urlscan.io logo urlscan.io
SecurityTrails logo

mp3.couver.ru Open in urlscan Pro
45.133.245.59  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mp3.couver.ru/#t=orden_ogan_-_chapter_ii_(prelude)_
Effective URL: http://mp3.couver.ru/
Submission: On April 10 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 11 domains to perform 64 HTTP transactions. The main IP is 45.133.245.59, located in Helsinki, Finland and belongs to IHOR-SERVERS-EUROPE to AS51765 announce AS207569, SC. The main domain is mp3.couver.ru.
This is the only time mp3.couver.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

13    45.133.245.59 (Helsinki, Finland)

ASN207569 (IHOR-SERVERS-EUROPE to AS51765 announce AS207569, SC)
mp3.couver.ru
4    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
12    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.com
7    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.gstatic.com
3    88.212.201.198 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru
counter.yadro.ru
8    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
12    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
23 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
tpc.googlesyndication.com — Cisco Umbrella Rank: 128
316 KB
13 couver.ru
mp3.couver.ru
161 KB
8 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
69 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
110 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
3 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 77
www.google.com — Cisco Umbrella Rank: 4
1 KB
3 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 7696
2 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 176
73 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 238
43 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 7579
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 794
642 B
64 11
Domain Requested by
13 mp3.couver.ru mp3.couver.ru
12 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
11 pagead2.googlesyndication.com mp3.couver.ru
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 www.gstatic.com googleads.g.doubleclick.net
4 fonts.googleapis.com mp3.couver.ru
googleads.g.doubleclick.net
3 counter.yadro.ru 2 redirects mp3.couver.ru
3 fonts.gstatic.com fonts.googleapis.com
2 www.google.com 1 redirects tpc.googlesyndication.com
2 www.googletagservices.com googleads.g.doubleclick.net
2 cdnjs.cloudflare.com mp3.couver.ru
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
64 14

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh

This page contains 10 frames:

Primary Page: http://mp3.couver.ru/
Frame ID: 0F25A18A38270E240A05B3977ACC88D3
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20190131/zrt_lookup.html
Frame ID: 9CCC2D045C2161A9DBADCCE786C461DD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9596761179699546&output=html&adk=1812271804&adf=3025194257&lmt=1649569055&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fmp3.couver.ru%2F%23t%3Dorden_ogan_-_chapter_ii_(prelude)_&ea=0&pra=5&wgl=1&dt=1649569054321&bpp=2&bdt=342&idt=859&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7545364660717&frm=20&pv=2&ga_vid=814360591.1649569055&ga_sid=1649569055&ga_hid=634449652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474&oid=2&pvsid=2746613170817092&pem=698&tmod=112918895&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=877
Frame ID: F2A996726AB18BB09E3048F832E8D6F9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9596761179699546&output=html&h=280&slotname=2250780395&adk=282559597&adf=2356487172&pi=t.ma~as.2250780395&w=948&fwrn=4&fwrnh=100&lmt=1649569055&rafmt=1&psa=0&format=948x280&url=http%3A%2F%2Fmp3.couver.ru%2F%23t%3Dorden_ogan_-_chapter_ii_(prelude)_&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1649569054323&bpp=3&bdt=344&idt=894&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7545364660717&frm=20&pv=1&ga_vid=814360591.1649569055&ga_sid=1649569055&ga_hid=634449652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=326&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474&oid=2&pvsid=2746613170817092&pem=698&tmod=112918895&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jRRNDWAOCa&p=http%3A//mp3.couver.ru&dtd=899
Frame ID: C05F5023213B48594DFAC460F9502EA8
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9596761179699546&output=html&h=280&slotname=1858608786&adk=2621592769&adf=3394360734&pi=t.ma~as.1858608786&w=948&fwrn=4&fwrnh=100&lmt=1649569055&rafmt=1&psa=0&format=948x280&url=http%3A%2F%2Fmp3.couver.ru%2F%23t%3Dorden_ogan_-_chapter_ii_(prelude)_&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1649569054326&bpp=1&bdt=347&idt=901&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C948x280&nras=1&correlator=7545364660717&frm=20&pv=1&ga_vid=814360591.1649569055&ga_sid=1649569055&ga_hid=634449652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=326&ady=979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474&oid=2&pvsid=2746613170817092&pem=698&tmod=112918895&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Vj4C3rwRuM&p=http%3A//mp3.couver.ru&dtd=905
Frame ID: B0DB0EC1E84918CB95E41CA5A9C99926
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js
Frame ID: A74469C108D28280FA7BB796BEEA670C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A66D835C8F198F1A5DAAD42477B91AA1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js
Frame ID: BDEA6798E3E7DFEB4E8F1DE0A884B226
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E2E2314EDC24DE5D985B80327D1221F7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0D2B0C289810DFD290A9AC1E26A99DB0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Download mp3 music

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href="[^"]*materialize(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

64
Requests

77 %
HTTPS

75 %
IPv6

11
Domains

14
Subdomains

13
IPs

4
Countries

777 kB
Transfer

1878 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • http://counter.yadro.ru/hit?t44.1;r;s1600*1200*24;uhttp%3A//mp3.couver.ru/%23t%3Dorden_ogan_-_chapter_ii_%28prelude%29_;hDownload%20mp3%20music;0.1897018522725311 HTTP 302
  • https://counter.yadro.ru/hit?t44.1;r;s1600*1200*24;uhttp%3A//mp3.couver.ru/%23t%3Dorden_ogan_-_chapter_ii_%28prelude%29_;hDownload%20mp3%20music;0.1897018522725311 HTTP 302
  • https://counter.yadro.ru/hit?q;t44.1;r;s1600*1200*24;uhttp%3A//mp3.couver.ru/%23t%3Dorden_ogan_-_chapter_ii_%28prelude%29_;hDownload%20mp3%20music;0.1897018522725311
Request Chain 54
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

