=1&google_push=AaAOQGHhGGJC9uo5bgllhLYKm_eS4PB1dmJPWnMOdpu53FcDArkef8MA_BscnRReXbukVLVUxYkLJqDjVfwn76Ma47cteaH_lHSsJw HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOTOEVaEaFLH2Kzo0wIXo-c&google_cver=1&google_push=AaAOQGHhGGJC9uo5bgllhLYKm_eS4PB1dmJPWnMOdpu53FcDArkef8MA_BscnRReXbukVLVUxYkLJqDjVfwn76Ma47cteaH_lHSsJw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGHhGGJC9uo5bgllhLYKm_eS4PB1dmJPWnMOdpu53FcDArkef8MA_BscnRReXbukVLVUxYkLJqDjVfwn76Ma47cteaH_lHSsJw

Request Chain 147

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEO0lLG7hz3L_J6vDR63AqYk&google_cver=1&google_push=AaAOQGH_oy0p5UI7BAcWf6eMTELBe_c9FWK2DsZboPMqildxDh5Apk3CNoGgnu9zZqLXz6PUtSczGsl9CToVOWO6uCQz8Jd3axgR3Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGH_oy0p5UI7BAcWf6eMTELBe_c9FWK2DsZboPMqildxDh5Apk3CNoGgnu9zZqLXz6PUtSczGsl9CToVOWO6uCQz8Jd3axgR3Q

Request Chain 148

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEC7mnUCs1KRQLHsaP4tTGtI&google_cver=1&google_push=AaAOQGHWQNxW3w_66UczMSO8fyGAIg1824MZuLlWRmhQOEFqjyl9-_dN1MpMxe-UR6OzdLvKbAfu1O_fo6Co6-4Sx8zLNBP6Z0L-eg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGHWQNxW3w_66UczMSO8fyGAIg1824MZuLlWRmhQOEFqjyl9-_dN1MpMxe-UR6OzdLvKbAfu1O_fo6Co6-4Sx8zLNBP6Z0L-eg HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 179

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEIU3kSaxlgzz7MYnYxIamAo&google_cver=1&google_push=AaAOQGFaHDqQM5HZG87czBCHAQcf_v2F63FM2JEfEFkZFrG1tiFPBSEm5yeMAdHIkbxGY0nkaMFq8ee1JHH2J43nDa4GjLqv_4CwK5E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzA5MDYxNDE4NDAwOTA4NTU0NQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEN1Pz2itilvJR4Ef3JnrNw0&google_cver=1

Request Chain 180

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENNw9i_rKvhLmdUtKf0HKco&google_cver=1&google_push=AaAOQGG653I8bFYQMwg7GLKLcfrR0WDSJ8_i_p5YJ1_kPcZE3ZuRN0Ha66aUVaP38Bd57c10GPeQDPui3gvz3WD5dodGME0eeCOvKw HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AaAOQGG653I8bFYQMwg7GLKLcfrR0WDSJ8_i_p5YJ1_kPcZE3ZuRN0Ha66aUVaP38Bd57c10GPeQDPui3gvz3WD5dodGME0eeCOvKw&google_hm=FQ5nTIsF2VOe6ertmSYDdg

Request Chain 182

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEE4drjUeKb7kBpiwYXW3GLI&google_cver=1&google_push=AaAOQGHgJd7pIqA_z6QEpFE-l5uO4dVWiiojRC8LialxuluoC0ecbkI7GmAxq8M1ZEX-b4zwKYozF_xsvVUeaOnZsR6ShgIOKGln4TQ HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEE4drjUeKb7kBpiwYXW3GLI&google_cver=1&google_push=AaAOQGHgJd7pIqA_z6QEpFE-l5uO4dVWiiojRC8LialxuluoC0ecbkI7GmAxq8M1ZEX-b4zwKYozF_xsvVUeaOnZsR6ShgIOKGln4TQ HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=95bf75d6-8953-4817-926a-5c090b4afca7&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGG6wIWKiMF04fxi1Q1czQTardGpfKwq6qMJYP3sq9TUu-BrcDYIJH5XmCRsq0dTgsN68ucCuR0hNeC9_q6fS8rufS3wJuQqrA&google_hm=b1TqBJFrRCK0zirBm48irA==

Request Chain 183

https://d5p.de17a.com/cookies/google?google_gid=CAESEDGeTw97nN0PvJe1FfL7xu0&google_cver=1&google_push=AaAOQGF9NnSJBdEiUfLkFAshcQC5gYOvufhbWhYOZ9ZIJAuHbRyZz7467SmmJ-q1UkmkRqfODShBQTaLbVE_L4uLnarlSo4QHkPLNQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGF9NnSJBdEiUfLkFAshcQC5gYOvufhbWhYOZ9ZIJAuHbRyZz7467SmmJ-q1UkmkRqfODShBQTaLbVE_L4uLnarlSo4QHkPLNQ

Request Chain 185

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGsgCwkxbOmIjYhVbsq6WWQ&google_cver=1&google_push=AaAOQGGyq5tVEiEasHIJq9YEpdg4NRtBHDZjIOSI15Pxfa7TFHURZ61Tqn0PHFPf7SZl-8CLVspAQFVAKhaSi2L7ngBk5msdqTpJMA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGGyq5tVEiEasHIJq9YEpdg4NRtBHDZjIOSI15Pxfa7TFHURZ61Tqn0PHFPf7SZl-8CLVspAQFVAKhaSi2L7ngBk5msdqTpJMA

Request Chain 190

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEG00TPdbjB1E1rZMwwCKKK4&google_cver=1&google_push=AaAOQGGypRDe8DZhmCFfxIAcg54ZH8cmiIEbByo3hQeGsMVkh8DyDzjzEoRFoqMWnln0dnRETT90y20U5KnmsZyLH4V_DOpIaHY2hA HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEG00TPdbjB1E1rZMwwCKKK4&google_cver=1&google_push=AaAOQGGypRDe8DZhmCFfxIAcg54ZH8cmiIEbByo3hQeGsMVkh8DyDzjzEoRFoqMWnln0dnRETT90y20U5KnmsZyLH4V_DOpIaHY2hA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VnNsNlZoS1UxUWpiYnY1&google_gid=CAESEG00TPdbjB1E1rZMwwCKKK4&google_cver=1&google_push=AaAOQGGypRDe8DZhmCFfxIAcg54ZH8cmiIEbByo3hQeGsMVkh8DyDzjzEoRFoqMWnln0dnRETT90y20U5KnmsZyLH4V_DOpIaHY2hA

Request Chain 192

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEOYTK00DOjjkJsc29ovwDPk&google_cver=1&google_push=AaAOQGGzRKk7uAW2duaA5YE_KFgGOn-x8pWGqwh9RDmbtNdwevey_vM_g3qducQZUoREgs90ORCm7Qdl-EtCckIalEeebvZGBxi5EA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGGzRKk7uAW2duaA5YE_KFgGOn-x8pWGqwh9RDmbtNdwevey_vM_g3qducQZUoREgs90ORCm7Qdl-EtCckIalEeebvZGBxi5EA&google_hm=unHzKuqbToyXaLWdrC1s0bc

Request Chain 193

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIr9LdSvLCkH7pVmzAVl0sY&google_cver=1&google_push=AaAOQGF_RKv7fEI1jTMCjImh62wVTgPugTZYPhJkmAN7K459HTdYxRSg8YJ3tUen94jIBFMEM_Do2bcWABvF1ISUxbRW3uylyWLvxA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGF_RKv7fEI1jTMCjImh62wVTgPugTZYPhJkmAN7K459HTdYxRSg8YJ3tUen94jIBFMEM_Do2bcWABvF1ISUxbRW3uylyWLvxA&google_hm=eS1URC5MZnRKRTJwRVFUX193UDViamxOdEZhRTBhZkc4U35B

Request Chain 194

https://d5p.de17a.com/cookies/google?google_gid=CAESEJU6mCfcs9iFlpo4rgCGwFI&google_cver=1&google_push=AaAOQGEIDNwnjtasRX8iPorU8k1sXVZo7Opm4-MH1CfXL4SvNob4DobkOAjTlO2GshnryusSY4AzUPsMepyak8UP-b7L1xOOg-0E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGEIDNwnjtasRX8iPorU8k1sXVZo7Opm4-MH1CfXL4SvNob4DobkOAjTlO2GshnryusSY4AzUPsMepyak8UP-b7L1xOOg-0E

Request Chain 196

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEChW5ftruhoDr9KJKF2Sao&google_cver=1&google_push=AaAOQGG_FkNar1kUSad25levDtzvvzIBKjBibY8q-1AnWegvhqQyD4SikDsrHd8G9uCvxC6ijlpuFidY1y-HI7BxxKjFq3myGHYnBw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODM3OTA3Mzg0MDIwNzAyNDIxOA&google_push=AaAOQGG_FkNar1kUSad25levDtzvvzIBKjBibY8q-1AnWegvhqQyD4SikDsrHd8G9uCvxC6ijlpuFidY1y-HI7BxxKjFq3myGHYnBw

Request Chain 215

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEN1Pz2itilvJR4Ef3JnrNw0&google_cver=1&google_push=AaAOQGF9KvWFwzKwSAPuoW9M57NngcwWOdOmxzJJ5Wvuno9JHsB13KyTx4jd6LhL6-Z_9Cdwkg2o0OtG9CD6nMLX18HedczyYwd39A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzA5MDYxNDE4NDAwOTA4NTU0NQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEN1Pz2itilvJR4Ef3JnrNw0&google_cver=1

Request Chain 217

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEH5VRl9KoAQvun4zV5ZQW78&google_cver=1&google_push=AaAOQGH7_5Wl-Yxf8bA7t7UEPrBr_qneczXsFK31SpC0siAIiRGS79ZfejnMvCCmfmtFHimFl8ip4hAxPe_BAULidxrQoh2Ia1D- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGH7_5Wl-Yxf8bA7t7UEPrBr_qneczXsFK31SpC0siAIiRGS79ZfejnMvCCmfmtFHimFl8ip4hAxPe_BAULidxrQoh2Ia1D-

Request Chain 219

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEEBiwIj74RUrqn1v8qXPM9I&google_cver=1&google_push=AaAOQGEuV6lEKIK0rq9mg11-uUlKWgm81EzA3PxChkI3gaY04ipuYqlwVIn6NbNd6SNOQ4oryA3OowUPWRxXr5BQBKR4MKo0BcMK HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1NDUxNTU4OTA3NTM2ODA3OQ%3D%3D&google_push=AaAOQGEuV6lEKIK0rq9mg11-uUlKWgm81EzA3PxChkI3gaY04ipuYqlwVIn6NbNd6SNOQ4oryA3OowUPWRxXr5BQBKR4MKo0BcMK

Request Chain 220

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEINXLaq-3GF7oQqVCUIfh5Y&google_cver=1&google_push=AaAOQGG6wIWKiMF04fxi1Q1czQTardGpfKwq6qMJYP3sq9TUu-BrcDYIJH5XmCRsq0dTgsN68ucCuR0hNeC9_q6fS8rufS3wJuQqrA HTTP 302
https://p.rfihub.com/cm?in=1&pub=20513&ssp=google&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084926077340369&expires=30&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=b1TqBJFrRCK0zirBm48irA== HTTP 302
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEINXLaq-3GF7oQqVCUIfh5Y&google_cver=1

Request Chain 221

https://d5p.de17a.com/cookies/google?google_gid=CAESEFpFACO52KzPoZYwFQO8U1g&google_cver=1&google_push=AaAOQGHbQ70BIdlSlsmz39NLjkml-2AxymlwY7V96yOA3rUDXhFsoxrZEnlq5s5myMVBpbgil8DtmzDmgxLrtWoAMHNdY1W18mMjzQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGHbQ70BIdlSlsmz39NLjkml-2AxymlwY7V96yOA3rUDXhFsoxrZEnlq5s5myMVBpbgil8DtmzDmgxLrtWoAMHNdY1W18mMjzQ

223 HTTP transactions
18 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
overe3.ru/
Redirect Chain

http://overe3.ru/
https://overe3.ru/

220 KB
46 KB

24444ms
6931ms

Document
text/html

45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://overe3.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wasp.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 1716eb29cf92580442f3a3885245dbafda66b7ab8d270a71dafbe61970f5b879

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=3, must-revalidate
content-encoding: gzip
content-length: 46944
content-type: text/html; charset=UTF-8
date: Tue, 11 Jul 2023 11:05:08 GMT
expires: Tue, 11 Jul 2023 11:05:11 GMT
last-modified: Tue, 11 Jul 2023 09:31:49 GMT
server: nginx-reuseport/1.21.1
vary: Accept-Encoding,Cookie

Redirect headers

Connection: keep-alive
Content-Length: 179
Content-Type: text/html
Date: Tue, 11 Jul 2023 11:04:50 GMT
Keep-Alive: timeout=30
Location: https://overe3.ru/
Server: nginx-reuseport/1.21.1

GET
H2 200 gx9d.js Show response
overe3.ru/wp-content/ 67 KB
19 KB 14079ms
14076ms Script
application/x-javascript 45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://overe3.ru/wp-content/gx9d.js?ver=1.0.2
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wasp.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 9f7a309d243dd167699e87b914e376ffcdfe8aa2cbf86b825cf7596470d2c040

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:16 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 10:57:09 GMT
server: nginx-reuseport/1.21.1
etag: W/"64ad3585-10dab"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 18 Jul 2023 11:05:16 GMT

GET
H2 200 classic-themes.min.css
overe3.ru/wp-includes/css/ 217 B
382 B 14079ms
14076ms Stylesheet
text/css 45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://overe3.ru/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wasp.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:16 GMT
content-encoding: gzip
last-modified: Thu, 02 Mar 2023 10:43:21 GMT
server: nginx-reuseport/1.21.1
etag: W/"64007dc9-d9"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Tue, 18 Jul 2023 11:05:16 GMT

GET
H2 200 main.min.css
overe3.ru/wp-content/plugins/anycomment/static/css/ 69 KB
9 KB 14079ms
14077ms Stylesheet
text/css 45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://overe3.ru/wp-content/plugins/anycomment/static/css/main.min.css?ver=9b87b6e21a74caabf02f75b28bb0fb66
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wasp.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 5b5341393971c81247922fd4d8cf9edde8bd0c9ee6bb4f5b41e8d6eeb4bbff45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:16 GMT
content-encoding: gzip
last-modified: Sat, 14 May 2022 21:14:51 GMT
server: nginx-reuseport/1.21.1
etag: W/"62801bcb-115d4"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Tue, 18 Jul 2023 11:05:16 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
816 B 241ms
171ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans%3A400%2C700&subset=cyrillic&display=swap&ver=6.1.3

Requested by

Host: overe3.ru
URL: https://overe3.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b54e1dcd6fb510eb1593d73cd90e25ac18345cb380431874d7d66ad49fcd397a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jul 2023 11:05:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jul 2023 10:54:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jul 2023 11:05:15 GMT

GET
H2 200 colors.php
overe3.ru/wp-content/plugins/bg-orthodox-calendar/css/ 3 KB
3 KB 15663ms
15660ms Stylesheet
text/css 45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://overe3.ru/wp-content/plugins/bg-orthodox-calendar/css/colors.php?ver=0.13.10
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wasp.beget.com
Software: nginx-reuseport/1.21.1 / PHP/7.4.33
Resource Hash: cacb67f6bb02ffdb9aa28f11ff9353c0863f365ee4a09cecff4cbe0d3df6690f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:17 GMT
server: nginx-reuseport/1.21.1
x-powered-by: PHP/7.4.33
content-length: 2940
vary: Accept-Encoding,Cookie
content-type: text/css; charset: UTF-8;charset=UTF-8

GET
H2 200 main.css
overe3.ru/wp-content/plugins/pupuper-swiper/css/ 11 KB
2 KB 14079ms
14077ms Stylesheet
text/css 45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://overe3.ru/wp-content/plugins/pupuper-swiper/css/main.css?ver=1689067908
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wasp.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 3c71a29d865e5c8fa5146ac5ec15a4bb742f6e92d2bd2f35dd9e1451db842cea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:16 GMT
content-encoding: gzip
last-modified: Fri, 13 May 2022 05:32:24 GMT
server: nginx-reuseport/1.21.1
etag: W/"627ded68-2bad"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Tue, 18 Jul 2023 11:05:16 GMT

GET
H2 200 frontend.min.css
overe3.ru/wp-content/plugins/wp-user-avatar/assets/css/ 101 KB
15 KB 14080ms
14077ms Stylesheet
text/css 45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://overe3.ru/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css?ver=4.12.0
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wasp.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 80a2d7122993ca65b09a265a92ab7275d283afa3edeca1c735f37b0b05490fad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:16 GMT
content-encoding: gzip
last-modified: Mon, 10 Jul 2023 21:14:55 GMT
server: nginx-reuseport/1.21.1
etag: W/"64ac74cf-19578"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Tue, 18 Jul 2023 11:05:16 GMT

GET
H2 200 flatpickr.min.css
overe3.ru/wp-content/plugins/wp-user-avatar/assets/flatpickr/ 14 KB
3 KB 14080ms
14078ms Stylesheet
text/css 45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://overe3.ru/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css?ver=4.12.0
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wasp.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 3668f6d335416599574fb1f336cbd2b9bb2f8fcff63e63a9ca3b68df4d0c6165

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:16 GMT
content-encoding: gzip
last-modified: Mon, 10 Jul 2023 21:14:55 GMT
server: nginx-reuseport/1.21.1
etag: W/"64ac74cf-3601"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Tue, 18 Jul 2023 11:05:16 GMT

GET
H2 200 select2.min.css
overe3.ru/wp-content/plugins/wp-user-avatar/assets/select2/ 15 KB
2 KB 14080ms
14078ms Stylesheet
text/css 45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://overe3.ru/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css?ver=6.1.3
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wasp.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:16 GMT
content-encoding: gzip
last-modified: Mon, 10 Jul 2023 21:14:55 GMT
server: nginx-reuseport/1.21.1
etag: W/"64ac74cf-3a75"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Tue, 18 Jul 2023 11:05:16 GMT

GET
H2 200 pagenavi-css.css
overe3.ru/wp-content/plugins/wp-pagenavi/ 374 B
433 B 14081ms
14078ms Stylesheet
text/css 45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://overe3.ru/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wasp.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:16 GMT
content-encoding: gzip
last-modified: Sat, 06 May 2023 21:14:16 GMT
server: nginx-reuseport/1.21.1
etag: W/"6456c328-176"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Tue, 18 Jul 2023 11:05:16 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 239ms
170ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap&ver=6.1.3

Requested by

Host: overe3.ru
URL: https://overe3.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

626c91a33d665410e0e0cfbca6f571dc84132a5271a4d8db5eab22511e031e62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jul 2023 11:05:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jul 2023 10:35:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jul 2023 11:05:15 GMT

GET
H2 200 style.min.css
overe3.ru/wp-content/themes/root/assets/css/ 162 KB
32 KB 14081ms
14079ms Stylesheet
text/css 45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://overe3.ru/wp-content/themes/root/assets/css/style.min.css?ver=3.1.1
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wasp.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 62ed8e910abb843108e9c7058885b24001beb80e8af008bdaac9d34a4db2902f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:16 GMT
content-encoding: gzip
last-modified: Tue, 15 Feb 2022 10:03:09 GMT
server: nginx-reuseport/1.21.1
etag: W/"620b7a5d-28664"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Tue, 18 Jul 2023 11:05:16 GMT

GET
H2 200 jquery.min.js Show response
overe3.ru/wp-includes/js/jquery/ 88 KB
31 KB 14081ms
14079ms Script
application/x-javascript 45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://overe3.ru/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wasp.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:16 GMT
content-encoding: gzip
last-modified: Thu, 02 Mar 2023 10:43:23 GMT
server: nginx-reuseport/1.21.1
etag: W/"64007dcb-15e54"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 18 Jul 2023 11:05:16 GMT

GET
H2 200 flatpickr.min.js Show response
overe3.ru/wp-content/plugins/wp-user-avatar/assets/flatpickr/ 49 KB
14 KB 14081ms
14080ms Script
application/x-javascript 45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://overe3.ru/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=4.12.0
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wasp.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: ddbda21655c0c2cb09913a9e33d856a8b8f3e1eae610cdbda8524def2dc71f7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:16 GMT
content-encoding: gzip
last-modified: Mon, 10 Jul 2023 21:14:55 GMT
server: nginx-reuseport/1.21.1
etag: W/"64ac74cf-c5a4"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 18 Jul 2023 11:05:16 GMT

GET
H2 200 select2.min.js Show response
overe3.ru/wp-content/plugins/wp-user-avatar/assets/select2/ 69 KB
20 KB 14082ms
14080ms Script
application/x-javascript 45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://overe3.ru/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=4.12.0
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wasp.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:16 GMT
content-encoding: gzip
last-modified: Mon, 10 Jul 2023 21:14:55 GMT
server: nginx-reuseport/1.21.1
etag: W/"64ac74cf-114c3"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 18 Jul 2023 11:05:16 GMT

