obereginfo.ru Open in urlscan Pro
88.99.216.125 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://obereginfo.ru/
Effective URL:
https://obereginfo.ru/
Submission: On March 10 via api (March 10th 2023, 6:01:49 am UTC) from US — Scanned from DE

Summary HTTP 249 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 27 IPs in 7 countries across 34 domains to perform 249 HTTP transactions. The main IP is 88.99.216.125, located in Germany and belongs to HETZNER-AS, DE. The main domain is obereginfo.ru.
TLS certificate: Issued by R3 on February 26th 2023. Valid for: 3 months.

This is the only time obereginfo.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 75	88.99.216.125 88.99.216.125	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	192.162.246.39 192.162.246.39	16262 (DATACHEAP...) (DATACHEAP-LLC-AS)
21	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
3 9	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
19	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1 2	154.47.36.107 154.47.36.107	174 (COGENT-174) (COGENT-174)
6	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 29	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 4	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
18	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a02:2638::c 2a02:2638::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2600:1f1c:a99... 2600:1f1c:a99:832c:d4e8:8c1e:e58e:3348	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
3 21	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:da82:a258:4122:590d	16509 (AMAZON-02) (AMAZON-02)
4 4	104.36.113.112 104.36.113.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	199.127.204.142 199.127.204.142	26120 (RHYTHMONE) (RHYTHMONE)
3 6	104.109.66.25 104.109.66.25	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	54.188.225.146 54.188.225.146	16509 (AMAZON-02) (AMAZON-02)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
4 4	213.155.156.180 213.155.156.180	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
2 2	3.233.54.112 3.233.54.112	14618 (AMAZON-AES) (AMAZON-AES)
249	27

75 88.99.216.125 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.125.216.99.88.clients.your-server.de

obereginfo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.162.246.39 (Russian Federation)

ASN16262 (DATACHEAP-LLC-AS, RU)
PTR: pafnuty10.example.com

imgholder.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 154.47.36.107 (United States) 1 redirects

ASN174 (COGENT-174, US)

mc.webvisor.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:2638::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f1c:a99:832c:d4e8:8c1e:e58e:3348 (San Jose, United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.250.185.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:da82:a258:4122:590d (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.36.113.112 (United States) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.127.204.142 (United States) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.109.66.25 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-66-25.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.85 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.188.225.146 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-188-225-146.us-west-2.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.155.156.180 (Sweden) 4 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-180.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.86.98 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.233.54.112 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-54-112.compute-1.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
75	obereginfo.ru 1 redirects obereginfo.ru	1 MB
44	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	768 KB
36	criteo.net static.criteo.net — Cisco Umbrella Rank: 626 pix.eu.criteo.net — Cisco Umbrella Rank: 7684 csm.eu.criteo.net — Cisco Umbrella Rank: 8046	518 KB
36	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 28 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	171 KB
16	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn2.gstatic.com	292 KB
9	yandex.ru 3 redirects mc.yandex.ru — Cisco Umbrella Rank: 3716	4 KB
7	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 65 www.google.com — Cisco Umbrella Rank: 2	1 KB
6	teads.tv 3 redirects sync.teads.tv — Cisco Umbrella Rank: 1210	1 KB
6	criteo.com rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 12725 ads.eu.criteo.com — Cisco Umbrella Rank: 8007 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 9454	102 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	292 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	5 KB
4	de17a.com 4 redirects d5p.de17a.com — Cisco Umbrella Rank: 4243	1 KB
4	pubmatic.com 4 redirects image6.pubmatic.com — Cisco Umbrella Rank: 717	2 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8682	818 B
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2215	790 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 734 s.tribalfusion.com — Cisco Umbrella Rank: 1808	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 719	2 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 380	2 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 492	2 KB
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 640	925 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 196	10 KB
2	webvisor.org 1 redirects mc.webvisor.org — Cisco Umbrella Rank: 27512	859 B
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 337	119 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 705	339 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 316	464 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1392	587 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5984	553 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 708	712 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 965	682 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 421	715 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 585	544 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 863	605 B
1	imgholder.ru imgholder.ru	398 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 776	7 KB
249	34

	Domain	Requested by
75	obereginfo.ru	1 redirects obereginfo.ru
29	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net obereginfo.ru pagead2.googlesyndication.com tpc.googlesyndication.com
21	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net obereginfo.ru
18	static.criteo.net	ads.eu.criteo.com
15	pix.eu.criteo.net	ads.eu.criteo.com
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com obereginfo.ru googleads.g.doubleclick.net
15	pagead2.googlesyndication.com	obereginfo.ru pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	mc.yandex.ru	3 redirects obereginfo.ru cdn.jsdelivr.net
9	fonts.gstatic.com	fonts.googleapis.com
6	sync.teads.tv	3 redirects obereginfo.ru
6	www.googletagservices.com	googleads.g.doubleclick.net
6	www.gstatic.com	googleads.g.doubleclick.net
6	fonts.googleapis.com	obereginfo.ru googleads.g.doubleclick.net
4	d5p.de17a.com	4 redirects
4	image6.pubmatic.com	4 redirects
4	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
3	csm.eu.criteo.net	ads.eu.criteo.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	match.360yield.com	2 redirects
2	pm.w55c.net	2 redirects
2	secure.adnxs.com	2 redirects
2	sync.1rx.io	2 redirects
2	cms.quantserve.com	googleads.g.doubleclick.net
2	cdnjs.cloudflare.com	ads.eu.criteo.com
2	cat.nl3.eu.criteo.com	ads.eu.criteo.com
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	rtb.nl3.eu.criteo.com	obereginfo.ru googleads.g.doubleclick.net
2	mc.webvisor.org	1 redirects obereginfo.ru
2	cdn.jsdelivr.net	obereginfo.ru
1	onetag-sys.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	um.simpli.fi	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	imgholder.ru	obereginfo.ru
1	maxcdn.bootstrapcdn.com	obereginfo.ru
249	44

This site contains links to these domains. Also see Links.

Domain
seonica.ru

Subject Issuer	Validity	Valid
obereginfo.ru R3	`2023-02-26` - `2023-05-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
imgholder.ru R3	`2023-01-17` - `2023-04-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-04-05`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-04` - `2023-06-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-17`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://obereginfo.ru/
Frame ID: BD56E883BD5C5453BA7ACB4150670848
Requests: 111 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230307/r20190131/zrt_lookup.html
Frame ID: 0E9DAC28F5E382BA80E8C7E2675BD797
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9282886054584271&output=html&adk=1812271804&adf=1573534164&lmt=1678428102&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_r&format=0x0&url=https%3A%2F%2Fobereginfo.ru%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678428102026&bpp=4&bdt=381&idt=114&shv=r20230307&mjsv=m202303070401&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5334749556943&frm=20&pv=2&ga_vid=1827833561.1678428102&ga_sid=1678428102&ga_hid=261455705&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759875%2C44759837%2C44759926%2C31072927%2C31072952%2C31071975&oid=2&pvsid=203261357837615&tmod=1559851496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=144
Frame ID: 4FDC562E7F3286853DC92723C0FB4525
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9282886054584271&output=html&h=280&adk=4070374814&adf=200266896&pi=t.aa~a.3885849338~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1678428102&rafmt=1&to=qs&pwprc=6977672473&format=1200x280&url=https%3A%2F%2Fobereginfo.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678428102730&bpp=2&bdt=1085&idt=-M&shv=r20230307&mjsv=m202303070401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63ac26277b81cbe2-229de1e048dd0044%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZOlQxQQnVP9W1nUqxOUzQK9qJ3hw&gpic=UID%3D00000bc2ccf04990%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZhUxfy2sCiIB1O_6dTYlktX9RKPg&prev_fmts=0x0&nras=2&correlator=5334749556943&frm=20&pv=1&ga_vid=1827833561.1678428102&ga_sid=1678428102&ga_hid=261455705&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759875%2C44759837%2C44759926%2C31072927%2C31072952%2C31071975&oid=2&pvsid=203261357837615&tmod=1559851496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=U1CnLXS6sH&p=https%3A//obereginfo.ru&dtd=18
Frame ID: 5D4E0BEBA81FB804F58F93532E1B5FCB
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9282886054584271&output=html&h=280&adk=4070374814&adf=3541544065&pi=t.aa~a.508132186~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1678428102&rafmt=1&to=qs&pwprc=6977672473&format=1200x280&url=https%3A%2F%2Fobereginfo.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678428102730&bpp=1&bdt=1084&idt=-M&shv=r20230307&mjsv=m202303070401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63ac26277b81cbe2-229de1e048dd0044%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZOlQxQQnVP9W1nUqxOUzQK9qJ3hw&gpic=UID%3D00000bc2ccf04990%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZhUxfy2sCiIB1O_6dTYlktX9RKPg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5334749556943&frm=20&pv=1&ga_vid=1827833561.1678428102&ga_sid=1678428102&ga_hid=261455705&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759875%2C44759837%2C44759926%2C31072927%2C31072952%2C31071975&oid=2&pvsid=203261357837615&tmod=1559851496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=NU1RE8M3N9&p=https%3A//obereginfo.ru&dtd=25
Frame ID: 95A4266B9B5BBEEEFB7A5CD41770B027
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9282886054584271&output=html&h=280&adk=2509025803&adf=1232481941&pi=t.aa~a.3798260991~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1678428102&rafmt=1&to=qs&pwprc=6977672473&format=1200x280&url=https%3A%2F%2Fobereginfo.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678428102730&bpp=1&bdt=1085&idt=1&shv=r20230307&mjsv=m202303070401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63ac26277b81cbe2-229de1e048dd0044%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZOlQxQQnVP9W1nUqxOUzQK9qJ3hw&gpic=UID%3D00000bc2ccf04990%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZhUxfy2sCiIB1O_6dTYlktX9RKPg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5334749556943&frm=20&pv=1&ga_vid=1827833561.1678428102&ga_sid=1678428102&ga_hid=261455705&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759875%2C44759837%2C44759926%2C31072927%2C31072952%2C31071975&oid=2&pvsid=203261357837615&tmod=1559851496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=iMLHqwcBux&p=https%3A//obereginfo.ru&dtd=28
Frame ID: AE268DBFDF0E63E9D99DE6FA81EDF7A8
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/zrt_lookup.html?fsb=1
Frame ID: A6854994F1332118528F1D9222FF57B0
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/zrt_lookup.html?fsb=1
Frame ID: BED3F46CB535263C64066977EE8007DE
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/zrt_lookup.html?fsb=1
Frame ID: F5A691CB831848B6E47FF7F8F6872610
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZArHxgADPw8CHkUDAAUNX8zdL_J9YUaxmwlnbg&u=%7C6vIzTdtzmMOO2KXGgdktRjNfu42CbupFZ7cqYuxaOYw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86wVX5GOWVqOihvpKyLFpE7fcRfdFsEHfrnUbYd_GXgTb5fRKN9F8CNTPiQ3X_ObXIJFoySUwPiSf9MSSMEi4OwSNQLUvEZ605ACNCQzJcbTIoWrECQZTfOtOYxe6jkKeS_LH4stnSoky-aAHWWf2i7S4ffgkFyQqdGU1poWieND_WUJIbatWz1lY-cONUSU2yCePAsXZXfkAKPXIZGifK-IFLcudcwbVe-vDGD4zBCbna40BNcRl0AqdkjIRyk32C7aT8btrrfqM1ozbX9RkE7JA9NReL1NANGYgay7cjTj2U9VsSqr3u3P-fgVqiJ-W4tp-czdDN-zeGFboxBQYTUy8r-zdEEtuyqBiA--hjrtI9UA5mXgL5yI8bXvinnkETy-m6BEZnsBOHpOojhLFJySFAPLQHaFPfbLB0bOjZScDeu4TzdcVVjawWs3qFmOmCJ4R5Qk7_NFX63CblTVjL73fiiMbNoboBQb3RYx8Dve-pFLUEJfgIO74ps411DknvOIq0wJuWBl2SX3YrVzJqiV_O-PLs12M-Sz2KsFwU78HXrHbRmnjYp3OaVQg17FhkQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHcN-xscKZI_-DIOK-cAP35qUsAfJntKxXI3w4taTAcCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi05MjgyODg2MDU0NTg0MjcxyAEJqQL5fol0n8KxPqgDAcgDAqoEuwFP0PKhUesyQScTrh9AQET94MHaBm8zQv50IUzZD6yBwD_8LLvWpMqh-PwjGBMVHfNF1GOGK25jRVc_HmgU7UilGe4JYjAbZEewpCo5AkT56Gcel413J5nE3vXGYlfS4LQcoqKnnGtOdDN8EhXHdYtFiIHcxD8LYozbupAXU4T2NW_1_eYIPPS8zD2ue55TD3VFvmEijkupzPdzag58IdoYkR7AtHxp-WxkIoo2mX5mFBOqB4oPmMV5VoIkgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Z08vzDyao3UDRhtxIFzG070v1xA%26client%3Dca-pub-9282886054584271%26adurl%3D
Frame ID: 6D6DAD597E2E93F179BA7EFB00255D11
Requests: 23 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 5B354B3C091701679DC3AFF515F6288E
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: ECACA6F6345A6C671972D6B30C7BB53E
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZArHxgAMMzEKwk2ZAAgIokgmtZlHuzeRA_vaeg&u=%7C6vIzTdtzmMMWrZpabA1pvMohusRhjQtbMppp8zH9vgE%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86wVX5GOWVqOijhVprVqhwwohmFrodkT-2HHk4w1lxb0Dz7qQKplhvEf5gSvPu1KOjPOO6rX--GdKYHT9FpMetLUUxi3B6S8n5ZWD40qxkZppYEl3LGlzPy0TxoEwar_A2TVJybOrlgZjO9fP_rILVaN-3N7C5r_GMnva7S4e8xBkS8VEk5T_eDdTCyetuRAPITIADFixWYMbN_RKu9HTkDr1pWaT85pWqaeesrYQDyQKm9Nc2exb4CF2qDGSR6iBc30jPfEgP3bDSBXwT3D65IepQiQiH-7Y0Lo6eGFBSOFAQe-K_gf8UU6nyI9mS5JiOqC2Db90cApywiK44yznGmmFLUXwum9daVGzVFx_V9jyqGPqIbF7OiT5RZWj0nth0irpD-4jMVTfaVxB6aOtfWMcYbFnV7emuX4csHjZPsnV1Ta5jzeD0qKc9OsNU_Zu5xcsaZrmVZMBYHswZ1TOzAHZSi0io_T5tHix6J86u13oQgq77Q6djW9K4soOBLU7O7TU-PPgWe5OHHbojmXGpAn_7yKq21v7cINGvpkrfamW3s59OgmBH9w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCWerxscKZLHmMJmbiQaikaCgD8me0rFcxYyL4JoBwI23ARABIABglYKAgKwHggEXY2EtcHViLTkyODI4ODYwNTQ1ODQyNzHIAQmpAiAns5b-xbE-qAMBqgTBAU_QImEWt4CRKyKK-Pe1RoMtQmnjk8MOXU1W7-wvFmOo6drqbVvNmfyVRGydLvNJVA8whVJpvcPzMHMhI1sDIlT30wj0hkidfgipBvTsZhv4VYECGbP2LIZqtWqGg7X-TOGW4cqnzxX-E5_S_De9HhzkfR6IfMug6pt4PTbvJojVFjyff0jWlGgGN7e31FbfrPpH5w9e0oMnd0U1rdXpGVOO2iuMfdAFJXXlRXN8NcLtasbSlADUGgyD2r2ilcxbNGiABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0h8kNM5wWIilEQxh2__GmZXS9opw%26client%3Dca-pub-9282886054584271%26adurl%3D
Frame ID: 7C4AC837C27B70BCDFEA9F08DAD9CFA8
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 78BA04BB765B03DF91E359077554DE7A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vXNxKHOfM0woUYPMlVUM_skHL1Nu-ue6r5dLQlK5kuA.js
Frame ID: AE01D1F7636AE1A3A6A2B94F1DEA904D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vXNxKHOfM0woUYPMlVUM_skHL1Nu-ue6r5dLQlK5kuA.js
Frame ID: 564D03FC46E83F4F992F0129A3F904DE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 95FB6035AE0FA643B29EEA721E163DD9
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 399D97717C0152B99D58556093404CAD
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vXNxKHOfM0woUYPMlVUM_skHL1Nu-ue6r5dLQlK5kuA.js
Frame ID: CCB81ABD3676163F11C44CA0F946364E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1FFC14FC4BC597A54C446A37A39E9DDB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 137F275965C8A942271477288C5BD745
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Оберег Инфо - обереги, талисманы, молитвы, куклы

Page URL History Show full URLs

http://obereginfo.ru/ HTTP 301
https://obereginfo.ru/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

249
Requests

91 %
HTTPS

54 %
IPv6

34
Domains

44
Subdomains

27
IPs

7
Countries

3498 kB
Transfer

5930 kB
Size

38
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://seonica.ru/
Title: Сделано в 2019

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://obereginfo.ru/ HTTP 301
https://obereginfo.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 91

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fobereginfo.ru%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A798%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A980%3Acn%3A2%3Adp%3A0%3Als%3A1234098147496%3Ahid%3A137516003%3Az%3A0%3Ai%3A20230310060142%3Aet%3A1678428102%3Ac%3A1%3Arn%3A551865329%3Arqn%3A1%3Au%3A167842810211452632%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C81%2C142%2C24%2C311%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1678428101108%3Ast%3A1678428102&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fobereginfo.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A798%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A980%3Acn%3A2%3Adp%3A0%3Als%3A1234098147496%3Ahid%3A137516003%3Az%3A0%3Ai%3A20230310060142%3Aet%3A1678428102%3Ac%3A1%3Arn%3A551865329%3Arqn%3A1%3Au%3A167842810211452632%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C81%2C142%2C24%2C311%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1678428101108%3Ast%3A1678428102&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 92

https://mc.yandex.ru/watch/49460548?wmode=7&page-url=https%3A%2F%2Fobereginfo.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A798%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A980%3Acn%3A1%3Adp%3A0%3Als%3A717597349159%3Ahid%3A137516003%3Az%3A0%3Ai%3A20230310060142%3Aet%3A1678428102%3Ac%3A1%3Arn%3A1005166801%3Arqn%3A1%3Au%3A167842810211452632%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C81%2C142%2C24%2C311%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1678428101108%3Arqnl%3A1%3Ast%3A1678428102%3At%3A%D0%9E%D0%B1%D0%B5%D1%80%D0%B5%D0%B3%20%D0%98%D0%BD%D1%84%D0%BE%20-%20%D0%BE%D0%B1%D0%B5%D1%80%D0%B5%D0%B3%D0%B8%2C%20%D1%82%D0%B0%D0%BB%D0%B8%D1%81%D0%BC%D0%B0%D0%BD%D1%8B%2C%20%D0%BC%D0%BE%D0%BB%D0%B8%D1%82%D0%B2%D1%8B%2C%20%D0%BA%D1%83%D0%BA%D0%BB%D1%8B&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/49460548/1?wmode=7&page-url=https%3A%2F%2Fobereginfo.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A798%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A980%3Acn%3A1%3Adp%3A0%3Als%3A717597349159%3Ahid%3A137516003%3Az%3A0%3Ai%3A20230310060142%3Aet%3A1678428102%3Ac%3A1%3Arn%3A1005166801%3Arqn%3A1%3Au%3A167842810211452632%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C81%2C142%2C24%2C311%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1678428101108%3Arqnl%3A1%3Ast%3A1678428102%3At%3A%D0%9E%D0%B1%D0%B5%D1%80%D0%B5%D0%B3%20%D0%98%D0%BD%D1%84%D0%BE%20-%20%D0%BE%D0%B1%D0%B5%D1%80%D0%B5%D0%B3%D0%B8%2C%20%D1%82%D0%B0%D0%BB%D0%B8%D1%81%D0%BC%D0%B0%D0%BD%D1%8B%2C%20%D0%BC%D0%BE%D0%BB%D0%B8%D1%82%D0%B2%D1%8B%2C%20%D0%BA%D1%83%D0%BA%D0%BB%D1%8B&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 100

https://mc.webvisor.org/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9938.j2q7FY3nWrumryFdcWH82Gkl0Vpdba0loNUhsxHeTR7p3m4umKkZSm-tKgGE762O.tdia4zyNmCB5bfCbE3gquJ8YK-M%2C HTTP 302
https://mc.webvisor.org/sync_cookie_image_decide?token=9938.ddAVJyGwyvw6liBJm74Mc1FEvtJIp1TARO-1qSPr4mzt0SSCOW07hanKEfllFWKJ8lEgaE9PnHW0HFADlOJTfT5fOZgksZob2flB4jtcNPpxu3MUoYAzCA19GHlqyvn3NSyPlLw-gwLR9qzbAGXfxitYyeZ7zGkS6vLVdt59TStcMwk5PbCH0IOmkgkaIoOwyXsIF_YclyEwUSV-RBNMLEha6qKlurmbvhtS0-d7Bb0%2C.01Xrfb_q8UrCmCt0C8M3Vslq-rs%2C

Request Chain 173

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODoiY7vYBD0JBidCTIIPPmwk5kakp4 HTTP 301
https://tpc.googlesyndication.com/simgad/499427908316114021

Request Chain 200

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 207

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEF8ToPzX7HhE8jR4uWWcKkw&google_cver=1&google_push=Aa02lx-jH7fMMM3pVeqk1EHOxVFnHOzANNUHston5z3l_li-HxKCu-blDLWBnS1VnrcjwjzNOfq185C60hVWNOKn1lEFclcM27QZ8Uw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF8ToPzX7HhE8jR4uWWcKkw&google_push=Aa02lx-jH7fMMM3pVeqk1EHOxVFnHOzANNUHston5z3l_li-HxKCu-blDLWBnS1VnrcjwjzNOfq185C60hVWNOKn1lEFclcM27QZ8Uw

Request Chain 208

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBCsIKgawM5OfY95ZfJyxec&google_cver=1&google_push=Aa02lx9yvWD6InPhpmsWbqj47nNnEcGUX2vjbX2MBb28toNBARm_55WXQqwCRwui2W80WhMNBZtxDHipQIFGVjQYxGu_3amx2Et5dFg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9yvWD6InPhpmsWbqj47nNnEcGUX2vjbX2MBb28toNBARm_55WXQqwCRwui2W80WhMNBZtxDHipQIFGVjQYxGu_3amx2Et5dFg&google_hm=eS1NNzJ0R0F4RTJwR1QuUzFwWXNqVnpMMFZWLjVpR1ZUZ35B

Request Chain 209

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECGCZ95UtNqht4FcA6Sjo3o&google_cver=1&google_push=Aa02lx-LSKv-Nzs8pTGuivU279Wpq8N0sMfAeSfrOWkc03hNujYy6LMMtQ0kgA1HF-uuMxky6B4N9jd_RirmwKyKAXelDy7T9nMOZTM HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECGCZ95UtNqht4FcA6Sjo3o&google_cver=1&google_push=Aa02lx-LSKv-Nzs8pTGuivU279Wpq8N0sMfAeSfrOWkc03hNujYy6LMMtQ0kgA1HF-uuMxky6B4N9jd_RirmwKyKAXelDy7T9nMOZTM&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0P9ZiPfMQ5y-0Y3tYMiDCA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-LSKv-Nzs8pTGuivU279Wpq8N0sMfAeSfrOWkc03hNujYy6LMMtQ0kgA1HF-uuMxky6B4N9jd_RirmwKyKAXelDy7T9nMOZTM

Request Chain 210

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESENkZz70R9v6AuwS0U0VWA-o&google_cver=1&google_push=Aa02lx8M9Ov0wH5JwfuBlp4t0Zyyb4dqEjatg313DkXTyDxILyTO-Pf4Og5xXbBnlcNBzXxu3cjVQahBKkWlv31PkPB1UhOPBDBGeQ HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx8M9Ov0wH5JwfuBlp4t0Zyyb4dqEjatg313DkXTyDxILyTO-Pf4Og5xXbBnlcNBzXxu3cjVQahBKkWlv31PkPB1UhOPBDBGeQ&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1678428103755 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-f0306f90-41f9-49f6-b4b9-96e4032dbd5f-005?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx8M9Ov0wH5JwfuBlp4t0Zyyb4dqEjatg313DkXTyDxILyTO-Pf4Og5xXbBnlcNBzXxu3cjVQahBKkWlv31PkPB1UhOPBDBGeQ%26google_hm%3DBfAwb5BB-Un2tLmW5AMtvV8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8M9Ov0wH5JwfuBlp4t0Zyyb4dqEjatg313DkXTyDxILyTO-Pf4Og5xXbBnlcNBzXxu3cjVQahBKkWlv31PkPB1UhOPBDBGeQ&google_hm=BfAwb5BB-Un2tLmW5AMtvV8

Request Chain 211

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOwrzYvL7lmHTXdVAzQ0VIQ&google_cver=1&google_push=Aa02lx_bwCb-pp7IYhruHp_zzy8uHdWGafaj6ZXSMhJy3c-RcrsO0mpQhKmeG_A_Z_zQBDx7HZom9ANdppDRsxhFpdDW4p-FsYdcLx4l HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx_bwCb-pp7IYhruHp_zzy8uHdWGafaj6ZXSMhJy3c-RcrsO0mpQhKmeG_A_Z_zQBDx7HZom9ANdppDRsxhFpdDW4p-FsYdcLx4l HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 212