64 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mp3.couver.ru/ 		11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://mp3.couver.ru/
Protocol
HTTP/1.1
Server
45.133.245.59 Helsinki, Finland, ASN207569 (IHOR-SERVERS-EUROPE to AS51765 announce AS207569, SC),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d91549f7b7cd4e97e20432e01a4d0148eacb7e807fe8ad42d8922644c8a56a99

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
3088
Content-Type
text/html; charset=UTF-8
Date
Sun, 10 Apr 2022 05:37:32 GMT
Server
nginx/1.14.0 (Ubuntu)
Vary
Accept-Encoding
css
fonts.googleapis.com/ 		664 B
858 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato
Requested by
Host: mp3.couver.ru
URL: http://mp3.couver.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
05410fbe1192a21525520421f6ddce4a065a94658a42146ae707a814926fa77d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mp3.couver.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 04:57:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 10 Apr 2022 05:37:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 10 Apr 2022 05:37:32 GMT
icon
fonts.googleapis.com/ 		569 B
439 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: mp3.couver.ru
URL: http://mp3.couver.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0c254788ad36f95d44c1786c590263e89ea3976fcbc9ae7c82c52493b254391
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mp3.couver.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 05:37:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 10 Apr 2022 05:37:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 10 Apr 2022 05:37:32 GMT
materialize.min.css
mp3.couver.ru/assets/7/css/ 		139 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://mp3.couver.ru/assets/7/css/materialize.min.css
Requested by
Host: mp3.couver.ru
URL: http://mp3.couver.ru/
Protocol
HTTP/1.1
Server
45.133.245.59 Helsinki, Finland, ASN207569 (IHOR-SERVERS-EUROPE to AS51765 announce AS207569, SC),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cef155a7cdbab22094bb173629945d96400bccb65635bec56899bd2b5991c56d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mp3.couver.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 10 Apr 2022 05:37:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Jul 2018 11:45:53 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"22a01-571449ae40a35-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21549
application.css
mp3.couver.ru/assets/7/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://mp3.couver.ru/assets/7/css/application.css
Requested by
Host: mp3.couver.ru
URL: http://mp3.couver.ru/
Protocol
HTTP/1.1
Server
45.133.245.59 Helsinki, Finland, ASN207569 (IHOR-SERVERS-EUROPE to AS51765 announce AS207569, SC),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
98cacd6c50abc45e5c59a911fc08060dde36f0fe7f096a98964807a848abcaac

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mp3.couver.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 10 Apr 2022 05:37:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Jul 2018 11:45:53 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"f21-571449ae40a35-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1244
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.7.2/ 		93 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.7.2/jquery.min.js
Requested by
Host: mp3.couver.ru
URL: http://mp3.couver.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mp3.couver.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 05:37:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
465515
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29787
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17278"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3M7bFz%2BJmy1DEo%2BF2ME7y4QHXZZpjkO2lFBUZZNiSvQOHRFVSyVQ1PzrhsTV%2FP%2BE5DB3LEA1iy%2BDskdSgNbtDM%2BaIP%2FtQD9AunS8ikwJfyLEpHRFDzmpIb3XzMdea0pe1rXi2mFlxxnid9sfnwOkZJf7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6f992193bb8af937-MXP
expires
Fri, 31 Mar 2023 05:37:32 GMT
act.js
mp3.couver.ru/assets/7/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://mp3.couver.ru/assets/7/js/act.js
Requested by
Host: mp3.couver.ru
URL: http://mp3.couver.ru/
Protocol
HTTP/1.1
Server
45.133.245.59 Helsinki, Finland, ASN207569 (IHOR-SERVERS-EUROPE to AS51765 announce AS207569, SC),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ad82d09f2c7ec5bf4f13d4b0a311a450868af87019a41d5fdaee26b0f6cdcf59