GET
H2 200 sh.min.js Show response
overe3.ru/wp-content/plugins/seohide/public/js/ 638 B
606 B 14082ms
14080ms Script
application/x-javascript 45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://overe3.ru/wp-content/plugins/seohide/public/js/sh.min.js?ver=2.0.0
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wasp.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 7fcbd2ac6d4863e2e79faee8bb9d556853cef4a8d7ba54c4dbbb0765676ed5a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:16 GMT
content-encoding: gzip
last-modified: Mon, 08 Nov 2021 11:59:39 GMT
server: nginx-reuseport/1.21.1
etag: W/"6189112b-27e"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 18 Jul 2023 11:05:16 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
48 KB 159ms
78ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1078854029118585

Requested by

Host: overe3.ru
URL: https://overe3.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c665f123559bae09e9fdeb6018f7970d474372465f2adfd1fdd23c31f455532e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://overe3.ru/
Origin: https://overe3.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49184
x-xss-protection: 0
server: cafe
etag: 6988844485653180904
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 11 Jul 2023 11:05:30 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 182ms
102ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9841230704717868

Requested by

Host: overe3.ru
URL: https://overe3.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9d716eaa956004f53b8d45ed30097126b8890056a42a8c3f3efd52a0710c1e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://overe3.ru/
Origin: https://overe3.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50432
x-xss-protection: 0
server: cafe
etag: 11585509391127789575
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 11 Jul 2023 11:05:30 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 175ms
95ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4341424203278475

Requested by

Host: overe3.ru
URL: https://overe3.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4f7cda9613b25856f0ae446949cecca7c76b113056d11a0f186b5c1e583468a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://overe3.ru/
Origin: https://overe3.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50649
x-xss-protection: 0
server: cafe
etag: 12491499149628379187
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 11 Jul 2023 11:05:30 GMT

GET
H2 200 script.js Show response
h5r2dzdwqk.com/ 100 KB
36 KB 1044ms
593ms Script
application/javascript 85.192.12.170
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://h5r2dzdwqk.com/script.js
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.192.12.170 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2da017bc1dec28e5efe3973e21abf284a1c83b2fca72440179cd091eb1a2fac1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:16 GMT
content-encoding: gzip
server: nginx/1.18.0
x-adsbid-request: yg03w31azu5t
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800

GET
H2 200 gx9d.json Show response
newrotatormarch23.bid/ 60 B
270 B 292ms
150ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://newrotatormarch23.bid/gx9d.json

Requested by

Host: overe3.ru
URL: https://overe3.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

c2fa5152950dfa866f8a50656f399ce5d74ced029928bd9d398b814480aef3e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://overe3.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 11 Jul 2023 11:05:15 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 gx9d.min.js Show response
newrotatormarch23.bid/ 67 KB
19 KB 356ms
214ms XHR
text/javascript 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://newrotatormarch23.bid/gx9d.min.js

Requested by

Host: overe3.ru
URL: https://overe3.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

9f7a309d243dd167699e87b914e376ffcdfe8aa2cbf86b825cf7596470d2c040

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://overe3.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 11 Jul 2023 11:05:15 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
duration: 993715
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=300
access-control-allow-headers: *
expires: Tue, 11-Jul-2023 14:10:15 EEST

GET
H2 200 gx9d.min.js Show response
newrotatormarch23.bid/ 67 KB
19 KB 210ms
102ms Script
text/javascript 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://newrotatormarch23.bid/gx9d.min.js?28d6038

Requested by

Host: overe3.ru
URL: https://overe3.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

9f7a309d243dd167699e87b914e376ffcdfe8aa2cbf86b825cf7596470d2c040

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:30 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
duration: 415633
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=300
access-control-allow-headers: *
expires: Tue, 11-Jul-2023 14:10:30 EEST

GET
H2 200 fontawesome-webfont.ttf
overe3.ru/wp-content/themes/root/fonts/ 162 KB
162 KB 14246ms
14245ms Font
application/octet-stream 45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://overe3.ru/wp-content/themes/root/fonts/fontawesome-webfont.ttf
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wasp.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8

Request headers

Referer: https://overe3.ru/
Origin: https://overe3.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:16 GMT
last-modified: Tue, 15 Feb 2022 10:03:09 GMT
server: nginx-reuseport/1.21.1
etag: "620b7a5d-286ac"
content-type: application/octet-stream
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 165548
expires: Thu, 10 Aug 2023 11:05:16 GMT

GET
H2 200 main.min.js Show response
overe3.ru/wp-content/plugins/anycomment/static/js/ 2 MB
603 KB 163ms
161ms Script
application/x-javascript 45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://overe3.ru/wp-content/plugins/anycomment/static/js/main.min.js?ver=9b87b6e21a74caabf02f75b28bb0fb66
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wasp.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 5f010159247bf3b25e92cd7c414b38194bd825a212bf42f9adaa8587bd0253ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:30 GMT
content-encoding: gzip
last-modified: Sat, 14 May 2022 21:14:51 GMT
server: nginx-reuseport/1.21.1
etag: W/"62801bcb-20738f"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 18 Jul 2023 11:05:30 GMT

GET
H2 200 bg_ortcal_days.js Show response
overe3.ru/wp-content/plugins/bg-orthodox-calendar/js/ 19 KB
5 KB 1791ms
1789ms Script
application/x-javascript 45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://overe3.ru/wp-content/plugins/bg-orthodox-calendar/js/bg_ortcal_days.js?ver=0.13.10
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wasp.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 989facedee8e289fa1b6cc0049b60644bd4c1d276c81379cc3016c03a6f16eea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:28 GMT
content-encoding: gzip
last-modified: Thu, 30 Sep 2021 10:16:55 GMT
server: nginx-reuseport/1.21.1
etag: W/"61558e97-4b73"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 18 Jul 2023 11:05:28 GMT

GET
H2 200 bg_ortcal_names.js Show response
overe3.ru/wp-content/plugins/bg-orthodox-calendar/js/ 8 KB
2 KB 1791ms
1790ms Script
application/x-javascript 45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://overe3.ru/wp-content/plugins/bg-orthodox-calendar/js/bg_ortcal_names.js?ver=0.13.10
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wasp.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 0e40e206be93ad0d639a6fefc543309a7d4aae6c141dcfb393b0964ae5614ce9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:29 GMT
content-encoding: gzip
last-modified: Thu, 30 Sep 2021 10:16:55 GMT
server: nginx-reuseport/1.21.1
etag: W/"61558e97-21d4"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 18 Jul 2023 11:05:29 GMT

GET
H2 200 bg_ortcal_year.js Show response
overe3.ru/wp-content/plugins/bg-orthodox-calendar/js/ 23 KB
6 KB 1792ms
1790ms Script
application/x-javascript 45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://overe3.ru/wp-content/plugins/bg-orthodox-calendar/js/bg_ortcal_year.js?ver=0.13.10
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wasp.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 3837b60b0f1fc5410d53bcda31d2ca5cae542b11d335806b45c190c3badb654b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:29 GMT
content-encoding: gzip
last-modified: Thu, 30 Sep 2021 10:16:55 GMT
server: nginx-reuseport/1.21.1
etag: W/"61558e97-5c02"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 18 Jul 2023 11:05:29 GMT

GET
H2 200 bg_ortcal_init.js Show response
overe3.ru/wp-content/plugins/bg-orthodox-calendar/js/ 3 KB
1 KB 1792ms
1791ms Script
application/x-javascript 45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://overe3.ru/wp-content/plugins/bg-orthodox-calendar/js/bg_ortcal_init.js?ver=0.13.10
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wasp.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 2ae1b88b15ca1caa5c4be8b0cc8fa76e8e3882fc85949f145483d8fcb2a6675b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:29 GMT
content-encoding: gzip
last-modified: Thu, 30 Sep 2021 10:16:55 GMT
server: nginx-reuseport/1.21.1
etag: W/"61558e97-bce"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 18 Jul 2023 11:05:29 GMT

GET
H2 200 swiper-libs.js Show response
overe3.ru/wp-content/plugins/pupuper-swiper/js/ 137 KB
38 KB 1792ms
1791ms Script
application/x-javascript 45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://overe3.ru/wp-content/plugins/pupuper-swiper/js/swiper-libs.js?ver=1689067908
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wasp.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: a32329228fcd12d562819b6cd68c04935e106a43a604c53df551e4f3e2911914

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:29 GMT
content-encoding: gzip
last-modified: Wed, 11 May 2022 07:05:40 GMT
server: nginx-reuseport/1.21.1
etag: W/"627b6044-224c5"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 18 Jul 2023 11:05:29 GMT

GET
H2 200 main.js Show response
overe3.ru/wp-content/plugins/pupuper-swiper/js/ 6 KB
2 KB 1792ms
1791ms Script
application/x-javascript 45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://overe3.ru/wp-content/plugins/pupuper-swiper/js/main.js?ver=1689067908
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wasp.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 4896394ccbe06fd1696696f617e8b762b1692d97d5cd1c0529d33c3e7e5c8cd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:29 GMT
content-encoding: gzip
last-modified: Fri, 13 May 2022 05:03:32 GMT
server: nginx-reuseport/1.21.1
etag: W/"627de6a4-193d"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 18 Jul 2023 11:05:29 GMT

GET
H2 200 frontend.min.js Show response
overe3.ru/wp-content/plugins/wp-user-avatar/assets/js/ 18 KB
4 KB 1792ms
1792ms Script
application/x-javascript 45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://overe3.ru/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?ver=4.12.0
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wasp.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: b17fe7091c0ec8e16acb022f3de1fe6f3ddaf4822eff6010a2c7563e34da7789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:29 GMT
content-encoding: gzip
last-modified: Mon, 10 Jul 2023 21:14:55 GMT
server: nginx-reuseport/1.21.1
etag: W/"64ac74cf-46cc"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 18 Jul 2023 11:05:29 GMT

GET
H2 200 scripts.min.js Show response
overe3.ru/wp-content/themes/root/assets/js/ 7 KB
3 KB 1793ms
1792ms Script
application/x-javascript 45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://overe3.ru/wp-content/themes/root/assets/js/scripts.min.js?ver=3.1.1
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wasp.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 7af319c593aa6f3da93d86d0886cf9196170c98662955aed2097ea0c14e774a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:29 GMT
content-encoding: gzip
last-modified: Tue, 15 Feb 2022 10:03:09 GMT
server: nginx-reuseport/1.21.1
etag: W/"620b7a5d-1c37"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 18 Jul 2023 11:05:29 GMT

GET
H2 200 frontend.min.js Show response
overe3.ru/wp-content/plugins/q2w3-fixed-widget/js/ 23 KB
5 KB 1793ms
1792ms Script
application/x-javascript 45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://overe3.ru/wp-content/plugins/q2w3-fixed-widget/js/frontend.min.js?ver=6.2.3
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wasp.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: a69c12ccd186a899db79fce802b46c08e71f69c2c422be2666ed8565e3add026

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:29 GMT
content-encoding: gzip
last-modified: Mon, 28 Nov 2022 21:14:46 GMT
server: nginx-reuseport/1.21.1
etag: W/"638524c6-5b89"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 18 Jul 2023 11:05:29 GMT

GET
H2 200 lazyload.min.js Show response
overe3.ru/wp-content/plugins/rocket-lazy-load/assets/js/16.1/ 8 KB
3 KB 163ms
161ms Script
application/x-javascript 45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://overe3.ru/wp-content/plugins/rocket-lazy-load/assets/js/16.1/lazyload.min.js
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wasp.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:30 GMT
content-encoding: gzip
last-modified: Sat, 23 Oct 2021 17:04:51 GMT
server: nginx-reuseport/1.21.1
etag: W/"617440b3-1ed2"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 18 Jul 2023 11:05:30 GMT

POST
H2 200 gx9d.json Show response
newrotatormarch23.bid/ 59 B
268 B 54ms
54ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://newrotatormarch23.bid/gx9d.json

Requested by

Host: overe3.ru
URL: https://overe3.ru/wp-content/gx9d.js?ver=1.0.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

2ce09377d7dffeacc7b003c69cee122d2561fbf737e817b11d38918d7a39841a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://overe3.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 11 Jul 2023 11:05:29 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

POST
H2 200 gx9d.json Show response
newrotatormarch23.bid/ 59 B
268 B 54ms
53ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://newrotatormarch23.bid/gx9d.json

Requested by

Host: overe3.ru
URL: https://overe3.ru/wp-content/gx9d.js?ver=1.0.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

bb59814a274753b01f75183c8e5d2f4de08f66b80fafcfea86276dd0cf37623d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://overe3.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 11 Jul 2023 11:05:29 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 38a89e25.js Show response
tat3ayogh6.com/pixels/ 141 KB
49 KB 299ms
155ms Script
application/javascript 85.192.12.173
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tat3ayogh6.com/pixels/38a89e25.js
Requested by: Host: h5r2dzdwqk.com
URL: https://h5r2dzdwqk.com/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.192.12.173 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 28cce79fbfb93f180d0e7533ca3a43bd5faa37c45cf1598d4485f5e080bc83cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:30 GMT
cache-control: no-store
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 08:43:01 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c01edce97631c9758a35d51c0ea7c580da897713b9d3709f0ca3b640218ea203

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 125ms
53ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap&ver=6.1.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://overe3.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 04:52:01 GMT
x-content-type-options: nosniff
age: 540809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jul 2024 04:52:01 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 118ms
46ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap&ver=6.1.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://overe3.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:11:38 GMT
x-content-type-options: nosniff
age: 222832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 21:11:38 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 94ms
23ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap&ver=6.1.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://overe3.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 22:16:07 GMT
x-content-type-options: nosniff
age: 391763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jul 2024 22:16:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 98ms
29ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap&ver=6.1.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://overe3.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 05:19:29 GMT
x-content-type-options: nosniff
age: 193561
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jul 2024 05:19:29 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 297 KB
85 KB 217ms
69ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: overe3.ru
URL: https://overe3.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

62ac0d5491ebdfa1ab03d61597d7b7b7373fd2129d0b1bb3ca3364bd482678d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1689073530996505-9998215018974163879-balancer-l7leveler-kubr-yp-vla-90-BAL-9409
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 11 Jul 2023 12:05:31 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
48 KB 129ms
73ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8754114770071647

Requested by

Host: overe3.ru
URL: https://overe3.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9b41509a3e9cb1e6f55531937d1f94b13fb30913dfa1bbbe52bc232d255f89a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://overe3.ru/
Origin: https://overe3.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48688
x-xss-protection: 0
server: cafe
etag: 10396831238363365243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 11 Jul 2023 11:05:30 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 215 KB
74 KB 295ms
135ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: overe3.ru
URL: https://overe3.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

b886f11e6cea2d231535fd0b59bb2950a8d40d9ec4a39b6da894c1f90d89a382

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 05 Jul 2023 16:40:28 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64a572cc-125d3"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 75219
expires: Tue, 11 Jul 2023 12:05:31 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 712bed23dc18b6cc683532980d87b09369b60f1ae4723233101d6c29a0313245

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 086f06c3d493b7808e40b36e5d9c657a6d0088a425e554b4035b4ae47cbf3021

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ef6a2606b59dd152b2a4078f5a659779a5c057d1e3dfd5782e9dfed3ef0eea1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cac30a3a9ee5c6a526b4da2d38dd0750c45c9933a0782edeb8cfe366bc946595

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c4926b247def1bd98c0f6f6fbbaba449e2702ecf71ca6fceeacf7db04f9e9c9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43f9c247438df69c6c2bc91f8267dde1862558c1032a04148838e324fb42f7e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c3c7d4f72d01f57f3d95df353831b1d4a7af83aa5dcdb652f89b28d619b4b1e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d7a02c51475415265005e28261baf2485a8125853c12ec615d07965db1a47c1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9523184ceab914a2ebc4b500fc496b3b6ce379e03ccada34e4ed7a10bf9a2a8b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 admin-ajax.php Show response
overe3.ru/wp-admin/ 1 MB
109 KB 1640ms
1639ms XHR
text/html 45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://overe3.ru/wp-admin/admin-ajax.php?load=Y&action=bg_ortcal

Requested by

Host: overe3.ru
URL: https://overe3.ru/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),

Reverse DNS

ssl.wasp.beget.com

Software

nginx-reuseport/1.21.1 / PHP/7.4.33

Resource Hash

d6dcadc2357959dc12f3e715dd3eaa941aee4e01e6ca0f1054a0b9eca5f76533

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://overe3.ru/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: nginx-reuseport/1.21.1
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 bs_calendar.css
overe3.ru/wp-content/plugins/bg-orthodox-calendar/css/ 10 KB
2 KB 1198ms
1197ms Stylesheet
text/css 45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://overe3.ru/wp-content/plugins/bg-orthodox-calendar/css/bs_calendar.css
Requested by: Host: overe3.ru
URL: https://overe3.ru/wp-content/plugins/bg-orthodox-calendar/js/bg_ortcal_year.js?ver=0.13.10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wasp.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 8273c61714676eb35657b3e0c831df70d36019e7bbb88da7d003151da723ef7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:30 GMT
content-encoding: gzip
last-modified: Thu, 30 Sep 2021 10:16:55 GMT
server: nginx-reuseport/1.21.1
etag: W/"61558e97-2965"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Tue, 18 Jul 2023 11:05:30 GMT

GET
H2 200 st_names.css
overe3.ru/wp-content/plugins/bg-orthodox-calendar/css/ 3 KB
985 B 1191ms
1190ms Stylesheet
text/css 45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://overe3.ru/wp-content/plugins/bg-orthodox-calendar/css/st_names.css
Requested by: Host: overe3.ru
URL: https://overe3.ru/wp-content/plugins/bg-orthodox-calendar/js/bg_ortcal_names.js?ver=0.13.10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wasp.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 24b43f618fa4abf3ade5e241a73a29f7efd3b52872b18c06b0ce98c9e25ca3b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:30 GMT
content-encoding: gzip
last-modified: Thu, 30 Sep 2021 10:16:55 GMT
server: nginx-reuseport/1.21.1
etag: W/"61558e97-a41"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Tue, 18 Jul 2023 11:05:30 GMT

GET
H2 200 fontawesome-webfont.woff2
overe3.ru/wp-content/themes/root/fonts/ 75 KB
76 KB 1186ms
1186ms Font
application/font-woff2 45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://overe3.ru/wp-content/themes/root/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: overe3.ru
URL: https://overe3.ru/wp-content/themes/root/assets/css/style.min.css?ver=3.1.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wasp.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://overe3.ru/wp-content/themes/root/assets/css/style.min.css?ver=3.1.1
Origin: https://overe3.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:30 GMT
last-modified: Tue, 15 Feb 2022 10:03:09 GMT
server: nginx-reuseport/1.21.1
etag: "620b7a5d-12d68"
content-type: application/font-woff2
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 77160
expires: Thu, 10 Aug 2023 11:05:30 GMT

GET
H2 200 2022-02-15_15-52-45.png
overe3.ru/wp-content/uploads/2022/02/ 424 KB
425 KB 1150ms
1150ms Image
image/png 45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://overe3.ru/wp-content/uploads/2022/02/2022-02-15_15-52-45.png
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wasp.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: d8b475828393991ad32e7729d44d13896dd6969db3167954b2587c54e5c4e359

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:31 GMT
last-modified: Tue, 15 Feb 2022 12:53:25 GMT
server: nginx-reuseport/1.21.1
etag: "620ba245-6a1bd"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 434621
expires: Thu, 10 Aug 2023 11:05:31 GMT

GET
H2 200 yaroslavskaya-ikona-bozhiej-materi-xram-opisanie-242x300.png
overe3.ru/wp-content/uploads/2019/10/ 62 KB
62 KB 1483ms
1480ms Image
image/png 45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://overe3.ru/wp-content/uploads/2019/10/yaroslavskaya-ikona-bozhiej-materi-xram-opisanie-242x300.png
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wasp.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 68e5f275b97a7738097bb949dfd62990d901f24e24c0667fbdfc1d52221daa98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:31 GMT
last-modified: Sat, 30 Oct 2021 13:03:23 GMT
server: nginx-reuseport/1.21.1
etag: "617d429b-f6c0"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 63168
expires: Thu, 10 Aug 2023 11:05:31 GMT

GET
H2 200 6d5a035592c3ca90248ed133b181d92c-300x158.jpg
overe3.ru/wp-content/uploads/2018/11/ 11 KB
11 KB 1482ms
1481ms Image
image/jpeg 45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://overe3.ru/wp-content/uploads/2018/11/6d5a035592c3ca90248ed133b181d92c-300x158.jpg
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wasp.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 6a189f849d9e75c371f97f07f495311c0b2a4c17f0f331b099fa7cd964e16b4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:31 GMT
last-modified: Sun, 24 Oct 2021 17:44:05 GMT
server: nginx-reuseport/1.21.1
etag: "61759b65-2a84"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10884
expires: Thu, 10 Aug 2023 11:05:31 GMT