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESENcbIixIl15tdhxopQbSfxU&google_cver=1&google_push=Aa02lx9qW8xuNNzsXXeIFbaQT-BJU6XZezuM5PPIzvplY1KAD1DDlcZW81bOMJ5hPgBa0eO9BmT1wA500PbOVyPaYWK5YO3dxMoy2RZd HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESENcbIixIl15tdhxopQbSfxU%26google_cver%3D1%26google_push%3DAa02lx9qW8xuNNzsXXeIFbaQT-BJU6XZezuM5PPIzvplY1KAD1DDlcZW81bOMJ5hPgBa0eO9BmT1wA500PbOVyPaYWK5YO3dxMoy2RZd HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjQxNjQwMTA2NzAwMDYzNjI0NQ%3D%3D&google_gid=CAESENcbIixIl15tdhxopQbSfxU&google_cver=1&google_push=Aa02lx9qW8xuNNzsXXeIFbaQT-BJU6XZezuM5PPIzvplY1KAD1DDlcZW81bOMJ5hPgBa0eO9BmT1wA500PbOVyPaYWK5YO3dxMoy2RZd

Request Chain 233

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEExeNgH9q4yGA_GgZZpvtb4&google_cver=1&google_push=Aa02lx-RaqgN2pXa3U9WVFveu7JStnPt1ACdtrymJPujWbkvea6G2IPK1bwhMjP7ZmOBKrCoGZK4I2n3A05PCPynViSdTd2ZoHvf3lc HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEExeNgH9q4yGA_GgZZpvtb4&google_cver=1&google_push=Aa02lx-RaqgN2pXa3U9WVFveu7JStnPt1ACdtrymJPujWbkvea6G2IPK1bwhMjP7ZmOBKrCoGZK4I2n3A05PCPynViSdTd2ZoHvf3lc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SkE3ckgxZDgxUEF2UDI1&google_gid=CAESEExeNgH9q4yGA_GgZZpvtb4&google_cver=1&google_push=Aa02lx-RaqgN2pXa3U9WVFveu7JStnPt1ACdtrymJPujWbkvea6G2IPK1bwhMjP7ZmOBKrCoGZK4I2n3A05PCPynViSdTd2ZoHvf3lc

Request Chain 234

https://um.simpli.fi/gp_match?google_gid=CAESEInJAOOznXrNahu-Ga-7Mm0&google_cver=1&google_push=Aa02lx-lUtS5XOkpeinaYXIscURZA35bMITAO7eh0ybEy6Z3BiN0FgNskw4ekdRXsDniNVUViJ6qD3okwsqtIdT__4IaJpSeKftWUw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CA492107CEC649619842E3FD96AF2319&google_push=Aa02lx-lUtS5XOkpeinaYXIscURZA35bMITAO7eh0ybEy6Z3BiN0FgNskw4ekdRXsDniNVUViJ6qD3okwsqtIdT__4IaJpSeKftWUw

Request Chain 235

https://ads.travelaudience.com/google_pixel?google_gid=CAESEI-65I55TCgD02Dj0jokaV4&google_cver=1&google_push=Aa02lx_No70Y-1vAInUr11c32ZTSD8OYEj1Rv8x19hX3e1LLAjgoakxQpQYdRstlFWVZqLEUKAVqRgwoZ-aBe1EWe7DBlftDoYk5sA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=a_mlF55ER3yqxthC8LOyxQ2&google_push=Aa02lx_No70Y-1vAInUr11c32ZTSD8OYEj1Rv8x19hX3e1LLAjgoakxQpQYdRstlFWVZqLEUKAVqRgwoZ-aBe1EWe7DBlftDoYk5sA

Request Chain 236

https://d5p.de17a.com/cookies/google?google_gid=CAESEGQQJHpW_pkG9s2f-0hf_gs&google_cver=1&google_push=Aa02lx_JCsMLKPdj56nPpwpdP-YRM-VhUYhqi5IFYD_Z9M95zg2jb-MN0w0wag_xuxX7lnhlGLbTYSkjnWankZ5ieMvu-nv2w3G8zK0 HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEGQQJHpW_pkG9s2f-0hf_gs&google_cver=1&google_push=Aa02lx_JCsMLKPdj56nPpwpdP-YRM-VhUYhqi5IFYD_Z9M95zg2jb-MN0w0wag_xuxX7lnhlGLbTYSkjnWankZ5ieMvu-nv2w3G8zK0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_JCsMLKPdj56nPpwpdP-YRM-VhUYhqi5IFYD_Z9M95zg2jb-MN0w0wag_xuxX7lnhlGLbTYSkjnWankZ5ieMvu-nv2w3G8zK0

Request Chain 237

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEInrByiiQgINMAdix6mDC8U&google_cver=1&google_push=Aa02lx-nfhdsIJU45mKuEijM9ZSAuZMecHEsvRIP5SyGcOHcIjtlkgfN-SeQeUaEuwK4EXDUVH3nFZ4AGzXSOZvqYN9NvmS3MwqjpTc HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEInrByiiQgINMAdix6mDC8U&google_cver=1&google_push=Aa02lx-nfhdsIJU45mKuEijM9ZSAuZMecHEsvRIP5SyGcOHcIjtlkgfN-SeQeUaEuwK4EXDUVH3nFZ4AGzXSOZvqYN9NvmS3MwqjpTc&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kac791h1TjOAyCQgX91ovA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-nfhdsIJU45mKuEijM9ZSAuZMecHEsvRIP5SyGcOHcIjtlkgfN-SeQeUaEuwK4EXDUVH3nFZ4AGzXSOZvqYN9NvmS3MwqjpTc

Request Chain 238

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECXhssEu2IqJuQWNQJkHbIE&google_cver=1&google_push=Aa02lx9mtmZfkP2AX7lu2CJ3Riyx1dL5wh84zRjZalgZyqkE6uclm8WsBftMdp11RNjEsxHvK5FGH7_-IKiVV54Uy8TTDeACB_Fthnc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx9mtmZfkP2AX7lu2CJ3Riyx1dL5wh84zRjZalgZyqkE6uclm8WsBftMdp11RNjEsxHvK5FGH7_-IKiVV54Uy8TTDeACB_Fthnc HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 240

https://a.tribalfusion.com/i.match?p=b6&u=CAESEJEICU_5uaYR5ynUQuAqrP8&google_cver=1&google_push=Aa02lx-WrwzPV-UHVTdjYd-e1lCDWC1bICWrnkLhWDugwlxzJ9wvlr4-e3CkEJEcT73eKeD7zJucxvsrRK-d-091lI0ftRKDWJYlOYQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-WrwzPV-UHVTdjYd-e1lCDWC1bICWrnkLhWDugwlxzJ9wvlr4-e3CkEJEcT73eKeD7zJucxvsrRK-d-091lI0ftRKDWJYlOYQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJEICU_5uaYR5ynUQuAqrP8&google_cver=1&google_push=Aa02lx-WrwzPV-UHVTdjYd-e1lCDWC1bICWrnkLhWDugwlxzJ9wvlr4-e3CkEJEcT73eKeD7zJucxvsrRK-d-091lI0ftRKDWJYlOYQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-WrwzPV-UHVTdjYd-e1lCDWC1bICWrnkLhWDugwlxzJ9wvlr4-e3CkEJEcT73eKeD7zJucxvsrRK-d-091lI0ftRKDWJYlOYQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 241

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECiArDqp6-YQ_D-6tBlvQJE&google_cver=1&google_push=Aa02lx-kEN8ZkcP_cKxO4_NbYH1LE_aA2nZlXqhVMonk4CLn4Masbn5eZ-0gWc8NGbthGgqb9R-BCWaCr6CyphOXkNhkOMkFaQ1OoMo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwODc5MzgxNTM2OTY0NDE3NA%3D%3D&google_push=Aa02lx-kEN8ZkcP_cKxO4_NbYH1LE_aA2nZlXqhVMonk4CLn4Masbn5eZ-0gWc8NGbthGgqb9R-BCWaCr6CyphOXkNhkOMkFaQ1OoMo

Request Chain 242

https://d5p.de17a.com/cookies/google?google_gid=CAESEAPu5bO5gPA6fLrEYQ8xkGU&google_cver=1&google_push=Aa02lx91TZEq9b1vcOw7DZhM5NWTBudP98u8U92zOLO_wg0UGxWMyN44MOC5-WQTTPe0wcWMfkJ6fM8fw3FetnLLkSchkQ05JO7wcts HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEAPu5bO5gPA6fLrEYQ8xkGU&google_cver=1&google_push=Aa02lx91TZEq9b1vcOw7DZhM5NWTBudP98u8U92zOLO_wg0UGxWMyN44MOC5-WQTTPe0wcWMfkJ6fM8fw3FetnLLkSchkQ05JO7wcts HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx91TZEq9b1vcOw7DZhM5NWTBudP98u8U92zOLO_wg0UGxWMyN44MOC5-WQTTPe0wcWMfkJ6fM8fw3FetnLLkSchkQ05JO7wcts

Request Chain 243

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOTEp06s1bT2zxQg9s5LHhM&google_cver=1&google_push=Aa02lx-aUXyOE8SAfZlpLoZlsJbLV-f_F88D1rV27XgCBd4gZb6XNj7sp50419zI3tTtlamDMopk9k-z95UeeYHZyqeTdB-H_C5V08A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEYyNFI5TjktMjEtSjFBNQ==&google_push=Aa02lx-aUXyOE8SAfZlpLoZlsJbLV-f_F88D1rV27XgCBd4gZb6XNj7sp50419zI3tTtlamDMopk9k-z95UeeYHZyqeTdB-H_C5V08A

Request Chain 244

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJ7uyVh6meB_TrPr4YVQ8r0&google_cver=1&google_push=Aa02lx97tmb1WbIGhyjd89Lvts6LuakOwZV3BN-9RA5uxHFT6nNKL9R3yOuunOEtasz0svqAlvmYGrBamK-kFIYK9L4hw9l0OXPAwIU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx97tmb1WbIGhyjd89Lvts6LuakOwZV3BN-9RA5uxHFT6nNKL9R3yOuunOEtasz0svqAlvmYGrBamK-kFIYK9L4hw9l0OXPAwIU

Request Chain 245

https://match.360yield.com/match/ebda?google_gid=CAESED1GuTUuOWnvJ3lw3AVZ6Ik&google_cver=1&google_push=Aa02lx-sgp-ppqj0RxHBUex_RCFz7xgQb_Z3U282Diq4JCsXzChfKPHR90GB6AD_bhJ2goj75QcpHWhfaUT2KMMcHj7PsEurvk-G1g HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESED1GuTUuOWnvJ3lw3AVZ6Ik&google_cver=1&google_push=Aa02lx-sgp-ppqj0RxHBUex_RCFz7xgQb_Z3U282Diq4JCsXzChfKPHR90GB6AD_bhJ2goj75QcpHWhfaUT2KMMcHj7PsEurvk-G1g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=gZ0cPTK7QLSlYCTJ10Kt_A&google_push=Aa02lx-sgp-ppqj0RxHBUex_RCFz7xgQb_Z3U282Diq4JCsXzChfKPHR90GB6AD_bhJ2goj75QcpHWhfaUT2KMMcHj7PsEurvk-G1g

Request Chain 246

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECfAaT15uz5ukjPk5eHmTxU&google_cver=1&google_push=Aa02lx_sFX-trI1zdZYekOQwuAUltZRU1bbJwdsM29X6SPzsZGpgFwDuJFCC8pua0JT-xDh_tCbN8LN7rO-uVrIgkuIuRYFFXmPYL0-h HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx_sFX-trI1zdZYekOQwuAUltZRU1bbJwdsM29X6SPzsZGpgFwDuJFCC8pua0JT-xDh_tCbN8LN7rO-uVrIgkuIuRYFFXmPYL0-h HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

249 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
obereginfo.ru/
Redirect Chain

http://obereginfo.ru/
https://obereginfo.ru/

106 KB
25 KB

224ms
142ms

Document
text/html

88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 57aafa00dd6513f50ece8d16a1f12d09a8df8f50209a9c8c1ce1cba207120abd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 10 Mar 2023 06:01:41 GMT
link: <https://obereginfo.ru/wp-json/>; rel="https://api.w.org/"
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding, Cookie

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Fri, 10 Mar 2023 06:01:41 GMT
Location: https://obereginfo.ru/
Server: nginx/1.18.0 (Ubuntu)

GET
H2 200 style.min.css
obereginfo.ru/wp-includes/css/dist/block-library/ 40 KB
40 KB 27ms
23ms Stylesheet
text/css 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://obereginfo.ru/wp-includes/css/dist/block-library/style.min.css?ver=5.3.14
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:44:08 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa398-a055"
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 41045
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fancybox.css
obereginfo.ru/wp-content/plugins/fancybox-for-wordpress/assets/css/ 18 KB
18 KB 50ms
46ms Stylesheet
text/css 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://obereginfo.ru/wp-content/plugins/fancybox-for-wordpress/assets/css/fancybox.css?ver=1.3.4
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 63af28c56dece5b853cf75697cc86d05eb8a75dae73a65624518806abe57180b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:43:59 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa38f-4900"
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 18688
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 postratings-css.css
obereginfo.ru/wp-content/plugins/wp-postratings/css/ 1 KB
2 KB 51ms
47ms Stylesheet
text/css 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://obereginfo.ru/wp-content/plugins/wp-postratings/css/postratings-css.css?ver=1.89
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c56b566e17c62870ce139b3a57bfb94a9d785792bd6ac2220d52426b8590d87f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:44:00 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa390-549"
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1353
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 27 KB
7 KB 71ms
27ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css?ver=2.4.3

Requested by

Host: obereginfo.ru
URL: https://obereginfo.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 711, 617, 617
age: 3787831
cdn-cachedat: 2021-06-07 20:45:39
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e7b9130eb301d02909d66eb6833cd8fa
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 7a595833aa4e91db-FRA
cdn-requestpullsuccess: True

GET
H2 200 slick.css
obereginfo.ru/wp-content/plugins/wp-testimonial-with-widget/assets/css/ 2 KB
2 KB 50ms
47ms Stylesheet
text/css 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://obereginfo.ru/wp-content/plugins/wp-testimonial-with-widget/assets/css/slick.css?ver=2.4.3
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: cacd0002ad2c99e2068d37cb325acc08e8a261fd942627c94d8bedeb79a82e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:44:02 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa392-64b"
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1611
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 testimonials-style.css
obereginfo.ru/wp-content/plugins/wp-testimonial-with-widget/assets/css/ 19 KB
19 KB 51ms
47ms Stylesheet
text/css 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://obereginfo.ru/wp-content/plugins/wp-testimonial-with-widget/assets/css/testimonials-style.css?ver=2.4.3
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 322a5870bf6db021a47d6d8a86ef9047563db5b836b019bb1b2a1fba40537b19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:44:02 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa392-4cab"
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 19627
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mistape-front.css
obereginfo.ru/wp-content/plugins/mistape/assets/css/ 17 KB
17 KB 51ms
47ms Stylesheet
text/css 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://obereginfo.ru/wp-content/plugins/mistape/assets/css/mistape-front.css?ver=1.3.9
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 72732df4c675b1d0aedcc6936085677d7285d1e211d9b84081cf66759280cb32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:44:00 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa390-42e4"
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 17124
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 78ms
31ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:300,400,400i,500,700&display=swap&subset=cyrillic

Requested by

Host: obereginfo.ru
URL: https://obereginfo.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6fb1c4f07753ffe48ae9c5a9822594b2f03a208dca0e9f030c6e024b71a6b4cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Mar 2023 06:01:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 06:01:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Mar 2023 06:01:41 GMT

GET
H2 200 main.css
obereginfo.ru/wp-content/themes/obereginfo.ru/css/ 64 KB
64 KB 51ms
48ms Stylesheet
text/css 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/css/main.css
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 74a028295939871115d145e11eb67a04a7c45ea71e5e216066003bafa4562761

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:43:58 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa38e-1009c"
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 65692
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.js Show response
obereginfo.ru/wp-includes/js/jquery/ 95 KB
95 KB 51ms
48ms Script
application/javascript 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://obereginfo.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:44:07 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa397-17a69"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 96873
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
obereginfo.ru/wp-includes/js/jquery/ 10 KB
10 KB 51ms
48ms Script
application/javascript 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://obereginfo.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:44:07 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa397-2748"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 10056
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.fancybox.js Show response
obereginfo.ru/wp-content/plugins/fancybox-for-wordpress/assets/js/ 157 KB
158 KB 51ms
49ms Script
application/javascript 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://obereginfo.ru/wp-content/plugins/fancybox-for-wordpress/assets/js/jquery.fancybox.js?ver=1.3.4
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f5acda93c7254b1e7aadc1ab2bdff1722803e55107334351118c4d64e51046f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:43:59 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa38f-27515"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 161045
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zodiac-1.png
obereginfo.ru/wp-content/uploads/2019/08/ 481 B
669 B 40ms
25ms Image
image/png 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/uploads/2019/08/zodiac-1.png
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69e29da7f4678abd4e55e9e396b4d554416d94c4299885681614ebaded2ddbe9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:43:59 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa38f-1e1"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 481
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zodiac-2.png
obereginfo.ru/wp-content/uploads/2019/08/ 510 B
698 B 41ms
25ms Image
image/png 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/uploads/2019/08/zodiac-2.png
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a555367f420022bd659fbf74d38d0bd10fd7277f5fd7ab78941337ca8a31ef87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:43:59 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa38f-1fe"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 510
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zodiac-3.png
obereginfo.ru/wp-content/uploads/2019/08/ 425 B
613 B 41ms
26ms Image
image/png 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/uploads/2019/08/zodiac-3.png
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1d1e953ab3edcd0558d3d806af98d9c4a401440faf945bdfd849337e1b64206a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:43:59 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa38f-1a9"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 425
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zodiac-4.png
obereginfo.ru/wp-content/uploads/2019/08/ 531 B
719 B 41ms
26ms Image
image/png 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/uploads/2019/08/zodiac-4.png
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: beb17ab744f890dbb2b59a2c4d5bccc9af00641d1fe40bde728318bf8882e017

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:43:59 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa38f-213"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 531
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zodiac-5.png
obereginfo.ru/wp-content/uploads/2019/08/ 487 B
675 B 42ms
27ms Image
image/png 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/uploads/2019/08/zodiac-5.png
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69c9afff2cf0b1bc101b7417bbe7a80e22698d24c609b61f93ce70af4329db39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:43:59 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa38f-1e7"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 487
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zodiac-6.png
obereginfo.ru/wp-content/uploads/2019/08/ 477 B
665 B 42ms
27ms Image
image/png 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/uploads/2019/08/zodiac-6.png
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 607ae1b9cde5e877a316e0c349b89c122377fe5f2b93fbcd8353ce8ac6c2bcd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:43:59 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa38f-1dd"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 477
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zodiac-7.png
obereginfo.ru/wp-content/uploads/2019/08/ 358 B
546 B 43ms
28ms Image
image/png 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/uploads/2019/08/zodiac-7.png
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a43720c16e4f59b9f7944f11015236009cb48298a236160a7bd6b9ee632be49e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:43:59 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa38f-166"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 358
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zodiac-8.png
obereginfo.ru/wp-content/uploads/2019/08/ 413 B
601 B 44ms
29ms Image
image/png 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/uploads/2019/08/zodiac-8.png
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c0ea2af000d746e340ce413d1a11126cc597783e859aa2e84dce1ae5374c4df1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:43:59 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa38f-19d"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 413
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zodiac-9.png
obereginfo.ru/wp-content/uploads/2019/08/ 408 B
596 B 44ms
30ms Image
image/png 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/uploads/2019/08/zodiac-9.png
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: da11b1f9ca0768386245e7d1c5d5f8b6c72122ce572172605f1421da87f3e801

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:43:59 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa38f-198"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 408
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zodiac-10.png
obereginfo.ru/wp-content/uploads/2019/08/ 480 B
668 B 45ms
30ms Image
image/png 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/uploads/2019/08/zodiac-10.png
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e51fc93fdce6a9a37ba9e5503672eda2f4c4904da5335464866a1243e2c2e096

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:43:59 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa38f-1e0"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 480
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zodiac-11.png
obereginfo.ru/wp-content/uploads/2019/08/ 403 B
591 B 45ms
31ms Image
image/png 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/uploads/2019/08/zodiac-11.png
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 169465735faf0a4c5137408c581b564af721140cdfa1bec05ad1728b76ba2f63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:43:59 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa38f-193"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 403
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zodiac-12.png
obereginfo.ru/wp-content/uploads/2019/08/ 423 B
611 B 46ms
32ms Image
image/png 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/uploads/2019/08/zodiac-12.png
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6cab8429d30f5a7055b4a7ab745f17e524d27696b8217387253a6d34b61bde24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:43:59 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa38f-1a7"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 423
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bf3b636eb1f37c5_230x150.jpg
obereginfo.ru/wp-content/themes/obereginfo.ru/cache/c5/ 19 KB
19 KB 47ms
32ms Image
image/jpeg 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/cache/c5/bf3b636eb1f37c5_230x150.jpg
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a828770b8c497086194e6fa2beda34ab860bd6133abc8654dd30db10f96b8ece

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Tue, 03 Jan 2023 17:32:16 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63b466a0-4af6"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 19190
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 d91f58b79e2ae97_230x150.png
obereginfo.ru/wp-content/themes/obereginfo.ru/cache/97/ 76 KB
76 KB 48ms
34ms Image
image/png 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/cache/97/d91f58b79e2ae97_230x150.png
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0b7d852959a7e7e3785589a3c7f0aeacc5ad9e42f233e16f2b8683ef5beb032b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Tue, 03 Jan 2023 17:32:17 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63b466a1-12f53"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 77651
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 9af25b00d17cd82_230x150.jpg
obereginfo.ru/wp-content/themes/obereginfo.ru/cache/82/ 19 KB
19 KB 49ms
35ms Image
image/jpeg 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/cache/82/9af25b00d17cd82_230x150.jpg
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ef3891d9c892c2d28ab58c632815304c7a2daf28513b566ad2e71e6a3118bc52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Tue, 03 Jan 2023 17:32:17 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63b466a1-4bc0"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 19392
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 40be1a932d16fc7_230x150.jpg
obereginfo.ru/wp-content/themes/obereginfo.ru/cache/c7/ 9 KB
9 KB 50ms
36ms Image
image/jpeg 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/cache/c7/40be1a932d16fc7_230x150.jpg
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 47afe80f1dc259804e47b9106f794fecbcc8c87cb5ac4f625bb681041d63d909

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Tue, 03 Jan 2023 17:32:17 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63b466a1-241d"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 9245
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2438a329528cc93_230x150.jpg
obereginfo.ru/wp-content/themes/obereginfo.ru/cache/93/ 13 KB
13 KB 51ms
37ms Image
image/jpeg 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/cache/93/2438a329528cc93_230x150.jpg
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b96578c067447bc38ec08f4bc3f8daacc45bae2148b4f22f21d671647e6d9cdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Tue, 03 Jan 2023 17:32:17 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63b466a1-3279"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 12921
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 735e55b0828f643_230x150.jpg
obereginfo.ru/wp-content/themes/obereginfo.ru/cache/43/ 8 KB
8 KB 51ms
37ms Image
image/jpeg 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/cache/43/735e55b0828f643_230x150.jpg
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 571a8bcea15ac73043493c1fb7a5d013889d3a16c9ca1b4155770fa5f219a6cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Tue, 03 Jan 2023 17:32:17 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63b466a1-1fff"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 8191
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6e905a9b4ce093a_230x150.png
obereginfo.ru/wp-content/themes/obereginfo.ru/cache/3a/ 54 KB
55 KB 51ms
38ms Image
image/png 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/cache/3a/6e905a9b4ce093a_230x150.png
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: fd5368086a627728fc6127876ae997188ff8454d34e2f997c23c63b78418045c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Tue, 03 Jan 2023 17:32:17 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63b466a1-d94e"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 55630
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1b7265cbca6abf7_230x150.jpg
obereginfo.ru/wp-content/themes/obereginfo.ru/cache/f7/ 19 KB
19 KB 54ms
40ms Image
image/jpeg 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/cache/f7/1b7265cbca6abf7_230x150.jpg
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4259762a82a9cade12d4ae670bbe4ab8ef08e8392c9b650b69a3162009419747

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Tue, 03 Jan 2023 17:32:17 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63b466a1-4c0c"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 19468
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 a250b42263460b0_230x150.jpg
obereginfo.ru/wp-content/themes/obereginfo.ru/cache/b0/ 4 KB
4 KB 55ms
42ms Image
image/jpeg 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/cache/b0/a250b42263460b0_230x150.jpg
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 90334165ef5fa174c55a2af0495b588dae4e780da3e243359294233a35a36bd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Tue, 03 Jan 2023 17:32:17 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63b466a1-10a5"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 4261
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 e84ea1126a026f8_230x150.jpg
obereginfo.ru/wp-content/themes/obereginfo.ru/cache/f8/ 16 KB
16 KB 55ms
42ms Image
image/jpeg 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/cache/f8/e84ea1126a026f8_230x150.jpg
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a9f3275249b9f0751f60a6ab2a934eaa59efc2969002ecc6e3e65c31375a0174