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mp3.couver.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 10 Apr 2022 05:37:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Jul 2018 11:45:53 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"96c-571449ae40a35-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
780
active.js
mp3.couver.ru/assets/7/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://mp3.couver.ru/assets/7/js/active.js
Requested by
Host: mp3.couver.ru
URL: http://mp3.couver.ru/
Protocol
HTTP/1.1
Server
45.133.245.59 Helsinki, Finland, ASN207569 (IHOR-SERVERS-EUROPE to AS51765 announce AS207569, SC),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
30cb41b3cc202aedfecc5248b48363c03006d97f03847c9b8342bee86575c65c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mp3.couver.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 10 Apr 2022 05:37:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Jul 2018 11:45:53 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"106b-571449ae40a35-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1344
underscore.js
cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/ 		52 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/underscore.js
Requested by
Host: mp3.couver.ru
URL: http://mp3.couver.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b328e42c558197d5b99d7727cfcc60bac9763fad660651230e8baf93f6067ed
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mp3.couver.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 05:37:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5137170
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12684
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04015-ceb7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cKBnDarDMLSzFQeT%2BYvVPjBmY0EUzH0klWfD%2FVvGiPjOeDDM07gGRNgKljsVm7KEsG1Ct7fCRUps%2BB0J00MMPSnFnnlgwWUJHrcpXu%2FrfUjM3RXzG24aJIvQxU77LMDuKAX3awLdNWVIyY4iZu%2FIsPhE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6f992193bb8bf937-MXP
expires
Fri, 31 Mar 2023 05:37:32 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		154 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: mp3.couver.ru
URL: http://mp3.couver.ru/
Protocol
HTTP/1.1
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ffd1fd9f5a21343c723d419f4e0349d4837b1a2b75a42ca1a4c60a3f46d0f14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mp3.couver.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Sun, 10 Apr 2022 05:37:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
14678642217542082653
Vary
Accept-Encoding, Origin
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
53902
X-XSS-Protection
0
Expires
Sun, 10 Apr 2022 05:37:32 GMT
logo.png
mp3.couver.ru/img/7/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mp3.couver.ru/img/7/logo.png
Requested by
Host: mp3.couver.ru
URL: http://mp3.couver.ru/
Protocol
HTTP/1.1
Server
45.133.245.59 Helsinki, Finland, ASN207569 (IHOR-SERVERS-EUROPE to AS51765 announce AS207569, SC),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
602b8b86ac66002f36b471649d90e44e3eafe78260bb7518b48e0238158efacb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mp3.couver.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 10 Apr 2022 05:37:33 GMT
Last-Modified
Wed, 18 Jul 2018 11:45:53 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6a4-571449ae419d5"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1700
add_user.png
mp3.couver.ru/img/7/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mp3.couver.ru/img/7/add_user.png
Requested by
Host: mp3.couver.ru
URL: http://mp3.couver.ru/
Protocol
HTTP/1.1
Server
45.133.245.59 Helsinki, Finland, ASN207569 (IHOR-SERVERS-EUROPE to AS51765 announce AS207569, SC),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ac4685cd0c802a0b54dfcffe3968e32533a603e21dd02caea1b9b88481cecef1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mp3.couver.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 10 Apr 2022 05:37:33 GMT
Last-Modified
Wed, 18 Jul 2018 11:45:53 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"1927-571449ae419d5"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6439
progress_bar_green.gif
mp3.couver.ru/img/7/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mp3.couver.ru/img/7/progress_bar_green.gif
Requested by
Host: mp3.couver.ru
URL: http://mp3.couver.ru/
Protocol
HTTP/1.1
Server
45.133.245.59 Helsinki, Finland, ASN207569 (IHOR-SERVERS-EUROPE to AS51765 announce AS207569, SC),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1b0476eb6fba5462b8a4138835abcc1ac9f44ac501b95278f67ee8bd6ab88fbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mp3.couver.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 10 Apr 2022 05:37:33 GMT
Last-Modified
Wed, 18 Jul 2018 11:45:53 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"eb52-571449ae419d5"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
60242
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		154 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: mp3.couver.ru
URL: http://mp3.couver.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
024d28c8b632da41433608deb666dd4aafce540e623b7b7dd5874384a022b59b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mp3.couver.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 05:37:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53884
x-xss-protection
0
server
cafe
etag
6722287650211446646
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 10 Apr 2022 05:37:32 GMT
empty_disc.png
mp3.couver.ru/img/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mp3.couver.ru/img/empty_disc.png
Requested by
Host: mp3.couver.ru
URL: http://mp3.couver.ru/
Protocol
HTTP/1.1
Server
45.133.245.59 Helsinki, Finland, ASN207569 (IHOR-SERVERS-EUROPE to AS51765 announce AS207569, SC),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
71e2b762bff70bfaf9561b5aec2b73649101af248300bd562212e92422947af8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mp3.couver.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 10 Apr 2022 05:37:33 GMT
Last-Modified
Sun, 31 Dec 2017 15:03:06 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"3ce0-561a429b888be"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15584
mp3.png
mp3.couver.ru/img/7/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mp3.couver.ru/img/7/mp3.png
Requested by
Host: mp3.couver.ru
URL: http://mp3.couver.ru/
Protocol
HTTP/1.1
Server
45.133.245.59 Helsinki, Finland, ASN207569 (IHOR-SERVERS-EUROPE to AS51765 announce AS207569, SC),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
da3307e24b436e313453030c5374e876ff5ea0cd66c8d34b658f1c2089511b71

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mp3.couver.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 10 Apr 2022 05:37:33 GMT
Last-Modified
Wed, 18 Jul 2018 11:45:53 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"1d27-571449ae419d5"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7463
spinner.gif
mp3.couver.ru/img/5/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mp3.couver.ru/img/5/spinner.gif
Requested by
Host: mp3.couver.ru
URL: http://mp3.couver.ru/
Protocol
HTTP/1.1
Server
45.133.245.59 Helsinki, Finland, ASN207569 (IHOR-SERVERS-EUROPE to AS51765 announce AS207569, SC),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d2c956d09a44ab87c163dcb83720c402440a747735cf19c690c5af648c4eb511