GET
H2 200 5af5cfbd7008f-208x300.jpg
overe3.ru/wp-content/uploads/2018/11/ 16 KB
16 KB 1482ms
1481ms Image
image/jpeg 45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://overe3.ru/wp-content/uploads/2018/11/5af5cfbd7008f-208x300.jpg
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wasp.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: b9ce8c99893dedb35c13ee1516305470b381a3530a7be8314b651421231d21f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:31 GMT
last-modified: Sat, 23 Oct 2021 20:58:38 GMT
server: nginx-reuseport/1.21.1
etag: "6174777e-3ee3"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 16099
expires: Thu, 10 Aug 2023 11:05:31 GMT

GET
H2 200 2022-07-11_09-00-14-330x140.png
overe3.ru/wp-content/uploads/2022/07/ 97 KB
98 KB 1483ms
1482ms Image
image/png 45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://overe3.ru/wp-content/uploads/2022/07/2022-07-11_09-00-14-330x140.png
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wasp.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: a6c08d944aa80a89d4289d63b047c275a3de45130273a32bfd224ee0a6fdd7bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:31 GMT
last-modified: Mon, 11 Jul 2022 06:00:40 GMT
server: nginx-reuseport/1.21.1
etag: "62cbbc88-184dd"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 99549
expires: Thu, 10 Aug 2023 11:05:31 GMT

GET
H2 200 7282b72884e4d630f62d2be22eac18ff-300x158.jpg
overe3.ru/wp-content/uploads/2018/11/ 10 KB
10 KB 1483ms
1482ms Image
image/jpeg 45.130.41.31
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://overe3.ru/wp-content/uploads/2018/11/7282b72884e4d630f62d2be22eac18ff-300x158.jpg
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.31 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wasp.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: ebf5ea2d15237f041bfb964486a1df0feecafc5e80d4afd185f5d96d07ca064a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:31 GMT
last-modified: Sun, 24 Oct 2021 08:09:04 GMT
server: nginx-reuseport/1.21.1
etag: "617514a0-2793"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10131
expires: Thu, 10 Aug 2023 11:05:31 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/ 344 KB
118 KB 125ms
81ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1078854029118585&plah=overe3.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8754114770071647

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

703be5ea831d9a9c41b5c6b28ad0de8efeeb6275745e726f640c95e25fbb8283

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121057
x-xss-protection: 0
server: cafe
etag: 16370948855601099491
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 11 Jul 2023 11:05:31 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230706/r20190131/ Frame E9CE 10 KB
5 KB 82ms
22ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230706/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8754114770071647

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://overe3.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 56465
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Jul 2023 19:24:26 GMT
etag: 12368291122986407432
expires: Mon, 24 Jul 2023 19:24:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 gx9d.json Show response
newrotatormarch23.bid/ 59 B
268 B 54ms
54ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://newrotatormarch23.bid/gx9d.json

Requested by

Host: overe3.ru
URL: https://overe3.ru/wp-content/gx9d.js?ver=1.0.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

f6d08a42d317e47689365ba76947510517bdf9a610dd268d602a1fcc2f34f94a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://overe3.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 11 Jul 2023 11:05:31 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

POST
H2 200 gx9d.json Show response
newrotatormarch23.bid/ 412 B
335 B 58ms
57ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://newrotatormarch23.bid/gx9d.json

Requested by

Host: overe3.ru
URL: https://overe3.ru/wp-content/gx9d.js?ver=1.0.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

659af7da5b322ef98695a80c815c91bfdb146fb526d440e0653affe2f324994f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://overe3.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 11 Jul 2023 11:05:31 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

POST
H2 200 gx9d.json Show response
newrotatormarch23.bid/ 59 B
268 B 56ms
56ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://newrotatormarch23.bid/gx9d.json

Requested by

Host: overe3.ru
URL: https://overe3.ru/wp-content/gx9d.js?ver=1.0.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

0829a987d537e6f9ee3e108374e86e706e2f78cc7894929d1aefae1a40e43958

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://overe3.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 11 Jul 2023 11:05:31 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 pclicks.js Show response
prodmp.ru/ 0
223 B 207ms
67ms Script
text/javascript 193.106.92.202
ITSOFT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://prodmp.ru/pclicks.js
Requested by: Host: tat3ayogh6.com
URL: https://tat3ayogh6.com/pixels/38a89e25.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.106.92.202 , Russian Federation, ASN48614 (ITSOFT-AS, RU),
Reverse DNS: proboard.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: text/javascript
date: Tue, 11 Jul 2023 11:05:31 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10061.UR_doWG3XNTrmJCpEr55zc1wnjsCjr0ZaBLcRloF4XSb60LjWlMYa998CadqoMxj.W7d0CsqtmDgKHfxZlAQBZTzUmpc%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10061.5GwMmvsw3hpaQpYEgGKccF-JOxvLAk57ntEGbZPEf2WtgK6OOW-QMV4RTC5DjZ_0dBFQzL_fufpw0YG1-6VBIymNr3ZVTMD8xkmvZOMXcZYXu8Dc3HX_JZ9rjOmgJfAr6MJvVrDbmj...

43 B
480 B

68ms
68ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10061.5GwMmvsw3hpaQpYEgGKccF-JOxvLAk57ntEGbZPEf2WtgK6OOW-QMV4RTC5DjZ_0dBFQzL_fufpw0YG1-6VBIymNr3ZVTMD8xkmvZOMXcZYXu8Dc3HX_JZ9rjOmgJfAr6MJvVrDbmjWQBQNIwd7pN38tL3jSUEhyL9PS4FWGAcg8jVmOcf53rNSs8Rb9hfCuiiSJA56Wk6Ptp60p7Zc-9-AlpXtUMt3IT_0FkqUVXUA%2C.kJe-IpmyjJRbHS4QtTkB78hynhY%2C

Requested by

Host: overe3.ru
URL: https://overe3.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:31 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10061.5GwMmvsw3hpaQpYEgGKccF-JOxvLAk57ntEGbZPEf2WtgK6OOW-QMV4RTC5DjZ_0dBFQzL_fufpw0YG1-6VBIymNr3ZVTMD8xkmvZOMXcZYXu8Dc3HX_JZ9rjOmgJfAr6MJvVrDbmjWQBQNIwd7pN38tL3jSUEhyL9PS4FWGAcg8jVmOcf53rNSs8Rb9hfCuiiSJA56Wk6Ptp60p7Zc-9-AlpXtUMt3IT_0FkqUVXUA%2C.kJe-IpmyjJRbHS4QtTkB78hynhY%2C
date: Tue, 11 Jul 2023 11:05:31 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
114 B 73ms
68ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: overe3.ru
URL: https://overe3.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:31 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 05 Jul 2023 16:40:28 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64a572cc-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 11 Jul 2023 12:05:31 GMT

GET
H2 200 35fa0e0acb0c1b38f5a0.js Show response
yastatic.net/partner-code-bundles/803295/ 14 KB
5 KB 267ms
142ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/803295/35fa0e0acb0c1b38f5a0.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

a05288d8dc0dddf3c8a4695c66cdf3aa6b7c1117bd902a584f2083c0b121b1ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://overe3.ru/
Origin: https://overe3.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:31 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4774
last-modified: Mon, 10 Jul 2023 16:17:44 GMT
server: nginx/1.17.9
etag: "f8d627493f2454669c70d00b79763744"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 10 Jul 2053 17:41:25 GMT

GET
H2 200 096bcf7c3329312c08cc.js Show response
yastatic.net/partner-code-bundles/803295/ 19 KB
7 KB 277ms
153ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/803295/096bcf7c3329312c08cc.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

5731214ddd0cdc34eea81cf2df4bf05ad0ef4577b1b4200bd007cfe2d6e37603

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://overe3.ru/
Origin: https://overe3.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:31 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 6462
last-modified: Mon, 10 Jul 2023 16:17:43 GMT
server: nginx/1.17.9
etag: "8cceeb5a992db1ff2a959dd410d4b26a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 10 Jul 2053 17:41:25 GMT

GET
H2 200 ff83483619078c4c9ba6.js Show response
yastatic.net/partner-code-bundles/803295/ 113 KB
24 KB 311ms
188ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/803295/ff83483619078c4c9ba6.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

c2d7cd61f6427442c5754f0391119b2e2841ee9a9b6c9af4e8a2ba0350a2ba5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://overe3.ru/
Origin: https://overe3.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:31 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 23496
last-modified: Mon, 10 Jul 2023 16:17:48 GMT
server: nginx/1.17.9
etag: "ff8168758e506c9692b91fd460ab8e6d"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 10 Jul 2053 17:41:25 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 329ms
206ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://overe3.ru/
Origin: https://overe3.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:31 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 10 Jul 2053 17:41:25 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 236ms
115ms Font
font/woff2 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://overe3.ru/
Origin: https://overe3.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:31 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: 7f7aff53bfaef933
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jul 2024 16:54:37 GMT

GET
H2 200 483b31e3d9a306b031de.js Show response
yastatic.net/partner-code-bundles/803295/ 24 KB
8 KB 290ms
170ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/803295/483b31e3d9a306b031de.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34c27c7e20c817b574fe21ae7dab69912ce5e0f862079498c9154eebccfcbb06

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://overe3.ru/
Origin: https://overe3.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:31 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 7953
last-modified: Mon, 10 Jul 2023 16:17:44 GMT
server: nginx/1.17.9
etag: "f4a4c65b8911215bca5ba5811b1eaede"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 10 Jul 2053 17:41:25 GMT

GET
H2 200 017e76b82170e4cac081.js Show response
yastatic.net/partner-code-bundles/803295/ 7 KB
3 KB 161ms
160ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/803295/017e76b82170e4cac081.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

8b745d899a7d1fe4ae94821dfac5d4501cb9f85945c25a69cefa123ce6fac452

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://overe3.ru/
Origin: https://overe3.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:31 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 2081
last-modified: Mon, 10 Jul 2023 16:17:43 GMT
server: nginx/1.17.9
etag: "d831655d1f8112e35ad904430ce13ea7"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 10 Jul 2053 17:41:25 GMT

GET
H2 200 f81dd16f5dbb2bb845a1.js Show response
yastatic.net/partner-code-bundles/803295/ 627 KB
117 KB 161ms
161ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/803295/f81dd16f5dbb2bb845a1.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0343d64b8da69712a6c4658bbe62f6ca59c0f68d4f370b80d8f60fb4f3ae5369

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://overe3.ru/
Origin: https://overe3.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:31 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 119007
last-modified: Mon, 10 Jul 2023 16:17:48 GMT
server: nginx/1.17.9
etag: "4f7a22693075c9b9dd118a0c87477938"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 10 Jul 2053 17:41:25 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
602 B 85ms
31ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=overe3.ru&callback=_gfp_s_&client=ca-pub-1078854029118585

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1078854029118585&plah=overe3.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

550fb286484bb11b70e323b26571e529e950bb6c54f8f0ea61063b4071a3649f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 88ms
32ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=overe3.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 89C0 350 KB
76 KB 1016ms
1015ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&adk=1812271804&adf=3025194257&lmt=1689067909&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fovere3.ru%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073531034&bpp=5&bdt=15953&idt=317&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1709386457570&frm=20&pv=2&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=1&uci=a!1&fsb=1&dtd=357

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

931ae9e62fccaba62c25835e379b56040607c07dc61372e68a5c4cc80c36b92b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://overe3.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 77220
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Jul 2023 11:05:32 GMT
expires: Tue, 11 Jul 2023 11:05:32 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

1 Show response
mc.yandex.com/watch/48681353/
Redirect Chain

https://mc.yandex.com/watch/48681353?wmode=7&page-url=https%3A%2F%2Fovere3.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Afp%3A40791%3Afu%3A0%3Aen%3Autf-8%3...
https://mc.yandex.com/watch/48681353/1?wmode=7&page-url=https%3A%2F%2Fovere3.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Afp%3A40791%3Afu%3A0%3Aen%3Autf-8...

439 B
582 B

84ms
83ms

Fetch
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/48681353/1?wmode=7&page-url=https%3A%2F%2Fovere3.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Afp%3A40791%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1074%3Acn%3A1%3Adp%3A0%3Als%3A792247665888%3Ahid%3A588564477%3Az%3A0%3Ai%3A20230711110531%3Aet%3A1689073531%3Ac%3A1%3Arn%3A532988842%3Arqn%3A1%3Au%3A1689073531267902218%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C17261%2C6930%2C13879%2C566%2C0%2C%2C1978%2C15%2C%2C%2C%2C40867%3Aco%3A0%3Acpf%3A1%3Ans%3A1689073490068%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1689073532%3At%3A%D0%98%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%20%D0%B8%D0%B7%D0%B4%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%BE%20%D0%B2%D0%B5%D1%80%D0%B5%20%D0%B8%20%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D1%81%D0%BB%D0%B0%D0%B2%D0%BD%D0%BE%D0%B9%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D1%83%D1%80%D0%B5&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

Requested by

Host: overe3.ru
URL: https://overe3.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

45e30a04938b87ac472f696a44766d6803c04cc2a6ac0c677c8eff93bd421faf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 11-Jul-2023 11:05:31 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://overe3.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 439
x-xss-protection: 1; mode=block
expires: Tue, 11-Jul-2023 11:05:31 GMT

Redirect headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:31 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 11-Jul-2023 11:05:31 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/48681353/1?wmode=7&page-url=https%3A%2F%2Fovere3.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Afp%3A40791%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1074%3Acn%3A1%3Adp%3A0%3Als%3A792247665888%3Ahid%3A588564477%3Az%3A0%3Ai%3A20230711110531%3Aet%3A1689073531%3Ac%3A1%3Arn%3A532988842%3Arqn%3A1%3Au%3A1689073531267902218%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C17261%2C6930%2C13879%2C566%2C0%2C%2C1978%2C15%2C%2C%2C%2C40867%3Aco%3A0%3Acpf%3A1%3Ans%3A1689073490068%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1689073532%3At%3A%D0%98%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%20%D0%B8%D0%B7%D0%B4%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%BE%20%D0%B2%D0%B5%D1%80%D0%B5%20%D0%B8%20%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D1%81%D0%BB%D0%B0%D0%B2%D0%BD%D0%BE%D0%B9%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D1%83%D1%80%D0%B5&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
access-control-allow-origin: https://overe3.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 11-Jul-2023 11:05:31 GMT

GET
H2 200 internal Show response
dmpprof.com/matching/ 153 B
675 B 597ms
69ms Fetch
application/json 85.192.12.174
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dmpprof.com/matching/internal?event=view&aid=0&ssp_id=8&href=https%3A%2F%2Fovere3.ru%2F&title=%D0%98%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%20%D0%B8%D0%B7%D0%B4%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%BE%20%D0%B2%D0%B5%D1%80%D0%B5%20%D0%B8%20%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D1%81%D0%BB%D0%B0%D0%B2%D0%BD%D0%BE%D0%B9%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D1%83%D1%80%D0%B5&dmp_print_id=b9ed0419f83c4ab828c583269a5f8447
Requested by: Host: tat3ayogh6.com
URL: https://tat3ayogh6.com/pixels/38a89e25.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 3906ad84ef30da95e6dc896d12f4ee9664de482d35c7294a612cf19f08dbf2a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:32 GMT
server: nginx/1.18.0
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://overe3.ru
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 153

GET
H/1.1 200
OK / Show response
dmg.digitaltarget.ru/2/ 26 B
341 B 174ms
56ms Fetch
text/json 185.15.175.157
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://dmg.digitaltarget.ru/2/?a=850
Requested by: Host: tat3ayogh6.com
URL: https://tat3ayogh6.com/pixels/38a89e25.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.175.157 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5d3c81d38fa32915be4a76abd4173e77b0cc342b91643f8ef994a2bbe26abad9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 11 Jul 2023 11:05:32 GMT
Server: nginx
Access-Control-Allow-Methods: GET
Content-Type: text/json
Access-Control-Allow-Origin: https://overe3.ru
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type
Content-Length: 26

GET
H2 200 demography Show response
prodmp.ru/pclicks/ 3 B
131 B 66ms
65ms Fetch
application/json 193.106.92.202
ITSOFT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://prodmp.ru/pclicks/demography?domain=overe3.ru
Requested by: Host: tat3ayogh6.com
URL: https://tat3ayogh6.com/pixels/38a89e25.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.106.92.202 , Russian Federation, ASN48614 (ITSOFT-AS, RU),
Reverse DNS: proboard.ru
Software: nginx /
Resource Hash: 37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://overe3.ru
date: Tue, 11 Jul 2023 11:05:32 GMT
access-control-allow-credentials: true
server: nginx
content-length: 3
content-type: application/json

GET
H2

200

external
dmpprof.com/matching/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=44931&callback_url=https%3A%2F%2Fdmpprof.com%2Fmatching%2Fexternal%3Fsid%3D44931%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=44931&callback_url=https%3A%2F%2Fdmpprof.com%2Fmatching%2Fexternal%3Fsid%3D44931%26uid%3D%24%7BUSER_ID%7D&crf=1
https://dmpprof.com/matching/external?sid=44931&uid=07ef122f-4d93-52c0-828f-7ca9e6224bd5

0
0

65ms
65ms

Image
application/json

85.192.12.174
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmpprof.com/matching/external?sid=44931&uid=07ef122f-4d93-52c0-828f-7ca9e6224bd5
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Server: 85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Redirect headers

location: https://dmpprof.com/matching/external?sid=44931&uid=07ef122f-4d93-52c0-828f-7ca9e6224bd5
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 profitclicks
prodmp.ru/ 0
90 B 65ms
64ms Image
text/html 193.106.92.202
ITSOFT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prodmp.ru/profitclicks?uid=fb8e0056-c728-4b32-a7d0-09ad724fbf09
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.106.92.202 , Russian Federation, ASN48614 (ITSOFT-AS, RU),
Reverse DNS: proboard.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:32 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/html;charset=utf-8

GET
H2 200 fb8e0056-c728-4b32-a7d0-09ad724fbf09
an.yandex.ru/mapuid/profitclicksdspis/ 43 B
573 B 197ms
70ms Image
image/gif 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/profitclicksdspis/fb8e0056-c728-4b32-a7d0-09ad724fbf09

Requested by

Host: overe3.ru
URL: https://overe3.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 11 Jul 2023 11:05:32 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 11 Jul 2023 11:05:32 GMT

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/7114/i/
Redirect Chain

https://dmg.digitaltarget.ru/1/7114/i/i?a=923&e=fb8e0056-c728-4b32-a7d0-09ad724fbf09
https://dmg.digitaltarget.ru/awg/custom/7114/i/i?call_source=awg&ts=1689073532380&a=923&e=fb8e0056-c728-4b32-a7d0-09ad724fbf09

49 B
189 B

59ms
59ms

Image
image/gif

185.15.175.157
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmg.digitaltarget.ru/awg/custom/7114/i/i?call_source=awg&ts=1689073532380&a=923&e=fb8e0056-c728-4b32-a7d0-09ad724fbf09
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: HTTP/1.1
Server: 185.15.175.157 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 11 Jul 2023 11:05:32 GMT
Server: nginx
Connection: keep-alive
Content-Length: 49
Content-Type: image/gif

Redirect headers

Date: Tue, 11 Jul 2023 11:05:32 GMT
Server: nginx
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/7114/i/i?call_source=awg&ts=1689073532380&a=923&e=fb8e0056-c728-4b32-a7d0-09ad724fbf09
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

POST
H2 200 enr Show response
dmpprof.com/ 2 B
350 B 68ms
68ms Fetch
text/plain 85.192.12.174
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dmpprof.com/enr?href=https%3A%2F%2Fovere3.ru%2F&title=%D0%98%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%20%D0%B8%D0%B7%D0%B4%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%BE%20%D0%B2%D0%B5%D1%80%D0%B5%20%D0%B8%20%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D1%81%D0%BB%D0%B0%D0%B2%D0%BD%D0%BE%D0%B9%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D1%83%D1%80%D0%B5
Requested by: Host: tat3ayogh6.com
URL: https://tat3ayogh6.com/pixels/38a89e25.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://overe3.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 11 Jul 2023 11:05:32 GMT
server: nginx/1.18.0
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://overe3.ru
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
content-length: 2

GET
H2 200 mapping Show response
dprof.site/matching/ 17 B
537 B 77ms
69ms Fetch
application/json 85.192.12.174
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dprof.site/matching/mapping?uid=fb8e0056-c728-4b32-a7d0-09ad724fbf09
Requested by: Host: tat3ayogh6.com
URL: https://tat3ayogh6.com/pixels/38a89e25.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:32 GMT
server: nginx/1.18.0
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://overe3.ru
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 17

POST
H2 200 enr Show response
dmpprof.com/ 2 B
350 B 67ms
66ms Fetch
text/plain 85.192.12.174
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dmpprof.com/enr?href=https%3A%2F%2Fovere3.ru%2F&title=%D0%98%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%20%D0%B8%D0%B7%D0%B4%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%BE%20%D0%B2%D0%B5%D1%80%D0%B5%20%D0%B8%20%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D1%81%D0%BB%D0%B0%D0%B2%D0%BD%D0%BE%D0%B9%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D1%83%D1%80%D0%B5
Requested by: Host: tat3ayogh6.com
URL: https://tat3ayogh6.com/pixels/38a89e25.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://overe3.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 11 Jul 2023 11:05:32 GMT
server: nginx/1.18.0
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://overe3.ru
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
content-length: 2