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Tue, 03 Jan 2023 17:32:17 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63b466a1-3eab"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 16043
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 f124a2b9cbff1b3_230x150.jpg
obereginfo.ru/wp-content/themes/obereginfo.ru/cache/b3/ 12 KB
13 KB 57ms
44ms Image
image/jpeg 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/cache/b3/f124a2b9cbff1b3_230x150.jpg
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 43b27c1bad041dfd520dec06f513db3fd0ad1fdbf4ab34e86ade5585fdd34d9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Tue, 03 Jan 2023 17:32:17 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63b466a1-314e"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 12622
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1aeb2c2e7d59c88_230x150.jpg
obereginfo.ru/wp-content/themes/obereginfo.ru/cache/88/ 15 KB
15 KB 57ms
44ms Image
image/jpeg 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/cache/88/1aeb2c2e7d59c88_230x150.jpg
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: bb9a0a56995ccfe2dedd9ff3c298b042e033c4670b534a0fc8b43953e8b6b3cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Tue, 03 Jan 2023 17:32:17 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63b466a1-3a8c"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 14988
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 60
imgholder.ru/ 229 B
398 B 616ms
66ms Image
image/png 192.162.246.39
DATACHEAP-LLC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgholder.ru/60
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.162.246.39 , Russian Federation, ASN16262 (DATACHEAP-LLC-AS, RU),
Reverse DNS: pafnuty10.example.com
Software: nginx /
Resource Hash: ff5fe1c18a799dbdb4a5bd08915c20a7e6cd5c052001326d5f9c2e3763d57fab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:42 GMT
x-original-content-length: 608
server: nginx
etag: W/"PSA-aj-2ycQPYkc7e"
content-type: image/png
cache-control: max-age=764445
content-length: 229
expires: Sun, 19 Mar 2023 02:22:28 GMT

GET
H2 200 bf3b636eb1f37c5_70x70.jpg
obereginfo.ru/wp-content/themes/obereginfo.ru/cache/c5/ 4 KB
4 KB 58ms
45ms Image
image/jpeg 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/cache/c5/bf3b636eb1f37c5_70x70.jpg
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f98ae2653ccfd7fe289cfbfb10ac40e2a3bc374eea72eda40421f8b422c12103

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Tue, 03 Jan 2023 17:32:18 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63b466a2-ea6"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3750
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1b7265cbca6abf7_70x70.jpg
obereginfo.ru/wp-content/themes/obereginfo.ru/cache/f7/ 4 KB
4 KB 58ms
45ms Image
image/jpeg 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/cache/f7/1b7265cbca6abf7_70x70.jpg
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e52215fcc50a82995a2559a157a9e557c4398a5b7b35f65df880d77cd3d57784

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Tue, 03 Jan 2023 17:32:18 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63b466a2-f8d"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3981
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5bc7bc75e2ab0e3_70x70.jpg
obereginfo.ru/wp-content/themes/obereginfo.ru/cache/e3/ 3 KB
3 KB 59ms
46ms Image
image/jpeg 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/cache/e3/5bc7bc75e2ab0e3_70x70.jpg
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8dbf16636e38f16184cf991faacc74cf68bbff890403431c3e6b7b9a2c4a4666

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Tue, 03 Jan 2023 17:32:18 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63b466a2-c62"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3170
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 96ac1410ca383dc_70x70.png
obereginfo.ru/wp-content/themes/obereginfo.ru/cache/dc/ 13 KB
13 KB 59ms
47ms Image
image/png 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/cache/dc/96ac1410ca383dc_70x70.png
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: cd218625802cf63be333d08ef243001d1533575ca47942de2db154cb40c3d400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Tue, 03 Jan 2023 17:32:18 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63b466a2-3332"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 13106
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-1.png
obereginfo.ru/wp-content/themes/obereginfo.ru/img/ 1 KB
1 KB 60ms
47ms Image
image/png 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/img/icon-1.png
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 40951acb02efadcfb1448583f51862b46b1d0b516438fe4b4fe4b35d8fb9bf5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:43:58 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa38e-484"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1156
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-2.png
obereginfo.ru/wp-content/themes/obereginfo.ru/img/ 956 B
1 KB 60ms
47ms Image
image/png 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/img/icon-2.png
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: bf3435cc61529a7c0f05486c507a618ce8369abc931157739247fdc4acb36818

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:43:58 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa38e-3bc"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 956
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-3.png
obereginfo.ru/wp-content/themes/obereginfo.ru/img/ 1 KB
1 KB 60ms
48ms Image
image/png 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/img/icon-3.png
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5e140fcbc3a573e82bb144b889b06d74a54a330744544673ac899e7104645186

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:43:58 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa38e-447"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1095
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-4.png
obereginfo.ru/wp-content/themes/obereginfo.ru/img/ 1 KB
1 KB 61ms
48ms Image
image/png 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/img/icon-4.png
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7ba807660912889fa5b0e214736530a0d83fd17be6aff062a3be55080050ad37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:43:58 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa38e-40b"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1035
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-5.png
obereginfo.ru/wp-content/themes/obereginfo.ru/img/ 1 KB
1 KB 61ms
49ms Image
image/png 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/img/icon-5.png
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 27477c652ee19c3cbd7dda86f6f3da010b1548c29ae05af1cd2dd9723a0492f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:43:58 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa38e-4bb"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1211
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-6.png
obereginfo.ru/wp-content/themes/obereginfo.ru/img/ 1001 B
1 KB 61ms
49ms Image
image/png 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/img/icon-6.png
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 064e6c2386a1984dde0c20f217011a1faa1995132683ddc55965ca87a8b2ea4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:43:58 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa38e-3e9"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-7.png
obereginfo.ru/wp-content/themes/obereginfo.ru/img/ 1 KB
1 KB 61ms
49ms Image
image/png 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/img/icon-7.png
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 61320f76831641f4a1bf19735a230013b774a4db9a9caa9ebb8585717abf817e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:43:58 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa38e-45d"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1117
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 9f5af0ad41471c1_230x150.jpg
obereginfo.ru/wp-content/themes/obereginfo.ru/cache/c1/ 10 KB
10 KB 61ms
50ms Image
image/jpeg 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/cache/c1/9f5af0ad41471c1_230x150.jpg
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 61fd6fe4fa481d774a9162ea483a8484f6f224204c7dac0c353a5f965f129ade

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Tue, 03 Jan 2023 17:32:18 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63b466a2-26d2"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 9938
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 57bd053cdba9b73_230x150.jpeg
obereginfo.ru/wp-content/themes/obereginfo.ru/cache/73/ 17 KB
17 KB 62ms
50ms Image
image/jpeg 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/cache/73/57bd053cdba9b73_230x150.jpeg
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d05dc87f5b48e7297a8f9ded38af18cfa04d813eb2fc8f6c79507e66a3768eb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Tue, 03 Jan 2023 17:32:18 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63b466a2-43e1"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 17377
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 34f94a8b92df5c6_230x150.jpg
obereginfo.ru/wp-content/themes/obereginfo.ru/cache/c6/ 10 KB
10 KB 63ms
52ms Image
image/jpeg 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/cache/c6/34f94a8b92df5c6_230x150.jpg
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c3080f827d603b5ba5bdf9184b8aa92ecb6afe87dc272b94bdc14e486a87eb29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Tue, 03 Jan 2023 17:32:18 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63b466a2-275d"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 10077
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3d31978e07dcff2_230x150.jpg
obereginfo.ru/wp-content/themes/obereginfo.ru/cache/f2/ 6 KB
7 KB 64ms
52ms Image
image/jpeg 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/cache/f2/3d31978e07dcff2_230x150.jpg
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9048e4eff0c2de379d35afb7663261e2ac11e748e017c279b109eb867262556e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Tue, 03 Jan 2023 17:32:18 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63b466a2-19fc"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 6652
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 03ce2ac96f502b0_230x150.jpg
obereginfo.ru/wp-content/themes/obereginfo.ru/cache/b0/ 15 KB
15 KB 64ms
53ms Image
image/jpeg 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/cache/b0/03ce2ac96f502b0_230x150.jpg
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7d7706690726ddec6dbc85e9ed50ccef1c715512a8cb5cb0db7569fe76a20094

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Tue, 03 Jan 2023 17:32:18 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63b466a2-3ab1"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 15025
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 441849f33690996_230x150.jpg
obereginfo.ru/wp-content/themes/obereginfo.ru/cache/96/ 14 KB
14 KB 66ms
55ms Image
image/jpeg 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/cache/96/441849f33690996_230x150.jpg
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6feebe979cad3ccbf08d570c657c2562336123e58011b84be4cc123d649a94ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Tue, 03 Jan 2023 17:32:18 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63b466a2-375e"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 14174
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 299c13d2e9f2374_230x150.jpg
obereginfo.ru/wp-content/themes/obereginfo.ru/cache/74/ 15 KB
15 KB 66ms
56ms Image
image/jpeg 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/cache/74/299c13d2e9f2374_230x150.jpg
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3f798fc5078eea58865d86fc9603ff064924be00586813aef85cc3d6964cff8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Tue, 03 Jan 2023 17:32:18 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63b466a2-3cff"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 15615
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bf3cf92681ca451_230x150.jpg
obereginfo.ru/wp-content/themes/obereginfo.ru/cache/51/ 22 KB
22 KB 67ms
56ms Image
image/jpeg 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/cache/51/bf3cf92681ca451_230x150.jpg
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2a010d839c02ce874d9c1154781d869d7b1c7bf8743c97ea5bc74850697efb3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Tue, 03 Jan 2023 17:32:18 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63b466a2-587d"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 22653
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 541acda437f56b4_230x150.jpg
obereginfo.ru/wp-content/themes/obereginfo.ru/cache/b4/ 6 KB
6 KB 67ms
57ms Image
image/jpeg 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/cache/b4/541acda437f56b4_230x150.jpg
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d8f87502628296c6998bb8aaead846d57748aa8bccfd582686dab5874126dba7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Tue, 03 Jan 2023 17:32:18 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63b466a2-1819"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 6169
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 b8392d8ac015d0a_230x150.png
obereginfo.ru/wp-content/themes/obereginfo.ru/cache/0a/ 47 KB
47 KB 68ms
58ms Image
image/png 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/cache/0a/b8392d8ac015d0a_230x150.png
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a2c4649bff67f498ad9720d798159537b65c78bb60d11059a9e563c920e72125

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Tue, 03 Jan 2023 17:32:18 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63b466a2-baa2"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 47778
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 9200292d0bc68b2_230x150.jpg
obereginfo.ru/wp-content/themes/obereginfo.ru/cache/b2/ 21 KB
22 KB 68ms
59ms Image
image/jpeg 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/cache/b2/9200292d0bc68b2_230x150.jpg
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b2c932aa04d2f59a7d7feaf4534c7887f08093f4c9ee5f7f16d2181e191b633a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Tue, 03 Jan 2023 17:32:18 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63b466a2-556b"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 21867
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 97965a8533d2557_230x150.jpg
obereginfo.ru/wp-content/themes/obereginfo.ru/cache/57/ 19 KB
19 KB 70ms
60ms Image
image/jpeg 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/cache/57/97965a8533d2557_230x150.jpg
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9fb0055a84a296cbe2a326ac30b4184627d0cf4f74616af6ab51c2d04f5102bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Tue, 03 Jan 2023 17:32:18 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63b466a2-4b0e"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 19214
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 eb79d0f2f9fdaa7_230x150.jpg
obereginfo.ru/wp-content/themes/obereginfo.ru/cache/a7/ 16 KB
16 KB 70ms
61ms Image
image/jpeg 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/cache/a7/eb79d0f2f9fdaa7_230x150.jpg
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 97c8e4ade88324f3e2408b6150ad02226198c90889fd920d25807ca4a03544f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Tue, 03 Jan 2023 17:32:18 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63b466a2-4079"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 16505
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 0a6b691b8fe6118_230x150.jpg
obereginfo.ru/wp-content/themes/obereginfo.ru/cache/18/ 11 KB
11 KB 71ms
62ms Image
image/jpeg 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/cache/18/0a6b691b8fe6118_230x150.jpg
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2afa67e688c1e036b28cae03fd389577a79fcfd235cda07f6c967c8dc83f5b56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Tue, 03 Jan 2023 17:32:18 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63b466a2-2b93"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 11155
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 7d2c68f1ce0e88f_230x150.jpg
obereginfo.ru/wp-content/themes/obereginfo.ru/cache/8f/ 22 KB
22 KB 71ms
62ms Image
image/jpeg 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/cache/8f/7d2c68f1ce0e88f_230x150.jpg
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b19abb41a4112c2e3c7448e83d6f49767821d9109363db51ab99038ad8b3b5d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Tue, 03 Jan 2023 17:32:18 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63b466a2-56b2"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 22194
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 9d731de1b542aa8_230x150.jpg
obereginfo.ru/wp-content/themes/obereginfo.ru/cache/a8/ 17 KB
17 KB 72ms
64ms Image
image/jpeg 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/cache/a8/9d731de1b542aa8_230x150.jpg
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: fd84643e6248cd6e8ccfd3357aedfd8960caed2ef1c796e0341e71af90f2a8bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Tue, 03 Jan 2023 17:32:18 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63b466a2-42c1"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 17089
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dfd0b1697d46aa0_230x150.jpg
obereginfo.ru/wp-content/themes/obereginfo.ru/cache/a0/ 14 KB
15 KB 72ms
64ms Image
image/jpeg 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/cache/a0/dfd0b1697d46aa0_230x150.jpg
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7464e2bb5f04a9a311773a7c65c1888bfbeaa2e59c8706add82b7a239dab41f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Tue, 03 Jan 2023 17:32:19 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63b466a3-3992"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 14738
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bbe2cb5e4e886c2_230x150.jpg
obereginfo.ru/wp-content/themes/obereginfo.ru/cache/c2/ 11 KB
12 KB 73ms
65ms Image
image/jpeg 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/cache/c2/bbe2cb5e4e886c2_230x150.jpg
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 311d24658fe56774e510a7c4955c5537f762fafd6b644259636fb6505ea6999b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Tue, 03 Jan 2023 17:32:19 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63b466a3-2dca"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 11722
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 41236e93d1ecb77_230x150.jpg
obereginfo.ru/wp-content/themes/obereginfo.ru/cache/77/ 17 KB
17 KB 73ms
65ms Image
image/jpeg 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/cache/77/41236e93d1ecb77_230x150.jpg
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9bcc8167c865b9e7db82e00ff5f4c0b89b9d7d6c1b5ed2cd299f171ff72f06cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Tue, 03 Jan 2023 17:32:19 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63b466a3-44c7"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 17607
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
48 KB 112ms
43ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: obereginfo.ru
URL: https://obereginfo.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21b927f2feb8fd6eb8306fb1aa6ab480e23ba22fe6f4805f5c59596e68ba5055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48794
x-xss-protection: 0
server: cafe
etag: 10028717134046255443
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 06:01:41 GMT

GET
H2 200 front.min.js Show response
obereginfo.ru/wp-content/plugins/table-of-contents-plus/ 6 KB
6 KB 25ms
24ms Script
application/javascript 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://obereginfo.ru/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2002
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:43:59 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa38f-17cb"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 6091
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 postratings-js.js Show response
obereginfo.ru/wp-content/plugins/wp-postratings/js/ 3 KB
3 KB 24ms
23ms Script
application/javascript 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://obereginfo.ru/wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.89
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c42425f18923921089911e70f39c6dd462794df2e42ac0596abc3884da6471fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:44:00 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa390-d01"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3329
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 modernizr.custom.js Show response
obereginfo.ru/wp-content/plugins/mistape/assets/js/ 8 KB
8 KB 34ms
22ms Script
application/javascript 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://obereginfo.ru/wp-content/plugins/mistape/assets/js/modernizr.custom.js?ver=1.3.9
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 77c7267f54dffcef28af7d1d7e506f7927c257e014728694ce7f494ea483feed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:44:00 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa390-20b4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 8372
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mistape-front.js Show response
obereginfo.ru/wp-content/plugins/mistape/assets/js/ 29 KB
29 KB 39ms
23ms Script
application/javascript 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://obereginfo.ru/wp-content/plugins/mistape/assets/js/mistape-front.js?ver=1629463440
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8d8a37a25b3540166db9800e8331acc61287510b5bbf137eef74fbe42fdcd153

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:44:00 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa390-740b"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 29707
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 swiper@4.5.0 Show response
cdn.jsdelivr.net/npm/ 125 KB
34 KB 100ms
27ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/swiper@4.5.0

Requested by

Host: obereginfo.ru
URL: https://obereginfo.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9c90c601bc81ad71ed8be557ff9b095de5aae947926e84011e2728cf65250a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 43338
x-jsd-version: 4.5.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230109-FRA, cache-yyz4572-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"1f3be-oHOLR2eji5Dhd5IEHWSO1iHasq4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UyJdYDJijn6JRFMUkHBEaRV3wZ4bZwUXIPp83mGEpVxHpZopl%2FZiGoL3fUofzOypoavcxoim4CBq5IHvpR4M5BOZmPcGQ2h2e%2FAs2RLl2w%2F3crxQM5j%2F2Le5kjQ6UJklgpdOyv7jY7XCx3qN8L8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7a5958348f3c68fd-FRA

GET
H2 200 scripts.js Show response
obereginfo.ru/wp-content/themes/obereginfo.ru/js/ 8 KB
9 KB 40ms
24ms Script
application/javascript 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/js/scripts.js
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9f153f9deb76a35966f6fb8b1568a1b75d72bd2d04c52d3dac642c77339f8fbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:43:58 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa38e-213d"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 8509
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-embed.min.js Show response
obereginfo.ru/wp-includes/js/ 1 KB
2 KB 40ms
24ms Script
application/javascript 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://obereginfo.ru/wp-includes/js/wp-embed.min.js?ver=5.3.14
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:44:07 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa397-56f"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1391
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tag.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 212 KB
85 KB 98ms
35ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Requested by

Host: obereginfo.ru
URL: https://obereginfo.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9ad9acd9b4374cc4a4411ff72653f7940965f416237d1ea765019541d9d44c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 34051
x-jsd-version: 1.259.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230100-FRA, cache-jnb7025-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"34ed4-+DhUIHyDrLGOPBMQNI6rR1Bj+fE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BKP5fU4uKHJjXsz%2FdDITJZ4f0DYmNo4cH%2BDbqtGngsRmO8sgXQ3oo4AJVvUC%2FJB1WZRV2lmZoNoIcnPRYqyIurwsJ7cOzwphu1%2FqicGNzmY2OEif0%2Bi4uVrAOMtQZTfvbZvWmpGW5UlG0jtFEQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7a5958348f3d68fd-FRA

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ae87541edbcf2f6fe8bf9caeb67d539a28494c5c05f06d7c42229a5325c77bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 logo.png
obereginfo.ru/wp-content/themes/obereginfo.ru/img/ 4 KB
4 KB 72ms
66ms Image
image/png 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/img/logo.png
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a3bd52853cb28a78d74a9c20acdc29d5146b96eee135bdb5d60c9a853153a163

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/wp-content/themes/obereginfo.ru/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:43:58 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa38e-f45"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3909
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 440 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb4416547d534785ee43978c462381cf8d7f2dcb2bf58b3b0be498c49aafa231

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 header-image.png
obereginfo.ru/wp-content/themes/obereginfo.ru/img/ 76 KB
76 KB 72ms
66ms Image
image/png 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/img/header-image.png
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/wp-content/themes/obereginfo.ru/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2877cd738330405abe884cea5c23e52bbbf486d2a45f77d2db0580df6e2f6ac0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/wp-content/themes/obereginfo.ru/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:43:58 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa38e-12fde"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 77790
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b9e9162dec0d2b99d17837ab6a9be0fe397017f2735d002b242397c3b3e7d16

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 400 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1807b7b5005435db8c930dc8d652595d10158b65bbc422974c6b86bfd97f7d7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 461 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d35dc868b23cad93d3ca7f6722707216e986c08eb6e3db21a46ff97724adf3c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 546 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30b344f16aede10730e9578585d1ffc4b767f0f5d383df315f2b9162a5b5236a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 889 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 357f0a2f0cc3eba79fb3fdc765af98ef1580c7724c2d94d9163fab169562d402

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4iCv6KVjbNBYlgoCjC3jtGyNL4U.woff2
fonts.gstatic.com/s/ubuntu/v20/ 18 KB
18 KB 105ms
42ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jtGyNL4U.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,400,400i,500,700&display=swap&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbeb7f7f618c8d82bce1600d57e67a9f6759bed1d00097935d1714440dcbdb7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://obereginfo.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 12:43:07 GMT
x-content-type-options: nosniff
age: 62314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18672
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 12:43:07 GMT

GET
H2 200 4iCv6KVjbNBYlgoC1CzjtGyNL4U.woff2
fonts.gstatic.com/s/ubuntu/v20/ 21 KB
21 KB 81ms
18ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoC1CzjtGyNL4U.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,400,400i,500,700&display=swap&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92ca60a1917b9ebb08ee7ddf0860b217985b8468acf0de9ed41d90c3f5dda926

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://obereginfo.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 22:51:50 GMT
x-content-type-options: nosniff
age: 25791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21128
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:04:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 22:51:50 GMT

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 34 KB
34 KB 120ms
57ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,400,400i,500,700&display=swap&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://obereginfo.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 23:06:46 GMT
x-content-type-options: nosniff
age: 24895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 23:06:46 GMT

GET
H2 200 4iCv6KVjbNBYlgoC1CzjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 38 KB
38 KB 111ms
49ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoC1CzjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,400,400i,500,700&display=swap&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5515c53111bb4a4f45aff63d06df893ae9033dc85e82cc2ef27fc099a4d7609

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://obereginfo.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:10:14 GMT
x-content-type-options: nosniff
age: 161487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38752
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:04:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 09:10:14 GMT

GET
H2 200 4iCs6KVjbNBYlgoKew72j00.woff2
fonts.gstatic.com/s/ubuntu/v20/ 20 KB
20 KB 86ms
29ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKew72j00.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,400,400i,500,700&display=swap&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1400c92345dcd9dbf746acab2c60e8580aa959473e9e56c8772cadcf7734b76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://obereginfo.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 10:53:26 GMT
x-content-type-options: nosniff
age: 241695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20860
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:15:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Mar 2024 10:53:26 GMT

GET
H2 200 rating_1_over.gif
obereginfo.ru/wp-content/plugins/wp-postratings/images/heart/ 1 KB
1 KB 25ms
24ms Image
image/gif 88.99.216.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obereginfo.ru/wp-content/plugins/wp-postratings/images/heart/rating_1_over.gif
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.216.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.216.99.88.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5c0298403a84dfc70e836ce023007d085e3a074238fbb91edba9420a1f6286e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:41 GMT
last-modified: Fri, 20 Aug 2021 12:43:59 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "611fa38f-401"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1025
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/3/
Redirect Chain

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fobereginfo.ru%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A798%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%...
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fobereginfo.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A798%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US...

264 B
347 B

70ms
69ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fobereginfo.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A798%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A980%3Acn%3A2%3Adp%3A0%3Als%3A1234098147496%3Ahid%3A137516003%3Az%3A0%3Ai%3A20230310060142%3Aet%3A1678428102%3Ac%3A1%3Arn%3A551865329%3Arqn%3A1%3Au%3A167842810211452632%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C81%2C142%2C24%2C311%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1678428101108%3Ast%3A1678428102&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: obereginfo.ru
URL: https://obereginfo.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

26cee62fb4c5d428c12cc5b3e00b36402df245f8af2ca22f2df00d3e90a0c499

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 06:01:42 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 10-Mar-2023 06:01:42 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://obereginfo.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 264
x-xss-protection: 1; mode=block
expires: Fri, 10-Mar-2023 06:01:42 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Mar 2023 06:01:42 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 10-Mar-2023 06:01:42 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/3/1?wmode=7&page-url=https%3A%2F%2Fobereginfo.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A798%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A980%3Acn%3A2%3Adp%3A0%3Als%3A1234098147496%3Ahid%3A137516003%3Az%3A0%3Ai%3A20230310060142%3Aet%3A1678428102%3Ac%3A1%3Arn%3A551865329%3Arqn%3A1%3Au%3A167842810211452632%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C81%2C142%2C24%2C311%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1678428101108%3Ast%3A1678428102&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://obereginfo.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 10-Mar-2023 06:01:42 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/49460548/
Redirect Chain

https://mc.yandex.ru/watch/49460548?wmode=7&page-url=https%3A%2F%2Fobereginfo.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A798%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av...
https://mc.yandex.ru/watch/49460548/1?wmode=7&page-url=https%3A%2F%2Fobereginfo.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A798%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3...