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mp3.couver.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 10 Apr 2022 05:37:33 GMT
Last-Modified
Sun, 31 Dec 2017 15:03:06 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"7456-561a429b888be"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29782
bg.png
mp3.couver.ru/img/7/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mp3.couver.ru/img/7/bg.png
Requested by
Host: mp3.couver.ru
URL: http://mp3.couver.ru/assets/7/css/application.css
Protocol
HTTP/1.1
Server
45.133.245.59 Helsinki, Finland, ASN207569 (IHOR-SERVERS-EUROPE to AS51765 announce AS207569, SC),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
bd78b1d80a593a1425d9511f8edec737bc5d4052fc763e9254cf90f0220d2be8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mp3.couver.ru/assets/7/css/application.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 10 Apr 2022 05:37:33 GMT
Last-Modified
Wed, 18 Jul 2018 11:45:53 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"1dbd-571449ae419d5"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7613
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://mp3.couver.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 19:30:55 GMT
x-content-type-options
nosniff
age
295597
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:14:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 06 Apr 2023 19:30:55 GMT
hit
counter.yadro.ru/
Redirect Chain
  • http://counter.yadro.ru/hit?t44.1;r;s1600*1200*24;uhttp%3A//mp3.couver.ru/%23t%3Dorden_ogan_-_chapter_ii_%28prelude%29_;hDownload%20mp3%20music;0.1897018522725311
  • https://counter.yadro.ru/hit?t44.1;r;s1600*1200*24;uhttp%3A//mp3.couver.ru/%23t%3Dorden_ogan_-_chapter_ii_%28prelude%29_;hDownload%20mp3%20music;0.1897018522725311
  • https://counter.yadro.ru/hit?q;t44.1;r;s1600*1200*24;uhttp%3A//mp3.couver.ru/%23t%3Dorden_ogan_-_chapter_ii_%28prelude%29_;hDownload%20mp3%20music;0.1897018522725311
140 B
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t44.1;r;s1600*1200*24;uhttp%3A//mp3.couver.ru/%23t%3Dorden_ogan_-_chapter_ii_%28prelude%29_;hDownload%20mp3%20music;0.1897018522725311
Requested by
Host: mp3.couver.ru
URL: http://mp3.couver.ru/
Protocol
HTTP/1.1
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host198.rax.ru
Software
nginx/1.17.9 /
Resource Hash
a92f2b3edb0d9f5e017eaf110749e21ce9aea2121cc492145837afd222a8416e
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mp3.couver.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Apr 2022 05:37:48 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
140
Expires
Fri, 09 Apr 2021 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 10 Apr 2022 05:37:48 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;t44.1;r;s1600*1200*24;uhttp%3A//mp3.couver.ru/%23t%3Dorden_ogan_-_chapter_ii_%28prelude%29_;hDownload%20mp3%20music;0.1897018522725311
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Fri, 09 Apr 2021 21:00:00 GMT
cover
mp3.couver.ru/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mp3.couver.ru/cover?title=orden_ogan_-_chapter_ii_(prelude)_
Requested by
Host: mp3.couver.ru
URL: http://mp3.couver.ru/
Protocol
HTTP/1.1
Server
45.133.245.59 Helsinki, Finland, ASN207569 (IHOR-SERVERS-EUROPE to AS51765 announce AS207569, SC),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
0a7392b19736b410631509eed55f27418f00215a566d4f060132992407831d1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mp3.couver.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 10 Apr 2022 05:37:33 GMT
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
Content-Length
4372
Content-Type
image/jpeg
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/ 		301 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9596761179699546&plah=mp3.couver.ru
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41fa7e8ffbcaa5ce69d951687de0cb45b8e98ea9473635a75615cf49d3b2ff1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mp3.couver.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 05:37:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110328
x-xss-protection
0
server
cafe
etag
1148290837941698068
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 10 Apr 2022 05:37:33 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220406/r20190131/ Frame 9CCC 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220406/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mp3.couver.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
43730
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4398
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Apr 2022 17:28:43 GMT
etag
14837630671339829333
expires
Sat, 23 Apr 2022 17:28:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		213 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=mp3.couver.ru&callback=_gfp_s_&client=ca-pub-9596761179699546
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9596761179699546&plah=mp3.couver.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
59e4ed3dc4806eac7784e00cd6a05811521d037ec7191f2eb7e603621a21552d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mp3.couver.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 05:37:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
197
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=mp3.couver.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9596761179699546&plah=mp3.couver.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mp3.couver.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 10 Apr 2022 05:37:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=mp3.couver.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9596761179699546&plah=mp3.couver.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mp3.couver.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 10 Apr 2022 05:37:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F2A9 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9596761179699546&output=html&adk=1812271804&adf=3025194257&lmt=1649569055&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fmp3.couver.ru%2F%23t%3Dorden_ogan_-_chapter_ii_(prelude)_&ea=0&pra=5&wgl=1&dt=1649569054321&bpp=2&bdt=342&idt=859&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7545364660717&frm=20&pv=2&ga_vid=814360591.1649569055&ga_sid=1649569055&ga_hid=634449652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474&oid=2&pvsid=2746613170817092&pem=698&tmod=112918895&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=877
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9596761179699546&plah=mp3.couver.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mp3.couver.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Apr 2022 05:37:33 GMT
expires