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/ 154 KB
52 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42f9ae4b3dee678c141f893c75a4be4aea39462cea3c54a1ab28eac4498e1a74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53430
x-xss-protection: 0
server: cafe
etag: 10158324835545777586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jul 2023 11:05:32 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 35ms
35ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=overe3.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DC16 105 KB
38 KB 1366ms
1365ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&h=280&adk=1429781565&adf=1653867669&pi=t.aa~a.2326922678~i.13~rp.4&w=670&fwrn=4&fwrnh=100&lmt=1689067909&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9426705499&ad_type=text_image&format=670x280&url=https%3A%2F%2Fovere3.ru%2F&fwr=0&pra=3&rh=168&rw=670&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073532494&bpp=3&bdt=17413&idt=-M&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d5b989245e2fcbc-22098f5226de0078%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MarFxYIZG0BqfYfM-nQk3ElE6WP4A&gpic=UID%3D00000c3baf5158fa%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MYTOTOjFML7KxSCbEjH4KlVRFLAKQ&prev_fmts=0x0&nras=2&correlator=1709386457570&frm=20&pv=1&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1485&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=17Cje1krWo&p=https%3A//overe3.ru&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

502d3ca81d9c79bd9556507fd926da9273d9cc4661d6eff86df70c9c1902bae0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://overe3.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39020
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Jul 2023 11:05:33 GMT
expires: Tue, 11 Jul 2023 11:05:33 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C9BB 103 KB
37 KB 1042ms
1039ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&h=280&adk=1429781565&adf=826453495&pi=t.aa~a.2326922678~i.19~rp.4&w=670&fwrn=4&fwrnh=100&lmt=1689067909&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9426705499&ad_type=text_image&format=670x280&url=https%3A%2F%2Fovere3.ru%2F&fwr=0&pra=3&rh=168&rw=670&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073532494&bpp=1&bdt=17413&idt=1&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d5b989245e2fcbc-22098f5226de0078%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MarFxYIZG0BqfYfM-nQk3ElE6WP4A&gpic=UID%3D00000c3baf5158fa%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MYTOTOjFML7KxSCbEjH4KlVRFLAKQ&prev_fmts=0x0%2C670x280&nras=3&correlator=1709386457570&frm=20&pv=1&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1485&ady=1998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=GSKQ2HMEdF&p=https%3A//overe3.ru&dtd=22

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

510c79fa3b8f0000f944c6e206ba51dd6783e43fc8676deb7627282323ee9a62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://overe3.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37946
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Jul 2023 11:05:33 GMT
expires: Tue, 11 Jul 2023 11:05:33 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 63DB 111 KB
39 KB 716ms
714ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&h=600&adk=855582837&adf=289116493&pi=t.aa~a.342020180~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1689067909&rafmt=1&to=qs&pwprc=9426705499&format=300x600&url=https%3A%2F%2Fovere3.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073532538&bpp=1&bdt=17458&idt=-M&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d5b989245e2fcbc-22098f5226de0078%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MarFxYIZG0BqfYfM-nQk3ElE6WP4A&gpic=UID%3D00000c3baf5158fa%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MYTOTOjFML7KxSCbEjH4KlVRFLAKQ&prev_fmts=0x0%2C670x280%2C670x280&nras=4&correlator=1709386457570&frm=20&pv=1&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=2245&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=C66t7ZZ5V9&p=https%3A//overe3.ru&dtd=20

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2294bf733e9768b8b954405739359fe837cd4d6a8d383864f8c576f81a51522e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://overe3.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40020
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Jul 2023 11:05:33 GMT
expires: Tue, 11 Jul 2023 11:05:33 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 74A0 107 KB
38 KB 954ms
951ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&h=60&adk=3575611420&adf=1730821504&pi=t.aa~a.1372487962~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689067909&rafmt=1&to=qs&pwprc=9426705499&format=1200x60&url=https%3A%2F%2Fovere3.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073532538&bpp=1&bdt=17458&idt=1&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d5b989245e2fcbc-22098f5226de0078%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MarFxYIZG0BqfYfM-nQk3ElE6WP4A&gpic=UID%3D00000c3baf5158fa%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MYTOTOjFML7KxSCbEjH4KlVRFLAKQ&prev_fmts=0x0%2C670x280%2C670x280%2C300x600&nras=5&correlator=1709386457570&frm=20&pv=1&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1400&ady=3735&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=ZOgG5ttFx7&p=https%3A//overe3.ru&dtd=27

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

567294436650a4c85384d2aca98da3857a7c3d57491796d7ea24d7d0d5d803b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://overe3.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38893
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Jul 2023 11:05:33 GMT
expires: Tue, 11 Jul 2023 11:05:33 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 33ms
33ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=overe3.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/ Frame F61B 10 KB
4 KB 23ms
22ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://overe3.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 45829
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Jul 2023 22:21:43 GMT
etag: 12368291122986407432
expires: Mon, 24 Jul 2023 22:21:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/ Frame EAB2 10 KB
4 KB 24ms
23ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://overe3.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 45829
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Jul 2023 22:21:43 GMT
etag: 12368291122986407432
expires: Mon, 24 Jul 2023 22:21:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame F61B 4 KB
767 B 33ms
32ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jul 2023 11:05:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jul 2023 10:57:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jul 2023 11:05:32 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F61B 205 B
296 B 86ms
30ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 09:04:22 GMT
x-content-type-options: nosniff
age: 352870
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 06 Jul 2024 09:04:22 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F61B 604 B
920 B 85ms
29ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 11:51:24 GMT
x-content-type-options: nosniff
age: 170048
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 08 Jul 2024 11:51:24 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/elements/html/ Frame F61B 14 KB
6 KB 134ms
67ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dd63824a6304e84f5ac8549da2750d150a0eb24c50960dd83e08a63d5a97f21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 05:46:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6331
x-xss-protection: 0
server: cafe
etag: 18044331813203521086
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Jul 2023 05:46:01 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/elements/html/ Frame F61B 20 KB
9 KB 96ms
29ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

407e5f7555fe203a6245ac0209874437d50b9daf51a7102e6fd90a99a3df1717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 18:37:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59259
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8599
x-xss-protection: 0
server: cafe
etag: 12796843930313450165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 18:37:53 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame EAB2 4 KB
728 B 35ms
35ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jul 2023 11:05:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jul 2023 10:17:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jul 2023 11:05:32 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/ Frame EAB2 2 KB
973 B 108ms
52ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 17:56:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61720
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 17:56:52 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EAB2 0
0 67ms
66ms Fetch
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CiNAyezetZIr_GoqNywXP_IGoDO32uvtu35GQiqoRy8utl94aEAEg9saHmwFglfrwgYwHoAHV-ZeoAsgBCakCAKdZlUR9sj6oAwHIA8sEqgTsAU_QaR0skpYwzb_fk9OIcUVEMXtJVgl0bRSmI44mHh-_nIszxmZak2d2S9fWQ6wFMRHVZmOXRemvk1fz86M0iC0D-Tq-tus47HmIlztThuXemmpJ001wNilM_VXriZJ-k3ng6fAv2ym2V6MGkspbN-dUdm3mP07zrcgi1OHiZUkDCIAgQgAmIvG5rpXqIjkLu29JiVUf47lrD5YVG-77erxtcFoYEqQQ9h5ttpEdu7KPg4vUj7yYzeeEW3ayNBH17FN4yZbIA5RcOPAnBuKTJX52sX_rJiAHvA49_tCVL1sLt3pBjWCKgJz_sX-2wAShpfrBvQOSBQQIBBgBkgUECAUYBKAGLoAHk4bo1wGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBRDP5poD0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAaIMCCoGCgTDsLECuBPkA9gTCtAVAYAXAbIXHAoaCAASFHB1Yi0xMDc4ODU0MDI5MTE4NTg1GAA&sigh=-tcX5L-UTuc&uach_m=[UACH]&cid=CAQSGwBpAlJWvcHeLAWbcO-CspJ25WmyJt9etUGvSxgB&template_id=484

Requested by

Host: overe3.ru
URL: https://overe3.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 11 Jul 2023 11:05:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 11 Jul 2023 11:05:32 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/ Frame EAB2 23 KB
9 KB 85ms
32ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 17:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61825
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 17:55:07 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/ Frame EAB2 3 KB
1 KB 104ms
51ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 17:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61885
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 17:54:07 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/ Frame EAB2 20 KB
8 KB 83ms
31ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 17:54:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61886
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 17:54:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EAB2 179 KB
57 KB 146ms
59ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79cbf9d3dc9d8df1616dd585c95022e1104e8b2700974ba07a9c1a26187bf3e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57331
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688990556196721"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jul 2023 11:05:32 GMT

GET
H2 200 2a76cf1338a212cd33ad52adb05195b7.js Show response
www.gstatic.com/mysidia/ Frame EAB2 33 KB
14 KB 63ms
23ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 22:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14183
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 22:47:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 22:59:35 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/5792322975518096807/ Frame EAB2 29 KB
29 KB 102ms
54ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5792322975518096807/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f2367e8b17ee1d78f5b6a2761ddedaef4d64612aaada1c236c57bb718db3f53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:53:47 GMT
x-content-type-options: nosniff
age: 11505
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29693
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 00:47:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 10 Jul 2024 07:53:47 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/13005907495935648267/ Frame EAB2 421 B
546 B 116ms
68ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13005907495935648267/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d479a19e80d5a182c04fefd268766c8caad3e84d2c4bc3e79eb95f4bbaf7d817

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 04:36:24 GMT
x-content-type-options: nosniff
age: 455348
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 421
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 16:18:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 05 Jul 2024 04:36:24 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C746 2 KB
480 B 43ms
42ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C600

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jul 2023 11:05:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jul 2023 10:37:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jul 2023 11:05:32 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/ Frame C746 2 KB
926 B 71ms
70ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 17:56:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61720
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 17:56:52 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/ Frame C746 23 KB
9 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 17:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61825
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 17:55:07 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/ Frame C746 3 KB
1 KB 72ms
72ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 17:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61885
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 17:54:07 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/ Frame C746 20 KB
8 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 17:54:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61886
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 17:54:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C746 179 KB
56 KB 134ms
100ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79cbf9d3dc9d8df1616dd585c95022e1104e8b2700974ba07a9c1a26187bf3e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57331
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688990556196721"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jul 2023 11:05:32 GMT

GET
H2 200 2a76cf1338a212cd33ad52adb05195b7.js Show response
www.gstatic.com/mysidia/ Frame C746 33 KB
14 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 22:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14183
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 22:47:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 22:59:35 GMT

GET
DATA 200
OK truncated
/ Frame EAB2 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0477d942cebc411c71105c03fadfe75fcb385965ccddfe1032f8f6ac35b30d7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js Show response
pagead2.googlesyndication.com/bg/ Frame 0F6F 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js

Requested by

Host: overe3.ru
URL: https://overe3.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:57:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14572
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Jul 2024 09:57:36 GMT

GET
H3 200 JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js Show response
pagead2.googlesyndication.com/bg/ Frame 2661 37 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js

Requested by

Host: overe3.ru
URL: https://overe3.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:57:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14572
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Jul 2024 09:57:36 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 63DB 6 KB
706 B 33ms
33ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&h=600&adk=855582837&adf=289116493&pi=t.aa~a.342020180~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1689067909&rafmt=1&to=qs&pwprc=9426705499&format=300x600&url=https%3A%2F%2Fovere3.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073532538&bpp=1&bdt=17458&idt=-M&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d5b989245e2fcbc-22098f5226de0078%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MarFxYIZG0BqfYfM-nQk3ElE6WP4A&gpic=UID%3D00000c3baf5158fa%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MYTOTOjFML7KxSCbEjH4KlVRFLAKQ&prev_fmts=0x0%2C670x280%2C670x280&nras=4&correlator=1709386457570&frm=20&pv=1&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=2245&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=C66t7ZZ5V9&p=https%3A//overe3.ru&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jul 2023 11:05:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jul 2023 09:25:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jul 2023 11:05:33 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/ Frame 63DB 2 KB
931 B 26ms
25ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 17:56:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61721
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 17:56:52 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/ Frame 63DB 23 KB
9 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 17:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61826
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 17:55:07 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/ Frame 63DB 3 KB
1 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 17:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61886
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 17:54:07 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/ Frame 63DB 20 KB
8 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 17:54:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61887
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 17:54:06 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 63DB 0
0 86ms
29ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ0xpjUEX23ne6qdAopmE_71G_kSv-tXHdwRoRT69dUAKxfxdUuxNCU3-NRWCYFIWfN5LFCFu1L8JhyR5JWgfai_ZYwBQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&h=600&adk=855582837&adf=289116493&pi=t.aa~a.342020180~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1689067909&rafmt=1&to=qs&pwprc=9426705499&format=300x600&url=https%3A%2F%2Fovere3.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073532538&bpp=1&bdt=17458&idt=-M&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d5b989245e2fcbc-22098f5226de0078%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MarFxYIZG0BqfYfM-nQk3ElE6WP4A&gpic=UID%3D00000c3baf5158fa%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MYTOTOjFML7KxSCbEjH4KlVRFLAKQ&prev_fmts=0x0%2C670x280%2C670x280&nras=4&correlator=1709386457570&frm=20&pv=1&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=2245&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=C66t7ZZ5V9&p=https%3A//overe3.ru&dtd=20
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 63DB 179 KB
56 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79cbf9d3dc9d8df1616dd585c95022e1104e8b2700974ba07a9c1a26187bf3e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57331
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688990556196721"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jul 2023 11:05:33 GMT

GET
H2 200 2a76cf1338a212cd33ad52adb05195b7.js Show response
www.gstatic.com/mysidia/ Frame 63DB 33 KB
14 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 22:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14183
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 22:47:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 22:59:35 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 22B8 1 KB
643 B 29ms
28ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 41865
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Jul 2023 23:27:48 GMT
etag: 48472445140208031
expires: Tue, 11 Jul 2023 23:27:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/6168989689434537472/ Frame 63DB 69 KB
69 KB 28ms
25ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6168989689434537472/2076313506083323656

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd4b23014f45468b01838a0fd5af33eee20ebeda33afff932e8d3c1ed22f86e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:16:22 GMT
x-content-type-options: nosniff
age: 92951
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70515
x-xss-protection: 0
last-modified: Fri, 06 Jan 2023 16:03:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 09 Jul 2024 09:16:22 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/332983327997601869/ Frame 63DB 1 KB
1 KB 25ms
23ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/332983327997601869/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ece07dcb515304af57df3b89b20a3f1d775a141f053a11cfd1b828159f299078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 18:06:31 GMT
x-content-type-options: nosniff
age: 320342
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1174
x-xss-protection: 0
last-modified: Fri, 06 Jan 2023 16:05:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 06 Jul 2024 18:06:31 GMT

GET
DATA 200
OK truncated
/ Frame 63DB 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 63DB 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd6b6588eac008250b4a63cbe6823004dff9e9e20fa75b4a3c37df6a279ee9b6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 22B8 35 B
464 B 88ms
23ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGt5tMlSV1uczElxtrXZjyQ&google_cver=1&google_push=AaAOQGGzj3I21GK4LcTXXBb0_0A9tmQFcW43i6uA11Qkz9tc02Gf6YhgXhZA4zkfiEIQSaYzWQhYjAapnGGQfaHOOIuhLu1VtcQhEg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:33 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 22B8
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIkmehr7HxALT3yWjO4iYUo&google_cver=1&google_push=AaAOQGFzmJnzgx2pDTcJg3ogxkFWtlufcJqx__bYed-nRHxRmCu0FbIN3PZVJ1QD_v4e5D-HTt9aBZLjUd6MXPPWVw2MLge7DJI94...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIkmehr7HxALT3yWjO4iYUo&google_cver=1&google_push=AaAOQGFzmJnzgx2pDTcJg3ogxkFWtlufcJqx__bYed-nRHxRmCu0FbIN3PZVJ1QD_v4e5D-HTt9aBZLjUd6MXPPWVw2MLge7DJI...

43 B
414 B

212ms
203ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIkmehr7HxALT3yWjO4iYUo&google_cver=1&google_push=AaAOQGFzmJnzgx2pDTcJg3ogxkFWtlufcJqx__bYed-nRHxRmCu0FbIN3PZVJ1QD_v4e5D-HTt9aBZLjUd6MXPPWVw2MLge7DJI94Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGFzmJnzgx2pDTcJg3ogxkFWtlufcJqx__bYed-nRHxRmCu0FbIN3PZVJ1QD_v4e5D-HTt9aBZLjUd6MXPPWVw2MLge7DJI94Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:33 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e5092724a6d1d84-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:33 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 101
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIkmehr7HxALT3yWjO4iYUo&google_cver=1&google_push=AaAOQGFzmJnzgx2pDTcJg3ogxkFWtlufcJqx__bYed-nRHxRmCu0FbIN3PZVJ1QD_v4e5D-HTt9aBZLjUd6MXPPWVw2MLge7DJI94Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGFzmJnzgx2pDTcJg3ogxkFWtlufcJqx__bYed-nRHxRmCu0FbIN3PZVJ1QD_v4e5D-HTt9aBZLjUd6MXPPWVw2MLge7DJI94Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e509270b8c81d84-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 22B8
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEOQTTK2-0RL65NCoviwjIwI&google_cver=1&google_push=AaAOQGGOe8kMT5ePX1_-x7pqhsjXiEQHwYZzPARrXaN_PqWF3wVPFrAq0sPNqjbSIDjhQozFcTiSBl583ey...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGGOe8kMT5ePX1_-x7pqhsjXiEQHwYZzPARrXaN_PqWF3wVPFrAq0sPNqjbSIDjhQozFcTiSBl583eyGOYdceLAyNGifB3Qtfg&google_hm=unHzKuqbToyXaLWdrC...

170 B
232 B

35ms
35ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGGOe8kMT5ePX1_-x7pqhsjXiEQHwYZzPARrXaN_PqWF3wVPFrAq0sPNqjbSIDjhQozFcTiSBl583eyGOYdceLAyNGifB3Qtfg&google_hm=unHzKuqbToyXaLWdrC1s0bc

Requested by

Host: overe3.ru
URL: https://overe3.ru/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:33 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGGOe8kMT5ePX1_-x7pqhsjXiEQHwYZzPARrXaN_PqWF3wVPFrAq0sPNqjbSIDjhQozFcTiSBl583eyGOYdceLAyNGifB3Qtfg&google_hm=unHzKuqbToyXaLWdrC1s0bc
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 22B8
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDMpNswKZBV1f6qinmf7xE0&google_cver=1&google_push=AaAOQGFW1qXdor7FETNRUvYZQoZoI-GfKKOCocyy4ztjKs-KO8X8v2VrxhvRaAUzisaHO0ssc-ggYib-...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDMpNswKZBV1f6qinmf7xE0&google_cver=1&google_push=AaAOQGFW1qXdor7FETNRUvYZQoZoI-GfKKOCocyy4ztjKs-KO8X8v2VrxhvRaAUzisaHO0ssc-g...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODM3OTA3Mzg0MDIwNzAyNDIxOA&google_push=AaAOQGFW1qXdor7FETNRUvYZQoZoI-GfKKOCocyy4ztjKs-KO8X8v2VrxhvRaAUzisaHO0ssc-ggYi...