454 B
490 B

74ms
74ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/49460548/1?wmode=7&page-url=https%3A%2F%2Fobereginfo.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A798%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A980%3Acn%3A1%3Adp%3A0%3Als%3A717597349159%3Ahid%3A137516003%3Az%3A0%3Ai%3A20230310060142%3Aet%3A1678428102%3Ac%3A1%3Arn%3A1005166801%3Arqn%3A1%3Au%3A167842810211452632%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C81%2C142%2C24%2C311%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1678428101108%3Arqnl%3A1%3Ast%3A1678428102%3At%3A%D0%9E%D0%B1%D0%B5%D1%80%D0%B5%D0%B3%20%D0%98%D0%BD%D1%84%D0%BE%20-%20%D0%BE%D0%B1%D0%B5%D1%80%D0%B5%D0%B3%D0%B8%2C%20%D1%82%D0%B0%D0%BB%D0%B8%D1%81%D0%BC%D0%B0%D0%BD%D1%8B%2C%20%D0%BC%D0%BE%D0%BB%D0%B8%D1%82%D0%B2%D1%8B%2C%20%D0%BA%D1%83%D0%BA%D0%BB%D1%8B&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: obereginfo.ru
URL: https://obereginfo.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

80072034d81e9a703c3820cac8eeac27fe10a44689a93d336cc681a3ed05cefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 06:01:42 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 10-Mar-2023 06:01:42 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://obereginfo.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 454
x-xss-protection: 1; mode=block
expires: Fri, 10-Mar-2023 06:01:42 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Mar 2023 06:01:42 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 10-Mar-2023 06:01:42 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/49460548/1?wmode=7&page-url=https%3A%2F%2Fobereginfo.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A798%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A980%3Acn%3A1%3Adp%3A0%3Als%3A717597349159%3Ahid%3A137516003%3Az%3A0%3Ai%3A20230310060142%3Aet%3A1678428102%3Ac%3A1%3Arn%3A1005166801%3Arqn%3A1%3Au%3A167842810211452632%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C81%2C142%2C24%2C311%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1678428101108%3Arqnl%3A1%3Ast%3A1678428102%3At%3A%D0%9E%D0%B1%D0%B5%D1%80%D0%B5%D0%B3%20%D0%98%D0%BD%D1%84%D0%BE%20-%20%D0%BE%D0%B1%D0%B5%D1%80%D0%B5%D0%B3%D0%B8%2C%20%D1%82%D0%B0%D0%BB%D0%B8%D1%81%D0%BC%D0%B0%D0%BD%D1%8B%2C%20%D0%BC%D0%BE%D0%BB%D0%B8%D1%82%D0%B2%D1%8B%2C%20%D0%BA%D1%83%D0%BA%D0%BB%D1%8B&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://obereginfo.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 10-Mar-2023 06:01:42 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303070401/ 361 KB
119 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303070401/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9282886054584271&plah=obereginfo.ru&bust=31072927

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

370f4b870769960b15948ce54286c96f0cd0bfca18a49705cb1453f66f1e7ece

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121630
x-xss-protection: 0
server: cafe
etag: 17603696529055672290
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 06:01:42 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230307/r20190131/ Frame 0E9D 10 KB
5 KB 69ms
19ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230307/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://obereginfo.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35711
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 20:06:31 GMT
etag: 2378337311435320485
expires: Thu, 23 Mar 2023 20:06:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
187 B 175ms
72ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: obereginfo.ru
URL: https://obereginfo.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:42 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Mar 2023 10:05:49 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6406e24d-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 10 Mar 2023 07:01:42 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
605 B 72ms
27ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=obereginfo.ru&callback=_gfp_s_&client=ca-pub-9282886054584271

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303070401/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9282886054584271&plah=obereginfo.ru&bust=31072927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a2b9f25593c78f14a98794a1fc21334a3fd833953f8499c82bed7bc438c7b23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 74ms
28ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=obereginfo.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 73ms
27ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=obereginfo.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4FDC 328 KB
74 KB 474ms
474ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9282886054584271&output=html&adk=1812271804&adf=1573534164&lmt=1678428102&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_r&format=0x0&url=https%3A%2F%2Fobereginfo.ru%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678428102026&bpp=4&bdt=381&idt=114&shv=r20230307&mjsv=m202303070401&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5334749556943&frm=20&pv=2&ga_vid=1827833561.1678428102&ga_sid=1678428102&ga_hid=261455705&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759875%2C44759837%2C44759926%2C31072927%2C31072952%2C31071975&oid=2&pvsid=203261357837615&tmod=1559851496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=144

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab82e4b5c2fdeca33c040309220e206a4aac300c117a8b20d27f5ee3a9b63c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://obereginfo.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 75773
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Mar 2023 06:01:42 GMT
expires: Fri, 10 Mar 2023 06:01:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain

https://mc.webvisor.org/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9938.j2q7FY3nWrumryFdcWH82Gkl0Vpdba0loNUhsxHeTR7p3m4umKkZSm-tKgGE762O.tdia4zyNmCB5bfCbE3gquJ8YK-M%2C
https://mc.webvisor.org/sync_cookie_image_decide?token=9938.ddAVJyGwyvw6liBJm74Mc1FEvtJIp1TARO-1qSPr4mzt0SSCOW07hanKEfllFWKJ8lEgaE9PnHW0HFADlOJTfT5fOZgksZob2flB4jtcNPpxu3MUoYAzCA19GHlqyvn3NSyPlLw-g...

43 B
506 B

75ms
74ms

Image
image/gif

154.47.36.107
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.webvisor.org/sync_cookie_image_decide?token=9938.ddAVJyGwyvw6liBJm74Mc1FEvtJIp1TARO-1qSPr4mzt0SSCOW07hanKEfllFWKJ8lEgaE9PnHW0HFADlOJTfT5fOZgksZob2flB4jtcNPpxu3MUoYAzCA19GHlqyvn3NSyPlLw-gwLR9qzbAGXfxitYyeZ7zGkS6vLVdt59TStcMwk5PbCH0IOmkgkaIoOwyXsIF_YclyEwUSV-RBNMLEha6qKlurmbvhtS0-d7Bb0%2C.01Xrfb_q8UrCmCt0C8M3Vslq-rs%2C

Requested by

Host: obereginfo.ru
URL: https://obereginfo.ru/

Protocol

Server

154.47.36.107 , United States, ASN174 (COGENT-174, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:42 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.webvisor.org/sync_cookie_image_decide?token=9938.ddAVJyGwyvw6liBJm74Mc1FEvtJIp1TARO-1qSPr4mzt0SSCOW07hanKEfllFWKJ8lEgaE9PnHW0HFADlOJTfT5fOZgksZob2flB4jtcNPpxu3MUoYAzCA19GHlqyvn3NSyPlLw-gwLR9qzbAGXfxitYyeZ7zGkS6vLVdt59TStcMwk5PbCH0IOmkgkaIoOwyXsIF_YclyEwUSV-RBNMLEha6qKlurmbvhtS0-d7Bb0%2C.01Xrfb_q8UrCmCt0C8M3Vslq-rs%2C
date: Fri, 10 Mar 2023 06:01:42 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303070401/ 150 KB
51 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303070401/reactive_library_fy2021.js?bust=31072927

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5c2e456060cc014f3bb52a998332529a64b4ea15959eb68f8ceeefca89c3cdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52392
x-xss-protection: 0
server: cafe
etag: 16630701943268127053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 06:01:42 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 37ms
29ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=obereginfo.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 36ms
27ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=obereginfo.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5D4E 89 KB
26 KB 283ms
282ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9282886054584271&output=html&h=280&adk=4070374814&adf=200266896&pi=t.aa~a.3885849338~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1678428102&rafmt=1&to=qs&pwprc=6977672473&format=1200x280&url=https%3A%2F%2Fobereginfo.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678428102730&bpp=2&bdt=1085&idt=-M&shv=r20230307&mjsv=m202303070401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63ac26277b81cbe2-229de1e048dd0044%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZOlQxQQnVP9W1nUqxOUzQK9qJ3hw&gpic=UID%3D00000bc2ccf04990%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZhUxfy2sCiIB1O_6dTYlktX9RKPg&prev_fmts=0x0&nras=2&correlator=5334749556943&frm=20&pv=1&ga_vid=1827833561.1678428102&ga_sid=1678428102&ga_hid=261455705&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759875%2C44759837%2C44759926%2C31072927%2C31072952%2C31071975&oid=2&pvsid=203261357837615&tmod=1559851496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=U1CnLXS6sH&p=https%3A//obereginfo.ru&dtd=18

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99239a5654d2e3df9cb2def08dd61b7e66ac12d62e4ec0e032a6ed25c3240622

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://obereginfo.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 26985
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Mar 2023 06:01:43 GMT
expires: Fri, 10 Mar 2023 06:01:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 95A4 27 KB
12 KB 255ms
254ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9282886054584271&output=html&h=280&adk=4070374814&adf=3541544065&pi=t.aa~a.508132186~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1678428102&rafmt=1&to=qs&pwprc=6977672473&format=1200x280&url=https%3A%2F%2Fobereginfo.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678428102730&bpp=1&bdt=1084&idt=-M&shv=r20230307&mjsv=m202303070401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63ac26277b81cbe2-229de1e048dd0044%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZOlQxQQnVP9W1nUqxOUzQK9qJ3hw&gpic=UID%3D00000bc2ccf04990%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZhUxfy2sCiIB1O_6dTYlktX9RKPg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5334749556943&frm=20&pv=1&ga_vid=1827833561.1678428102&ga_sid=1678428102&ga_hid=261455705&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759875%2C44759837%2C44759926%2C31072927%2C31072952%2C31071975&oid=2&pvsid=203261357837615&tmod=1559851496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=NU1RE8M3N9&p=https%3A//obereginfo.ru&dtd=25

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90dcf383fd5013785f26ba943d64ebdc85f34a3736d8825946926d82d32f8501

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://obereginfo.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12423
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Mar 2023 06:01:42 GMT
expires: Fri, 10 Mar 2023 06:01:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AE26 107 KB
37 KB 283ms
278ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9282886054584271&output=html&h=280&adk=2509025803&adf=1232481941&pi=t.aa~a.3798260991~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1678428102&rafmt=1&to=qs&pwprc=6977672473&format=1200x280&url=https%3A%2F%2Fobereginfo.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678428102730&bpp=1&bdt=1085&idt=1&shv=r20230307&mjsv=m202303070401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63ac26277b81cbe2-229de1e048dd0044%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZOlQxQQnVP9W1nUqxOUzQK9qJ3hw&gpic=UID%3D00000bc2ccf04990%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZhUxfy2sCiIB1O_6dTYlktX9RKPg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5334749556943&frm=20&pv=1&ga_vid=1827833561.1678428102&ga_sid=1678428102&ga_hid=261455705&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759875%2C44759837%2C44759926%2C31072927%2C31072952%2C31071975&oid=2&pvsid=203261357837615&tmod=1559851496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=iMLHqwcBux&p=https%3A//obereginfo.ru&dtd=28

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e8a6e127ea8f45b7363735f4ec842bd3c1de980902cd4f5092e6a429e4bb94b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://obereginfo.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37498
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Mar 2023 06:01:43 GMT
expires: Fri, 10 Mar 2023 06:01:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 37ms
36ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=obereginfo.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 37ms
37ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=obereginfo.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/ Frame A685 10 KB
4 KB 26ms
25ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://obereginfo.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 21660
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Mar 2023 00:00:42 GMT
etag: 2378337311435320485
expires: Fri, 24 Mar 2023 00:00:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/ Frame BED3 10 KB
4 KB 33ms
31ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://obereginfo.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 21660
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Mar 2023 00:00:42 GMT
etag: 2378337311435320485
expires: Fri, 24 Mar 2023 00:00:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/ Frame F5A6 10 KB
4 KB 45ms
22ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://obereginfo.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 21660
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Mar 2023 00:00:42 GMT
etag: 2378337311435320485
expires: Fri, 24 Mar 2023 00:00:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame A685 4 KB
732 B 49ms
27ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Mar 2023 06:01:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 04:05:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Mar 2023 06:01:42 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A685 205 B
650 B 85ms
19ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 01:28:17 GMT
x-content-type-options: nosniff
age: 16405
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 09 Mar 2024 01:28:17 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A685 604 B
695 B 86ms
20ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 00:14:52 GMT
x-content-type-options: nosniff
age: 20810
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 09 Mar 2024 00:14:52 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/elements/html/ Frame A685 20 KB
9 KB 89ms
20ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e37316f20ee8564506ca9dbf035ba412ef6f79d7fd534c98b6f7d2bd49e11dc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:02:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39543
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8547
x-xss-protection: 0
server: cafe
etag: 17360858034827311943
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 19:02:39 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BED3 6 KB
745 B 44ms
32ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Mar 2023 06:01:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 05:58:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Mar 2023 06:01:42 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame BED3 2 KB
818 B 97ms
44ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 17:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44368
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 17:42:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/ Frame BED3 22 KB
9 KB 72ms
21ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 17:39:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44545
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 17:39:17 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame BED3 3 KB
1 KB 96ms
46ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 17:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44368
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 17:42:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame BED3 20 KB
8 KB 76ms
26ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 17:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44368
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 17:42:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BED3 158 KB
49 KB 49ms
42ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Mar 2023 06:01:42 GMT

GET
H2 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame BED3 34 KB
14 KB 67ms
20ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 07:15:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 07:15:40 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F5A6 0
0 70ms
69ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CrDXCxscKZI_-DIOK-cAP35qUsAfJntKxXI3w4taTAcCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi05MjgyODg2MDU0NTg0MjcxyAEJqQL5fol0n8KxPqgDAcgDAqoEuAFP0PKhUesyQScTrh9AQET94MHaBm8zQv50IUzZD6yBwD_8LLvWpMqh-PwjGBMVHfNF1GOGK25jRVc_HmgU7UilGe4JYjAbZEewpCo5AkT56Gcel413J5nE3vXGYlfS4LQcoqKnnGtOdDN8EhXHdYtFiIHcxD8LYozbupAXU4T2NW_1_eYIPPS8zD2ue55TD3VFviMgr9kuQ2tg1ZJoggolN-bJoHbf80J8oD7-pNiUqw2GHw-lHNbGgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi05MjgyODg2MDU0NTg0MjcxGAA&sigh=mhKlmHHrPh0&uach_m=[UACH]&cid=CAQSGwDUE5ymojRIKaS_UkV7G4EbWL8NsFcNMCtkYhgB

Requested by

Host: obereginfo.ru
URL: https://obereginfo.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 10 Mar 2023 06:01:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 10 Mar 2023 06:01:42 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame F5A6 0
0 162ms
39ms Fetch 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EMz6RO0HfJ2DYgICAAAAdtelgQcLLbgQxccKZC6wqkEqabWRwF4AABIAAAoOQVFVQkFRWUJBUUVCQVE&wp=ZArHxgADPw8CHkUDAAUNX8zdL_J9YUaxmwlnbg

Requested by

Host: obereginfo.ru
URL: https://obereginfo.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:42 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 183344
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 6D6D 161 KB
51 KB 176ms
100ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZArHxgADPw8CHkUDAAUNX8zdL_J9YUaxmwlnbg&u=%7C6vIzTdtzmMOO2KXGgdktRjNfu42CbupFZ7cqYuxaOYw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86wVX5GOWVqOihvpKyLFpE7fcRfdFsEHfrnUbYd_GXgTb5fRKN9F8CNTPiQ3X_ObXIJFoySUwPiSf9MSSMEi4OwSNQLUvEZ605ACNCQzJcbTIoWrECQZTfOtOYxe6jkKeS_LH4stnSoky-aAHWWf2i7S4ffgkFyQqdGU1poWieND_WUJIbatWz1lY-cONUSU2yCePAsXZXfkAKPXIZGifK-IFLcudcwbVe-vDGD4zBCbna40BNcRl0AqdkjIRyk32C7aT8btrrfqM1ozbX9RkE7JA9NReL1NANGYgay7cjTj2U9VsSqr3u3P-fgVqiJ-W4tp-czdDN-zeGFboxBQYTUy8r-zdEEtuyqBiA--hjrtI9UA5mXgL5yI8bXvinnkETy-m6BEZnsBOHpOojhLFJySFAPLQHaFPfbLB0bOjZScDeu4TzdcVVjawWs3qFmOmCJ4R5Qk7_NFX63CblTVjL73fiiMbNoboBQb3RYx8Dve-pFLUEJfgIO74ps411DknvOIq0wJuWBl2SX3YrVzJqiV_O-PLs12M-Sz2KsFwU78HXrHbRmnjYp3OaVQg17FhkQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHcN-xscKZI_-DIOK-cAP35qUsAfJntKxXI3w4taTAcCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi05MjgyODg2MDU0NTg0MjcxyAEJqQL5fol0n8KxPqgDAcgDAqoEuwFP0PKhUesyQScTrh9AQET94MHaBm8zQv50IUzZD6yBwD_8LLvWpMqh-PwjGBMVHfNF1GOGK25jRVc_HmgU7UilGe4JYjAbZEewpCo5AkT56Gcel413J5nE3vXGYlfS4LQcoqKnnGtOdDN8EhXHdYtFiIHcxD8LYozbupAXU4T2NW_1_eYIPPS8zD2ue55TD3VFvmEijkupzPdzag58IdoYkR7AtHxp-WxkIoo2mX5mFBOqB4oPmMV5VoIkgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Z08vzDyao3UDRhtxIFzG070v1xA%26client%3Dca-pub-9282886054584271%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1fcc1456f56a63e72ecae147b81ecbff0e0826c8d10f58ed87b7d1ddeaeb1937

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 10 Mar 2023 06:01:42 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=DZ3-8rM5pKgaXQlLFJrhLOLJz8vIwAOYw2FUMr0jm2sNmInnUdkT3KzrkiQEpg9Fxnr3UnW7e6jUdqrGlEr8QdWTdrqfKoHYJ8mudQimkkfVzeiconVovsqc3Bgel-isjKpmxqrWQyRCFNymuGKDCnrcruwwx6gzYRtRxsruF8lB_CFL1UEtgTvePHahSEtewg0PH0Dq9zhfcvNeuV44jbmdWQ4zOBejyX-GyjOsmxE6Dnf5Q5LXc8Zl7ISJ1cJSEXdzGA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 56083605
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame F5A6 3 KB
1 KB 83ms
47ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 17:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44368
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 17:42:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame F5A6 20 KB
8 KB 76ms
40ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 17:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44368
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 17:42:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F5A6 158 KB
49 KB 57ms
55ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Mar 2023 06:01:42 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5B35 8 KB
895 B 38ms
36ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Mar 2023 06:01:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 05:57:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Mar 2023 06:01:42 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 5B35 2 KB
799 B 46ms
41ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 17:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44368
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 17:42:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/ Frame 5B35 22 KB
9 KB 40ms
20ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 17:39:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44545
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 17:39:17 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 5B35 3 KB
1 KB 45ms
25ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 17:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44368
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 17:42:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 5B35 20 KB
8 KB 41ms
22ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 17:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44368
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 17:42:14 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5B35 158 KB
49 KB 59ms
44ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Mar 2023 06:01:42 GMT

GET
H2 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame 5B35 34 KB
14 KB 47ms
28ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 07:15:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 07:15:40 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame ECAC 143 B
166 B 27ms
23ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2373
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Mar 2023 05:22:10 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F5A6 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27919f3f849b468d0c74bf0ffb86b16d33c1ffce5387fc4c46114a2fd7ab3c45

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 95A4 3 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9282886054584271&output=html&h=280&adk=4070374814&adf=3541544065&pi=t.aa~a.508132186~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1678428102&rafmt=1&to=qs&pwprc=6977672473&format=1200x280&url=https%3A%2F%2Fobereginfo.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678428102730&bpp=1&bdt=1084&idt=-M&shv=r20230307&mjsv=m202303070401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63ac26277b81cbe2-229de1e048dd0044%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZOlQxQQnVP9W1nUqxOUzQK9qJ3hw&gpic=UID%3D00000bc2ccf04990%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZhUxfy2sCiIB1O_6dTYlktX9RKPg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5334749556943&frm=20&pv=1&ga_vid=1827833561.1678428102&ga_sid=1678428102&ga_hid=261455705&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759875%2C44759837%2C44759926%2C31072927%2C31072952%2C31071975&oid=2&pvsid=203261357837615&tmod=1559851496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=NU1RE8M3N9&p=https%3A//obereginfo.ru&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 17:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44369
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 17:42:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 95A4 20 KB
8 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 17:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44369
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 17:42:14 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 95A4 0
0 83ms
27ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS7ku-bjiXXEzUtaZT-1gV_qysk329lqAH_yVI8GviKaxlzLFhFQ7AKjt982kUx0wGuFwgFnycDuHlus1qmuHmEd_r2Dw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9282886054584271&output=html&h=280&adk=4070374814&adf=3541544065&pi=t.aa~a.508132186~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1678428102&rafmt=1&to=qs&pwprc=6977672473&format=1200x280&url=https%3A%2F%2Fobereginfo.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678428102730&bpp=1&bdt=1084&idt=-M&shv=r20230307&mjsv=m202303070401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63ac26277b81cbe2-229de1e048dd0044%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZOlQxQQnVP9W1nUqxOUzQK9qJ3hw&gpic=UID%3D00000bc2ccf04990%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZhUxfy2sCiIB1O_6dTYlktX9RKPg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5334749556943&frm=20&pv=1&ga_vid=1827833561.1678428102&ga_sid=1678428102&ga_hid=261455705&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759875%2C44759837%2C44759926%2C31072927%2C31072952%2C31071975&oid=2&pvsid=203261357837615&tmod=1559851496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=NU1RE8M3N9&p=https%3A//obereginfo.ru&dtd=25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 95A4 158 KB
49 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Mar 2023 06:01:43 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5D4E 3 KB
601 B 30ms
29ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9282886054584271&output=html&h=280&adk=4070374814&adf=200266896&pi=t.aa~a.3885849338~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1678428102&rafmt=1&to=qs&pwprc=6977672473&format=1200x280&url=https%3A%2F%2Fobereginfo.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678428102730&bpp=2&bdt=1085&idt=-M&shv=r20230307&mjsv=m202303070401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63ac26277b81cbe2-229de1e048dd0044%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZOlQxQQnVP9W1nUqxOUzQK9qJ3hw&gpic=UID%3D00000bc2ccf04990%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZhUxfy2sCiIB1O_6dTYlktX9RKPg&prev_fmts=0x0&nras=2&correlator=5334749556943&frm=20&pv=1&ga_vid=1827833561.1678428102&ga_sid=1678428102&ga_hid=261455705&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759875%2C44759837%2C44759926%2C31072927%2C31072952%2C31071975&oid=2&pvsid=203261357837615&tmod=1559851496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=U1CnLXS6sH&p=https%3A//obereginfo.ru&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Mar 2023 06:01:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 05:57:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Mar 2023 06:01:43 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 5D4E 2 KB
765 B 19ms
18ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9282886054584271&output=html&h=280&adk=4070374814&adf=200266896&pi=t.aa~a.3885849338~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1678428102&rafmt=1&to=qs&pwprc=6977672473&format=1200x280&url=https%3A%2F%2Fobereginfo.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678428102730&bpp=2&bdt=1085&idt=-M&shv=r20230307&mjsv=m202303070401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63ac26277b81cbe2-229de1e048dd0044%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZOlQxQQnVP9W1nUqxOUzQK9qJ3hw&gpic=UID%3D00000bc2ccf04990%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZhUxfy2sCiIB1O_6dTYlktX9RKPg&prev_fmts=0x0&nras=2&correlator=5334749556943&frm=20&pv=1&ga_vid=1827833561.1678428102&ga_sid=1678428102&ga_hid=261455705&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759875%2C44759837%2C44759926%2C31072927%2C31072952%2C31071975&oid=2&pvsid=203261357837615&tmod=1559851496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=U1CnLXS6sH&p=https%3A//obereginfo.ru&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 17:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44369
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 17:42:14 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/ Frame 5D4E 22 KB
9 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9282886054584271&output=html&h=280&adk=4070374814&adf=200266896&pi=t.aa~a.3885849338~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1678428102&rafmt=1&to=qs&pwprc=6977672473&format=1200x280&url=https%3A%2F%2Fobereginfo.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678428102730&bpp=2&bdt=1085&idt=-M&shv=r20230307&mjsv=m202303070401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63ac26277b81cbe2-229de1e048dd0044%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZOlQxQQnVP9W1nUqxOUzQK9qJ3hw&gpic=UID%3D00000bc2ccf04990%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZhUxfy2sCiIB1O_6dTYlktX9RKPg&prev_fmts=0x0&nras=2&correlator=5334749556943&frm=20&pv=1&ga_vid=1827833561.1678428102&ga_sid=1678428102&ga_hid=261455705&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759875%2C44759837%2C44759926%2C31072927%2C31072952%2C31071975&oid=2&pvsid=203261357837615&tmod=1559851496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=U1CnLXS6sH&p=https%3A//obereginfo.ru&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 17:39:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44546
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 17:39:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 5D4E 3 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9282886054584271&output=html&h=280&adk=4070374814&adf=200266896&pi=t.aa~a.3885849338~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1678428102&rafmt=1&to=qs&pwprc=6977672473&format=1200x280&url=https%3A%2F%2Fobereginfo.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678428102730&bpp=2&bdt=1085&idt=-M&shv=r20230307&mjsv=m202303070401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63ac26277b81cbe2-229de1e048dd0044%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZOlQxQQnVP9W1nUqxOUzQK9qJ3hw&gpic=UID%3D00000bc2ccf04990%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZhUxfy2sCiIB1O_6dTYlktX9RKPg&prev_fmts=0x0&nras=2&correlator=5334749556943&frm=20&pv=1&ga_vid=1827833561.1678428102&ga_sid=1678428102&ga_hid=261455705&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759875%2C44759837%2C44759926%2C31072927%2C31072952%2C31071975&oid=2&pvsid=203261357837615&tmod=1559851496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=U1CnLXS6sH&p=https%3A//obereginfo.ru&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 17:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44369
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 17:42:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 5D4E 20 KB
8 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9282886054584271&output=html&h=280&adk=4070374814&adf=200266896&pi=t.aa~a.3885849338~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1678428102&rafmt=1&to=qs&pwprc=6977672473&format=1200x280&url=https%3A%2F%2Fobereginfo.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678428102730&bpp=2&bdt=1085&idt=-M&shv=r20230307&mjsv=m202303070401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63ac26277b81cbe2-229de1e048dd0044%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZOlQxQQnVP9W1nUqxOUzQK9qJ3hw&gpic=UID%3D00000bc2ccf04990%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZhUxfy2sCiIB1O_6dTYlktX9RKPg&prev_fmts=0x0&nras=2&correlator=5334749556943&frm=20&pv=1&ga_vid=1827833561.1678428102&ga_sid=1678428102&ga_hid=261455705&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759875%2C44759837%2C44759926%2C31072927%2C31072952%2C31071975&oid=2&pvsid=203261357837615&tmod=1559851496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=U1CnLXS6sH&p=https%3A//obereginfo.ru&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 17:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44369
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 17:42:14 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5D4E 158 KB
49 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9282886054584271&output=html&h=280&adk=4070374814&adf=200266896&pi=t.aa~a.3885849338~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1678428102&rafmt=1&to=qs&pwprc=6977672473&format=1200x280&url=https%3A%2F%2Fobereginfo.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678428102730&bpp=2&bdt=1085&idt=-M&shv=r20230307&mjsv=m202303070401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63ac26277b81cbe2-229de1e048dd0044%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZOlQxQQnVP9W1nUqxOUzQK9qJ3hw&gpic=UID%3D00000bc2ccf04990%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZhUxfy2sCiIB1O_6dTYlktX9RKPg&prev_fmts=0x0&nras=2&correlator=5334749556943&frm=20&pv=1&ga_vid=1827833561.1678428102&ga_sid=1678428102&ga_hid=261455705&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759875%2C44759837%2C44759926%2C31072927%2C31072952%2C31071975&oid=2&pvsid=203261357837615&tmod=1559851496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=U1CnLXS6sH&p=https%3A//obereginfo.ru&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Mar 2023 06:01:43 GMT