Sun, 10 Apr 2022 05:37:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C05F 		90 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9596761179699546&output=html&h=280&slotname=2250780395&adk=282559597&adf=2356487172&pi=t.ma~as.2250780395&w=948&fwrn=4&fwrnh=100&lmt=1649569055&rafmt=1&psa=0&format=948x280&url=http%3A%2F%2Fmp3.couver.ru%2F%23t%3Dorden_ogan_-_chapter_ii_(prelude)_&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1649569054323&bpp=3&bdt=344&idt=894&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7545364660717&frm=20&pv=1&ga_vid=814360591.1649569055&ga_sid=1649569055&ga_hid=634449652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=326&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474&oid=2&pvsid=2746613170817092&pem=698&tmod=112918895&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jRRNDWAOCa&p=http%3A//mp3.couver.ru&dtd=899
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9596761179699546&plah=mp3.couver.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
88d7e078bc848e5c163391b8f6b946f21c062b79e6e9d1c6545676b072d170c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mp3.couver.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
32730
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Apr 2022 05:37:34 GMT
expires
Sun, 10 Apr 2022 05:37:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B0DB 		93 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9596761179699546&output=html&h=280&slotname=1858608786&adk=2621592769&adf=3394360734&pi=t.ma~as.1858608786&w=948&fwrn=4&fwrnh=100&lmt=1649569055&rafmt=1&psa=0&format=948x280&url=http%3A%2F%2Fmp3.couver.ru%2F%23t%3Dorden_ogan_-_chapter_ii_(prelude)_&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1649569054326&bpp=1&bdt=347&idt=901&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C948x280&nras=1&correlator=7545364660717&frm=20&pv=1&ga_vid=814360591.1649569055&ga_sid=1649569055&ga_hid=634449652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=326&ady=979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474&oid=2&pvsid=2746613170817092&pem=698&tmod=112918895&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Vj4C3rwRuM&p=http%3A//mp3.couver.ru&dtd=905
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9596761179699546&plah=mp3.couver.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
574a0f739bcf87ca8612f9964c18ed39f07faa2f5d56aef9500ad74e908c1748
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mp3.couver.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
32509
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Apr 2022 05:37:34 GMT
expires
Sun, 10 Apr 2022 05:37:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame B0DB 		8 KB
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9596761179699546&output=html&h=280&slotname=1858608786&adk=2621592769&adf=3394360734&pi=t.ma~as.1858608786&w=948&fwrn=4&fwrnh=100&lmt=1649569055&rafmt=1&psa=0&format=948x280&url=http%3A%2F%2Fmp3.couver.ru%2F%23t%3Dorden_ogan_-_chapter_ii_(prelude)_&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1649569054326&bpp=1&bdt=347&idt=901&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C948x280&nras=1&correlator=7545364660717&frm=20&pv=1&ga_vid=814360591.1649569055&ga_sid=1649569055&ga_hid=634449652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=326&ady=979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474&oid=2&pvsid=2746613170817092&pem=698&tmod=112918895&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Vj4C3rwRuM&p=http%3A//mp3.couver.ru&dtd=905
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 04:51:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 10 Apr 2022 05:37:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 10 Apr 2022 05:37:34 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame B0DB 		2 KB
984 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9596761179699546&output=html&h=280&slotname=1858608786&adk=2621592769&adf=3394360734&pi=t.ma~as.1858608786&w=948&fwrn=4&fwrnh=100&lmt=1649569055&rafmt=1&psa=0&format=948x280&url=http%3A%2F%2Fmp3.couver.ru%2F%23t%3Dorden_ogan_-_chapter_ii_(prelude)_&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1649569054326&bpp=1&bdt=347&idt=901&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C948x280&nras=1&correlator=7545364660717&frm=20&pv=1&ga_vid=814360591.1649569055&ga_sid=1649569055&ga_hid=634449652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=326&ady=979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474&oid=2&pvsid=2746613170817092&pem=698&tmod=112918895&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Vj4C3rwRuM&p=http%3A//mp3.couver.ru&dtd=905
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 05:27:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
615
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Apr 2022 05:27:19 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/ Frame B0DB 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9596761179699546&output=html&h=280&slotname=1858608786&adk=2621592769&adf=3394360734&pi=t.ma~as.1858608786&w=948&fwrn=4&fwrnh=100&lmt=1649569055&rafmt=1&psa=0&format=948x280&url=http%3A%2F%2Fmp3.couver.ru%2F%23t%3Dorden_ogan_-_chapter_ii_(prelude)_&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1649569054326&bpp=1&bdt=347&idt=901&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C948x280&nras=1&correlator=7545364660717&frm=20&pv=1&ga_vid=814360591.1649569055&ga_sid=1649569055&ga_hid=634449652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=326&ady=979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474&oid=2&pvsid=2746613170817092&pem=698&tmod=112918895&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Vj4C3rwRuM&p=http%3A//mp3.couver.ru&dtd=905
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 05:27:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
580
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8000
x-xss-protection
0
server
cafe
etag
3330746967810570135
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Apr 2022 05:27:54 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame B0DB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9596761179699546&output=html&h=280&slotname=1858608786&adk=2621592769&adf=3394360734&pi=t.ma~as.1858608786&w=948&fwrn=4&fwrnh=100&lmt=1649569055&rafmt=1&psa=0&format=948x280&url=http%3A%2F%2Fmp3.couver.ru%2F%23t%3Dorden_ogan_-_chapter_ii_(prelude)_&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1649569054326&bpp=1&bdt=347&idt=901&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C948x280&nras=1&correlator=7545364660717&frm=20&pv=1&ga_vid=814360591.1649569055&ga_sid=1649569055&ga_hid=634449652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=326&ady=979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474&oid=2&pvsid=2746613170817092&pem=698&tmod=112918895&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Vj4C3rwRuM&p=http%3A//mp3.couver.ru&dtd=905
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 05:31:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