170 B
188 B

43ms
43ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODM3OTA3Mzg0MDIwNzAyNDIxOA&google_push=AaAOQGFW1qXdor7FETNRUvYZQoZoI-GfKKOCocyy4ztjKs-KO8X8v2VrxhvRaAUzisaHO0ssc-ggYib-CvdlnndVwYjKUokgsBJuSg

Requested by

Host: overe3.ru
URL: https://overe3.ru/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODM3OTA3Mzg0MDIwNzAyNDIxOA&google_push=AaAOQGFW1qXdor7FETNRUvYZQoZoI-GfKKOCocyy4ztjKs-KO8X8v2VrxhvRaAUzisaHO0ssc-ggYib-CvdlnndVwYjKUokgsBJuSg
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 22B8
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEOTOEVaEaFLH2Kzo0wIXo-c&google_cver=1&google_push=AaAOQGHhGGJC9uo5bgllhLYKm_eS4PB1dmJPWnMOdpu53FcDArkef8MA_BscnRReXbukVLVUxYkLJqDjVfwn76Ma47cteaH...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOTOEVaEaFLH2Kzo0wIXo-c&google_cver=1&google_push=AaAOQGHhGGJC9uo5bgllhLYKm_eS4PB1dmJPWnMOdpu53FcDArkef8MA_BscnRReXbukVLVUxYkLJqDjVfwn76Ma47cte...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGHhGGJC9uo5bgllhLYKm_eS4PB1dmJPWnMOdpu53FcDArkef8MA_BscnRReXbukVLVUxYkLJqDjVfwn76Ma47cteaH_lHSsJw

170 B
188 B

35ms
35ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGHhGGJC9uo5bgllhLYKm_eS4PB1dmJPWnMOdpu53FcDArkef8MA_BscnRReXbukVLVUxYkLJqDjVfwn76Ma47cteaH_lHSsJw

Requested by

Host: overe3.ru
URL: https://overe3.ru/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGHhGGJC9uo5bgllhLYKm_eS4PB1dmJPWnMOdpu53FcDArkef8MA_BscnRReXbukVLVUxYkLJqDjVfwn76Ma47cteaH_lHSsJw
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 22B8
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEO0lLG7hz3L_J6vDR63AqYk&google_cver=1&google_push=AaAOQGH_oy0p5UI7BAcWf6eMTELBe_c9FWK2DsZboPMqildxDh5Apk3CNoGgnu9zZqLXz6PUtSczGsl9CToV...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGH_oy0p5UI7BAcWf6eMTELBe_c9FWK2DsZboPMqildxDh5Apk3CNoGgnu9zZqLXz6PUtSczGsl9CToVOWO6uCQz8Jd3axgR3Q

170 B
329 B

35ms
35ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGH_oy0p5UI7BAcWf6eMTELBe_c9FWK2DsZboPMqildxDh5Apk3CNoGgnu9zZqLXz6PUtSczGsl9CToVOWO6uCQz8Jd3axgR3Q

Requested by

Host: overe3.ru
URL: https://overe3.ru/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGH_oy0p5UI7BAcWf6eMTELBe_c9FWK2DsZboPMqildxDh5Apk3CNoGgnu9zZqLXz6PUtSczGsl9CToVOWO6uCQz8Jd3axgR3Q
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame 22B8
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEC7mnUCs1KRQ...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGHWQNxW3w_66UczMSO8fyGAIg1824MZuLlWRmhQOEFqjyl9-_dN1MpMxe-UR6OzdLvKbAfu1O_fo6Co6-4Sx8zLNBP6Z0L-eg
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

53ms
53ms

Image
image/gif

104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Tue, 11 Jul 2023 11:05:33 GMT
pragma: no-cache
date: Tue, 11 Jul 2023 11:05:33 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 22B8 0
139 B 115ms
31ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L6u2Z5iVlH-3mwvUoSezKZP2uhcrdor00GvnzkAoPcV7ZOUXX5hmt7a7e4aVHbBIlDdepQkA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:33 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 63DB 15 KB
15 KB 25ms
23ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 22:16:07 GMT
x-content-type-options: nosniff
age: 391766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jul 2024 22:16:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 63DB 15 KB
16 KB 28ms
28ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 05:19:29 GMT
x-content-type-options: nosniff
age: 193564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jul 2024 05:19:29 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 63DB 15 KB
15 KB 31ms
30ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 16:31:22 GMT
x-content-type-options: nosniff
age: 412451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jul 2024 16:31:22 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 63DB 0
19 B 77ms
76ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CtRL8fDetZJHhJIPZtwfaoId4zI37r3H5j-zQjhGc3YjsqQkQASD2xoebAWCV-vCBjAegAYDIzJwCyAEJqQIe_NxDqXqyPqgDAcgDywSqBOUBT9D21KacoN59p5_YOzdm3Kv3u0PqAfHbz78KoTjdcKWrKXitP1Vv8nxfgSdI1i-rnxK4zkD3_fPqmRcC-wF_JNzrvSodgP9XGsVrI7B_wBcLSb-L9llIIhRYwO7y2eSEkCOWoNsjJyPves58r-uF32oRa4aoa8pQUf03IFFU4eT3ViwCHebTePGQruMgvVDoPFqkD7FXMvIWdrA2NnYsnBgLgtjWam853PMAtVMEt3ww2cINpwMa8Xi6XbyvvEcK105_R7C0WHCXpXDwSjkCNt3AWF1UBUajzcGnVBWVElqQseGZtMAEs-moubEEkgUECAQYAZIFBAgFGASgBi6AB-i3s-MBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQhpZp0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAbgT5APYEwrQFQGYFgGAFwGyFxwKGggAEhRwdWItMTA3ODg1NDAyOTExODU4NRgA&sigh=U9v2C4O4tks&uach_m=[UACH]&cid=CAQSOwBpAlJWu7Oru-8e1IAwaDy8ArIzxSNAkrQhJNkdt_1bEkr1Zyp-eVs2zz4JrKoVNzeYQSgk8yy3dPrTGAE&template_id=484&cbvp=2&vis=1

Requested by

Host: overe3.ru
URL: https://overe3.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&h=600&adk=855582837&adf=289116493&pi=t.aa~a.342020180~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1689067909&rafmt=1&to=qs&pwprc=9426705499&format=300x600&url=https%3A%2F%2Fovere3.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073532538&bpp=1&bdt=17458&idt=-M&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d5b989245e2fcbc-22098f5226de0078%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MarFxYIZG0BqfYfM-nQk3ElE6WP4A&gpic=UID%3D00000c3baf5158fa%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MYTOTOjFML7KxSCbEjH4KlVRFLAKQ&prev_fmts=0x0%2C670x280%2C670x280&nras=4&correlator=1709386457570&frm=20&pv=1&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=2245&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=C66t7ZZ5V9&p=https%3A//overe3.ru&dtd=20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 11 Jul 2023 11:05:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js Show response
pagead2.googlesyndication.com/bg/ Frame 5949 37 KB
14 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:57:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14572
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Jul 2024 09:57:36 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 74A0 4 KB
655 B 36ms
34ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&h=60&adk=3575611420&adf=1730821504&pi=t.aa~a.1372487962~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689067909&rafmt=1&to=qs&pwprc=9426705499&format=1200x60&url=https%3A%2F%2Fovere3.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073532538&bpp=1&bdt=17458&idt=1&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d5b989245e2fcbc-22098f5226de0078%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MarFxYIZG0BqfYfM-nQk3ElE6WP4A&gpic=UID%3D00000c3baf5158fa%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MYTOTOjFML7KxSCbEjH4KlVRFLAKQ&prev_fmts=0x0%2C670x280%2C670x280%2C300x600&nras=5&correlator=1709386457570&frm=20&pv=1&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1400&ady=3735&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=ZOgG5ttFx7&p=https%3A//overe3.ru&dtd=27

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jul 2023 11:05:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jul 2023 09:27:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jul 2023 11:05:33 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/ Frame 74A0 2 KB
892 B 24ms
22ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 17:56:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61721
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 17:56:52 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/ Frame 74A0 23 KB
9 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 17:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61826
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 17:55:07 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/ Frame 74A0 3 KB
1 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 17:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61886
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 17:54:07 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/ Frame 74A0 20 KB
8 KB 30ms
27ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 17:54:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61887
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 17:54:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 74A0 179 KB
56 KB 35ms
33ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79cbf9d3dc9d8df1616dd585c95022e1104e8b2700974ba07a9c1a26187bf3e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57331
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688990556196721"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jul 2023 11:05:33 GMT

GET
H3 200 2a76cf1338a212cd33ad52adb05195b7.js Show response
www.gstatic.com/mysidia/ Frame 74A0 33 KB
14 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 22:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14183
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 22:47:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 22:59:35 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AC55 1 KB
643 B 30ms
21ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 41865
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Jul 2023 23:27:48 GMT
etag: 48472445140208031
expires: Tue, 11 Jul 2023 23:27:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame C9BB 4 KB
655 B 41ms
40ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&h=280&adk=1429781565&adf=826453495&pi=t.aa~a.2326922678~i.19~rp.4&w=670&fwrn=4&fwrnh=100&lmt=1689067909&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9426705499&ad_type=text_image&format=670x280&url=https%3A%2F%2Fovere3.ru%2F&fwr=0&pra=3&rh=168&rw=670&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073532494&bpp=1&bdt=17413&idt=1&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d5b989245e2fcbc-22098f5226de0078%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MarFxYIZG0BqfYfM-nQk3ElE6WP4A&gpic=UID%3D00000c3baf5158fa%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MYTOTOjFML7KxSCbEjH4KlVRFLAKQ&prev_fmts=0x0%2C670x280&nras=3&correlator=1709386457570&frm=20&pv=1&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1485&ady=1998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=GSKQ2HMEdF&p=https%3A//overe3.ru&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jul 2023 11:05:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jul 2023 09:23:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jul 2023 11:05:33 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/ Frame C9BB 2 KB
892 B 23ms
22ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 17:56:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61721
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 17:56:52 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/ Frame C9BB 23 KB
9 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 17:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61826
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 17:55:07 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/ Frame C9BB 3 KB
1 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 17:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61886
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 17:54:07 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/ Frame C9BB 20 KB
8 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 17:54:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61887
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 17:54:06 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C9BB 0
0 32ms
30ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQBYnjZhrgAtzsVCHocHqcY3OPhmLlnFDq1acj2XFYv724FXQFZKSaGj0I8IYdJRzdZ72OV6w8cyUiXyxMDqMjex-v8uA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&h=280&adk=1429781565&adf=826453495&pi=t.aa~a.2326922678~i.19~rp.4&w=670&fwrn=4&fwrnh=100&lmt=1689067909&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9426705499&ad_type=text_image&format=670x280&url=https%3A%2F%2Fovere3.ru%2F&fwr=0&pra=3&rh=168&rw=670&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073532494&bpp=1&bdt=17413&idt=1&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d5b989245e2fcbc-22098f5226de0078%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MarFxYIZG0BqfYfM-nQk3ElE6WP4A&gpic=UID%3D00000c3baf5158fa%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MYTOTOjFML7KxSCbEjH4KlVRFLAKQ&prev_fmts=0x0%2C670x280&nras=3&correlator=1709386457570&frm=20&pv=1&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1485&ady=1998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=GSKQ2HMEdF&p=https%3A//overe3.ru&dtd=22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C9BB 179 KB
56 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79cbf9d3dc9d8df1616dd585c95022e1104e8b2700974ba07a9c1a26187bf3e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57331
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688990556196721"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jul 2023 11:05:33 GMT

GET
H3 200 2a76cf1338a212cd33ad52adb05195b7.js Show response
www.gstatic.com/mysidia/ Frame C9BB 33 KB
14 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 22:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14183
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 22:47:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 22:59:35 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/9256298010420350287/ Frame 74A0 3 KB
3 KB 23ms
22ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9256298010420350287/14763004658117789537?w=195&h=102&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5f237805b48ac630600d9547b183cd7983062599457190d818884a808f910a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 08:58:13 GMT
x-content-type-options: nosniff
age: 439640
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3190
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 14:01:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 05 Jul 2024 08:58:13 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/8621607111482697567/ Frame 74A0 1 KB
1 KB 23ms
22ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8621607111482697567/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d27584e1762c5eaf826442e120b5cad934079b244da4909c44df2a07753b52b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 23:30:03 GMT
x-content-type-options: nosniff
age: 300930
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1175
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 10:31:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 06 Jul 2024 23:30:03 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C9BB 0
0 67ms
66ms Fetch
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CLOobfDetZN_DI4TZtwex1pWAA6flk7ZxxeTvkLER2tkeEAEg9saHmwFglfrwgYwHoAHb_LrxA8gBCagDAcgDywSqBNMBT9BsFzUg7rgjq-hfJm8tZBcHPQzdbT3a-vpdartQcJizLSpltQdI-eR_8hkgXccx7IeQ68mW76FGslg0CrdLQhUFyj3UFUQ6lU-118nTDzKvc_gOhbtuhUHcyN6vvCIE0398UqY4YlNL-y2xTQJ7OEp2oDs7rqEabv17WZnlb5x8GfqQn8XHOxA141YisiThFr2tveig6MN_GByoVOVuYdwo2lMwxPOnM2lDQ3xOkrPLmaqRKovAgDD-Ifiy6XLl_uf0YnHML89s6M9MToufrizYcsAE0OmFr8kEkgUECAQYAZIFBAgFGASgBi6AB63iqNACqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ5okU0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAaIMCCoGCgTDsLECuBPkA9gTDdAVAYAXAbIXHAoaCAASFHB1Yi0xMDc4ODU0MDI5MTE4NTg1GAA&sigh=802Zpd9LGVw&uach_m=[UACH]&cid=CAQSOwBpAlJWNuZlKZBa2AMZ3gy3jdN5_WMC_-SU4pEn12kXY8yBxKcEM30i2c8vcYtTFOyB6g_xemvl1WADGAE&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&h=280&adk=1429781565&adf=826453495&pi=t.aa~a.2326922678~i.19~rp.4&w=670&fwrn=4&fwrnh=100&lmt=1689067909&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9426705499&ad_type=text_image&format=670x280&url=https%3A%2F%2Fovere3.ru%2F&fwr=0&pra=3&rh=168&rw=670&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073532494&bpp=1&bdt=17413&idt=1&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d5b989245e2fcbc-22098f5226de0078%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MarFxYIZG0BqfYfM-nQk3ElE6WP4A&gpic=UID%3D00000c3baf5158fa%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MYTOTOjFML7KxSCbEjH4KlVRFLAKQ&prev_fmts=0x0%2C670x280&nras=3&correlator=1709386457570&frm=20&pv=1&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1485&ady=1998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=GSKQ2HMEdF&p=https%3A//overe3.ru&dtd=22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 11 Jul 2023 11:05:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 251E 1 KB
643 B 24ms
22ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 41865
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Jul 2023 23:27:48 GMT
etag: 48472445140208031
expires: Tue, 11 Jul 2023 23:27:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/8621607111482697567/ Frame C9BB 2 KB
2 KB 26ms
24ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8621607111482697567/14763004658117789537?w=200&h=200

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e163a4d49f420e605fecae3e7c7308a4fddd864b9e7593a86645a4d981a44654

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 16:04:48 GMT
x-content-type-options: nosniff
age: 241245
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1604
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 10:31:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jul 2024 16:04:48 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/9256298010420350287/ Frame C9BB 9 KB
9 KB 26ms
25ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9256298010420350287/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27612014dd631d3575ba0bf6f64b7407421599d9d6a04ebcee56e63ad6645940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 07:23:14 GMT
x-content-type-options: nosniff
age: 531739
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8725
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 14:01:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 04 Jul 2024 07:23:14 GMT

GET
DATA 200
OK truncated
/ Frame C9BB 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 74A0 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fa33aaf25052833e9c304f27d0dcecadf1ca9d0e956bd01a4130d9c734ca69b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame AC55
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEIU3kSaxlgzz7MYnYxIamAo&google_cver=1&google_push=AaAOQGFaHDqQM5HZG87czBCHAQcf_v2F63FM2JEfEFkZFrG1tiFPBSEm5yeMAdHIkbxGY0nkaMFq8ee1JHH2J43nDa4GjLqv_4CwK5E
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzA5MDYxNDE4NDAwOTA4NTU0NQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEN1Pz2itilvJR4Ef3JnrNw0&google_cver=1

43 B
398 B

89ms
30ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEN1Pz2itilvJR4Ef3JnrNw0&google_cver=1
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 11 Jul 2023 11:05:33 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEN1Pz2itilvJR4Ef3JnrNw0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AC55
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENNw9i_rKvhLmdUtKf0HKco&google_cver=1&google_push=AaAOQGG653I8bFYQMwg7GLKLcfrR0WDSJ8_i_p5YJ1_kPcZE3ZuRN0Ha66...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AaAOQGG653I8bFYQMwg7GLKLcfrR0WDSJ8_i_p5YJ1_kPcZE3ZuRN0Ha66aUVaP38Bd57c10GPeQDPui3gvz3WD5dodGME0eeCOvKw&google_hm=FQ5nTIsF2V...

170 B
188 B

34ms
33ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AaAOQGG653I8bFYQMwg7GLKLcfrR0WDSJ8_i_p5YJ1_kPcZE3ZuRN0Ha66aUVaP38Bd57c10GPeQDPui3gvz3WD5dodGME0eeCOvKw&google_hm=FQ5nTIsF2VOe6ertmSYDdg

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AaAOQGG653I8bFYQMwg7GLKLcfrR0WDSJ8_i_p5YJ1_kPcZE3ZuRN0Ha66aUVaP38Bd57c10GPeQDPui3gvz3WD5dodGME0eeCOvKw&google_hm=FQ5nTIsF2VOe6ertmSYDdg
date: Tue, 11 Jul 2023 11:05:33 GMT
cache-control: private, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame AC55 0
104 B 265ms
89ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEL10_L8lEsSIkj8OxA9u6A0&google_cver=1&google_push=AaAOQGG_tZBdBKDH3vl1NHobDN3S07vCtQIpqTmkuyNsVfUTUCUb4exgBIYuB7-kQd99hAXUa2Jeop38r-W1PTETgP9poAvWqVZjKdA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&h=60&adk=3575611420&adf=1730821504&pi=t.aa~a.1372487962~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689067909&rafmt=1&to=qs&pwprc=9426705499&format=1200x60&url=https%3A%2F%2Fovere3.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073532538&bpp=1&bdt=17458&idt=1&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d5b989245e2fcbc-22098f5226de0078%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MarFxYIZG0BqfYfM-nQk3ElE6WP4A&gpic=UID%3D00000c3baf5158fa%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MYTOTOjFML7KxSCbEjH4KlVRFLAKQ&prev_fmts=0x0%2C670x280%2C670x280%2C300x600&nras=5&correlator=1709386457570&frm=20&pv=1&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1400&ady=3735&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=ZOgG5ttFx7&p=https%3A//overe3.ru&dtd=27
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:33 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AC55
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEE4drjUeKb7kBpiwYXW3GLI&google_cver=1&google_push=AaAOQGHgJd7pIqA_z6QEpFE-l5uO4dVWiiojRC8LialxuluoC0ecbkI7GmAxq8M1ZEX-b4zwKYozF_xsvVUeaOnZsR6S...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEE4drjUeKb7kBpiwYXW3GLI&google_cver=1&google_push=AaAOQGHgJd7pIqA_z6QEpFE-l5uO4dVWiiojRC8LialxuluoC0ecbkI7GmAxq8M1ZEX-b4zwKYozF_xsvVUeaO...
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
https://x.bidswitch.net/sync?dsp_id=59&user_id=95bf75d6-8953-4817-926a-5c090b4afca7&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGG6wIWKiMF04fxi1Q1czQTardGpfKwq6qMJYP3sq9TUu-BrcDYIJH5XmCRsq0dTgsN68ucCuR0hNeC9_q6fS8rufS3wJuQqrA&google_hm=b1TqBJFrRCK0zirBm48irA==

170 B
188 B

33ms
32ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGG6wIWKiMF04fxi1Q1czQTardGpfKwq6qMJYP3sq9TUu-BrcDYIJH5XmCRsq0dTgsN68ucCuR0hNeC9_q6fS8rufS3wJuQqrA&google_hm=b1TqBJFrRCK0zirBm48irA==

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGG6wIWKiMF04fxi1Q1czQTardGpfKwq6qMJYP3sq9TUu-BrcDYIJH5XmCRsq0dTgsN68ucCuR0hNeC9_q6fS8rufS3wJuQqrA&google_hm=b1TqBJFrRCK0zirBm48irA==
date: Tue, 11 Jul 2023 11:05:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AC55
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEDGeTw97nN0PvJe1FfL7xu0&google_cver=1&google_push=AaAOQGF9NnSJBdEiUfLkFAshcQC5gYOvufhbWhYOZ9ZIJAuHbRyZz7467SmmJ-q1UkmkRqfODShBQTaLbVE_L4uLnarlSo4...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGF9NnSJBdEiUfLkFAshcQC5gYOvufhbWhYOZ9ZIJAuHbRyZz7467SmmJ-q1UkmkRqfODShBQTaLbVE_L4uLnarlSo4QHkPLNQ

170 B
188 B

37ms
36ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGF9NnSJBdEiUfLkFAshcQC5gYOvufhbWhYOZ9ZIJAuHbRyZz7467SmmJ-q1UkmkRqfODShBQTaLbVE_L4uLnarlSo4QHkPLNQ

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGF9NnSJBdEiUfLkFAshcQC5gYOvufhbWhYOZ9ZIJAuHbRyZz7467SmmJ-q1UkmkRqfODShBQTaLbVE_L4uLnarlSo4QHkPLNQ
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame AC55 43 B
363 B 93ms
28ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEP7R-3efs3VVceHlZZG_unQ&google_cver=1&google_push=AaAOQGHLZXxz2BiQAYE54T_U7B7PfyOJ7AGRvBld4oLMLUYPD45b4R27KvLkwV75SsnGKSs8E5QnwUohqdije2IXPLa9maml06mRlks

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:33 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 193831
expires: Tue, 11 Jul 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AC55
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGsgCwkxbOmIjYhVbsq6WWQ&google_cver=1&google_push=AaAOQGGyq5tVEiEasHIJq9YEpdg4NRtBHDZjIOSI15Pxfa7TFHURZ61Tqn0PHFPf7SZl-8CLVspAQFVAKhaS...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGGyq5tVEiEasHIJq9YEpdg4NRtBHDZjIOSI15Pxfa7TFHURZ61Tqn0PHFPf7SZl-8CLVspAQFVAKhaSi2L7ngBk5msdqTpJMA

170 B
188 B

38ms
38ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGGyq5tVEiEasHIJq9YEpdg4NRtBHDZjIOSI15Pxfa7TFHURZ61Tqn0PHFPf7SZl-8CLVspAQFVAKhaSi2L7ngBk5msdqTpJMA

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGGyq5tVEiEasHIJq9YEpdg4NRtBHDZjIOSI15Pxfa7TFHURZ61Tqn0PHFPf7SZl-8CLVspAQFVAKhaSi2L7ngBk5msdqTpJMA
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame AC55 0
12 B 33ms
32ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KMCcYrJrXI9O7OweGwS0NR2e0VA33LQnBc1h9d4IIBkf0MJG5_5YXS6rrI4IXHZhe0NUzX

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:33 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame C9BB 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9af20f493eb19e7b058ce1351e861caa7479d779c6e13dfa8e4b561115098d3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 74A0 15 KB
16 KB 24ms
23ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 05:19:29 GMT
x-content-type-options: nosniff
age: 193564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jul 2024 05:19:29 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 74A0 15 KB
15 KB 25ms
25ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 22:16:07 GMT
x-content-type-options: nosniff
age: 391766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jul 2024 22:16:07 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 251E
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEG00TPdbjB1E1rZMwwCKKK4&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEG00TPdbjB1E1rZMwwCKKK4&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VnNsNlZoS1UxUWpiYnY1&google_gid=CAESEG00TPdbjB1E1rZMwwCKKK4&google_cver=1&google_push=AaAOQGGypRDe8DZhmCFfxIAcg54ZH8cmiIEbByo3hQeGsMV...