GET
H3 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame 5D4E 34 KB
14 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9282886054584271&output=html&h=280&adk=4070374814&adf=200266896&pi=t.aa~a.3885849338~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1678428102&rafmt=1&to=qs&pwprc=6977672473&format=1200x280&url=https%3A%2F%2Fobereginfo.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678428102730&bpp=2&bdt=1085&idt=-M&shv=r20230307&mjsv=m202303070401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63ac26277b81cbe2-229de1e048dd0044%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZOlQxQQnVP9W1nUqxOUzQK9qJ3hw&gpic=UID%3D00000bc2ccf04990%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZhUxfy2sCiIB1O_6dTYlktX9RKPg&prev_fmts=0x0&nras=2&correlator=5334749556943&frm=20&pv=1&ga_vid=1827833561.1678428102&ga_sid=1678428102&ga_hid=261455705&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759875%2C44759837%2C44759926%2C31072927%2C31072952%2C31071975&oid=2&pvsid=203261357837615&tmod=1559851496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=U1CnLXS6sH&p=https%3A//obereginfo.ru&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 07:15:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 07:15:40 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame AE26 8 KB
895 B 31ms
31ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9282886054584271&output=html&h=280&adk=2509025803&adf=1232481941&pi=t.aa~a.3798260991~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1678428102&rafmt=1&to=qs&pwprc=6977672473&format=1200x280&url=https%3A%2F%2Fobereginfo.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678428102730&bpp=1&bdt=1085&idt=1&shv=r20230307&mjsv=m202303070401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63ac26277b81cbe2-229de1e048dd0044%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZOlQxQQnVP9W1nUqxOUzQK9qJ3hw&gpic=UID%3D00000bc2ccf04990%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZhUxfy2sCiIB1O_6dTYlktX9RKPg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5334749556943&frm=20&pv=1&ga_vid=1827833561.1678428102&ga_sid=1678428102&ga_hid=261455705&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759875%2C44759837%2C44759926%2C31072927%2C31072952%2C31071975&oid=2&pvsid=203261357837615&tmod=1559851496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=iMLHqwcBux&p=https%3A//obereginfo.ru&dtd=28

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Mar 2023 06:01:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 04:01:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Mar 2023 06:01:43 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame AE26 2 KB
765 B 18ms
18ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 17:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44369
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 17:42:14 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/ Frame AE26 22 KB
9 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 17:39:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44546
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 17:39:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame AE26 3 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 17:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44369
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 17:42:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame AE26 20 KB
8 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 17:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44369
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 17:42:14 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame AE26 0
0 53ms
27ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTVtAhPebwUwhIICkVZTcrcXw94L8_YblCjB2x2eGpZTTTmYTQmDSUXZZbsJA6lIGosvOzI7MhntQc-msjq66carxNpXg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9282886054584271&output=html&h=280&adk=2509025803&adf=1232481941&pi=t.aa~a.3798260991~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1678428102&rafmt=1&to=qs&pwprc=6977672473&format=1200x280&url=https%3A%2F%2Fobereginfo.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678428102730&bpp=1&bdt=1085&idt=1&shv=r20230307&mjsv=m202303070401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63ac26277b81cbe2-229de1e048dd0044%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZOlQxQQnVP9W1nUqxOUzQK9qJ3hw&gpic=UID%3D00000bc2ccf04990%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZhUxfy2sCiIB1O_6dTYlktX9RKPg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5334749556943&frm=20&pv=1&ga_vid=1827833561.1678428102&ga_sid=1678428102&ga_hid=261455705&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759875%2C44759837%2C44759926%2C31072927%2C31072952%2C31071975&oid=2&pvsid=203261357837615&tmod=1559851496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=iMLHqwcBux&p=https%3A//obereginfo.ru&dtd=28
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AE26 158 KB
49 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Mar 2023 06:01:43 GMT

GET
H3 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame AE26 34 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 07:15:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 07:15:40 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 6D6D 2 KB
1 KB 141ms
34ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZArHxgADPw8CHkUDAAUNX8zdL_J9YUaxmwlnbg&u=%7C6vIzTdtzmMOO2KXGgdktRjNfu42CbupFZ7cqYuxaOYw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86wVX5GOWVqOihvpKyLFpE7fcRfdFsEHfrnUbYd_GXgTb5fRKN9F8CNTPiQ3X_ObXIJFoySUwPiSf9MSSMEi4OwSNQLUvEZ605ACNCQzJcbTIoWrECQZTfOtOYxe6jkKeS_LH4stnSoky-aAHWWf2i7S4ffgkFyQqdGU1poWieND_WUJIbatWz1lY-cONUSU2yCePAsXZXfkAKPXIZGifK-IFLcudcwbVe-vDGD4zBCbna40BNcRl0AqdkjIRyk32C7aT8btrrfqM1ozbX9RkE7JA9NReL1NANGYgay7cjTj2U9VsSqr3u3P-fgVqiJ-W4tp-czdDN-zeGFboxBQYTUy8r-zdEEtuyqBiA--hjrtI9UA5mXgL5yI8bXvinnkETy-m6BEZnsBOHpOojhLFJySFAPLQHaFPfbLB0bOjZScDeu4TzdcVVjawWs3qFmOmCJ4R5Qk7_NFX63CblTVjL73fiiMbNoboBQb3RYx8Dve-pFLUEJfgIO74ps411DknvOIq0wJuWBl2SX3YrVzJqiV_O-PLs12M-Sz2KsFwU78HXrHbRmnjYp3OaVQg17FhkQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHcN-xscKZI_-DIOK-cAP35qUsAfJntKxXI3w4taTAcCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi05MjgyODg2MDU0NTg0MjcxyAEJqQL5fol0n8KxPqgDAcgDAqoEuwFP0PKhUesyQScTrh9AQET94MHaBm8zQv50IUzZD6yBwD_8LLvWpMqh-PwjGBMVHfNF1GOGK25jRVc_HmgU7UilGe4JYjAbZEewpCo5AkT56Gcel413J5nE3vXGYlfS4LQcoqKnnGtOdDN8EhXHdYtFiIHcxD8LYozbupAXU4T2NW_1_eYIPPS8zD2ue55TD3VFvmEijkupzPdzag58IdoYkR7AtHxp-WxkIoo2mX5mFBOqB4oPmMV5VoIkgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Z08vzDyao3UDRhtxIFzG070v1xA%26client%3Dca-pub-9282886054584271%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 04 Mar 2024 06:01:43 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 6D6D 2 KB
1 KB 145ms
38ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 04 Mar 2024 06:01:43 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 6D6D 308 B
637 B 51ms
31ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 04 Mar 2024 06:01:43 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 6D6D 293 B
621 B 51ms
32ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 04 Mar 2024 06:01:43 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 6D6D 43 B
348 B 98ms
27ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ii_eg3snO68UYrYiDu2RaQt1qczrTX40k51iGRXYFIbEtQylRjEjyPiVaorcDiVP662-yDWbtKfUap9NvWAdySsvzp_NS-2s0tlYOb_n_gvztTaLg3FNIkqOsdmBvkCgVdXQ4WqlyhySZ7u0MAY7UNXf4U1bEE187lf69yawx8sYhGo6pvAFV-taOJ6SlGYq81KL8Tt7lOKgZ0DZFuPSlnzFUvN-y9wX_xM7Zv7NKAl_cb2AnmIJ1pbHwpV1shTRTOPjyDAzAin9oZRsg_n_nSY8trJUfVzZ0ZuufECMEs0s9wa9NvVf0wMyeBQ_j0PeLddKlEhZND-imUI5E-lEpruThUI9xhqz34YhqV0Sj0-vmE8VWv7JSkeFmYAiudtcoeomAhc30F-fjUaMZF_yaCBKy3uhVnPnyFJeDZ4vVRU83O4T

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 06:01:42 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1615510
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 95A4 0
0 61ms
60ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cc9Q9xscKZLHmMJmbiQaikaCgD8me0rFcxYyL4JoBwI23ARABIABglYKAgKwHggEXY2EtcHViLTkyODI4ODYwNTQ1ODQyNzHIAQmpAiAns5b-xbE-qAMBqgS-AU_QImEWt4CRKyKK-Pe1RoMtQmnjk8MOXU1W7-wvFmOo6drqbVvNmfyVRGydLvNJVA8whVJpvcPzMHMhI1sDIlT30wj0hkidfgipBvTsZhv4VYECGbP2LIZqtWqGg7X-TOGW4cqnzxX-E5_S_De9HhzkfR6IfMug6pt4PTbvJojVFjyff0jWlGgGN7e31FbfrPpH5w9e0oMnNUcUP1JmhUAxRj8vre2j3XzxT8V2G9pv3g7vMvJrBCCbXxcmhnOABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTkyODI4ODYwNTQ1ODQyNzEYAA&sigh=2msN4zsQSbk&uach_m=[UACH]&cid=CAQSOwDUE5ymVvdsxHL7dE-6L1Z9R1mD-iaHqBNsSDiKxB1Zg8zoRsgLG14FfMPg62c_b1gC0UPt0h85VDxNGAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9282886054584271&output=html&h=280&adk=4070374814&adf=3541544065&pi=t.aa~a.508132186~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1678428102&rafmt=1&to=qs&pwprc=6977672473&format=1200x280&url=https%3A%2F%2Fobereginfo.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678428102730&bpp=1&bdt=1084&idt=-M&shv=r20230307&mjsv=m202303070401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63ac26277b81cbe2-229de1e048dd0044%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZOlQxQQnVP9W1nUqxOUzQK9qJ3hw&gpic=UID%3D00000bc2ccf04990%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZhUxfy2sCiIB1O_6dTYlktX9RKPg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5334749556943&frm=20&pv=1&ga_vid=1827833561.1678428102&ga_sid=1678428102&ga_hid=261455705&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759875%2C44759837%2C44759926%2C31072927%2C31072952%2C31071975&oid=2&pvsid=203261357837615&tmod=1559851496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=NU1RE8M3N9&p=https%3A//obereginfo.ru&dtd=25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 10 Mar 2023 06:01:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 95A4 0
0 40ms
40ms Fetch 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EMz6RLAJmAKdg2ICAgAAAHbXpYEHCy24EMbHCmToe_wzc507MfVkAAASAAAKDkFRVUJBUVlCQVFFQkFR&wp=ZArHxgAMMzEKwk2ZAAgIokgmtZlHuzeRA_vaeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:42 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 228229
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 7C4A 152 KB
50 KB 80ms
80ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZArHxgAMMzEKwk2ZAAgIokgmtZlHuzeRA_vaeg&u=%7C6vIzTdtzmMMWrZpabA1pvMohusRhjQtbMppp8zH9vgE%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86wVX5GOWVqOijhVprVqhwwohmFrodkT-2HHk4w1lxb0Dz7qQKplhvEf5gSvPu1KOjPOO6rX--GdKYHT9FpMetLUUxi3B6S8n5ZWD40qxkZppYEl3LGlzPy0TxoEwar_A2TVJybOrlgZjO9fP_rILVaN-3N7C5r_GMnva7S4e8xBkS8VEk5T_eDdTCyetuRAPITIADFixWYMbN_RKu9HTkDr1pWaT85pWqaeesrYQDyQKm9Nc2exb4CF2qDGSR6iBc30jPfEgP3bDSBXwT3D65IepQiQiH-7Y0Lo6eGFBSOFAQe-K_gf8UU6nyI9mS5JiOqC2Db90cApywiK44yznGmmFLUXwum9daVGzVFx_V9jyqGPqIbF7OiT5RZWj0nth0irpD-4jMVTfaVxB6aOtfWMcYbFnV7emuX4csHjZPsnV1Ta5jzeD0qKc9OsNU_Zu5xcsaZrmVZMBYHswZ1TOzAHZSi0io_T5tHix6J86u13oQgq77Q6djW9K4soOBLU7O7TU-PPgWe5OHHbojmXGpAn_7yKq21v7cINGvpkrfamW3s59OgmBH9w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCWerxscKZLHmMJmbiQaikaCgD8me0rFcxYyL4JoBwI23ARABIABglYKAgKwHggEXY2EtcHViLTkyODI4ODYwNTQ1ODQyNzHIAQmpAiAns5b-xbE-qAMBqgTBAU_QImEWt4CRKyKK-Pe1RoMtQmnjk8MOXU1W7-wvFmOo6drqbVvNmfyVRGydLvNJVA8whVJpvcPzMHMhI1sDIlT30wj0hkidfgipBvTsZhv4VYECGbP2LIZqtWqGg7X-TOGW4cqnzxX-E5_S_De9HhzkfR6IfMug6pt4PTbvJojVFjyff0jWlGgGN7e31FbfrPpH5w9e0oMnd0U1rdXpGVOO2iuMfdAFJXXlRXN8NcLtasbSlADUGgyD2r2ilcxbNGiABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0h8kNM5wWIilEQxh2__GmZXS9opw%26client%3Dca-pub-9282886054584271%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

313cbd07d85ca0cd0937226811b601b0ec5671ac17faee529763b3827ff7db13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 10 Mar 2023 06:01:42 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=074RLLM5pKgaXQlLgBC4TCHofOQeEO9ScFWgzuCeyXytwuXLctQ4RwMR1Yl0_CUoVDTqId89yIFNKVzdqxC9jwk_99R38K1fwo2mv1P0qiH546guZnHVS39tJzkDMxyD5w3r4Ka-uId1YCiNGyNMIwOhhUjsrVExnbqg2lpDoXQAk7ID5PIaITUVCGNNp_VkP9GSy7jGBENsbCri9ctInW85U-DQMF-peJbSSE3r9tJcwILtB6cQYPjzb-wjdE35hdiIcw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 41946164
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 78BA 1 KB
643 B 21ms
20ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63502
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 12:23:21 GMT
etag: 48472445140208031
expires: Fri, 10 Mar 2023 12:23:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5D4E 0
0 64ms
63ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CaaF1xscKZITGMMmS-cAPi_mF4A7xoImwb_2rxN_RCrqT6JmXMBABIPODp2lglYKAgKwHoAGL4uziAsgBBqkC-X6JdJ_CsT6oAwHIAwKqBMgBT9DIf9K4v-tFsPMkgLGnQ3uDWmzkGyOja8j656NxuZAlXk06GdQlTx82L2bBZ7gzN0qPRHkPhMv7HxjmC3T-gdyIq6Q_nawDZ_4KjPQM3TxKcVIEIlekfThd7sRT6PurxUaGsnD8qEoGfy42l_KA25BiL9-4Pu2Bx5sGsSSMmR5_rjMDvSDLHehbz5BLsNTr7MFwEQ2BovYtTLdVtaWVn1gyy_K9Jrp5I6F1iqcLYgoc1mBpR0ByIxST12dmSw9tgz2hOLRz5yfABMrfh6TJApIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAY3gAfdnZOdAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAfIHAxDmfdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMLiBQG0BUBmBYBgBcBshccChoIABIUcHViLTkyODI4ODYwNTQ1ODQyNzEYAA&sigh=I_IX2g-Wusg&uach_m=[UACH]&cid=CAQSOwDUE5ymC2C4RSGsTFb0yLfzBHTfLhthkV9lleucX07i6DpWJJo7gsMgHso1j9SbYfC05p-LqF1RAkTiGAE&template_id=493

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9282886054584271&output=html&h=280&adk=4070374814&adf=200266896&pi=t.aa~a.3885849338~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1678428102&rafmt=1&to=qs&pwprc=6977672473&format=1200x280&url=https%3A%2F%2Fobereginfo.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678428102730&bpp=2&bdt=1085&idt=-M&shv=r20230307&mjsv=m202303070401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63ac26277b81cbe2-229de1e048dd0044%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZOlQxQQnVP9W1nUqxOUzQK9qJ3hw&gpic=UID%3D00000bc2ccf04990%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZhUxfy2sCiIB1O_6dTYlktX9RKPg&prev_fmts=0x0&nras=2&correlator=5334749556943&frm=20&pv=1&ga_vid=1827833561.1678428102&ga_sid=1678428102&ga_hid=261455705&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759875%2C44759837%2C44759926%2C31072927%2C31072952%2C31071975&oid=2&pvsid=203261357837615&tmod=1559851496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=U1CnLXS6sH&p=https%3A//obereginfo.ru&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9282886054584271&output=html&h=280&adk=4070374814&adf=200266896&pi=t.aa~a.3885849338~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1678428102&rafmt=1&to=qs&pwprc=6977672473&format=1200x280&url=https%3A%2F%2Fobereginfo.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678428102730&bpp=2&bdt=1085&idt=-M&shv=r20230307&mjsv=m202303070401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63ac26277b81cbe2-229de1e048dd0044%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZOlQxQQnVP9W1nUqxOUzQK9qJ3hw&gpic=UID%3D00000bc2ccf04990%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZhUxfy2sCiIB1O_6dTYlktX9RKPg&prev_fmts=0x0&nras=2&correlator=5334749556943&frm=20&pv=1&ga_vid=1827833561.1678428102&ga_sid=1678428102&ga_hid=261455705&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759875%2C44759837%2C44759926%2C31072927%2C31072952%2C31071975&oid=2&pvsid=203261357837615&tmod=1559851496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=U1CnLXS6sH&p=https%3A//obereginfo.ru&dtd=18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 10 Mar 2023 06:01:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AE26 0
0 65ms
65ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CN3sHxscKZObWMZfOZdassJgH6LvssW-llIHB_RC_u8G4wQkQASDzg6dpYJWCgICsB6ABwfi00gPIAQmpAvl-iXSfwrE-qAMByAPLBKoExAFP0LDJrB4LvM_0lQTRlhwa0eklPLNm43EkCXx58r8v0r7gcsh-qCALpjR2IFDi5tsWbXlG5DHx9Yxd4UFiea2118gqdZpPUAoBmUpdzlfkwL4A8cPlT8FCbcwx2uvMKJYRRb28yiAOIs_xc9ItdI6YRwUc9dQAJ6uqjZkDkNfNx0xf78GH8b7oMExRvTuEsR5G6g00LuaxEc5K9wqS0f2jINvrNsQPmF06QV2zfGy2BltAqUfYiYQHbwO9ORrUboMBrfmewASqlLDEnwSSBQQIBBgBkgUECAUYBKAGLoAHp4fLLagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPOvA9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMNiBQE0BUBmBYBgBcBshccChoIABIUcHViLTkyODI4ODYwNTQ1ODQyNzEYAA&sigh=2TJeeCxaysI&uach_m=[UACH]&cid=CAQSOwDUE5ymTPSE3hxGv4NBpKd00UmzBXhCFp9dPSFcqSLrhkd6ph2aaQvRRvCZHaJ-C_PT0iu9pmYwmSbeGAE&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9282886054584271&output=html&h=280&adk=2509025803&adf=1232481941&pi=t.aa~a.3798260991~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1678428102&rafmt=1&to=qs&pwprc=6977672473&format=1200x280&url=https%3A%2F%2Fobereginfo.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678428102730&bpp=1&bdt=1085&idt=1&shv=r20230307&mjsv=m202303070401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63ac26277b81cbe2-229de1e048dd0044%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZOlQxQQnVP9W1nUqxOUzQK9qJ3hw&gpic=UID%3D00000bc2ccf04990%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZhUxfy2sCiIB1O_6dTYlktX9RKPg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5334749556943&frm=20&pv=1&ga_vid=1827833561.1678428102&ga_sid=1678428102&ga_hid=261455705&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759875%2C44759837%2C44759926%2C31072927%2C31072952%2C31071975&oid=2&pvsid=203261357837615&tmod=1559851496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=iMLHqwcBux&p=https%3A//obereginfo.ru&dtd=28
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 10 Mar 2023 06:01:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/12353510024708185062/ Frame BED3 29 KB
29 KB 26ms
22ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12353510024708185062/2076313506083323656

Requested by

Host: obereginfo.ru
URL: https://obereginfo.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a46d7c624e64a0905b7f8dfea67ee51b84436f3c6010bc87b79a59da96a6c705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:55:18 GMT
x-content-type-options: nosniff
age: 57985
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29279
x-xss-protection: 0
last-modified: Thu, 26 Jan 2023 16:12:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 08 Mar 2024 13:55:18 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/16775698391400985251/ Frame BED3 3 KB
3 KB 28ms
25ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16775698391400985251/14763004658117789537?w=100&h=100

Requested by

Host: obereginfo.ru
URL: https://obereginfo.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540c1e5a5531635bb49a761947ce74122c931574934b66ec653b992b48d8d032

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 09:11:41 GMT
x-content-type-options: nosniff
age: 75002
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2568
x-xss-protection: 0
last-modified: Wed, 28 Dec 2022 11:19:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 08 Mar 2024 09:11:41 GMT

GET
DATA 200
OK truncated
/ Frame BED3 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame BED3 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a3cbe668355e5cae7f0442da0ad8bf27f55c7c30d99fe0ebbcebebd46004cbb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 5D4E 18 KB
18 KB 74ms
19ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQeXI4xWve7eIT3gLam_B8p9SCxlJz9fihwtzcVw1LXeVhrOb0jRVrDCOQIBjg&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9282886054584271&output=html&h=280&adk=4070374814&adf=200266896&pi=t.aa~a.3885849338~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1678428102&rafmt=1&to=qs&pwprc=6977672473&format=1200x280&url=https%3A%2F%2Fobereginfo.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678428102730&bpp=2&bdt=1085&idt=-M&shv=r20230307&mjsv=m202303070401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63ac26277b81cbe2-229de1e048dd0044%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZOlQxQQnVP9W1nUqxOUzQK9qJ3hw&gpic=UID%3D00000bc2ccf04990%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZhUxfy2sCiIB1O_6dTYlktX9RKPg&prev_fmts=0x0&nras=2&correlator=5334749556943&frm=20&pv=1&ga_vid=1827833561.1678428102&ga_sid=1678428102&ga_hid=261455705&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759875%2C44759837%2C44759926%2C31072927%2C31072952%2C31071975&oid=2&pvsid=203261357837615&tmod=1559851496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=U1CnLXS6sH&p=https%3A//obereginfo.ru&dtd=18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71d3cee4808d6daf0989cfb6f9254262f455f8beb5132ac72a3532c845b5af06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:36:04 GMT
x-content-type-options: nosniff
age: 105939
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18381
x-xss-protection: 0
last-modified: Sat, 12 Mar 2022 19:02:12 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 08 Mar 2024 00:36:04 GMT