392
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Apr 2022 05:31:02 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame B0DB 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9596761179699546&output=html&h=280&slotname=1858608786&adk=2621592769&adf=3394360734&pi=t.ma~as.1858608786&w=948&fwrn=4&fwrnh=100&lmt=1649569055&rafmt=1&psa=0&format=948x280&url=http%3A%2F%2Fmp3.couver.ru%2F%23t%3Dorden_ogan_-_chapter_ii_(prelude)_&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1649569054326&bpp=1&bdt=347&idt=901&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C948x280&nras=1&correlator=7545364660717&frm=20&pv=1&ga_vid=814360591.1649569055&ga_sid=1649569055&ga_hid=634449652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=326&ady=979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474&oid=2&pvsid=2746613170817092&pem=698&tmod=112918895&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Vj4C3rwRuM&p=http%3A//mp3.couver.ru&dtd=905
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 05:26:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
668
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Apr 2022 05:26:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B0DB 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9596761179699546&output=html&h=280&slotname=1858608786&adk=2621592769&adf=3394360734&pi=t.ma~as.1858608786&w=948&fwrn=4&fwrnh=100&lmt=1649569055&rafmt=1&psa=0&format=948x280&url=http%3A%2F%2Fmp3.couver.ru%2F%23t%3Dorden_ogan_-_chapter_ii_(prelude)_&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1649569054326&bpp=1&bdt=347&idt=901&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C948x280&nras=1&correlator=7545364660717&frm=20&pv=1&ga_vid=814360591.1649569055&ga_sid=1649569055&ga_hid=634449652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=326&ady=979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474&oid=2&pvsid=2746613170817092&pem=698&tmod=112918895&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Vj4C3rwRuM&p=http%3A//mp3.couver.ru&dtd=905
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 05:37:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36932
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649247338736001"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 10 Apr 2022 05:37:34 GMT
63f6484ee989c3eda25e621c99817b87.js
www.gstatic.com/mysidia/ Frame B0DB 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/63f6484ee989c3eda25e621c99817b87.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9596761179699546&output=html&h=280&slotname=1858608786&adk=2621592769&adf=3394360734&pi=t.ma~as.1858608786&w=948&fwrn=4&fwrnh=100&lmt=1649569055&rafmt=1&psa=0&format=948x280&url=http%3A%2F%2Fmp3.couver.ru%2F%23t%3Dorden_ogan_-_chapter_ii_(prelude)_&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1649569054326&bpp=1&bdt=347&idt=901&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C948x280&nras=1&correlator=7545364660717&frm=20&pv=1&ga_vid=814360591.1649569055&ga_sid=1649569055&ga_hid=634449652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=326&ady=979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474&oid=2&pvsid=2746613170817092&pem=698&tmod=112918895&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Vj4C3rwRuM&p=http%3A//mp3.couver.ru&dtd=905
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a720f8796831a3b027a81207b8a12aa740a58873e0eb6680c72b8ca90483cd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 08:30:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
335222
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11974
x-xss-protection
0
last-modified
Tue, 05 Apr 2022 23:59:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 05 Jul 2022 08:30:32 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame B0DB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CNVs-HW1SYo2WOoTO3gPZyrXgCOHmnohp5Z_R0p8P2dkeEAEg5oH-ImCV4pCCoAegAc_I-vwDyAEJqQKYSJQ8PD-yPqgDAcgDywSqBOgBT9AwPGpVIvMxzk7OL7l_qDI5YbqUhE_8tdM2G6JX4nUZqU0Zj5BdMZxVw8vQ5vuE9367GtSI7bNAisH5lfhNlrw3jk0pvlqDukyZFSRrSYicHd2MOmOibCn0mfABr53lcaOZJ6cY7ON8dWvbH_Mh_ipHUl6l2Snjn_JluWqQAUXdjxBHuXCNvb8OAz4tB7dXw2zYBPuT949AI3uWD2fle_cxG7Wb3R7JuePBcaoKWN_tilg45HA-DReUbdca98Dn5qhTI7lPaqGuis5SEEuktvFI2BAIPx8beV449qpXr3Ah3_IqiloHJMAEuKe077oCkgUECAQYAZIFBAgFGASgBi6AB7nkl5gBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwUQ65T5AdIICQiA4YAQEAEYH4AKAcgLAbgTiCfYEwzQFQGAFwGyFxwKGggAEhRwdWItOTU5Njc2MTE3OTY5OTU0NhgA&sigh=YnmJw8CmwtM&uach_m=[UACH]&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9596761179699546&output=html&h=280&slotname=1858608786&adk=2621592769&adf=3394360734&pi=t.ma~as.1858608786&w=948&fwrn=4&fwrnh=100&lmt=1649569055&rafmt=1&psa=0&format=948x280&url=http%3A%2F%2Fmp3.couver.ru%2F%23t%3Dorden_ogan_-_chapter_ii_(prelude)_&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1649569054326&bpp=1&bdt=347&idt=901&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C948x280&nras=1&correlator=7545364660717&frm=20&pv=1&ga_vid=814360591.1649569055&ga_sid=1649569055&ga_hid=634449652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=326&ady=979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474&oid=2&pvsid=2746613170817092&pem=698&tmod=112918895&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Vj4C3rwRuM&p=http%3A//mp3.couver.ru&dtd=905
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9596761179699546&output=html&h=280&slotname=1858608786&adk=2621592769&adf=3394360734&pi=t.ma~as.1858608786&w=948&fwrn=4&fwrnh=100&lmt=1649569055&rafmt=1&psa=0&format=948x280&url=http%3A%2F%2Fmp3.couver.ru%2F%23t%3Dorden_ogan_-_chapter_ii_(prelude)_&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1649569054326&bpp=1&bdt=347&idt=901&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C948x280&nras=1&correlator=7545364660717&frm=20&pv=1&ga_vid=814360591.1649569055&ga_sid=1649569055&ga_hid=634449652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=326&ady=979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474&oid=2&pvsid=2746613170817092&pem=698&tmod=112918895&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Vj4C3rwRuM&p=http%3A//mp3.couver.ru&dtd=905
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 10 Apr 2022 05:37:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 10 Apr 2022 05:37:34 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/8532486026134658350/ Frame B0DB 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8532486026134658350/downsize_200k_v1?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9596761179699546&output=html&h=280&slotname=1858608786&adk=2621592769&adf=3394360734&pi=t.ma~as.1858608786&w=948&fwrn=4&fwrnh=100&lmt=1649569055&rafmt=1&psa=0&format=948x280&url=http%3A%2F%2Fmp3.couver.ru%2F%23t%3Dorden_ogan_-_chapter_ii_(prelude)_&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1649569054326&bpp=1&bdt=347&idt=901&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C948x280&nras=1&correlator=7545364660717&frm=20&pv=1&ga_vid=814360591.1649569055&ga_sid=1649569055&ga_hid=634449652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=326&ady=979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474&oid=2&pvsid=2746613170817092&pem=698&tmod=112918895&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Vj4C3rwRuM&p=http%3A//mp3.couver.ru&dtd=905