170 B
188 B

35ms
34ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VnNsNlZoS1UxUWpiYnY1&google_gid=CAESEG00TPdbjB1E1rZMwwCKKK4&google_cver=1&google_push=AaAOQGGypRDe8DZhmCFfxIAcg54ZH8cmiIEbByo3hQeGsMVkh8DyDzjzEoRFoqMWnln0dnRETT90y20U5KnmsZyLH4V_DOpIaHY2hA

Requested by

Host: overe3.ru
URL: https://overe3.ru/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 11 Jul 2023 11:05:33 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-782-g97d928b#rel-ec2-master i-0caa68a19e3c1fdac@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VnNsNlZoS1UxUWpiYnY1&google_gid=CAESEG00TPdbjB1E1rZMwwCKKK4&google_cver=1&google_push=AaAOQGGypRDe8DZhmCFfxIAcg54ZH8cmiIEbByo3hQeGsMVkh8DyDzjzEoRFoqMWnln0dnRETT90y20U5KnmsZyLH4V_DOpIaHY2hA
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 251E 70 B
265 B 157ms
51ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESECaRo--iQIRdBrQ6DpKdRjw&google_cver=1&google_push=AaAOQGH7irX1sKkaVGj6dVRcKGvLC7ZL24MwkLTxVu5l607aVN09xHYdOePK_5S3t3xAY7pwhwiXn71Cm4O_ZbM5kyqFdYF4CQCk4g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&h=280&adk=1429781565&adf=826453495&pi=t.aa~a.2326922678~i.19~rp.4&w=670&fwrn=4&fwrnh=100&lmt=1689067909&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9426705499&ad_type=text_image&format=670x280&url=https%3A%2F%2Fovere3.ru%2F&fwr=0&pra=3&rh=168&rw=670&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073532494&bpp=1&bdt=17413&idt=1&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d5b989245e2fcbc-22098f5226de0078%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MarFxYIZG0BqfYfM-nQk3ElE6WP4A&gpic=UID%3D00000c3baf5158fa%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MYTOTOjFML7KxSCbEjH4KlVRFLAKQ&prev_fmts=0x0%2C670x280&nras=3&correlator=1709386457570&frm=20&pv=1&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1485&ady=1998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=GSKQ2HMEdF&p=https%3A//overe3.ru&dtd=22
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 11 Jul 2023 11:05:33 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 251E
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEOYTK00DOjjkJsc29ovwDPk&google_cver=1&google_push=AaAOQGGzRKk7uAW2duaA5YE_KFgGOn-x8pWGqwh9RDmbtNdwevey_vM_g3qducQZUoREgs90ORCm7Qdl-Et...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGGzRKk7uAW2duaA5YE_KFgGOn-x8pWGqwh9RDmbtNdwevey_vM_g3qducQZUoREgs90ORCm7Qdl-EtCckIalEeebvZGBxi5EA&google_hm=unHzKuqbToyXaLWdrC...

170 B
188 B

35ms
35ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGGzRKk7uAW2duaA5YE_KFgGOn-x8pWGqwh9RDmbtNdwevey_vM_g3qducQZUoREgs90ORCm7Qdl-EtCckIalEeebvZGBxi5EA&google_hm=unHzKuqbToyXaLWdrC1s0bc

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:33 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGGzRKk7uAW2duaA5YE_KFgGOn-x8pWGqwh9RDmbtNdwevey_vM_g3qducQZUoREgs90ORCm7Qdl-EtCckIalEeebvZGBxi5EA&google_hm=unHzKuqbToyXaLWdrC1s0bc
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 251E
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIr9LdSvLCkH7pVmzAVl0sY&google_cver=1&google_push=AaAOQGF_RKv7fEI1jTMCjImh62wVTgPugTZYPhJkmAN7K459HTdYxRSg8YJ3tUen94jIBFMEM_Do2bcWABvF1ISUxbRW3uy...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGF_RKv7fEI1jTMCjImh62wVTgPugTZYPhJkmAN7K459HTdYxRSg8YJ3tUen94jIBFMEM_Do2bcWABvF1ISUxbRW3uylyWLvxA&google_hm=eS1URC5MZnRKRTJwRVFU...

170 B
188 B

40ms
37ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGF_RKv7fEI1jTMCjImh62wVTgPugTZYPhJkmAN7K459HTdYxRSg8YJ3tUen94jIBFMEM_Do2bcWABvF1ISUxbRW3uylyWLvxA&google_hm=eS1URC5MZnRKRTJwRVFUX193UDViamxOdEZhRTBhZkc4U35B

Requested by

Host: overe3.ru
URL: https://overe3.ru/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 11 Jul 2023 11:05:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGF_RKv7fEI1jTMCjImh62wVTgPugTZYPhJkmAN7K459HTdYxRSg8YJ3tUen94jIBFMEM_Do2bcWABvF1ISUxbRW3uylyWLvxA&google_hm=eS1URC5MZnRKRTJwRVFUX193UDViamxOdEZhRTBhZkc4U35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 251E
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEJU6mCfcs9iFlpo4rgCGwFI&google_cver=1&google_push=AaAOQGEIDNwnjtasRX8iPorU8k1sXVZo7Opm4-MH1CfXL4SvNob4DobkOAjTlO2GshnryusSY4AzUPsMepyak8UP-b7L1xO...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGEIDNwnjtasRX8iPorU8k1sXVZo7Opm4-MH1CfXL4SvNob4DobkOAjTlO2GshnryusSY4AzUPsMepyak8UP-b7L1xOOg-0E

170 B
188 B

43ms
43ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGEIDNwnjtasRX8iPorU8k1sXVZo7Opm4-MH1CfXL4SvNob4DobkOAjTlO2GshnryusSY4AzUPsMepyak8UP-b7L1xOOg-0E

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGEIDNwnjtasRX8iPorU8k1sXVZo7Opm4-MH1CfXL4SvNob4DobkOAjTlO2GshnryusSY4AzUPsMepyak8UP-b7L1xOOg-0E
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 251E 43 B
362 B 34ms
29ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEPoS6M3k1gFe2JFhRfw-_UU&google_cver=1&google_push=AaAOQGG3-Tppbgd-9u7VL8Snm1JgEtFTN01f0YpwrzKP7whQiTSDQYH2Elqx4Yw2zupiy0Idd3w4dqDB-v8xR6tyJVhbrLe17x2i4Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:33 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 225681
expires: Tue, 11 Jul 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 251E
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEChW5ftruhoDr9KJKF2Sao&google_cver=1&google_push=AaAOQGG_FkNar1kUSad25levDtzvvzIBKjBibY8q-1AnWegvhqQyD4SikDsrHd8G9uCvxC6ijlpuFidY...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODM3OTA3Mzg0MDIwNzAyNDIxOA&google_push=AaAOQGG_FkNar1kUSad25levDtzvvzIBKjBibY8q-1AnWegvhqQyD4SikDsrHd8G9uCvxC6ijlpuFi...

170 B
188 B

47ms
47ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODM3OTA3Mzg0MDIwNzAyNDIxOA&google_push=AaAOQGG_FkNar1kUSad25levDtzvvzIBKjBibY8q-1AnWegvhqQyD4SikDsrHd8G9uCvxC6ijlpuFidY1y-HI7BxxKjFq3myGHYnBw

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODM3OTA3Mzg0MDIwNzAyNDIxOA&google_push=AaAOQGG_FkNar1kUSad25levDtzvvzIBKjBibY8q-1AnWegvhqQyD4SikDsrHd8G9uCvxC6ijlpuFidY1y-HI7BxxKjFq3myGHYnBw
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 251E 0
12 B 33ms
30ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LG2aiS4-50yofsMItiF9anSAsC_0N9nCcZxcJspmkIQVBcz40juW2mvnMpeJVS-KbACdMm

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:33 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C9BB 15 KB
16 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 05:19:29 GMT
x-content-type-options: nosniff
age: 193564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jul 2024 05:19:29 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 74A0 0
19 B 73ms
73ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cu05JfDetZIXkJZSJygX12ojoD6flk7ZxxeTvkLER2tkeEAEg9saHmwFglfrwgYwHoAHb_LrxA8gBCagDAcgDywSqBNIBT9DqOeGuVrWBV-rvU7WHlC9la2332y14XCNQ31y_rocZ_6O4t-fGs7pFzdSEYT_fX1qBqE-zTr7X6IB-Lt2zabmkCVZeNEPw8DcTFopUyjGXkYdFzvwqDVHpX5oa73B7pGYGazA8zpk0elEivty6h3Orl7uyXfOk-42FwTWtz3Is-Uijrjf4RGVqrjjZkoYE7ZeP7hko57OO3S5N_qa68EJu3gdFVs27cSvcN-WbPTYBErYZGT1LY-9ZSaK6vL_zoHyPmhlbc6TJ_CM2vutgrpwrwATQ6YWvyQSSBQQIBBgBkgUECAUYBKAGLoAHreKo0AKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDzz0nSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsBuBPkA9gTDdAVAYAXAbIXHAoaCAASFHB1Yi0xMDc4ODU0MDI5MTE4NTg1GAA&sigh=4y95cweJBC8&uach_m=[UACH]&cid=CAQSOwBpAlJWRbAFUDnBifywCVDZBWuCacE3Zxu_F9o2KqItrXhnx6j2QUWz8BAo7aPAtLw7mY33w4H7CahkGAE&template_id=484&cbvp=2&vis=1

Requested by

Host: overe3.ru
URL: https://overe3.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&h=60&adk=3575611420&adf=1730821504&pi=t.aa~a.1372487962~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689067909&rafmt=1&to=qs&pwprc=9426705499&format=1200x60&url=https%3A%2F%2Fovere3.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073532538&bpp=1&bdt=17458&idt=1&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d5b989245e2fcbc-22098f5226de0078%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MarFxYIZG0BqfYfM-nQk3ElE6WP4A&gpic=UID%3D00000c3baf5158fa%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MYTOTOjFML7KxSCbEjH4KlVRFLAKQ&prev_fmts=0x0%2C670x280%2C670x280%2C300x600&nras=5&correlator=1709386457570&frm=20&pv=1&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1400&ady=3735&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=ZOgG5ttFx7&p=https%3A//overe3.ru&dtd=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 11 Jul 2023 11:05:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame DC16 4 KB
655 B 32ms
32ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&h=280&adk=1429781565&adf=1653867669&pi=t.aa~a.2326922678~i.13~rp.4&w=670&fwrn=4&fwrnh=100&lmt=1689067909&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9426705499&ad_type=text_image&format=670x280&url=https%3A%2F%2Fovere3.ru%2F&fwr=0&pra=3&rh=168&rw=670&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073532494&bpp=3&bdt=17413&idt=-M&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d5b989245e2fcbc-22098f5226de0078%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MarFxYIZG0BqfYfM-nQk3ElE6WP4A&gpic=UID%3D00000c3baf5158fa%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MYTOTOjFML7KxSCbEjH4KlVRFLAKQ&prev_fmts=0x0&nras=2&correlator=1709386457570&frm=20&pv=1&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1485&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=17Cje1krWo&p=https%3A//overe3.ru&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jul 2023 11:05:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jul 2023 10:10:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jul 2023 11:05:33 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/ Frame DC16 2 KB
892 B 23ms
22ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&h=280&adk=1429781565&adf=1653867669&pi=t.aa~a.2326922678~i.13~rp.4&w=670&fwrn=4&fwrnh=100&lmt=1689067909&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9426705499&ad_type=text_image&format=670x280&url=https%3A%2F%2Fovere3.ru%2F&fwr=0&pra=3&rh=168&rw=670&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073532494&bpp=3&bdt=17413&idt=-M&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d5b989245e2fcbc-22098f5226de0078%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MarFxYIZG0BqfYfM-nQk3ElE6WP4A&gpic=UID%3D00000c3baf5158fa%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MYTOTOjFML7KxSCbEjH4KlVRFLAKQ&prev_fmts=0x0&nras=2&correlator=1709386457570&frm=20&pv=1&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1485&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=17Cje1krWo&p=https%3A//overe3.ru&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 17:56:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61721
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 17:56:52 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/ Frame DC16 23 KB
9 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&h=280&adk=1429781565&adf=1653867669&pi=t.aa~a.2326922678~i.13~rp.4&w=670&fwrn=4&fwrnh=100&lmt=1689067909&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9426705499&ad_type=text_image&format=670x280&url=https%3A%2F%2Fovere3.ru%2F&fwr=0&pra=3&rh=168&rw=670&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073532494&bpp=3&bdt=17413&idt=-M&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d5b989245e2fcbc-22098f5226de0078%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MarFxYIZG0BqfYfM-nQk3ElE6WP4A&gpic=UID%3D00000c3baf5158fa%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MYTOTOjFML7KxSCbEjH4KlVRFLAKQ&prev_fmts=0x0&nras=2&correlator=1709386457570&frm=20&pv=1&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1485&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=17Cje1krWo&p=https%3A//overe3.ru&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 17:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61826
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 17:55:07 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/ Frame DC16 3 KB
1 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&h=280&adk=1429781565&adf=1653867669&pi=t.aa~a.2326922678~i.13~rp.4&w=670&fwrn=4&fwrnh=100&lmt=1689067909&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9426705499&ad_type=text_image&format=670x280&url=https%3A%2F%2Fovere3.ru%2F&fwr=0&pra=3&rh=168&rw=670&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073532494&bpp=3&bdt=17413&idt=-M&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d5b989245e2fcbc-22098f5226de0078%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MarFxYIZG0BqfYfM-nQk3ElE6WP4A&gpic=UID%3D00000c3baf5158fa%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MYTOTOjFML7KxSCbEjH4KlVRFLAKQ&prev_fmts=0x0&nras=2&correlator=1709386457570&frm=20&pv=1&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1485&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=17Cje1krWo&p=https%3A//overe3.ru&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 17:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61886
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 17:54:07 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/ Frame DC16 20 KB
8 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&h=280&adk=1429781565&adf=1653867669&pi=t.aa~a.2326922678~i.13~rp.4&w=670&fwrn=4&fwrnh=100&lmt=1689067909&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9426705499&ad_type=text_image&format=670x280&url=https%3A%2F%2Fovere3.ru%2F&fwr=0&pra=3&rh=168&rw=670&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073532494&bpp=3&bdt=17413&idt=-M&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d5b989245e2fcbc-22098f5226de0078%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MarFxYIZG0BqfYfM-nQk3ElE6WP4A&gpic=UID%3D00000c3baf5158fa%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MYTOTOjFML7KxSCbEjH4KlVRFLAKQ&prev_fmts=0x0&nras=2&correlator=1709386457570&frm=20&pv=1&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1485&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=17Cje1krWo&p=https%3A//overe3.ru&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 17:54:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61887
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 17:54:06 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DC16 0
0 33ms
32ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR_Bs0oeFlWhqLZ3wWioDu5DgDpoNTXUzUuI8jH6fYeh73Ghc7xm8D3pA2i_F1n_3Cf6EfbX38SBnk3k8shUYpXqlzK3g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&h=280&adk=1429781565&adf=1653867669&pi=t.aa~a.2326922678~i.13~rp.4&w=670&fwrn=4&fwrnh=100&lmt=1689067909&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9426705499&ad_type=text_image&format=670x280&url=https%3A%2F%2Fovere3.ru%2F&fwr=0&pra=3&rh=168&rw=670&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073532494&bpp=3&bdt=17413&idt=-M&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d5b989245e2fcbc-22098f5226de0078%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MarFxYIZG0BqfYfM-nQk3ElE6WP4A&gpic=UID%3D00000c3baf5158fa%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MYTOTOjFML7KxSCbEjH4KlVRFLAKQ&prev_fmts=0x0&nras=2&correlator=1709386457570&frm=20&pv=1&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1485&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=17Cje1krWo&p=https%3A//overe3.ru&dtd=11
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DC16 179 KB
56 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&h=280&adk=1429781565&adf=1653867669&pi=t.aa~a.2326922678~i.13~rp.4&w=670&fwrn=4&fwrnh=100&lmt=1689067909&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9426705499&ad_type=text_image&format=670x280&url=https%3A%2F%2Fovere3.ru%2F&fwr=0&pra=3&rh=168&rw=670&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073532494&bpp=3&bdt=17413&idt=-M&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d5b989245e2fcbc-22098f5226de0078%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MarFxYIZG0BqfYfM-nQk3ElE6WP4A&gpic=UID%3D00000c3baf5158fa%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MYTOTOjFML7KxSCbEjH4KlVRFLAKQ&prev_fmts=0x0&nras=2&correlator=1709386457570&frm=20&pv=1&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1485&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=17Cje1krWo&p=https%3A//overe3.ru&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79cbf9d3dc9d8df1616dd585c95022e1104e8b2700974ba07a9c1a26187bf3e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57331
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688990556196721"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jul 2023 11:05:34 GMT

GET
H3 200 2a76cf1338a212cd33ad52adb05195b7.js Show response
www.gstatic.com/mysidia/ Frame DC16 33 KB
14 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&h=280&adk=1429781565&adf=1653867669&pi=t.aa~a.2326922678~i.13~rp.4&w=670&fwrn=4&fwrnh=100&lmt=1689067909&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9426705499&ad_type=text_image&format=670x280&url=https%3A%2F%2Fovere3.ru%2F&fwr=0&pra=3&rh=168&rw=670&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073532494&bpp=3&bdt=17413&idt=-M&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d5b989245e2fcbc-22098f5226de0078%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MarFxYIZG0BqfYfM-nQk3ElE6WP4A&gpic=UID%3D00000c3baf5158fa%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MYTOTOjFML7KxSCbEjH4KlVRFLAKQ&prev_fmts=0x0&nras=2&correlator=1709386457570&frm=20&pv=1&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1485&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=17Cje1krWo&p=https%3A//overe3.ru&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 22:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14183
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 22:47:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 22:59:35 GMT

GET
H3 200 JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js Show response
pagead2.googlesyndication.com/bg/ Frame FE6D 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:57:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14572
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Jul 2024 09:57:36 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 991A 1 KB
643 B 25ms
25ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&h=280&adk=1429781565&adf=1653867669&pi=t.aa~a.2326922678~i.13~rp.4&w=670&fwrn=4&fwrnh=100&lmt=1689067909&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9426705499&ad_type=text_image&format=670x280&url=https%3A%2F%2Fovere3.ru%2F&fwr=0&pra=3&rh=168&rw=670&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073532494&bpp=3&bdt=17413&idt=-M&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d5b989245e2fcbc-22098f5226de0078%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MarFxYIZG0BqfYfM-nQk3ElE6WP4A&gpic=UID%3D00000c3baf5158fa%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MYTOTOjFML7KxSCbEjH4KlVRFLAKQ&prev_fmts=0x0&nras=2&correlator=1709386457570&frm=20&pv=1&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1485&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=17Cje1krWo&p=https%3A//overe3.ru&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 41865
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Jul 2023 23:27:48 GMT
etag: 48472445140208031
expires: Tue, 11 Jul 2023 23:27:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/7121002985236798791/ Frame DC16 3 KB
3 KB 25ms
25ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7121002985236798791/14763004658117789537?w=200&h=200

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&h=280&adk=1429781565&adf=1653867669&pi=t.aa~a.2326922678~i.13~rp.4&w=670&fwrn=4&fwrnh=100&lmt=1689067909&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9426705499&ad_type=text_image&format=670x280&url=https%3A%2F%2Fovere3.ru%2F&fwr=0&pra=3&rh=168&rw=670&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073532494&bpp=3&bdt=17413&idt=-M&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d5b989245e2fcbc-22098f5226de0078%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MarFxYIZG0BqfYfM-nQk3ElE6WP4A&gpic=UID%3D00000c3baf5158fa%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MYTOTOjFML7KxSCbEjH4KlVRFLAKQ&prev_fmts=0x0&nras=2&correlator=1709386457570&frm=20&pv=1&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1485&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=17Cje1krWo&p=https%3A//overe3.ru&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