GET
H3

200

499427908316114021
tpc.googlesyndication.com/simgad/ Frame 5D4E
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODoiY7vYBD0JBidCTIIPPmwk5kakp4
https://tpc.googlesyndication.com/simgad/499427908316114021

172 KB
172 KB

19ms
19ms

Image
image/jpeg

2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/499427908316114021

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9282886054584271&output=html&h=280&adk=4070374814&adf=200266896&pi=t.aa~a.3885849338~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1678428102&rafmt=1&to=qs&pwprc=6977672473&format=1200x280&url=https%3A%2F%2Fobereginfo.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678428102730&bpp=2&bdt=1085&idt=-M&shv=r20230307&mjsv=m202303070401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63ac26277b81cbe2-229de1e048dd0044%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZOlQxQQnVP9W1nUqxOUzQK9qJ3hw&gpic=UID%3D00000bc2ccf04990%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZhUxfy2sCiIB1O_6dTYlktX9RKPg&prev_fmts=0x0&nras=2&correlator=5334749556943&frm=20&pv=1&ga_vid=1827833561.1678428102&ga_sid=1678428102&ga_hid=261455705&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759875%2C44759837%2C44759926%2C31072927%2C31072952%2C31071975&oid=2&pvsid=203261357837615&tmod=1559851496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=U1CnLXS6sH&p=https%3A//obereginfo.ru&dtd=18

Protocol

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05d4b8b9d53e9c36599aa5523700ef086f59da57ff648fbcac35cc6e53933ca2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 21:18:40 GMT
x-content-type-options: nosniff
age: 463383
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176216
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 13:55:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 03 Mar 2024 21:18:40 GMT

Redirect headers

date: Thu, 09 Mar 2023 23:46:49 GMT
x-content-type-options: nosniff
server: cafe
age: 22494
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/499427908316114021
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 08 Apr 2023 23:46:49 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/12353510024708185062/ Frame AE26 160 KB
160 KB 21ms
20ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12353510024708185062/14763004658117789537

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5927ee37f74d47a0524f67697afb94f4400b89774361af47eefb2be11947ab98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 15:09:02 GMT
x-content-type-options: nosniff
age: 53561
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164010
x-xss-protection: 0
last-modified: Thu, 26 Jan 2023 16:12:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 08 Mar 2024 15:09:02 GMT

GET
DATA 200
OK truncated
/ Frame AE26 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame AE26 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 6D6D 12 KB
5 KB 74ms
30ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1842187
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EBx9sTTzNnjIt%2FkYRCW7zN%2BKNUSOqdfWa52Nfpsejer0Y1QPISwYw4A2sZ%2FU0oOoMGQ5orzMMqo274h5q64WRV1FeytltxVz1bzUow9NhjehuIjNAIkk1ZefcSFY%2FE%2B4HCCwTprY8wbUOA0wK2twSi1Q"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a59583d6a9f9088-FRA
expires: Wed, 28 Feb 2024 06:01:43 GMT

GET
H3 200 vXNxKHOfM0woUYPMlVUM_skHL1Nu-ue6r5dLQlK5kuA.js Show response
pagead2.googlesyndication.com/bg/ Frame AE01 36 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vXNxKHOfM0woUYPMlVUM_skHL1Nu-ue6r5dLQlK5kuA.js

Requested by

Host: obereginfo.ru
URL: https://obereginfo.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd737128739f334c285183cc95550cfec9072f536efae7baaf974b4252b992e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 17:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43846
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14374
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Mar 2024 17:50:57 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 7C4A 2 KB
1 KB 30ms
30ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZArHxgAMMzEKwk2ZAAgIokgmtZlHuzeRA_vaeg&u=%7C6vIzTdtzmMMWrZpabA1pvMohusRhjQtbMppp8zH9vgE%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86wVX5GOWVqOijhVprVqhwwohmFrodkT-2HHk4w1lxb0Dz7qQKplhvEf5gSvPu1KOjPOO6rX--GdKYHT9FpMetLUUxi3B6S8n5ZWD40qxkZppYEl3LGlzPy0TxoEwar_A2TVJybOrlgZjO9fP_rILVaN-3N7C5r_GMnva7S4e8xBkS8VEk5T_eDdTCyetuRAPITIADFixWYMbN_RKu9HTkDr1pWaT85pWqaeesrYQDyQKm9Nc2exb4CF2qDGSR6iBc30jPfEgP3bDSBXwT3D65IepQiQiH-7Y0Lo6eGFBSOFAQe-K_gf8UU6nyI9mS5JiOqC2Db90cApywiK44yznGmmFLUXwum9daVGzVFx_V9jyqGPqIbF7OiT5RZWj0nth0irpD-4jMVTfaVxB6aOtfWMcYbFnV7emuX4csHjZPsnV1Ta5jzeD0qKc9OsNU_Zu5xcsaZrmVZMBYHswZ1TOzAHZSi0io_T5tHix6J86u13oQgq77Q6djW9K4soOBLU7O7TU-PPgWe5OHHbojmXGpAn_7yKq21v7cINGvpkrfamW3s59OgmBH9w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCWerxscKZLHmMJmbiQaikaCgD8me0rFcxYyL4JoBwI23ARABIABglYKAgKwHggEXY2EtcHViLTkyODI4ODYwNTQ1ODQyNzHIAQmpAiAns5b-xbE-qAMBqgTBAU_QImEWt4CRKyKK-Pe1RoMtQmnjk8MOXU1W7-wvFmOo6drqbVvNmfyVRGydLvNJVA8whVJpvcPzMHMhI1sDIlT30wj0hkidfgipBvTsZhv4VYECGbP2LIZqtWqGg7X-TOGW4cqnzxX-E5_S_De9HhzkfR6IfMug6pt4PTbvJojVFjyff0jWlGgGN7e31FbfrPpH5w9e0oMnd0U1rdXpGVOO2iuMfdAFJXXlRXN8NcLtasbSlADUGgyD2r2ilcxbNGiABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0h8kNM5wWIilEQxh2__GmZXS9opw%26client%3Dca-pub-9282886054584271%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 04 Mar 2024 06:01:43 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 7C4A 2 KB
1 KB 29ms
29ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 04 Mar 2024 06:01:43 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 7C4A 308 B
636 B 28ms
28ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 04 Mar 2024 06:01:43 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 7C4A 293 B
621 B 36ms
36ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 04 Mar 2024 06:01:43 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 7C4A 43 B
347 B 27ms
27ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=pbAmPVpK7UNOzZVT8RZfYtdX4rC3UjyyGG-ZTcxCRy5Azn6QuTBfK_3R4F2Ep2WQA6Oy7CjPUqUbnUsSUTGq05S4lmKDoeVhec5M0WRTuox0NVJ7r_9PuSffMaQGLdGWZsxYy3oqppt3hSuWSWad3niUbaytea49Cv5KFTYE75jBdQEvx6FRfF8EUCPa8kQXwhGek-aMmP2fwnrvvb4LeLA8HUw7-jvIuc1evTajShBGPYHcYCY4vGENgMXW8RXmbMp8aUgXAHmoS2DSd67kLEcPNoyHCu267NMeC1le8EJCtF7k1jmKPYCGE2nrbVhw-uGYXRGWz_YdSqor1nqWh8gJ0h4egfi5LwswtB-2AaxdYIlZuqRK7nn__HY0RtVh_MP4No1PDg_Vnfe8utI1Dd2P9Xzdp1ol_YYEo5uurIZWA3N_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 06:01:42 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1671833
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 6D6D 46 KB
46 KB 118ms
60ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 04 Mar 2024 06:01:43 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 6D6D 38 KB
38 KB 88ms
30ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 04 Mar 2024 06:01:43 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BED3 0
18 B 64ms
62ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cah8oxscKZI7-DIOK-cAP35qUsAfou-yxb6WUgcH9EI6BntWfOBABIPODp2lglYKAgKwHoAHB-LTSA8gBCakC-X6JdJ_CsT6oAwHIA8sEqgTMAU_Q18fPjr3yTC_uWWptURCa-q4wDklbMDJ7uuNy8s0YB5ZYKuYjV7UA0huzeyKkKv3VI2bTiBRNsvkLtk1gmvDYhm1oodOCm5IV5__9vphGyOdoTWmrdqSBV0_UmMKPatV1vVGKpyh-rvVwyv8ZbFGTw59QJC-fsxwFQYA6D6dnBBoDdZIVRqUyzwwZGoIO5LvGLR1gBsQjPXQ--DsCPCoFBgsXd3chnuAmyFJUaxix9KG4OfMfTlfCAhoF7Jn9PY5PuJ8xfs2zOb9YEMAEqpSwxJ8EkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB6eHyy2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBD11wLSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEw2IFATQFQGYFgGAFwGyFxwKGggAEhRwdWItOTI4Mjg4NjA1NDU4NDI3MRgA&sigh=gB-kg1be9Y4&uach_m=[UACH]&cid=CAQSGwDUE5ymojRIKaS_UkV7G4EbWL8NsFcNMCtkYhgB&template_id=484&vis=1

Requested by

Host: obereginfo.ru
URL: https://obereginfo.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 10 Mar 2023 06:01:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 6D6D 12 KB
6 KB 35ms
35ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 04 Mar 2024 06:01:43 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6D6D 29 KB
29 KB 182ms
91ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=244&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F190121%2F8ee840d4a3ed46b29e29bc1b9545348c_stardardcon.png&v=3&w=464&s=LXvd4IhYTsrp88PoXjHtvmjE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

c4e1d6dac257b1f10f34c13ef8ec41e9e0cd8133c8e947aef4d756e19213649c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29129666
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 29187
expires: Sat, 10 Feb 2024 09:36:09 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6D6D 42 KB
42 KB 148ms
57ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F1726%2F230220%2Fac706fc40f5d4a978f24baebb6b852fc_img_horizontal_1.jpg&v=3&w=1200&s=IXFQAkbVURsqxvZ8t0tgvp8A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

30eda38dea6c2a71487ddeed57de56a298c0dbe5e8e8a7665d5345bb548ab78a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29566367
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 42518
expires: Thu, 15 Feb 2024 10:54:30 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6D6D 11 KB
11 KB 208ms
117ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1602135346%2F20236107-Sc3V3J8Z.jpg&v=3&w=400&s=e1Fw_anLwICRVaG_eKbuNFHU&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

5c011b9796b130fc6cc45d82da81739370903fc8ae70a126c76fe74a7975c8c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=523843
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11448
expires: Thu, 16 Mar 2023 07:32:26 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6D6D 354 B
618 B 198ms
107ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fbonprix%2Fstarrating%2Fstar_4.png&v=3&w=400&s=razrptKBi3DfvApO0YzRGhyS

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

193952b59c9a975154471a0ce405acdc8c3f6fa17b2414e818c14cee77f1d460

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29129707
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 354
expires: Sat, 10 Feb 2024 09:36:50 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6D6D 24 KB
24 KB 197ms
106ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1569875996%2F19286375-6sjwgjFg.jpg&v=3&w=400&s=MyZW0YOs3pojVL0EFNkr65AC&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e5382503febf871737377e914a0520f1622f40b1c7a9165bee7436b0eb28468e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=32708
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 24464
expires: Fri, 10 Mar 2023 15:06:51 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6D6D 16 KB
16 KB 198ms
108ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1572257596%2F19305493-37ZPPG7n.jpg&v=3&w=400&s=BjyPLb_T-MFxq0aSBo5BhvmZ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

269c57004fa7f675bd5d6297bdd9817d6cc2ddc59aee3a8ebec5b22d7278239b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=392450
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16006
expires: Tue, 14 Mar 2023 19:02:33 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6D6D 8 KB
8 KB 117ms
116ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1635342891%2F21272115-WfLqe6lm.jpg&v=3&w=400&s=uZhz8CpGn4TJo4GLUq1oQzZA&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

cbb5d0cd99752f39042ab89b65c414c46d91111198c4c805e45e8e807e77f46f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=293659
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7914
expires: Mon, 13 Mar 2023 15:36:03 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6D6D 13 KB
13 KB 118ms
117ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F22253882-s0hsweiv.jpg&v=3&w=400&s=dbL4GMsgbrUDQ0bwhK5C2DFw&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

de2eaeb68648a3e566d547f241f0c083964914077cd3d4e6d9e8b15b7d881d53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=524056
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 13090
expires: Thu, 16 Mar 2023 07:36:00 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6D6D 14 KB
14 KB 134ms
134ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F16032507-MDiJNrih.jpg&v=3&w=400&s=imnlStW9AbltsrBYrAsaBHGo&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

9a917b0ebfaec81724150c9e36599aef81b238212fdb1aadc4e936c2fa0a6f0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=521447
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 14294
expires: Thu, 16 Mar 2023 06:52:30 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 6D6D 0
128 B 109ms
35ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=DZ3-8rM5pKgaXQlLFJrhLOLJz8vIwAOYw2FUMr0jm2sNmInnUdkT3KzrkiQEpg9Fxnr3UnW7e6jUdqrGlEr8QdWTdrqfKoHYJ8mudQimkkfVzeiconVovsqc3Bgel-isjKpmxqrWQyRCFNymuGKDCnrcruwwx6gzYRtRxsruF8lB_CFL1UEtgTvePHahSEtewg0PH0Dq9zhfcvNeuV44jbmdWQ4zOBejyX-GyjOsmxE6Dnf5Q5LXc8Zl7ISJ1cJSEXdzGA&sds=2&rev=85089&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 10 Mar 2023 06:01:42 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6D6D 2 KB
1 KB 31ms
29ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 04 Mar 2024 06:01:43 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 6D6D 2 KB
1 KB 32ms
30ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 04 Mar 2024 06:01:43 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame ECAC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

49ms
38ms

Document
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Mar 2023 06:01:43 GMT
expires: Fri, 10 Mar 2023 06:01:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Mar 2023 06:01:43 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 vXNxKHOfM0woUYPMlVUM_skHL1Nu-ue6r5dLQlK5kuA.js Show response
pagead2.googlesyndication.com/bg/ Frame 564D 36 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vXNxKHOfM0woUYPMlVUM_skHL1Nu-ue6r5dLQlK5kuA.js

Requested by

Host: obereginfo.ru
URL: https://obereginfo.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd737128739f334c285183cc95550cfec9072f536efae7baaf974b4252b992e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 17:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43846
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14374
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Mar 2024 17:50:57 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 7C4A 12 KB
5 KB 30ms
29ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1842187
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FmPw9Vpx8AchVPYvmvZ5QUtHSr2ED5NuBDhX%2FeTdoCooz00w3h%2F1RyVvBJuaJMJicK%2F1yjQ%2B%2BILR1QXZmJZpDbNmSs85v9tNtZ2kjDG475UVsZ5rD0I3UTmFIS0TL2buLHkwrF8jcRJkcn0dTywh0itz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a59583ddaea9088-FRA
expires: Wed, 28 Feb 2024 06:01:43 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 7C4A 12 KB
6 KB 37ms
36ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 04 Mar 2024 06:01:43 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 7C4A 46 KB
46 KB 85ms
83ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 04 Mar 2024 06:01:43 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 7C4A 38 KB
38 KB 71ms
69ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 04 Mar 2024 06:01:43 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 78BA 35 B
463 B 660ms
179ms Image
image/gif 2600:1f1c:a99:832c:d4e8:8c1e:e58e:3348
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEN4kN6IF3ndQt-45BBCesVc&google_cver=1&google_push=Aa02lx9MqPUKwj7SDU0gXgwk6oNyz_FVXP8ZYvu6SQcoD42atzZdZh-Q6h6DYdn6NQ_5ixvPy8IAqGWyePRZgAX1ms4RlnG_lW5n7v4

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f1c:a99:832c:d4e8:8c1e:e58e:3348 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 06:01:43 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 78BA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF8ToPzX7HhE8jR4uWWcKkw&google_push=Aa02lx-jH7fMMM3pVeqk1EHOxVFnHOzANNUHston5z3l_li-HxKCu-blDL...

170 B
329 B

33ms
31ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF8ToPzX7HhE8jR4uWWcKkw&google_push=Aa02lx-jH7fMMM3pVeqk1EHOxVFnHOzANNUHston5z3l_li-HxKCu-blDLWBnS1VnrcjwjzNOfq185C60hVWNOKn1lEFclcM27QZ8Uw

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 06:01:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220023-HHN
pragma: no-cache
date: Fri, 10 Mar 2023 06:01:43 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1678428103.435415,VS0,VE89
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF8ToPzX7HhE8jR4uWWcKkw&google_push=Aa02lx-jH7fMMM3pVeqk1EHOxVFnHOzANNUHston5z3l_li-HxKCu-blDLWBnS1VnrcjwjzNOfq185C60hVWNOKn1lEFclcM27QZ8Uw
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 78BA
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBCsIKgawM5OfY95ZfJyxec&google_cver=1&google_push=Aa02lx9yvWD6InPhpmsWbqj47nNnEcGUX2vjbX2MBb28toNBARm_55WXQqwCRwui2W80WhMNBZtxDHipQIFGVjQYxGu_3am...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9yvWD6InPhpmsWbqj47nNnEcGUX2vjbX2MBb28toNBARm_55WXQqwCRwui2W80WhMNBZtxDHipQIFGVjQYxGu_3amx2Et5dFg&google_hm=eS1NNzJ0R0F4RTJwR1Q...

170 B
232 B

34ms
32ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9yvWD6InPhpmsWbqj47nNnEcGUX2vjbX2MBb28toNBARm_55WXQqwCRwui2W80WhMNBZtxDHipQIFGVjQYxGu_3amx2Et5dFg&google_hm=eS1NNzJ0R0F4RTJwR1QuUzFwWXNqVnpMMFZWLjVpR1ZUZ35B

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 06:01:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 10 Mar 2023 06:01:43 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9yvWD6InPhpmsWbqj47nNnEcGUX2vjbX2MBb28toNBARm_55WXQqwCRwui2W80WhMNBZtxDHipQIFGVjQYxGu_3amx2Et5dFg&google_hm=eS1NNzJ0R0F4RTJwR1QuUzFwWXNqVnpMMFZWLjVpR1ZUZ35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 78BA
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0P9ZiPfMQ5y-0Y3tYMiDCA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

32ms
30ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0P9ZiPfMQ5y-0Y3tYMiDCA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-LSKv-Nzs8pTGuivU279Wpq8N0sMfAeSfrOWkc03hNujYy6LMMtQ0kgA1HF-uuMxky6B4N9jd_RirmwKyKAXelDy7T9nMOZTM

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 06:01:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0P9ZiPfMQ5y-0Y3tYMiDCA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-LSKv-Nzs8pTGuivU279Wpq8N0sMfAeSfrOWkc03hNujYy6LMMtQ0kgA1HF-uuMxky6B4N9jd_RirmwKyKAXelDy7T9nMOZTM
date: Fri, 10 Mar 2023 06:01:43 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 78BA
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEN...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx8M9Ov0wH5JwfuBlp4t0Zyyb4dqEjatg313DkXTyDxILyTO-Pf4Og5xXbBnlcNBzXxu3cjVQahBKkWlv31PkPB1UhOPBDBGeQ&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-f0306f90-41f9-49f6-b4b9-96e4032dbd5f-005?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx8M9Ov0wH5JwfuBlp4t0...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8M9Ov0wH5JwfuBlp4t0Zyyb4dqEjatg313DkXTyDxILyTO-Pf4Og5xXbBnlcNBzXxu3cjVQahBKkWlv31PkPB1UhOPBDBGeQ&google_hm=BfAwb5BB-Un2tLmW5AMtvV8

170 B
188 B

31ms
30ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8M9Ov0wH5JwfuBlp4t0Zyyb4dqEjatg313DkXTyDxILyTO-Pf4Og5xXbBnlcNBzXxu3cjVQahBKkWlv31PkPB1UhOPBDBGeQ&google_hm=BfAwb5BB-Un2tLmW5AMtvV8

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 06:01:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8M9Ov0wH5JwfuBlp4t0Zyyb4dqEjatg313DkXTyDxILyTO-Pf4Og5xXbBnlcNBzXxu3cjVQahBKkWlv31PkPB1UhOPBDBGeQ&google_hm=BfAwb5BB-Un2tLmW5AMtvV8
Date: Fri, 10 Mar 2023 06:01:44 GMT
Content-Type: text/html
Connection: keep-alive
ETag: RXf0306f9041f949f6b4b996e4032dbd5f005
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

GET
H2

200

report
sync.teads.tv/um/ Frame 78BA
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOwrzYvL7lmHTXdVAzQ0VIQ&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx_bwCb-pp7IYhruHp_zzy8uHdWGafaj6ZXSMhJy3c-RcrsO0mpQhKmeG_A_Z_zQBDx7HZom9ANdppDRsxhFpdDW4p-FsYdcLx4l
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

49ms
49ms

Image
image/gif

104.109.66.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: obereginfo.ru
URL: https://obereginfo.ru/
Protocol: H2
Server: 104.109.66.25 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-66-25.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

expires: Fri, 10 Mar 2023 06:01:43 GMT
pragma: no-cache
date: Fri, 10 Mar 2023 06:01:43 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 10 Mar 2023 06:01:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 78BA
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESENcbIixIl15tdhxopQbSfxU&google_cver=1&google_push=Aa02lx9qW8xuNNzsX...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESENcbIixIl15tdhxopQbSfxU%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjQxNjQwMTA2NzAwMDYzNjI0NQ%3D%3D&google_gid=CAESENcbIixIl15tdhxopQbSfxU&google_cver=1&google_push=Aa02lx9qW8xuNNzsXXeIFbaQT-BJU6XZez...