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
955daf21cd9d1ab86353d79f71f29cba4403c8f2daa45e2f9bcbeef282653bfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 23:10:08 GMT
x-content-type-options
nosniff
age
455246
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6360
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 12:59:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 04 Apr 2023 23:10:08 GMT
truncated
/ Frame B0DB 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame B0DB 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame B0DB 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
55759d409064dfe36163d54ad814850c642d172d5fcd9506d8e8c46dafd4181a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
583c04eba622323b1bc7d6fda2f57e1e.js
www.gstatic.com/mysidia/ Frame C05F 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/583c04eba622323b1bc7d6fda2f57e1e.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9596761179699546&output=html&h=280&slotname=2250780395&adk=282559597&adf=2356487172&pi=t.ma~as.2250780395&w=948&fwrn=4&fwrnh=100&lmt=1649569055&rafmt=1&psa=0&format=948x280&url=http%3A%2F%2Fmp3.couver.ru%2F%23t%3Dorden_ogan_-_chapter_ii_(prelude)_&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1649569054323&bpp=3&bdt=344&idt=894&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7545364660717&frm=20&pv=1&ga_vid=814360591.1649569055&ga_sid=1649569055&ga_hid=634449652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=326&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474&oid=2&pvsid=2746613170817092&pem=698&tmod=112918895&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jRRNDWAOCa&p=http%3A//mp3.couver.ru&dtd=899
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 10:20:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
155846
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3720
x-xss-protection
0
last-modified
Wed, 30 Mar 2022 08:22:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 07 Jul 2022 10:20:08 GMT
d153763d065fc486a30a5318c8635961.js
www.gstatic.com/mysidia/ Frame C05F 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/d153763d065fc486a30a5318c8635961.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9596761179699546&output=html&h=280&slotname=2250780395&adk=282559597&adf=2356487172&pi=t.ma~as.2250780395&w=948&fwrn=4&fwrnh=100&lmt=1649569055&rafmt=1&psa=0&format=948x280&url=http%3A%2F%2Fmp3.couver.ru%2F%23t%3Dorden_ogan_-_chapter_ii_(prelude)_&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1649569054323&bpp=3&bdt=344&idt=894&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7545364660717&frm=20&pv=1&ga_vid=814360591.1649569055&ga_sid=1649569055&ga_hid=634449652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=326&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474&oid=2&pvsid=2746613170817092&pem=698&tmod=112918895&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jRRNDWAOCa&p=http%3A//mp3.couver.ru&dtd=899
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae3a15a3e9733515bb33d29c4820b33c0bcaf30a522fd034ea68d104939901d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 14:36:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
486089
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3697
x-xss-protection
0
last-modified
Wed, 30 Mar 2022 08:22:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 03 Jul 2022 14:36:05 GMT
css
fonts.googleapis.com/ Frame C05F 		8 KB
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9596761179699546&output=html&h=280&slotname=2250780395&adk=282559597&adf=2356487172&pi=t.ma~as.2250780395&w=948&fwrn=4&fwrnh=100&lmt=1649569055&rafmt=1&psa=0&format=948x280&url=http%3A%2F%2Fmp3.couver.ru%2F%23t%3Dorden_ogan_-_chapter_ii_(prelude)_&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1649569054323&bpp=3&bdt=344&idt=894&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7545364660717&frm=20&pv=1&ga_vid=814360591.1649569055&ga_sid=1649569055&ga_hid=634449652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=326&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474&oid=2&pvsid=2746613170817092&pem=698&tmod=112918895&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jRRNDWAOCa&p=http%3A//mp3.couver.ru&dtd=899
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 05:00:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 10 Apr 2022 05:37:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 10 Apr 2022 05:37:34 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame C05F 		2 KB
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9596761179699546&output=html&h=280&slotname=2250780395&adk=282559597&adf=2356487172&pi=t.ma~as.2250780395&w=948&fwrn=4&fwrnh=100&lmt=1649569055&rafmt=1&psa=0&format=948x280&url=http%3A%2F%2Fmp3.couver.ru%2F%23t%3Dorden_ogan_-_chapter_ii_(prelude)_&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1649569054323&bpp=3&bdt=344&idt=894&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7545364660717&frm=20&pv=1&ga_vid=814360591.1649569055&ga_sid=1649569055&ga_hid=634449652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=326&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474&oid=2&pvsid=2746613170817092&pem=698&tmod=112918895&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jRRNDWAOCa&p=http%3A//mp3.couver.ru&dtd=899
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 05:27:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
615
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Apr 2022 05:27:19 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/ Frame C05F 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9596761179699546&output=html&h=280&slotname=2250780395&adk=282559597&adf=2356487172&pi=t.ma~as.2250780395&w=948&fwrn=4&fwrnh=100&lmt=1649569055&rafmt=1&psa=0&format=948x280&url=http%3A%2F%2Fmp3.couver.ru%2F%23t%3Dorden_ogan_-_chapter_ii_(prelude)_&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1649569054323&bpp=3&bdt=344&idt=894&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7545364660717&frm=20&pv=1&ga_vid=814360591.1649569055&ga_sid=1649569055&ga_hid=634449652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=326&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474&oid=2&pvsid=2746613170817092&pem=698&tmod=112918895&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jRRNDWAOCa&p=http%3A//mp3.couver.ru&dtd=899