956304f5cd2bf81dde234f542524d0a99e72175abf377abefccf9b30ad1096c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:55:08 GMT
x-content-type-options: nosniff
age: 11425
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3074
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 16:24:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 10 Jul 2024 07:55:08 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/14265955875081558285/ Frame DC16 45 KB
45 KB 28ms
28ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14265955875081558285/14763004658117789537?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&h=280&adk=1429781565&adf=1653867669&pi=t.aa~a.2326922678~i.13~rp.4&w=670&fwrn=4&fwrnh=100&lmt=1689067909&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9426705499&ad_type=text_image&format=670x280&url=https%3A%2F%2Fovere3.ru%2F&fwr=0&pra=3&rh=168&rw=670&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073532494&bpp=3&bdt=17413&idt=-M&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d5b989245e2fcbc-22098f5226de0078%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MarFxYIZG0BqfYfM-nQk3ElE6WP4A&gpic=UID%3D00000c3baf5158fa%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MYTOTOjFML7KxSCbEjH4KlVRFLAKQ&prev_fmts=0x0&nras=2&correlator=1709386457570&frm=20&pv=1&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1485&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=17Cje1krWo&p=https%3A//overe3.ru&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1dc2d00d11dd8648477db904df199c72a7424f1189d5038ab7cd4ebe4756df6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 07:23:22 GMT
x-content-type-options: nosniff
age: 445332
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45746
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 12:06:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 05 Jul 2024 07:23:22 GMT

GET
DATA 200
OK truncated
/ Frame DC16 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js Show response
pagead2.googlesyndication.com/bg/ Frame 20EE 37 KB
14 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:57:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90478
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14572
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Jul 2024 09:57:36 GMT

GET
DATA 200
OK truncated
/ Frame DC16 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49d19ffc775beb3674cc56990eeabb8fccbf922532f983c7222c2fb2d8f945a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 991A
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEN1Pz2itilvJR4Ef3JnrNw0&google_cver=1&google_push=AaAOQGF9KvWFwzKwSAPuoW9M57NngcwWOdOmxzJJ5Wvuno9JHsB13KyTx4jd6LhL6-Z_9Cdwkg2o0OtG9CD6nMLX18HedczyYwd39A
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzA5MDYxNDE4NDAwOTA4NTU0NQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEN1Pz2itilvJR4Ef3JnrNw0&google_cver=1

43 B
398 B

30ms
30ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEN1Pz2itilvJR4Ef3JnrNw0&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 11 Jul 2023 11:05:33 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEN1Pz2itilvJR4Ef3JnrNw0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 991A 0
103 B 46ms
44ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFVscPqAKgCvQAPlFtpPLyk&google_cver=1&google_push=AaAOQGG7xM0YqKOsS_kKJnqjA6vBf0e7glO7ljT_LEux_16MokJBR6ZdCJbwZ52E2liOAyKErzH7YNB1J0DuR4Du6ntZUMKOzkV7FA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&h=280&adk=1429781565&adf=1653867669&pi=t.aa~a.2326922678~i.13~rp.4&w=670&fwrn=4&fwrnh=100&lmt=1689067909&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9426705499&ad_type=text_image&format=670x280&url=https%3A%2F%2Fovere3.ru%2F&fwr=0&pra=3&rh=168&rw=670&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073532494&bpp=3&bdt=17413&idt=-M&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d5b989245e2fcbc-22098f5226de0078%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MarFxYIZG0BqfYfM-nQk3ElE6WP4A&gpic=UID%3D00000c3baf5158fa%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MYTOTOjFML7KxSCbEjH4KlVRFLAKQ&prev_fmts=0x0&nras=2&correlator=1709386457570&frm=20&pv=1&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1485&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=17Cje1krWo&p=https%3A//overe3.ru&dtd=11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:33 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 991A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEH5VRl9KoAQvun4zV5ZQW78&google_cver=1&google_push=AaAOQGH7_5Wl-Yxf8bA7t7UEPrBr_qneczXsFK31SpC0siAIiRGS79ZfejnMvCCmfmtFHimFl8ip4hAxPe_BAULi...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGH7_5Wl-Yxf8bA7t7UEPrBr_qneczXsFK31SpC0siAIiRGS79ZfejnMvCCmfmtFHimFl8ip4hAxPe_BAULidxrQoh2Ia1D-

170 B
188 B

36ms
35ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGH7_5Wl-Yxf8bA7t7UEPrBr_qneczXsFK31SpC0siAIiRGS79ZfejnMvCCmfmtFHimFl8ip4hAxPe_BAULidxrQoh2Ia1D-

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 11 Jul 2023 11:05:34 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x7 config_version:"1438"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGH7_5Wl-Yxf8bA7t7UEPrBr_qneczXsFK31SpC0siAIiRGS79ZfejnMvCCmfmtFHimFl8ip4hAxPe_BAULidxrQoh2Ia1D-
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 11 Jul 2023 11:05:33 GMT

GET
H2 200 i.match
a.tribalfusion.com/ Frame 991A 43 B
454 B 195ms
193ms Image
image/gif 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEB5Szd87L-2IDB3PkE-A-no&google_cver=1&google_push=AaAOQGGIbKfLZyo645Ph3TjPm98EJWleqJITrT4R39oWX1UugazeGrtZOh0qU45wyC988Lj_CGcxMXQ3gKp1v4lkmuTlJFkrAAZHVQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGGIbKfLZyo645Ph3TjPm98EJWleqJITrT4R39oWX1UugazeGrtZOh0qU45wyC988Lj_CGcxMXQ3gKp1v4lkmuTlJFkrAAZHVQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&h=280&adk=1429781565&adf=1653867669&pi=t.aa~a.2326922678~i.13~rp.4&w=670&fwrn=4&fwrnh=100&lmt=1689067909&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9426705499&ad_type=text_image&format=670x280&url=https%3A%2F%2Fovere3.ru%2F&fwr=0&pra=3&rh=168&rw=670&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073532494&bpp=3&bdt=17413&idt=-M&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d5b989245e2fcbc-22098f5226de0078%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MarFxYIZG0BqfYfM-nQk3ElE6WP4A&gpic=UID%3D00000c3baf5158fa%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MYTOTOjFML7KxSCbEjH4KlVRFLAKQ&prev_fmts=0x0&nras=2&correlator=1709386457570&frm=20&pv=1&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1485&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=17Cje1krWo&p=https%3A//overe3.ru&dtd=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:34 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e5092748d6a1d84-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 991A
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEEBiwIj74RUrqn1v8qXPM9I&google_cver=1&google_push=AaAOQGEuV6lEKIK0rq9mg11-uUlKWgm81EzA3PxChkI3gaY04ipuYqlwVIn6NbNd6SNOQ4oryA3OowUPWRxXr5...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1NDUxNTU4OTA3NTM2ODA3OQ%3D%3D&google_push=AaAOQGEuV6lEKIK0rq9mg11-uUlKWgm81EzA3PxChkI3gaY04ipuYqlwVIn6NbNd6SNOQ4oryA3OowUPWRxXr5BQBK...

170 B
188 B

35ms
35ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1NDUxNTU4OTA3NTM2ODA3OQ%3D%3D&google_push=AaAOQGEuV6lEKIK0rq9mg11-uUlKWgm81EzA3PxChkI3gaY04ipuYqlwVIn6NbNd6SNOQ4oryA3OowUPWRxXr5BQBKR4MKo0BcMK

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1NDUxNTU4OTA3NTM2ODA3OQ%3D%3D&google_push=AaAOQGEuV6lEKIK0rq9mg11-uUlKWgm81EzA3PxChkI3gaY04ipuYqlwVIn6NbNd6SNOQ4oryA3OowUPWRxXr5BQBKR4MKo0BcMK
Date: Tue, 11 Jul 2023 11:05:34 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

google_sync_status
x.bidswitch.net/ Frame 991A
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEINXLaq-3GF7oQqVCUIfh5Y&google_cver=1&google_push=AaAOQGG6wIWKiMF04fxi1Q1czQTardGpfKwq6qMJYP3sq9TUu-BrcDYIJH5XmCRsq0dTgsN68ucCuR0hNeC9_q6fS8ru...
https://p.rfihub.com/cm?in=1&pub=20513&ssp=google&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084926077340369&expires=30&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=b1TqBJFrRCK0zirBm48irA==
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEINXLaq-3GF7oQqVCUIfh5Y&google_cver=1

43 B
145 B

23ms
22ms

Image
image/gif

35.156.96.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEINXLaq-3GF7oQqVCUIfh5Y&google_cver=1
Protocol: H2
Server: 35.156.96.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-96-37.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEINXLaq-3GF7oQqVCUIfh5Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 991A
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEFpFACO52KzPoZYwFQO8U1g&google_cver=1&google_push=AaAOQGHbQ70BIdlSlsmz39NLjkml-2AxymlwY7V96yOA3rUDXhFsoxrZEnlq5s5myMVBpbgil8DtmzDmgxLrtWoAMHNdY1W...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGHbQ70BIdlSlsmz39NLjkml-2AxymlwY7V96yOA3rUDXhFsoxrZEnlq5s5myMVBpbgil8DtmzDmgxLrtWoAMHNdY1W18mMjzQ

170 B
188 B

42ms
42ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGHbQ70BIdlSlsmz39NLjkml-2AxymlwY7V96yOA3rUDXhFsoxrZEnlq5s5myMVBpbgil8DtmzDmgxLrtWoAMHNdY1W18mMjzQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&h=280&adk=1429781565&adf=1653867669&pi=t.aa~a.2326922678~i.13~rp.4&w=670&fwrn=4&fwrnh=100&lmt=1689067909&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9426705499&ad_type=text_image&format=670x280&url=https%3A%2F%2Fovere3.ru%2F&fwr=0&pra=3&rh=168&rw=670&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073532494&bpp=3&bdt=17413&idt=-M&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d5b989245e2fcbc-22098f5226de0078%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MarFxYIZG0BqfYfM-nQk3ElE6WP4A&gpic=UID%3D00000c3baf5158fa%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MYTOTOjFML7KxSCbEjH4KlVRFLAKQ&prev_fmts=0x0&nras=2&correlator=1709386457570&frm=20&pv=1&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1485&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=17Cje1krWo&p=https%3A//overe3.ru&dtd=11

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGHbQ70BIdlSlsmz39NLjkml-2AxymlwY7V96yOA3rUDXhFsoxrZEnlq5s5myMVBpbgil8DtmzDmgxLrtWoAMHNdY1W18mMjzQ
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 991A 0
12 B 32ms
30ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KopgmA1aBlhz1lcQfKXhjwbmsayxPtQDCXE3BqmPtS5JMLLaRnm_zwCuqugImM-RyIQ4iT

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&h=280&adk=1429781565&adf=1653867669&pi=t.aa~a.2326922678~i.13~rp.4&w=670&fwrn=4&fwrnh=100&lmt=1689067909&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9426705499&ad_type=text_image&format=670x280&url=https%3A%2F%2Fovere3.ru%2F&fwr=0&pra=3&rh=168&rw=670&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073532494&bpp=3&bdt=17413&idt=-M&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d5b989245e2fcbc-22098f5226de0078%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MarFxYIZG0BqfYfM-nQk3ElE6WP4A&gpic=UID%3D00000c3baf5158fa%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MYTOTOjFML7KxSCbEjH4KlVRFLAKQ&prev_fmts=0x0&nras=2&correlator=1709386457570&frm=20&pv=1&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1485&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=17Cje1krWo&p=https%3A//overe3.ru&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:34 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EAB2 42 B
174 B 60ms
59ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv9hzrR4pTXzw5puWSkMbGGlQJ8YR32WbLyDGBS4l_cAobnKzUC5A2QnlkCigMCGBqycOlzi3Z5TWX_FpVVeaGcrYiU0r-Zs_rAeMrZ38li3Qfsf2t6WRJWVeXaQdJ1vRjngj094l6Eqedt&sai=AMfl-YTMX643x917-4iMsqL4mQsExF8Gq79CcPFnj5cvdff_mVK_NwREVpa4A4XZtw2nFdt20x7Z0yFbA7Ue&sig=Cg0ArKJSzP7M-gUq0X1rEAE&cid=CAQSGwBpAlJWvcHeLAWbcO-CspJ25WmyJt9etUGvSxgB&id=lidar2&mcvt=1041&p=0,0,124,1005&mtos=150,801,1041,1041,1041&tos=150,651,240,0,0&v=20230710&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689073532700&rpt=403&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DC16 15 KB
16 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 05:19:29 GMT
x-content-type-options: nosniff
age: 193565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jul 2024 05:19:29 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DC16 0
19 B 68ms
67ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1bhSfDetZMGqIciLtwfJtL_oCuTstcxU-d7H6NwP4KyA7JACEAEg9saHmwFglfrwgYwHoAGywJn-A8gBCakCAKdZlUR9sj6oAwHIA8sEqgTQAU_QDzJMzEGgDWaT2QhHvdfiGLX0Z1HOnYqZW128CwWMYaojFSEwIpfSeAXoc4zGQA7ineYgSfzkSmY5uO4MJk8xZiJ-9msowKZXNWH0P5ME1Hzem2ESi39Rdt1Uf3pKaIjmVqfRhEVU3oUbN_J_bOl9RW7qbE3xxGGdqxkrwcb0RwqaW7zUY53i8yG9L_Xq4BY8DN1d0IF-lQfzPx-A4E9ennThejw4zSvdmEunvBxKaLziYQIeZ3EVItZjVS9w5TbHD79bAomC0Jv7mk-4zYbABLjMpdbQAZIFBAgEGAGSBQQIBRgEoAYugAe2v-YBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwUQ1ojXAtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwG4E-QD2BMNiBQC0BUBgBcBshccChoIABIUcHViLTEwNzg4NTQwMjkxMTg1ODUYAA&sigh=XVPzjVxwQUs&uach_m=[UACH]&cid=CAQSOwBpAlJWa8-Jj7-szAwHuOt93yFZIu9py1hdsvq2U5H372zwZHa3Jqs72LO8AolCQaG0twwejMXodB6gGAE&template_id=484&cbvp=2&vis=1

Requested by

Host: overe3.ru
URL: https://overe3.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&h=280&adk=1429781565&adf=1653867669&pi=t.aa~a.2326922678~i.13~rp.4&w=670&fwrn=4&fwrnh=100&lmt=1689067909&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9426705499&ad_type=text_image&format=670x280&url=https%3A%2F%2Fovere3.ru%2F&fwr=0&pra=3&rh=168&rw=670&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073532494&bpp=3&bdt=17413&idt=-M&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d5b989245e2fcbc-22098f5226de0078%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MarFxYIZG0BqfYfM-nQk3ElE6WP4A&gpic=UID%3D00000c3baf5158fa%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MYTOTOjFML7KxSCbEjH4KlVRFLAKQ&prev_fmts=0x0&nras=2&correlator=1709386457570&frm=20&pv=1&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1485&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=17Cje1krWo&p=https%3A//overe3.ru&dtd=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 11 Jul 2023 11:05:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 200 gx9d.json Show response
newrotatormarch23.bid/ 59 B
268 B 54ms
53ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://newrotatormarch23.bid/gx9d.json

Requested by

Host: overe3.ru
URL: https://overe3.ru/wp-content/gx9d.js?ver=1.0.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

c266e21242c3f7273d6f69b51e3b5f20a0af37b22b28376950e84f080b41beb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://overe3.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 11 Jul 2023 11:05:34 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 70ms
69ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230706&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

091973f1b4e4aa893bad05375f1703d2a54c36465b3350052b5ce7bbf47ed25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11801
x-xss-protection: 0

GET
H3 200 JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js Show response
pagead2.googlesyndication.com/bg/ Frame 0A6D 37 KB
14 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1078854029118585&output=html&h=280&adk=1429781565&adf=1653867669&pi=t.aa~a.2326922678~i.13~rp.4&w=670&fwrn=4&fwrnh=100&lmt=1689067909&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9426705499&ad_type=text_image&format=670x280&url=https%3A%2F%2Fovere3.ru%2F&fwr=0&pra=3&rh=168&rw=670&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073532494&bpp=3&bdt=17413&idt=-M&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d5b989245e2fcbc-22098f5226de0078%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MarFxYIZG0BqfYfM-nQk3ElE6WP4A&gpic=UID%3D00000c3baf5158fa%3AT%3D1689073531%3ART%3D1689073531%3AS%3DALNI_MYTOTOjFML7KxSCbEjH4KlVRFLAKQ&prev_fmts=0x0&nras=2&correlator=1709386457570&frm=20&pv=1&ga_vid=545171318.1689073531&ga_sid=1689073531&ga_hid=1203957216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1485&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=1660413090864713&tmod=400388553&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=17Cje1krWo&p=https%3A//overe3.ru&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:57:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90478
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14572
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Jul 2024 09:57:36 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 94ms
94ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 11 Jul 2023 11:05:34 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1883 13 KB
5 KB 24ms
21ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://overe3.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3734
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Jul 2023 10:03:20 GMT
expires: Wed, 10 Jul 2024 10:03:20 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4948 783 B
535 B 32ms
31ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

55ec8208135ebd1a75e4390d465dd591be78bfb96b13dbbfe288a5ab31f09819

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zE0JlvBD8Tt7byULgS_NZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://overe3.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-zE0JlvBD8Tt7byULgS_NZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 11 Jul 2023 11:05:34 GMT
expires: Tue, 11 Jul 2023 11:05:34 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js Show response
pagead2.googlesyndication.com/bg/ Frame 1883 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:57:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90478
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14572
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Jul 2024 09:57:36 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4948 0
0 56ms
55ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230706&jk=1660413090864713&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1883 0
11 B 22ms
21ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?kLO5aA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:34 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 test.php Show response
readone.ru/ 48 B
147 B 481ms
131ms Script
application/json 87.236.16.17
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://readone.ru/test.php?ping=ping&callback=jsonp_callback_8981
Requested by: Host: overe3.ru
URL: https://overe3.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.17 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.leela.beget.com
Software: nginx-reuseport/1.21.1 / PHP/7.4.33
Resource Hash: 0a97de6ee58ef5b9bb293ba292bd147c234649dea835f595508697aba884f61d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:05:35 GMT
server: nginx-reuseport/1.21.1
x-powered-by: PHP/7.4.33
content-length: 48
content-type: application/json

POST
H2 200 48681353
mc.yandex.com/webvisor/ 43 B
0 1473ms
1000ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/48681353?wmode=0&wv-part=1&wv-hit=588564477&page-url=https%3A%2F%2Fovere3.ru%2F&rn=854175674&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1689073535%3Aw%3A1600x1200%3Av%3A1074%3Az%3A0%3Ai%3A20230711110535%3Au%3A1689073531267902218%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Ast%3A1689073535&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://overe3.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:36 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 11-Jul-2023 11:05:36 GMT
content-type: image/gif
access-control-allow-origin: https://overe3.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 11-Jul-2023 11:05:36 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
58ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230706&jk=1660413090864713&bg=!ISKlInbNAAb90kgr3dI7ADkAdvg8WiRA83hqPfcx4WN6RPS0W5tIw4zDjuxv2EP8x6tjxQqtAzBXYNVBXl5QLPNU0CZ_EEbeUyMCAAAAW1IAAAAIaAEHmQKdqCmpQDhA_MzjROdiTDWeyFQIZr9-fqsTkYq_eA-8zo2ltqlm8SliqQJdWk5a7GvDv_ki47mRJAy2x5354Fzn6b-I9iUeKMxTma0Hl34C0Ydpg8uGlSuBL7pScF4Du50UoSlSCLE4HvddcKNfrXeAk5uToSN3c4CRVB3IeuYmCzuK3MNtwTJqDh63xI83nWCbd8z9yqB6F6bBSz22QIZ6E34MP2-iXcPpRP66aVzXlTbz7xhgjazFTq3JIMSWmky3NeXxQFPh2Nb8yTyyx0yfRE-wPuC17hubf-18tV4fvj6XTxef9eKe_35oRcmIaXh4MVumY8Kxv5n3nSFfj_y203Jkn6i49iUIMJ3-BJKvcgM_MXiWx0Vg3IinX7lQqj0b8gLPJ1vxdr-J_dfURwDPScwDQkA9MCUiYPVGIuiuAnvXLfewlFysr9GfbKnitZPaBLjTNhVv673_qHBLmOkbpyTr4Th47uncjNCd50jEDhcu5QEtYxzhg08-yPMjjF6ED5rl5Wj3W0a0A3VFhvs2rYWwLz-lCx4nSSpWyY6Ha_S40zuWkOyXuUJsf3jZlm0_EE-4YUlzt5tr5KtwnBfh9fneBZb6uP8NRzxNNd3n9SvxhOd_65PnYUkET_863El-qk-q82fm0_ZjUuUTrx0AhiMY8RUOWlAH1ktL9ECectQ_nA-U9ftZwL345GguCkAMFvVRHCQI4DMZ3JFXb4PDkyeiWkOtoF1Z49vzOciHaxvmgYZHNeprAzHuixowdgVPfWP8TRTq7Xhrunj0V6HUErOWRlU6Wlfey6U1Q911aKspZcHIzUoCERSTBo_pwxyUba6Qc7fKLc4cnlxZRFFtXfTTyKEjrxvTRfhB_nOKQrx6mvn2MnbSdHQujsJY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://overe3.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