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjQxNjQwMTA2NzAwMDYzNjI0NQ%3D%3D&google_gid=CAESENcbIixIl15tdhxopQbSfxU&google_cver=1&google_push=Aa02lx9qW8xuNNzsXXeIFbaQT-BJU6XZezuM5PPIzvplY1KAD1DDlcZW81bOMJ5hPgBa0eO9BmT1wA500PbOVyPaYWK5YO3dxMoy2RZd

Requested by

Host: obereginfo.ru
URL: https://obereginfo.ru/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 06:01:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 10 Mar 2023 06:01:43 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.28; 217.114.218.28; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f252b4f8-fe38-4180-8155-58a1510cac3e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjQxNjQwMTA2NzAwMDYzNjI0NQ%3D%3D&google_gid=CAESENcbIixIl15tdhxopQbSfxU&google_cver=1&google_push=Aa02lx9qW8xuNNzsXXeIFbaQT-BJU6XZezuM5PPIzvplY1KAD1DDlcZW81bOMJ5hPgBa0eO9BmT1wA500PbOVyPaYWK5YO3dxMoy2RZd
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 78BA 0
139 B 111ms
33ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KPO1EfsL4PxSKtNDAH3Z04O1eR9QcWOXMAyC0n2QoMhSil79IUsY3_diAysJ4-ntNvRZC0ZOo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:43 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7C4A 42 KB
42 KB 134ms
134ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

30eda38dea6c2a71487ddeed57de56a298c0dbe5e8e8a7665d5345bb548ab78a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29566366
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 42518
expires: Thu, 15 Feb 2024 10:54:30 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7C4A 354 B
618 B 127ms
126ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fbonprix%2Fstarrating%2Fstar_4.png&v=3&w=400&s=razrptKBi3DfvApO0YzRGhyS

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

193952b59c9a975154471a0ce405acdc8c3f6fa17b2414e818c14cee77f1d460

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29129707
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 354
expires: Sat, 10 Feb 2024 09:36:50 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7C4A 72 KB
72 KB 125ms
124ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F190121%2F8ee840d4a3ed46b29e29bc1b9545348c_stardardcon.png&v=3&w=528&s=hoMaW08lqRlIpz-fyNP0_Akh

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

1748e380e58e4c6d01eea93af415d54921710dfd690a05d311550fc5cf3bbd11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29129666
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 73251
expires: Sat, 10 Feb 2024 09:36:09 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7C4A 24 KB
24 KB 117ms
116ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1569875996%2F19286375-6sjwgjFg.jpg&v=3&w=800&s=-DbU-FA8i20yI0WBmTcvFvy_&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e5382503febf871737377e914a0520f1622f40b1c7a9165bee7436b0eb28468e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=32707
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 24464
expires: Fri, 10 Mar 2023 15:06:51 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7C4A 11 KB
11 KB 136ms
135ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1602135346%2F20236107-Sc3V3J8Z.jpg&v=3&w=800&s=4jlE25usojVM_d5dpZyJ1wLZ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

5c011b9796b130fc6cc45d82da81739370903fc8ae70a126c76fe74a7975c8c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=523843
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11448
expires: Thu, 16 Mar 2023 07:32:26 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7C4A 16 KB
16 KB 136ms
136ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1572257596%2F19305493-37ZPPG7n.jpg&v=3&w=800&s=z1P7cnRGCJ8xe570klEDNtNi&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

269c57004fa7f675bd5d6297bdd9817d6cc2ddc59aee3a8ebec5b22d7278239b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=392450
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16006
expires: Tue, 14 Mar 2023 19:02:33 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 7C4A 0
127 B 41ms
40ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=074RLLM5pKgaXQlLgBC4TCHofOQeEO9ScFWgzuCeyXytwuXLctQ4RwMR1Yl0_CUoVDTqId89yIFNKVzdqxC9jwk_99R38K1fwo2mv1P0qiH546guZnHVS39tJzkDMxyD5w3r4Ka-uId1YCiNGyNMIwOhhUjsrVExnbqg2lpDoXQAk7ID5PIaITUVCGNNp_VkP9GSy7jGBENsbCri9ctInW85U-DQMF-peJbSSE3r9tJcwILtB6cQYPjzb-wjdE35hdiIcw&sds=2&rev=85089&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 10 Mar 2023 06:01:42 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 7C4A 2 KB
1 KB 38ms
37ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 04 Mar 2024 06:01:43 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 7C4A 2 KB
1 KB 38ms
38ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 04 Mar 2024 06:01:43 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 95FB 1 KB
643 B 29ms
28ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9282886054584271&output=html&h=280&adk=4070374814&adf=200266896&pi=t.aa~a.3885849338~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1678428102&rafmt=1&to=qs&pwprc=6977672473&format=1200x280&url=https%3A%2F%2Fobereginfo.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678428102730&bpp=2&bdt=1085&idt=-M&shv=r20230307&mjsv=m202303070401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63ac26277b81cbe2-229de1e048dd0044%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZOlQxQQnVP9W1nUqxOUzQK9qJ3hw&gpic=UID%3D00000bc2ccf04990%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZhUxfy2sCiIB1O_6dTYlktX9RKPg&prev_fmts=0x0&nras=2&correlator=5334749556943&frm=20&pv=1&ga_vid=1827833561.1678428102&ga_sid=1678428102&ga_hid=261455705&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759875%2C44759837%2C44759926%2C31072927%2C31072952%2C31071975&oid=2&pvsid=203261357837615&tmod=1559851496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=U1CnLXS6sH&p=https%3A//obereginfo.ru&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63502
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 12:23:21 GMT
etag: 48472445140208031
expires: Fri, 10 Mar 2023 12:23:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 399D 1 KB
643 B 33ms
26ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63502
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 12:23:21 GMT
etag: 48472445140208031
expires: Fri, 10 Mar 2023 12:23:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 95A4 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c36a80c614df30d0b19fea7dab816cf02e7daeaaef3a274aed2beaeb9dc2ac39

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5D4E 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da619c464c6db81205d0c5a2f16c7994b38d1438b9e4d5fa7395b52eacbb20f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame AE26 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 579a357408e83284c1ad07e9fb5f1b4f1e400aa8f2e7849e4fd0ff381bdab740

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame AE26 28 KB
28 KB 122ms
120ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:36:43 GMT
x-content-type-options: nosniff
age: 37500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 19:36:43 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame AE26 14 KB
14 KB 120ms
119ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15e749617a3856bfaa4d2cea0c50d88366d2b579841bd5a45bd2d34062babc51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 22:54:42 GMT
x-content-type-options: nosniff
age: 25621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14432
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:04:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 22:54:42 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 5D4E 20 KB
20 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 15:30:25 GMT
x-content-type-options: nosniff
age: 570678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Mar 2024 15:30:25 GMT

GET
H3 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 5D4E 21 KB
21 KB 27ms
26ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 09:23:51 GMT
x-content-type-options: nosniff
age: 74272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 09:23:51 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 95FB 35 B
462 B 184ms
178ms Image
image/gif 2600:1f1c:a99:832c:d4e8:8c1e:e58e:3348
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPlXLjndp9qavaa_9SDJzWI&google_cver=1&google_push=Aa02lx9MC61YN8ZPpJI3aabf2Dw_ZuA5-iOD6FFv64bAeZeA8dLU79uvMWyhHpkckHyh5cBxYDQHDDNWvzpvigzK-TwxknLUP-yEpco

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9282886054584271&output=html&h=280&adk=4070374814&adf=200266896&pi=t.aa~a.3885849338~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1678428102&rafmt=1&to=qs&pwprc=6977672473&format=1200x280&url=https%3A%2F%2Fobereginfo.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678428102730&bpp=2&bdt=1085&idt=-M&shv=r20230307&mjsv=m202303070401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63ac26277b81cbe2-229de1e048dd0044%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZOlQxQQnVP9W1nUqxOUzQK9qJ3hw&gpic=UID%3D00000bc2ccf04990%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZhUxfy2sCiIB1O_6dTYlktX9RKPg&prev_fmts=0x0&nras=2&correlator=5334749556943&frm=20&pv=1&ga_vid=1827833561.1678428102&ga_sid=1678428102&ga_hid=261455705&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759875%2C44759837%2C44759926%2C31072927%2C31072952%2C31071975&oid=2&pvsid=203261357837615&tmod=1559851496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=U1CnLXS6sH&p=https%3A//obereginfo.ru&dtd=18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f1c:a99:832c:d4e8:8c1e:e58e:3348 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 06:01:44 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 95FB
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEExeNgH9q4yGA_GgZZpvtb4&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEExeNgH9q4yGA_GgZZpvtb4&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SkE3ckgxZDgxUEF2UDI1&google_gid=CAESEExeNgH9q4yGA_GgZZpvtb4&google_cver=1&google_push=Aa02lx-RaqgN2pXa3U9WVFveu7JStnPt1ACdtrymJPujWbk...

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SkE3ckgxZDgxUEF2UDI1&google_gid=CAESEExeNgH9q4yGA_GgZZpvtb4&google_cver=1&google_push=Aa02lx-RaqgN2pXa3U9WVFveu7JStnPt1ACdtrymJPujWbkvea6G2IPK1bwhMjP7ZmOBKrCoGZK4I2n3A05PCPynViSdTd2ZoHvf3lc

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 06:01:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 10 Mar 2023 06:01:44 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-769-g9857bbc#rel-ec2-master i-01a7a7659e7e69c81@us-west-2a@dxedge-app-us-west-2-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SkE3ckgxZDgxUEF2UDI1&google_gid=CAESEExeNgH9q4yGA_GgZZpvtb4&google_cver=1&google_push=Aa02lx-RaqgN2pXa3U9WVFveu7JStnPt1ACdtrymJPujWbkvea6G2IPK1bwhMjP7ZmOBKrCoGZK4I2n3A05PCPynViSdTd2ZoHvf3lc
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 95FB
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEInJAOOznXrNahu-Ga-7Mm0&google_cver=1&google_push=Aa02lx-lUtS5XOkpeinaYXIscURZA35bMITAO7eh0ybEy6Z3BiN0FgNskw4ekdRXsDniNVUViJ6qD3okwsqtIdT__4IaJpSeKftWUw
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CA492107CEC649619842E3FD96AF2319&google_push=Aa02lx-lUtS5XOkpeinaYXIscURZA35bMITAO7eh0ybEy6Z3BiN0FgNskw4ekdRXsDniNVUViJ6qD3okwsqtIdT...

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CA492107CEC649619842E3FD96AF2319&google_push=Aa02lx-lUtS5XOkpeinaYXIscURZA35bMITAO7eh0ybEy6Z3BiN0FgNskw4ekdRXsDniNVUViJ6qD3okwsqtIdT__4IaJpSeKftWUw

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 06:01:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 10 Mar 2023 06:01:44 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CA492107CEC649619842E3FD96AF2319&google_push=Aa02lx-lUtS5XOkpeinaYXIscURZA35bMITAO7eh0ybEy6Z3BiN0FgNskw4ekdRXsDniNVUViJ6qD3okwsqtIdT__4IaJpSeKftWUw
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 09 Mar 2023 06:01:44 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 95FB
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEI-65I55TCgD02Dj0jokaV4&google_cver=1&google_push=Aa02lx_No70Y-1vAInUr11c32ZTSD8OYEj1Rv8x19hX3e1LLAjgoakxQpQYdRstlFWVZqLEUKAVqRgwoZ-aBe1EW...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=a_mlF55ER3yqxthC8LOyxQ2&google_push=Aa02lx_No70Y-1vAInUr11c32ZTSD8OYEj1Rv8x19hX3e1LLAjgoakxQpQYdRstlFWVZqLEUKAVqRgwoZ-aBe1EWe7DBlftDoYk5sA

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=a_mlF55ER3yqxthC8LOyxQ2&google_push=Aa02lx_No70Y-1vAInUr11c32ZTSD8OYEj1Rv8x19hX3e1LLAjgoakxQpQYdRstlFWVZqLEUKAVqRgwoZ-aBe1EWe7DBlftDoYk5sA

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 06:01:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 10 Mar 2023 06:01:44 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=a_mlF55ER3yqxthC8LOyxQ2&google_push=Aa02lx_No70Y-1vAInUr11c32ZTSD8OYEj1Rv8x19hX3e1LLAjgoakxQpQYdRstlFWVZqLEUKAVqRgwoZ-aBe1EWe7DBlftDoYk5sA
x-host: tde-deliveryengine-production-86c874c4d8-5xsm6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 95FB
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEGQQJHpW_pkG9s2f-0hf_gs&google_cver=1&google_push=Aa02lx_JCsMLKPdj56nPpwpdP-YRM-VhUYhqi5IFYD_Z9M95zg2jb-MN0w0wag_xuxX7lnhlGLbTYSkjnWankZ5ieMvu-nv...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEGQQJHpW_pkG9s2f-0hf_gs&google_cver=1&google_push=Aa02lx_JCsMLKPdj56nPpwpdP-YRM-VhUYhqi5IFYD_Z9M95zg2jb-MN0w0wag_xuxX7lnhlGLbTYSkjnWankZ5ieMvu-...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_JCsMLKPdj56nPpwpdP-YRM-VhUYhqi5IFYD_Z9M95zg2jb-MN0w0wag_xuxX7lnhlGLbTYSkjnWankZ5ieMvu-nv2w3G8zK0

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_JCsMLKPdj56nPpwpdP-YRM-VhUYhqi5IFYD_Z9M95zg2jb-MN0w0wag_xuxX7lnhlGLbTYSkjnWankZ5ieMvu-nv2w3G8zK0

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 06:01:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_JCsMLKPdj56nPpwpdP-YRM-VhUYhqi5IFYD_Z9M95zg2jb-MN0w0wag_xuxX7lnhlGLbTYSkjnWankZ5ieMvu-nv2w3G8zK0
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 95FB
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kac791h1TjOAyCQgX91ovA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kac791h1TjOAyCQgX91ovA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-nfhdsIJU45mKuEijM9ZSAuZMecHEsvRIP5SyGcOHcIjtlkgfN-SeQeUaEuwK4EXDUVH3nFZ4AGzXSOZvqYN9NvmS3MwqjpTc

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 06:01:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kac791h1TjOAyCQgX91ovA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-nfhdsIJU45mKuEijM9ZSAuZMecHEsvRIP5SyGcOHcIjtlkgfN-SeQeUaEuwK4EXDUVH3nFZ4AGzXSOZvqYN9NvmS3MwqjpTc
date: Fri, 10 Mar 2023 06:01:43 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

report
sync.teads.tv/um/ Frame 95FB
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECXhssEu2IqJuQWNQJkHbIE&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx9mtmZfkP2AX7lu2CJ3Riyx1dL5wh84zRjZalgZyqkE6uclm8WsBftMdp11RNjEsxHvK5FGH7_-IKiVV54Uy8TTDeACB_Fthnc
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

76ms
74ms

Image
image/gif

104.109.66.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 104.109.66.25 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-66-25.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

expires: Fri, 10 Mar 2023 06:01:44 GMT
pragma: no-cache
date: Fri, 10 Mar 2023 06:01:44 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 10 Mar 2023 06:01:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 95FB 0
12 B 36ms
29ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IGasWd87oD7Hf7Sy7wzktNjCwAK5kip9cBqn8rU5fm0rvVZNV0Xn9l_7qbfDU_S7H49btNhA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9282886054584271&output=html&h=280&adk=4070374814&adf=200266896&pi=t.aa~a.3885849338~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1678428102&rafmt=1&to=qs&pwprc=6977672473&format=1200x280&url=https%3A%2F%2Fobereginfo.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678428102730&bpp=2&bdt=1085&idt=-M&shv=r20230307&mjsv=m202303070401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63ac26277b81cbe2-229de1e048dd0044%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZOlQxQQnVP9W1nUqxOUzQK9qJ3hw&gpic=UID%3D00000bc2ccf04990%3AT%3D1678428102%3ART%3D1678428102%3AS%3DALNI_MZhUxfy2sCiIB1O_6dTYlktX9RKPg&prev_fmts=0x0&nras=2&correlator=5334749556943&frm=20&pv=1&ga_vid=1827833561.1678428102&ga_sid=1678428102&ga_hid=261455705&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759875%2C44759837%2C44759926%2C31072927%2C31072952%2C31071975&oid=2&pvsid=203261357837615&tmod=1559851496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=U1CnLXS6sH&p=https%3A//obereginfo.ru&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 399D
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEJEICU_5uaYR5ynUQuAqrP8&google_cver=1&google_push=Aa02lx-WrwzPV-UHVTdjYd-e1lCDWC1bICWrnkLhWDugwlxzJ9wvlr4-e3CkEJEcT73eKeD7zJucxvsrRK-d-091lI0ftRKDWJYlO...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJEICU_5uaYR5ynUQuAqrP8&google_cver=1&google_push=Aa02lx-WrwzPV-UHVTdjYd-e1lCDWC1bICWrnkLhWDugwlxzJ9wvlr4-e3CkEJEcT73eKeD7zJucxvsrRK-d-091lI0ftRKDWJY...

43 B
422 B

175ms
174ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJEICU_5uaYR5ynUQuAqrP8&google_cver=1&google_push=Aa02lx-WrwzPV-UHVTdjYd-e1lCDWC1bICWrnkLhWDugwlxzJ9wvlr4-e3CkEJEcT73eKeD7zJucxvsrRK-d-091lI0ftRKDWJYlOYQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-WrwzPV-UHVTdjYd-e1lCDWC1bICWrnkLhWDugwlxzJ9wvlr4-e3CkEJEcT73eKeD7zJucxvsrRK-d-091lI0ftRKDWJYlOYQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 06:01:44 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a5958437be19bc5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Mar 2023 06:01:44 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 36
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJEICU_5uaYR5ynUQuAqrP8&google_cver=1&google_push=Aa02lx-WrwzPV-UHVTdjYd-e1lCDWC1bICWrnkLhWDugwlxzJ9wvlr4-e3CkEJEcT73eKeD7zJucxvsrRK-d-091lI0ftRKDWJYlOYQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-WrwzPV-UHVTdjYd-e1lCDWC1bICWrnkLhWDugwlxzJ9wvlr4-e3CkEJEcT73eKeD7zJucxvsrRK-d-091lI0ftRKDWJYlOYQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a5958425ab89bc5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 399D
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECiArDqp6-YQ_D-6tBlvQJE&google_cver=1&google_push=Aa02lx-kEN8ZkcP_cKxO4_NbYH1LE_aA2nZlXqhVMonk4CLn4Masbn5eZ-0gWc8NGbthGgqb9R-BCWaCr6Cyph...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwODc5MzgxNTM2OTY0NDE3NA%3D%3D&google_push=Aa02lx-kEN8ZkcP_cKxO4_NbYH1LE_aA2nZlXqhVMonk4CLn4Masbn5eZ-0gWc8NGbthGgqb9R-BCWaCr6CyphOXkN...

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwODc5MzgxNTM2OTY0NDE3NA%3D%3D&google_push=Aa02lx-kEN8ZkcP_cKxO4_NbYH1LE_aA2nZlXqhVMonk4CLn4Masbn5eZ-0gWc8NGbthGgqb9R-BCWaCr6CyphOXkNhkOMkFaQ1OoMo

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 06:01:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwODc5MzgxNTM2OTY0NDE3NA%3D%3D&google_push=Aa02lx-kEN8ZkcP_cKxO4_NbYH1LE_aA2nZlXqhVMonk4CLn4Masbn5eZ-0gWc8NGbthGgqb9R-BCWaCr6CyphOXkNhkOMkFaQ1OoMo
Date: Fri, 10 Mar 2023 06:01:44 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 399D
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEAPu5bO5gPA6fLrEYQ8xkGU&google_cver=1&google_push=Aa02lx91TZEq9b1vcOw7DZhM5NWTBudP98u8U92zOLO_wg0UGxWMyN44MOC5-WQTTPe0wcWMfkJ6fM8fw3FetnLLkSchkQ0...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEAPu5bO5gPA6fLrEYQ8xkGU&google_cver=1&google_push=Aa02lx91TZEq9b1vcOw7DZhM5NWTBudP98u8U92zOLO_wg0UGxWMyN44MOC5-WQTTPe0wcWMfkJ6fM8fw3FetnLLkSchk...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx91TZEq9b1vcOw7DZhM5NWTBudP98u8U92zOLO_wg0UGxWMyN44MOC5-WQTTPe0wcWMfkJ6fM8fw3FetnLLkSchkQ05JO7wcts

170 B
188 B

29ms
29ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx91TZEq9b1vcOw7DZhM5NWTBudP98u8U92zOLO_wg0UGxWMyN44MOC5-WQTTPe0wcWMfkJ6fM8fw3FetnLLkSchkQ05JO7wcts

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 06:01:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx91TZEq9b1vcOw7DZhM5NWTBudP98u8U92zOLO_wg0UGxWMyN44MOC5-WQTTPe0wcWMfkJ6fM8fw3FetnLLkSchkQ05JO7wcts
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 399D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOTEp06s1bT2zxQg9s5LHhM&google_cver=1&google_push=Aa02lx-aUXyOE8SAfZlpLoZlsJbLV-f_F88D1rV27XgCBd4gZb6XNj7sp50419zI3tTtlamDMop...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEYyNFI5TjktMjEtSjFBNQ==&google_push=Aa02lx-aUXyOE8SAfZlpLoZlsJbLV-f_F88D1rV27XgCBd4gZb6XNj7sp50419zI3tTtlamDMopk9k-z95UeeYHZyqeTdB-H_C5V08A

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEYyNFI5TjktMjEtSjFBNQ==&google_push=Aa02lx-aUXyOE8SAfZlpLoZlsJbLV-f_F88D1rV27XgCBd4gZb6XNj7sp50419zI3tTtlamDMopk9k-z95UeeYHZyqeTdB-H_C5V08A

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 06:01:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEYyNFI5TjktMjEtSjFBNQ==&google_push=Aa02lx-aUXyOE8SAfZlpLoZlsJbLV-f_F88D1rV27XgCBd4gZb6XNj7sp50419zI3tTtlamDMopk9k-z95UeeYHZyqeTdB-H_C5V08A
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 399D
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJ7uyVh6meB_TrPr4YVQ8r0&google_cver=1&google_push=Aa02lx97tmb1WbIGhyjd89Lvts6LuakOwZV3BN-9RA5uxHFT6nNKL9R3yOuunOEtasz0svqAlvmYGrBamK-k...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx97tmb1WbIGhyjd89Lvts6LuakOwZV3BN-9RA5uxHFT6nNKL9R3yOuunOEtasz0svqAlvmYGrBamK-kFIYK9L4hw9l0OXPAwIU

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx97tmb1WbIGhyjd89Lvts6LuakOwZV3BN-9RA5uxHFT6nNKL9R3yOuunOEtasz0svqAlvmYGrBamK-kFIYK9L4hw9l0OXPAwIU

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 06:01:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx97tmb1WbIGhyjd89Lvts6LuakOwZV3BN-9RA5uxHFT6nNKL9R3yOuunOEtasz0svqAlvmYGrBamK-kFIYK9L4hw9l0OXPAwIU
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 399D
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESED1GuTUuOWnvJ3lw3AVZ6Ik&google_cver=1&google_push=Aa02lx-sgp-ppqj0RxHBUex_RCFz7xgQb_Z3U282Diq4JCsXzChfKPHR90GB6AD_bhJ2goj75QcpHWhfaUT2KMMcHj7PsE...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESED1GuTUuOWnvJ3lw3AVZ6Ik&google_cver=1&google_push=Aa02lx-sgp-ppqj0RxHBUex_RCFz7xgQb_Z3U282Diq4JCsXzChfKPHR90GB6AD_bhJ2goj75QcpHWhfaUT2KMMc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=gZ0cPTK7QLSlYCTJ10Kt_A&google_push=Aa02lx-sgp-ppqj0RxHBUex_RCFz7xgQb_Z3U282Diq4JCsXzChfKPHR90GB6AD_bhJ2goj75QcpHWhfaUT2KMM...

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=gZ0cPTK7QLSlYCTJ10Kt_A&google_push=Aa02lx-sgp-ppqj0RxHBUex_RCFz7xgQb_Z3U282Diq4JCsXzChfKPHR90GB6AD_bhJ2goj75QcpHWhfaUT2KMMcHj7PsEurvk-G1g

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 06:01:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=gZ0cPTK7QLSlYCTJ10Kt_A&google_push=Aa02lx-sgp-ppqj0RxHBUex_RCFz7xgQb_Z3U282Diq4JCsXzChfKPHR90GB6AD_bhJ2goj75QcpHWhfaUT2KMMcHj7PsEurvk-G1g
access-control-allow-origin: *
date: Fri, 10 Mar 2023 06:01:44 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

report
sync.teads.tv/um/ Frame 399D
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECfAaT15uz5ukjPk5eHmTxU&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx_sFX-trI1zdZYekOQwuAUltZRU1bbJwdsM29X6SPzsZGpgFwDuJFCC8pua0JT-xDh_tCbN8LN7rO-uVrIgkuIuRYFFXmPYL0-h
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

92ms
91ms

Image
image/gif

104.109.66.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 104.109.66.25 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-66-25.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

expires: Fri, 10 Mar 2023 06:01:44 GMT
pragma: no-cache
date: Fri, 10 Mar 2023 06:01:44 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 10 Mar 2023 06:01:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 399D 0
12 B 34ms
30ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KOLF3j7aZshU4R8Rx_5GhBWusxUAleBEsgB-mp218ZIjagY_01VHcH9jZOJwF5sJDXY7HGWw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 90ms
34ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230307&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b613cc87e53518259553d90497db1ae053bd44e791abccc2ffad5972cc57e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11296
x-xss-protection: 0

GET
H3 200 vXNxKHOfM0woUYPMlVUM_skHL1Nu-ue6r5dLQlK5kuA.js Show response
pagead2.googlesyndication.com/bg/ Frame CCB8 36 KB
14 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vXNxKHOfM0woUYPMlVUM_skHL1Nu-ue6r5dLQlK5kuA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd737128739f334c285183cc95550cfec9072f536efae7baaf974b4252b992e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 17:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14374
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Mar 2024 17:50:57 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 10 Mar 2023 06:01:44 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1FFC 13 KB
5 KB 22ms
18ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://obereginfo.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 26144
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 22:46:00 GMT
expires: Fri, 08 Mar 2024 22:46:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 137F 783 B
535 B 48ms
45ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

af506350546a4972b895152987adcaceaefe542d73887ea0027cffecb3f5aca3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7f7rmlgxA4JvaLf4ZBT8EQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://obereginfo.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-7f7rmlgxA4JvaLf4ZBT8EQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 10 Mar 2023 06:01:44 GMT
expires: Fri, 10 Mar 2023 06:01:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 vXNxKHOfM0woUYPMlVUM_skHL1Nu-ue6r5dLQlK5kuA.js Show response
pagead2.googlesyndication.com/bg/ Frame 1FFC 36 KB
14 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vXNxKHOfM0woUYPMlVUM_skHL1Nu-ue6r5dLQlK5kuA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd737128739f334c285183cc95550cfec9072f536efae7baaf974b4252b992e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 17:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14374
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Mar 2024 17:50:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 137F 0
0 53ms
53ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230307&jk=203261357837615&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F5A6 42 B
64 B 54ms
54ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuGjNkfbmODvOz2DAtcWARh5p67JA5HVlji86FscpNx2Lfh8smX8xJ_WD4DtUMrmtAE4jZslYGUs5yURgVzPafrXuzR&sig=Cg0ArKJSzDM1rCKYGUGQEAE&id=lidar2&mcvt=1003&p=0,0,124,1005&mtos=139,558,1003,1059,1189&tos=139,419,445,56,130&v=20230308&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678428102829&rpt=220&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 06:01:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1FFC 0
10 B 19ms
18ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?H-7UqQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:01:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BED3 42 B
64 B 77ms
77ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssUps_bVlifc0wsBui0HCD94Z8qqCT86o1C8ZgPmsyin3TF2dsr52qYnq0wFLqGs9X4hvQtH0UcqO3NnYEfAAE9ersfMH2sD6scpwr90s0_8lOQ3pxMQu_CoPpmEgmS-qYXSWcVlw&sai=AMfl-YSltCxR44N7kJr2I8kLAEtRnC-3dNOvf-mK74FimoWrJkyDeXQOkDqkoQjlC2UCEpxOJx15OjRRW0AM&sig=Cg0ArKJSzC2nf5AonRkxEAE&cid=CAQSGwDUE5ymojRIKaS_UkV7G4EbWL8NsFcNMCtkYhgB&id=lidar2&mcvt=1000&p=0,0,600,120&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230308&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678428102825&rpt=344&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 06:01:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 6D6D 0
127 B 42ms
35ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 10 Mar 2023 06:01:44 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
57ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230307&jk=203261357837615&bg=!JiWlJXHNAAZKh9k7aoc7ADkAdvg8WqXZ-FSM-lwGPNyp4B26eopGRLOwlZWqj2r6hzuhV7-TJV1Aot9TaRmeAsBWUGm8PVU_nwoCAAAASFIAAAADaAEHmQKc-K6XY4xidiCCtX06jv5uQ60r7YmNWAqbyDiCriocJIM2D4YlIKEUt42fKU6HSFbPhUa7w5H-lmW8xpt83ZtG9ip03NXN-dFesgJuI8JvIHZeYJww8XDgn0jisgj_EC8yDu3ExQ6XK_Ru35lc85D3mRRobHwZxvKnlwMAp54ZIgYzLzJWw_cP7FgeKwdXNFwbuKKSDUARj0Pu3MZ-8PoCqCWvxoCeGCkyOFQVdpFFwpy5TbrLljVgtSG4MZDdG9KaPXbzMX8D-fOOQkUNxk2uSh5JKjvHwGP6tno5_-2bdJWxZLvh_E6cwFfff7YTAxBwBbmLV7nhY6RqF7cLTlWO7w1aM4xBfqQadiO3UutKlgH9oNKfC3Py_R4XwYM7KbWmeXFNpRZdQwfRktdJwXhSwai9I7xXrqzYPvD_gNAe7KcbRmBszFmA2nG_gyq5DgEsS0UokHy9QCP80YITKXARV9_Ob538IsLgIP1Kuk4OS8IWcJZdXTPlbMqKsioj18QzQMT9YIP-_Q-fcdeTlRWMuyWHG_-Ouw-YLNhotIhuM9ojfi77xoL17JQL4uxAMo1qztiYv2hqvV1_BLKWgwZe_KL7RAHQeLkq8q3esvo8u8a9UQWGz6K9oW127mBY4SrmAZpIcocNmOpy854CRa3TZ2Uw9T25659Kf77iaxlxfEZqF3p5OAGz7oPCBGDcno-NpoQY8GCVaQ028e08tzRy9cUEiZsX7QA8QASRexPusZ3F0Pi0LyBVQ1S6yAcAcAqjOgajKQVPSS03XkAKENGPoyvHmpGreCFgFhvNZXTq3mzNqtxFZutEXN-mgNB3jjF9Obq-sRu1tvCCP63IC7pG2pqKcxa5MMrFlvbSvoXQmtU-KZBuTa9n8YolcD0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://obereginfo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