POST
H2 200 48681353
mc.yandex.com/webvisor/ 43 B
0 157ms
149ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/48681353?wmode=0&wv-part=1&wv-hit=588564477&page-url=https%3A%2F%2Fovere3.ru%2F&rn=715954359&wv-type=3&browser-info=we%3A1%3Aet%3A1689073536%3Aw%3A1600x1200%3Av%3A1074%3Az%3A0%3Ai%3A20230711110535%3Au%3A1689073531267902218%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Ast%3A1689073536&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://overe3.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:05:35 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 11-Jul-2023 11:05:35 GMT
content-type: image/gif
access-control-allow-origin: https://overe3.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 11-Jul-2023 11:05:35 GMT

POST 48681353
mc.yandex.com/webvisor/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mc.yandex.com
URL: https://mc.yandex.com/webvisor/48681353?wmode=0&wv-part=2&wv-hit=588564477&page-url=https%3A%2F%2Fovere3.ru%2F&rn=621016383&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1689073536%3Aw%3A1600x1200%3Av%3A1074%3Az%3A0%3Ai%3A20230711110535%3Au%3A1689073531267902218%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Ast%3A1689073536&t=gdpr(14)ti(1)

Verdicts & Comments Add Verdict or Comment

261 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

55 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dmg.digitaltarget.ru/1/7114/i	1970-01-20 22:47:13	Name: viuserid Value: X2W5NXO2-bXdlbT7UFM-
overe3.ru/	1969-12-31 23:59:59	Name: fpm_visit Value: 1
overe3.ru/	1969-12-31 23:59:59	Name: fpm_referer Value: %2F%2F%2F%3Adirect
.yandex.ru/	1970-01-20 22:47:13	Name: i Value: vyDmI6VdPDOQvnTD52pcjHvz1F70ulTTKOBRDe/MWSxfiwuO1pbYLfWZ3Iphz9cL/Gr8rnUnpeuY7tNOBgxlOOtCc5E=
.yandex.ru/	1970-01-20 22:47:13	Name: yandexuid Value: 8741638791689073530
.overe3.ru/	1970-01-20 21:56:49	Name: _ym_uid Value: 1689073531267902218
.overe3.ru/	1970-01-20 21:56:49	Name: _ym_d Value: 1689073531
.mc.yandex.com/	1970-01-20 13:11:14	Name: sync_cookie_csrf Value: 4266788720fake
prodmp.ru/	1970-01-20 15:20:49	Name: rai Value: 12e0aba40efda8dd87faed3cb10b31f8
.overe3.ru/	1970-01-20 13:12:25	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 13:11:14	Name: sync_cookie_csrf Value: 2399936427fake
.overe3.ru/	1970-01-20 22:32:49	Name: __gads Value: ID=7d5b989245e2fcbc-22098f5226de0078:T=1689073531:RT=1689073531:S=ALNI_MarFxYIZG0BqfYfM-nQk3ElE6WP4A
.overe3.ru/	1970-01-20 22:32:49	Name: __gpi Value: UID=00000c3baf5158fa:T=1689073531:RT=1689073531:S=ALNI_MYTOTOjFML7KxSCbEjH4KlVRFLAKQ
.yandex.com/	1970-01-20 21:56:49	Name: yandexuid Value: 8741638791689073530
.yandex.com/	1970-01-20 21:56:49	Name: yuidss Value: 8741638791689073530
.yandex.com/	1970-01-20 22:47:13	Name: i Value: vyDmI6VdPDOQvnTD52pcjHvz1F70ulTTKOBRDe/MWSxfiwuO1pbYLfWZ3Iphz9cL/Gr8rnUnpeuY7tNOBgxlOOtCc5E=
.mc.yandex.com/	1970-01-20 13:12:39	Name: sync_cookie_ok Value: synced
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 849305581689073531
.yandex.com/	1970-01-20 21:56:49	Name: ymex Value: 1720609531.yrts.1689073531
.yandex.com/	1970-01-20 21:56:49	Name: bh Value: KgI/MA==
.overe3.ru/	1970-01-20 13:11:15	Name: _ym_visorc Value: w
dmpprof.com/	1970-01-20 22:47:13	Name: uid Value: fb8e0056-c728-4b32-a7d0-09ad724fbf09
.betweendigital.com/	1970-01-20 21:56:49	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 21:56:49	Name: tuuid Value: 07ef122f-4d93-52c0-828f-7ca9e6224bd5
.betweendigital.com/	1970-01-20 21:56:49	Name: ss Value: 1
dmpprof.com/	1970-01-20 13:31:23	Name: enrich_data_v2_5 Value: 1689073532
.betweendigital.com/	1970-01-20 21:56:49	Name: ut Value: ZK03fAAFT2CBxLUpOtR20D60HtAoG-ClEZFKSQ==
.yandex.ru/	1970-01-20 22:47:13	Name: yuidss Value: 8741638791689073530
dmpprof.com/	1970-01-20 13:11:56	Name: nmatch Value: 44931_07ef122f-4d93-52c0-828f-7ca9e6224bd5
dprof.site/	1970-01-20 22:47:13	Name: uid Value: fb8e0056-c728-4b32-a7d0-09ad724fbf09
dmpprof.com/	1970-01-20 13:31:23	Name: enrich_data_v2_2 Value: 1689073532
.quantserve.com/	1970-01-20 15:20:49	Name: d Value: EAkBCQG4KYEA
.quantserve.com/	1970-01-20 22:41:27	Name: mc Value: 64ad377d-8416d-68cda-d5ed6
.ctnsnet.com/	1970-01-20 21:56:49	Name: gid_CAESEOQTTK2-0RL65NCoviwjIwI Value: 1
.adform.net/	1970-01-20 13:55:51	Name: C Value: 1
.de17a.com/	1970-01-20 21:49:37	Name: guid Value: 1.3124273474843107301
.adform.net/	1970-01-20 14:37:37	Name: uid Value: 8379073840207024218
.quantserve.com/	1970-01-20 15:20:49	Name: sp Value: CgsI2WUSBgj97rSlBg==
.doubleclick.net/	1970-01-20 22:32:49	Name: IDE Value: AHWqTUkxSxSywXbw0Iy-5whyOckB0lraalh3kC4UKbCXtRFcbp7NCkE5MokK39AHY0A
.ctnsnet.com/	1970-01-20 21:56:49	Name: gid_CAESEOYTK00DOjjkJsc29ovwDPk Value: 1
.ctnsnet.com/	1970-01-20 21:56:49	Name: cid Value: ba71f32aea9b4e8c9768b59dac2d6cd1
.bidswitch.net/	1970-01-20 21:56:49	Name: tuuid Value: 6f54ea04-916b-4422-b4ce-2ac19b8f22ac
.bidswitch.net/	1970-01-20 21:56:49	Name: c Value: 1689073533
.bidswitch.net/	1970-01-20 21:56:49	Name: tuuid_lu Value: 1689073533
.turn.com/	1970-01-20 17:30:25	Name: uid Value: 3090614184009085545
.w55c.net/	1970-01-20 22:42:54	Name: wfivefivec Value: Vsl6VhKU1Qjbbv5
.yahoo.com/	1970-01-20 21:57:11	Name: A3 Value: d=AQABBH03rWQCEGFW5VpkPrjG0Ceq7snwZQQFEgEBAQGIrmS3ZAAAAAAA_eMAAA&S=AQAAAni1ox3jxPGD80uqLjlk2j0
.w55c.net/	1970-01-20 13:54:25	Name: matchgoogle Value: 5
ads.avct.cloud/	1970-01-20 21:56:49	Name: uuid Value: 95bf75d6-8953-4817-926a-5c090b4afca7
.adfarm1.adition.com/	1970-01-20 15:20:49	Name: UserID1 Value: 7254515589075368079
.mathtag.com/	1970-01-20 13:54:25	Name: mt_mop Value: 4:1689073534
.tribalfusion.com/	1970-01-20 15:20:49	Name: ANON_ID Value: aTnuYpNj6WlCyhURAZdhGGQZcdb3wQTdlZcaZcZbDh7JU5kcunX1UBBjbp6XDrZccoiHxLPTodZc6PbyO3x5rvhcfFjRBMWZaI1dFvFbftCjHbC7
.rfihub.com/	1970-01-20 22:32:49	Name: eud Value: H4sIAAAAAAAA_1vFwmtoZmFpYG5samxibG4JAB-7GlUQAAAA
.rfihub.com/	1970-01-20 22:32:49	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MjMwNzc2MTA2sxTiM9TNikh0dyxLy_E0STYCAE7a4KclAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MjMwNzc2MTA2sxTiM9TNikh0dyxLy_E0STYCAE7a4KclAAAA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-1078854029118585&fa=1&ifi=7&uci=a!7&btvi=5&xpc=WqYESHPGwa&p=https%3A//overe3.ru Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://overe3.ru/ Message: The resource https://overe3.ru/wp-content/themes/root/fonts/fontawesome-webfont.ttf was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
ads.avct.cloud
ads.betweendigital.com
adservice.google.com
an.yandex.ru
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dmg.digitaltarget.ru
dmpprof.com
dprof.site
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
h5r2dzdwqk.com
match.adsrvr.org
mc.yandex.com
mc.yandex.ru
newrotatormarch23.bid
onetag-sys.com
overe3.ru
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prodmp.ru
r.turn.com
readone.ru
s.tribalfusion.com
sync.mathtag.com
sync.teads.tv
tat3ayogh6.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
yandex.ru
yastatic.net
mc.yandex.com
104.75.89.75
142.250.184.226
178.250.1.9
185.15.175.157
185.29.134.244
188.42.191.196
193.0.160.131
193.106.92.202
2001:678:cb4:bbbb::11
213.155.156.166
2606:4700::6812:19ad
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:803::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8::90
2a02:6b8:a::a
2a02:fa8:8806:13::1400
2a05:d018:d29:3602:1672:d30d:b59c:db98
3.120.19.26
3.33.220.150
35.156.96.37
35.186.193.173
37.157.3.30
45.130.41.31
51.89.9.253
54.72.130.3
85.114.159.118
85.192.12.170
85.192.12.173
85.192.12.174
87.236.16.17
95.216.65.102
00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
0343d64b8da69712a6c4658bbe62f6ca59c0f68d4f370b80d8f60fb4f3ae5369
044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908
0829a987d537e6f9ee3e108374e86e706e2f78cc7894929d1aefae1a40e43958
086f06c3d493b7808e40b36e5d9c657a6d0088a425e554b4035b4ae47cbf3021
091973f1b4e4aa893bad05375f1703d2a54c36465b3350052b5ce7bbf47ed25b
0a97de6ee58ef5b9bb293ba292bd147c234649dea835f595508697aba884f61d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c3c7d4f72d01f57f3d95df353831b1d4a7af83aa5dcdb652f89b28d619b4b1e
0e40e206be93ad0d639a6fefc543309a7d4aae6c141dcfb393b0964ae5614ce9
1716eb29cf92580442f3a3885245dbafda66b7ab8d270a71dafbe61970f5b879
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1d7a02c51475415265005e28261baf2485a8125853c12ec615d07965db1a47c1
1dc2d00d11dd8648477db904df199c72a7424f1189d5038ab7cd4ebe4756df6a
1dd63824a6304e84f5ac8549da2750d150a0eb24c50960dd83e08a63d5a97f21
2294bf733e9768b8b954405739359fe837cd4d6a8d383864f8c576f81a51522e
24b43f618fa4abf3ade5e241a73a29f7efd3b52872b18c06b0ce98c9e25ca3b7
26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65
27612014dd631d3575ba0bf6f64b7407421599d9d6a04ebcee56e63ad6645940
28cce79fbfb93f180d0e7533ca3a43bd5faa37c45cf1598d4485f5e080bc83cc
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ae1b88b15ca1caa5c4be8b0cc8fa76e8e3882fc85949f145483d8fcb2a6675b
2ce09377d7dffeacc7b003c69cee122d2561fbf737e817b11d38918d7a39841a
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2da017bc1dec28e5efe3973e21abf284a1c83b2fca72440179cd091eb1a2fac1
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
34c27c7e20c817b574fe21ae7dab69912ce5e0f862079498c9154eebccfcbb06
3668f6d335416599574fb1f336cbd2b9bb2f8fcff63e63a9ca3b68df4d0c6165
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
3837b60b0f1fc5410d53bcda31d2ca5cae542b11d335806b45c190c3badb654b
3906ad84ef30da95e6dc896d12f4ee9664de482d35c7294a612cf19f08dbf2a6
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d
3c71a29d865e5c8fa5146ac5ec15a4bb742f6e92d2bd2f35dd9e1451db842cea
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
407e5f7555fe203a6245ac0209874437d50b9daf51a7102e6fd90a99a3df1717
42f9ae4b3dee678c141f893c75a4be4aea39462cea3c54a1ab28eac4498e1a74
43f9c247438df69c6c2bc91f8267dde1862558c1032a04148838e324fb42f7e1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45e30a04938b87ac472f696a44766d6803c04cc2a6ac0c677c8eff93bd421faf
4896394ccbe06fd1696696f617e8b762b1692d97d5cd1c0529d33c3e7e5c8cd5
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
49d19ffc775beb3674cc56990eeabb8fccbf922532f983c7222c2fb2d8f945a6
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa33aaf25052833e9c304f27d0dcecadf1ca9d0e956bd01a4130d9c734ca69b
502d3ca81d9c79bd9556507fd926da9273d9cc4661d6eff86df70c9c1902bae0
510c79fa3b8f0000f944c6e206ba51dd6783e43fc8676deb7627282323ee9a62
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
550fb286484bb11b70e323b26571e529e950bb6c54f8f0ea61063b4071a3649f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ec8208135ebd1a75e4390d465dd591be78bfb96b13dbbfe288a5ab31f09819
567294436650a4c85384d2aca98da3857a7c3d57491796d7ea24d7d0d5d803b9
5731214ddd0cdc34eea81cf2df4bf05ad0ef4577b1b4200bd007cfe2d6e37603
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5b5341393971c81247922fd4d8cf9edde8bd0c9ee6bb4f5b41e8d6eeb4bbff45
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d3c81d38fa32915be4a76abd4173e77b0cc342b91643f8ef994a2bbe26abad9
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
5f010159247bf3b25e92cd7c414b38194bd825a212bf42f9adaa8587bd0253ac
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626c91a33d665410e0e0cfbca6f571dc84132a5271a4d8db5eab22511e031e62
62ac0d5491ebdfa1ab03d61597d7b7b7373fd2129d0b1bb3ca3364bd482678d1
62ed8e910abb843108e9c7058885b24001beb80e8af008bdaac9d34a4db2902f
659af7da5b322ef98695a80c815c91bfdb146fb526d440e0653affe2f324994f
68e5f275b97a7738097bb949dfd62990d901f24e24c0667fbdfc1d52221daa98
6a189f849d9e75c371f97f07f495311c0b2a4c17f0f331b099fa7cd964e16b4c
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
6f2367e8b17ee1d78f5b6a2761ddedaef4d64612aaada1c236c57bb718db3f53
703be5ea831d9a9c41b5c6b28ad0de8efeeb6275745e726f640c95e25fbb8283
712bed23dc18b6cc683532980d87b09369b60f1ae4723233101d6c29a0313245
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
79cbf9d3dc9d8df1616dd585c95022e1104e8b2700974ba07a9c1a26187bf3e3
7af319c593aa6f3da93d86d0886cf9196170c98662955aed2097ea0c14e774a3
7fcbd2ac6d4863e2e79faee8bb9d556853cef4a8d7ba54c4dbbb0765676ed5a2
80a2d7122993ca65b09a265a92ab7275d283afa3edeca1c735f37b0b05490fad
8273c61714676eb35657b3e0c831df70d36019e7bbb88da7d003151da723ef7f
8b745d899a7d1fe4ae94821dfac5d4501cb9f85945c25a69cefa123ce6fac452
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ef6a2606b59dd152b2a4078f5a659779a5c057d1e3dfd5782e9dfed3ef0eea1
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
931ae9e62fccaba62c25835e379b56040607c07dc61372e68a5c4cc80c36b92b
9523184ceab914a2ebc4b500fc496b3b6ce379e03ccada34e4ed7a10bf9a2a8b
956304f5cd2bf81dde234f542524d0a99e72175abf377abefccf9b30ad1096c7
989facedee8e289fa1b6cc0049b60644bd4c1d276c81379cc3016c03a6f16eea
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c4926b247def1bd98c0f6f6fbbaba449e2702ecf71ca6fceeacf7db04f9e9c9
9f7a309d243dd167699e87b914e376ffcdfe8aa2cbf86b825cf7596470d2c040
a05288d8dc0dddf3c8a4695c66cdf3aa6b7c1117bd902a584f2083c0b121b1ac
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a32329228fcd12d562819b6cd68c04935e106a43a604c53df551e4f3e2911914
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a69c12ccd186a899db79fce802b46c08e71f69c2c422be2666ed8565e3add026
a6c08d944aa80a89d4289d63b047c275a3de45130273a32bfd224ee0a6fdd7bd
aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8
b17fe7091c0ec8e16acb022f3de1fe6f3ddaf4822eff6010a2c7563e34da7789
b54e1dcd6fb510eb1593d73cd90e25ac18345cb380431874d7d66ad49fcd397a
b886f11e6cea2d231535fd0b59bb2950a8d40d9ec4a39b6da894c1f90d89a382
b9ce8c99893dedb35c13ee1516305470b381a3530a7be8314b651421231d21f0
bb59814a274753b01f75183c8e5d2f4de08f66b80fafcfea86276dd0cf37623d
c01edce97631c9758a35d51c0ea7c580da897713b9d3709f0ca3b640218ea203
c0477d942cebc411c71105c03fadfe75fcb385965ccddfe1032f8f6ac35b30d7
c266e21242c3f7273d6f69b51e3b5f20a0af37b22b28376950e84f080b41beb1
c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb
c2d7cd61f6427442c5754f0391119b2e2841ee9a9b6c9af4e8a2ba0350a2ba5a
c2fa5152950dfa866f8a50656f399ce5d74ced029928bd9d398b814480aef3e1
c4f7cda9613b25856f0ae446949cecca7c76b113056d11a0f186b5c1e583468a
c665f123559bae09e9fdeb6018f7970d474372465f2adfd1fdd23c31f455532e
cac30a3a9ee5c6a526b4da2d38dd0750c45c9933a0782edeb8cfe366bc946595
cacb67f6bb02ffdb9aa28f11ff9353c0863f365ee4a09cecff4cbe0d3df6690f
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cd6b6588eac008250b4a63cbe6823004dff9e9e20fa75b4a3c37df6a279ee9b6
d27584e1762c5eaf826442e120b5cad934079b244da4909c44df2a07753b52b2
d479a19e80d5a182c04fefd268766c8caad3e84d2c4bc3e79eb95f4bbaf7d817
d6dcadc2357959dc12f3e715dd3eaa941aee4e01e6ca0f1054a0b9eca5f76533
d8b475828393991ad32e7729d44d13896dd6969db3167954b2587c54e5c4e359
d9d716eaa956004f53b8d45ed30097126b8890056a42a8c3f3efd52a0710c1e6
dd4b23014f45468b01838a0fd5af33eee20ebeda33afff932e8d3c1ed22f86e5
ddbda21655c0c2cb09913a9e33d856a8b8f3e1eae610cdbda8524def2dc71f7d
e163a4d49f420e605fecae3e7c7308a4fddd864b9e7593a86645a4d981a44654
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5f237805b48ac630600d9547b183cd7983062599457190d818884a808f910a8
e9b41509a3e9cb1e6f55531937d1f94b13fb30913dfa1bbbe52bc232d255f89a
ebf5ea2d15237f041bfb964486a1df0feecafc5e80d4afd185f5d96d07ca064a
ece07dcb515304af57df3b89b20a3f1d775a141f053a11cfd1b828159f299078
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6d08a42d317e47689365ba76947510517bdf9a610dd268d602a1fcc2f34f94a
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f9af20f493eb19e7b058ce1351e861caa7479d779c6e13dfa8e4b561115098d3

overe3.ru Open in urlscan Pro 45.130.41.31 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

223 Requests

88 %HTTPS

44 %IPv6

38 Domains

46 Subdomains

31 IPs

11 Countries

3951 kBTransfer

11113 kBSize

55 Cookies

0 Outgoing links

Page URL History

Redirected requests

223 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 18 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

overe3.ru Open in urlscan Pro
45.130.41.31 Public Scan

Screenshot
Live screenshot

Full Image

223
Requests

88 %
HTTPS

44 %
IPv6

38
Domains

46
Subdomains

31
IPs

11
Countries

3951 kB
Transfer

11113 kB
Size

55
Cookies

223 HTTP transactions
18 data transactions