POST
H2 200 49460548 Show response
mc.yandex.ru/webvisor/ 43 B
165 B 332ms
75ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49460548?wmode=0&wv-part=1&wv-hit=137516003&page-url=https%3A%2F%2Fobereginfo.ru%2F&rn=742779224&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1678428105%3Aw%3A1600x1200%3Av%3A980%3Az%3A0%3Ai%3A20230310060144%3Au%3A167842810211452632%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Ast%3A1678428105&t=gdpr(14)ti(2)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://obereginfo.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 06:01:45 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 10-Mar-2023 06:01:45 GMT
content-type: image/gif
access-control-allow-origin: https://obereginfo.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 10-Mar-2023 06:01:45 GMT

POST
H2 200 49460548 Show response
mc.yandex.ru/webvisor/ 43 B
73 B 71ms
71ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49460548?wmode=0&wv-part=1&wv-hit=137516003&page-url=https%3A%2F%2Fobereginfo.ru%2F&rn=104911862&wv-type=3&browser-info=we%3A1%3Aet%3A1678428105%3Aw%3A1600x1200%3Av%3A980%3Az%3A0%3Ai%3A20230310060145%3Au%3A167842810211452632%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Ast%3A1678428105&t=gdpr(14)ti(2)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://obereginfo.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 06:01:45 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 10-Mar-2023 06:01:45 GMT
content-type: image/gif
access-control-allow-origin: https://obereginfo.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 10-Mar-2023 06:01:45 GMT

POST
H2 200 49460548 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 67ms
66ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49460548?wmode=0&wv-part=2&wv-hit=137516003&page-url=https%3A%2F%2Fobereginfo.ru%2F&rn=617422560&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1678428107%3Aw%3A1600x1200%3Av%3A980%3Az%3A0%3Ai%3A20230310060146%3Au%3A167842810211452632%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Ast%3A1678428107&t=gdpr(14)ti(2)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://obereginfo.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 06:01:46 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 10-Mar-2023 06:01:46 GMT
content-type: image/gif
access-control-allow-origin: https://obereginfo.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 10-Mar-2023 06:01:46 GMT

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
obereginfo.ru/	1969-12-31 23:59:59	Name: flat_r_mb Value: %2F%2F%2F%3Adirect
.obereginfo.ru/	1970-01-20 18:59:24	Name: _ym_uid Value: 167842810211452632
.obereginfo.ru/	1970-01-20 18:59:24	Name: _ym_d Value: 1678428102
.yandex.ru/	1970-01-20 18:59:24	Name: ymex Value: 1709964102.yc.1678428102#1709964102.yrts.1678428102#1709964102.yrtsi.1678428102
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1643501721678428102
.yandex.ru/	1970-01-20 19:49:48	Name: i Value: H2csCpbbE2QOh4KOS0RCTDYTX/SlMa6EcriWmplZm1aYHj0r0l+QWZYp8zsH0CcOMHRAyiDIWNQL2ii2Dhy8XvBDRY4=
.yandex.ru/	1970-01-20 18:59:24	Name: yandexuid Value: 9633976771678428102
.yandex.ru/	1970-01-20 18:59:24	Name: yuidss Value: 9633976771678428102
.obereginfo.ru/	1970-01-20 10:15:00	Name: _ym_isad Value: 2
.obereginfo.ru/	1970-01-20 19:35:24	Name: __gads Value: ID=63ac26277b81cbe2-229de1e048dd0044:T=1678428102:RT=1678428102:S=ALNI_MZOlQxQQnVP9W1nUqxOUzQK9qJ3hw
.obereginfo.ru/	1970-01-20 19:35:24	Name: __gpi Value: UID=00000bc2ccf04990:T=1678428102:RT=1678428102:S=ALNI_MZhUxfy2sCiIB1O_6dTYlktX9RKPg
.obereginfo.ru/	1970-01-20 10:13:49	Name: _ym_visorc Value: w
.mc.webvisor.org/	1970-01-20 10:13:48	Name: sync_cookie_csrf Value: 4234135263fake
.mc.yandex.ru/	1970-01-20 10:13:48	Name: sync_cookie_csrf Value: 920216207fake
.webvisor.org/	1970-01-20 19:49:48	Name: yandexuid Value: 9633976771678428102
.webvisor.org/	1970-01-20 19:49:48	Name: yuidss Value: 9633976771678428102
.webvisor.org/	1970-01-20 19:49:48	Name: i Value: H2csCpbbE2QOh4KOS0RCTDYTX/SlMa6EcriWmplZm1aYHj0r0l+QWZYp8zsH0CcOMHRAyiDIWNQL2ii2Dhy8XvBDRY4=
.mc.webvisor.org/	1970-01-20 10:15:14	Name: sync_cookie_ok Value: synced
.doubleclick.net/	1970-01-20 19:35:24	Name: IDE Value: AHWqTUn7_wq8iVfMZ2FRwdPqbOhybdFBAPUsFuYjUJZV_6hTpDufkRA2DJxkAcJPSVc
.doubleclick.net/	1970-01-20 10:13:51	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 12:23:24	Name: uuid2 Value: 2416401067000636245
.yahoo.com/	1970-01-20 18:59:45	Name: A3 Value: d=AQABBMfHCmQCEJ14g7tiWJ27HeZcPgwSwVAFEgEBAQEZDGQUZAAAAAAA_eMAAA&S=AQAAAmIZGt6LD3oZg7u0DSTotMU
.everesttech.net/	1970-01-20 18:59:24	Name: everest_g_v2 Value: g_surferid~ZArHxwAAddtptgBB
.pubmatic.com/	1970-01-20 10:15:14	Name: KTPCACOOKIE Value: YES
.quantserve.com/	1970-01-20 12:23:24	Name: d Value: EA0BCQG9KIEA
.1rx.io/	1970-01-20 18:59:24	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-f0306f90-41f9-49f6-b4b9-96e4032dbd5f-005%22%7D
.adfarm1.adition.com/	1970-01-20 12:23:24	Name: UserID1 Value: 7208793815369644174
.simpli.fi/	1970-01-20 19:00:50	Name: suid Value: CA492107CEC649619842E3FD96AF2319
.travelaudience.com/	1970-01-20 19:45:28	Name: _tracker Value: %7B%22UUID%22%3A%226BF9A517-9E44-477C-AAC6-D842F0B3B2C5%22%7D
.de17a.com/	1970-01-20 18:52:12	Name: guid Value: 1.4994576808232445891
.quantserve.com/	1970-01-20 19:44:02	Name: mc Value: 640ac7c8-14188-4b83e-906cd
.pubmatic.com/	1970-01-20 18:59:24	Name: KADUSERCOOKIE Value: 91A73BF7-5875-4E33-80C8-24205FDD68BC
.360yield.com/	1970-01-20 12:23:24	Name: tuuid Value: 819d1c3d-32bb-40b4-a560-24c9d742adfc
.360yield.com/	1970-01-20 12:23:24	Name: tuuid_lu Value: 1678428104
.tribalfusion.com/	1970-01-20 12:23:24	Name: ANON_ID Value: aynseFRwEfES2QVormfc43Zd7ajHtdZaUMAHSUvtMUwOYKMGOqbSDcwGFJICeKHJKZbWKZaOve3IZaqUjbDZagQGXr
.targeting.unrulymedia.com/	1970-01-20 18:59:24	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-f0306f90-41f9-49f6-b4b9-96e4032dbd5f-005%22%7D
.w55c.net/	1970-01-20 19:45:28	Name: wfivefivec Value: JA7rH1d81PAvP25
.w55c.net/	1970-01-20 10:57:00	Name: matchgoogle Value: 5

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230307/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271804&client=ca-pub-9282886054584271&fa=4&ifi=6&uci=a!6&btvi=4&xpc=4N7TOVG5Lm&p=https%3A//obereginfo.ru Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ads.eu.criteo.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
cat.nl3.eu.criteo.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
csm.eu.criteo.net
d5p.de17a.com
dsp.adfarm1.adition.com
encrypted-tbn2.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
imgholder.ru
match.360yield.com
maxcdn.bootstrapcdn.com
mc.webvisor.org
mc.yandex.ru
obereginfo.ru
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
rtb.nl3.eu.criteo.com
s.tribalfusion.com
secure.adnxs.com
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.targeting.unrulymedia.com
sync.teads.tv
tpc.googlesyndication.com
um.simpli.fi
www.google.com
www.googletagservices.com
www.gstatic.com
104.109.66.25
104.36.113.112
142.250.185.66
151.101.130.49
154.47.36.107
178.250.1.6
192.162.246.39
199.127.204.142
213.155.156.180
2600:1f1c:a99:832c:d4e8:8c1e:e58e:3348
2606:4700::6810:5814
2606:4700::6811:180e
2606:4700::6812:19ad
2606:4700::6812:bcf
2a00:1450:4001:800::200a
2a00:1450:4001:801::2004
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::200e
2a00:1450:4001:828::2003
2a00:1450:4001:82f::2002
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::9
2a02:2638::3
2a02:2638::c
2a02:6b8::1:119
2a05:d018:d29:3605:da82:a258:4122:590d
3.233.54.112
35.190.0.66
35.204.158.49
37.252.171.85
51.75.86.98
54.188.225.146
69.173.144.138
85.114.159.118
88.99.216.125
05d4b8b9d53e9c36599aa5523700ef086f59da57ff648fbcac35cc6e53933ca2
064e6c2386a1984dde0c20f217011a1faa1995132683ddc55965ca87a8b2ea4c
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b7d852959a7e7e3785589a3c7f0aeacc5ad9e42f233e16f2b8683ef5beb032b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
15e749617a3856bfaa4d2cea0c50d88366d2b579841bd5a45bd2d34062babc51
169465735faf0a4c5137408c581b564af721140cdfa1bec05ad1728b76ba2f63
1748e380e58e4c6d01eea93af415d54921710dfd690a05d311550fc5cf3bbd11
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
193952b59c9a975154471a0ce405acdc8c3f6fa17b2414e818c14cee77f1d460
1d1e953ab3edcd0558d3d806af98d9c4a401440faf945bdfd849337e1b64206a
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1fcc1456f56a63e72ecae147b81ecbff0e0826c8d10f58ed87b7d1ddeaeb1937
21b927f2feb8fd6eb8306fb1aa6ab480e23ba22fe6f4805f5c59596e68ba5055
269c57004fa7f675bd5d6297bdd9817d6cc2ddc59aee3a8ebec5b22d7278239b
26cee62fb4c5d428c12cc5b3e00b36402df245f8af2ca22f2df00d3e90a0c499
27477c652ee19c3cbd7dda86f6f3da010b1548c29ae05af1cd2dd9723a0492f8
27919f3f849b468d0c74bf0ffb86b16d33c1ffce5387fc4c46114a2fd7ab3c45
2877cd738330405abe884cea5c23e52bbbf486d2a45f77d2db0580df6e2f6ac0
2a010d839c02ce874d9c1154781d869d7b1c7bf8743c97ea5bc74850697efb3a
2ae87541edbcf2f6fe8bf9caeb67d539a28494c5c05f06d7c42229a5325c77bc
2afa67e688c1e036b28cae03fd389577a79fcfd235cda07f6c967c8dc83f5b56
2b613cc87e53518259553d90497db1ae053bd44e791abccc2ffad5972cc57e83
30b344f16aede10730e9578585d1ffc4b767f0f5d383df315f2b9162a5b5236a
30eda38dea6c2a71487ddeed57de56a298c0dbe5e8e8a7665d5345bb548ab78a
311d24658fe56774e510a7c4955c5537f762fafd6b644259636fb6505ea6999b
313cbd07d85ca0cd0937226811b601b0ec5671ac17faee529763b3827ff7db13
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
322a5870bf6db021a47d6d8a86ef9047563db5b836b019bb1b2a1fba40537b19
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
357f0a2f0cc3eba79fb3fdc765af98ef1580c7724c2d94d9163fab169562d402
370f4b870769960b15948ce54286c96f0cd0bfca18a49705cb1453f66f1e7ece
40951acb02efadcfb1448583f51862b46b1d0b516438fe4b4fe4b35d8fb9bf5a
4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38
4259762a82a9cade12d4ae670bbe4ab8ef08e8392c9b650b69a3162009419747
43b27c1bad041dfd520dec06f513db3fd0ad1fdbf4ab34e86ade5585fdd34d9c
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
47afe80f1dc259804e47b9106f794fecbcc8c87cb5ac4f625bb681041d63d909
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
4b9e9162dec0d2b99d17837ab6a9be0fe397017f2735d002b242397c3b3e7d16
4d35dc868b23cad93d3ca7f6722707216e986c08eb6e3db21a46ff97724adf3c
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
540c1e5a5531635bb49a761947ce74122c931574934b66ec653b992b48d8d032
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
571a8bcea15ac73043493c1fb7a5d013889d3a16c9ca1b4155770fa5f219a6cc
579a357408e83284c1ad07e9fb5f1b4f1e400aa8f2e7849e4fd0ff381bdab740
57aafa00dd6513f50ece8d16a1f12d09a8df8f50209a9c8c1ce1cba207120abd
5927ee37f74d47a0524f67697afb94f4400b89774361af47eefb2be11947ab98
5c011b9796b130fc6cc45d82da81739370903fc8ae70a126c76fe74a7975c8c2
5c0298403a84dfc70e836ce023007d085e3a074238fbb91edba9420a1f6286e2
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e140fcbc3a573e82bb144b889b06d74a54a330744544673ac899e7104645186
607ae1b9cde5e877a316e0c349b89c122377fe5f2b93fbcd8353ce8ac6c2bcd4
61320f76831641f4a1bf19735a230013b774a4db9a9caa9ebb8585717abf817e
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61fd6fe4fa481d774a9162ea483a8484f6f224204c7dac0c353a5f965f129ade
63af28c56dece5b853cf75697cc86d05eb8a75dae73a65624518806abe57180b
69c9afff2cf0b1bc101b7417bbe7a80e22698d24c609b61f93ce70af4329db39
69e29da7f4678abd4e55e9e396b4d554416d94c4299885681614ebaded2ddbe9
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
6cab8429d30f5a7055b4a7ab745f17e524d27696b8217387253a6d34b61bde24
6e8a6e127ea8f45b7363735f4ec842bd3c1de980902cd4f5092e6a429e4bb94b
6fb1c4f07753ffe48ae9c5a9822594b2f03a208dca0e9f030c6e024b71a6b4cc
6feebe979cad3ccbf08d570c657c2562336123e58011b84be4cc123d649a94ec
71d3cee4808d6daf0989cfb6f9254262f455f8beb5132ac72a3532c845b5af06
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72732df4c675b1d0aedcc6936085677d7285d1e211d9b84081cf66759280cb32
7464e2bb5f04a9a311773a7c65c1888bfbeaa2e59c8706add82b7a239dab41f3
74a028295939871115d145e11eb67a04a7c45ea71e5e216066003bafa4562761
77c7267f54dffcef28af7d1d7e506f7927c257e014728694ce7f494ea483feed
7a3cbe668355e5cae7f0442da0ad8bf27f55c7c30d99fe0ebbcebebd46004cbb
7ba807660912889fa5b0e214736530a0d83fd17be6aff062a3be55080050ad37
7d7706690726ddec6dbc85e9ed50ccef1c715512a8cb5cb0db7569fe76a20094
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
80072034d81e9a703c3820cac8eeac27fe10a44689a93d336cc681a3ed05cefd
8a2b9f25593c78f14a98794a1fc21334a3fd833953f8499c82bed7bc438c7b23
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8d8a37a25b3540166db9800e8331acc61287510b5bbf137eef74fbe42fdcd153
8dbf16636e38f16184cf991faacc74cf68bbff890403431c3e6b7b9a2c4a4666
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90334165ef5fa174c55a2af0495b588dae4e780da3e243359294233a35a36bd9
9048e4eff0c2de379d35afb7663261e2ac11e748e017c279b109eb867262556e
90dcf383fd5013785f26ba943d64ebdc85f34a3736d8825946926d82d32f8501
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
92ca60a1917b9ebb08ee7ddf0860b217985b8468acf0de9ed41d90c3f5dda926
97c8e4ade88324f3e2408b6150ad02226198c90889fd920d25807ca4a03544f1
99239a5654d2e3df9cb2def08dd61b7e66ac12d62e4ec0e032a6ed25c3240622
9a917b0ebfaec81724150c9e36599aef81b238212fdb1aadc4e936c2fa0a6f0c
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bcc8167c865b9e7db82e00ff5f4c0b89b9d7d6c1b5ed2cd299f171ff72f06cd
9f153f9deb76a35966f6fb8b1568a1b75d72bd2d04c52d3dac642c77339f8fbc
9fb0055a84a296cbe2a326ac30b4184627d0cf4f74616af6ab51c2d04f5102bd
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2c4649bff67f498ad9720d798159537b65c78bb60d11059a9e563c920e72125
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3bd52853cb28a78d74a9c20acdc29d5146b96eee135bdb5d60c9a853153a163
a43720c16e4f59b9f7944f11015236009cb48298a236160a7bd6b9ee632be49e
a46d7c624e64a0905b7f8dfea67ee51b84436f3c6010bc87b79a59da96a6c705
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5515c53111bb4a4f45aff63d06df893ae9033dc85e82cc2ef27fc099a4d7609
a555367f420022bd659fbf74d38d0bd10fd7277f5fd7ab78941337ca8a31ef87
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a828770b8c497086194e6fa2beda34ab860bd6133abc8654dd30db10f96b8ece
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a9ad9acd9b4374cc4a4411ff72653f7940965f416237d1ea765019541d9d44c7
a9f3275249b9f0751f60a6ab2a934eaa59efc2969002ecc6e3e65c31375a0174
ab82e4b5c2fdeca33c040309220e206a4aac300c117a8b20d27f5ee3a9b63c4b
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
af506350546a4972b895152987adcaceaefe542d73887ea0027cffecb3f5aca3
b19abb41a4112c2e3c7448e83d6f49767821d9109363db51ab99038ad8b3b5d0
b2c932aa04d2f59a7d7feaf4534c7887f08093f4c9ee5f7f16d2181e191b633a
b96578c067447bc38ec08f4bc3f8daacc45bae2148b4f22f21d671647e6d9cdf
b9c90c601bc81ad71ed8be557ff9b095de5aae947926e84011e2728cf65250a6
bb4416547d534785ee43978c462381cf8d7f2dcb2bf58b3b0be498c49aafa231
bb9a0a56995ccfe2dedd9ff3c298b042e033c4670b534a0fc8b43953e8b6b3cc
bbeb7f7f618c8d82bce1600d57e67a9f6759bed1d00097935d1714440dcbdb7b
bd737128739f334c285183cc95550cfec9072f536efae7baaf974b4252b992e0
beb17ab744f890dbb2b59a2c4d5bccc9af00641d1fe40bde728318bf8882e017
bf3435cc61529a7c0f05486c507a618ce8369abc931157739247fdc4acb36818
c0ea2af000d746e340ce413d1a11126cc597783e859aa2e84dce1ae5374c4df1
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c3080f827d603b5ba5bdf9184b8aa92ecb6afe87dc272b94bdc14e486a87eb29
c36a80c614df30d0b19fea7dab816cf02e7daeaaef3a274aed2beaeb9dc2ac39
c42425f18923921089911e70f39c6dd462794df2e42ac0596abc3884da6471fc
c4e1d6dac257b1f10f34c13ef8ec41e9e0cd8133c8e947aef4d756e19213649c
c56b566e17c62870ce139b3a57bfb94a9d785792bd6ac2220d52426b8590d87f
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cacd0002ad2c99e2068d37cb325acc08e8a261fd942627c94d8bedeb79a82e52
cbb5d0cd99752f39042ab89b65c414c46d91111198c4c805e45e8e807e77f46f
cd218625802cf63be333d08ef243001d1533575ca47942de2db154cb40c3d400
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
d05dc87f5b48e7297a8f9ded38af18cfa04d813eb2fc8f6c79507e66a3768eb6
d1807b7b5005435db8c930dc8d652595d10158b65bbc422974c6b86bfd97f7d7
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8f87502628296c6998bb8aaead846d57748aa8bccfd582686dab5874126dba7
da11b1f9ca0768386245e7d1c5d5f8b6c72122ce572172605f1421da87f3e801
da619c464c6db81205d0c5a2f16c7994b38d1438b9e4d5fa7395b52eacbb20f4
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de2eaeb68648a3e566d547f241f0c083964914077cd3d4e6d9e8b15b7d881d53
dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e37316f20ee8564506ca9dbf035ba412ef6f79d7fd534c98b6f7d2bd49e11dc9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f798fc5078eea58865d86fc9603ff064924be00586813aef85cc3d6964cff8
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0
e51fc93fdce6a9a37ba9e5503672eda2f4c4904da5335464866a1243e2c2e096
e52215fcc50a82995a2559a157a9e557c4398a5b7b35f65df880d77cd3d57784
e5382503febf871737377e914a0520f1622f40b1c7a9165bee7436b0eb28468e
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5c2e456060cc014f3bb52a998332529a64b4ea15959eb68f8ceeefca89c3cdb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3891d9c892c2d28ab58c632815304c7a2daf28513b566ad2e71e6a3118bc52
f1400c92345dcd9dbf746acab2c60e8580aa959473e9e56c8772cadcf7734b76
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5acda93c7254b1e7aadc1ab2bdff1722803e55107334351118c4d64e51046f9
f98ae2653ccfd7fe289cfbfb10ac40e2a3bc374eea72eda40421f8b422c12103
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
fd5368086a627728fc6127876ae997188ff8454d34e2f997c23c63b78418045c
fd84643e6248cd6e8ccfd3357aedfd8960caed2ef1c796e0341e71af90f2a8bd
ff5fe1c18a799dbdb4a5bd08915c20a7e6cd5c052001326d5f9c2e3763d57fab

obereginfo.ru Open in urlscan Pro 88.99.216.125 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

249 Requests

91 %HTTPS

54 %IPv6

34 Domains

44 Subdomains

27 IPs

7 Countries

3498 kBTransfer

5930 kBSize

38 Cookies

1 Outgoing links

Page URL History

Redirected requests

249 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

obereginfo.ru Open in urlscan Pro
88.99.216.125 Public Scan

Screenshot
Live screenshot

Full Image

249
Requests

91 %
HTTPS

54 %
IPv6

34
Domains

44
Subdomains

27
IPs

7
Countries

3498 kB
Transfer

5930 kB
Size

38
Cookies

249 HTTP transactions
15 data transactions