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 05:27:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
580
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8000
x-xss-protection
0
server
cafe
etag
3330746967810570135
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Apr 2022 05:27:54 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame C05F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9596761179699546&output=html&h=280&slotname=2250780395&adk=282559597&adf=2356487172&pi=t.ma~as.2250780395&w=948&fwrn=4&fwrnh=100&lmt=1649569055&rafmt=1&psa=0&format=948x280&url=http%3A%2F%2Fmp3.couver.ru%2F%23t%3Dorden_ogan_-_chapter_ii_(prelude)_&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1649569054323&bpp=3&bdt=344&idt=894&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7545364660717&frm=20&pv=1&ga_vid=814360591.1649569055&ga_sid=1649569055&ga_hid=634449652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=326&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474&oid=2&pvsid=2746613170817092&pem=698&tmod=112918895&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jRRNDWAOCa&p=http%3A//mp3.couver.ru&dtd=899
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 05:31:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
392
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Apr 2022 05:31:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C05F 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9596761179699546&output=html&h=280&slotname=2250780395&adk=282559597&adf=2356487172&pi=t.ma~as.2250780395&w=948&fwrn=4&fwrnh=100&lmt=1649569055&rafmt=1&psa=0&format=948x280&url=http%3A%2F%2Fmp3.couver.ru%2F%23t%3Dorden_ogan_-_chapter_ii_(prelude)_&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1649569054323&bpp=3&bdt=344&idt=894&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7545364660717&frm=20&pv=1&ga_vid=814360591.1649569055&ga_sid=1649569055&ga_hid=634449652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=326&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474&oid=2&pvsid=2746613170817092&pem=698&tmod=112918895&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jRRNDWAOCa&p=http%3A//mp3.couver.ru&dtd=899
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 05:37:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36932
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649247338736001"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 10 Apr 2022 05:37:34 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame C05F 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9596761179699546&output=html&h=280&slotname=2250780395&adk=282559597&adf=2356487172&pi=t.ma~as.2250780395&w=948&fwrn=4&fwrnh=100&lmt=1649569055&rafmt=1&psa=0&format=948x280&url=http%3A%2F%2Fmp3.couver.ru%2F%23t%3Dorden_ogan_-_chapter_ii_(prelude)_&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1649569054323&bpp=3&bdt=344&idt=894&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7545364660717&frm=20&pv=1&ga_vid=814360591.1649569055&ga_sid=1649569055&ga_hid=634449652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=326&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474&oid=2&pvsid=2746613170817092&pem=698&tmod=112918895&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jRRNDWAOCa&p=http%3A//mp3.couver.ru&dtd=899
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 05:26:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
668
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Apr 2022 05:26:26 GMT
63f6484ee989c3eda25e621c99817b87.js
www.gstatic.com/mysidia/ Frame C05F 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/63f6484ee989c3eda25e621c99817b87.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9596761179699546&output=html&h=280&slotname=2250780395&adk=282559597&adf=2356487172&pi=t.ma~as.2250780395&w=948&fwrn=4&fwrnh=100&lmt=1649569055&rafmt=1&psa=0&format=948x280&url=http%3A%2F%2Fmp3.couver.ru%2F%23t%3Dorden_ogan_-_chapter_ii_(prelude)_&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1649569054323&bpp=3&bdt=344&idt=894&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7545364660717&frm=20&pv=1&ga_vid=814360591.1649569055&ga_sid=1649569055&ga_hid=634449652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=326&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474&oid=2&pvsid=2746613170817092&pem=698&tmod=112918895&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jRRNDWAOCa&p=http%3A//mp3.couver.ru&dtd=899
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a720f8796831a3b027a81207b8a12aa740a58873e0eb6680c72b8ca90483cd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 08:30:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
335222
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11974
x-xss-protection
0
last-modified
Tue, 05 Apr 2022 23:59:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 05 Jul 2022 08:30:32 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame B0DB 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 22:47:37 GMT
x-content-type-options
nosniff
age
370197
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28328
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 21:57:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Apr 2023 22:47:37 GMT
6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js
pagead2.googlesyndication.com/bg/ Frame A744 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9596761179699546&output=html&h=280&slotname=1858608786&adk=2621592769&adf=3394360734&pi=t.ma~as.1858608786&w=948&fwrn=4&fwrnh=100&lmt=1649569055&rafmt=1&psa=0&format=948x280&url=http%3A%2F%2Fmp3.couver.ru%2F%23t%3Dorden_ogan_-_chapter_ii_(prelude)_&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1649569054326&bpp=1&bdt=347&idt=901&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C948x280&nras=1&correlator=7545364660717&frm=20&pv=1&ga_vid=814360591.1649569055&ga_sid=1649569055&ga_hid=634449652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=326&ady=979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474&oid=2&pvsid=2746613170817092&pem=698&tmod=112918895&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Vj4C3rwRuM&p=http%3A//mp3.couver.ru&dtd=905
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e831842d5c91b2d38de0b98f14031e00e3f56da5b74ea49d5823b9c726f7bbdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 13:15:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
58942
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13643
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 09 Apr 2023 13:15:12 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame C05F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CGohCHW1SYsDOObaLjuwP48-3oAP_msaWaZyjuYXnD4bztK6-KhABIOaB_iJgleKQgqAHoAH_24rIA8gBAagDAcgDywSqBOIBT9DWu9Jm961wFftGDuCFuGIULGHKy95EjivfZI3Ftz8Q0xPk6syHONANj_wjjblDdoSEWxVDSjbADPQi82AA-3fVVNbFf0N3DIs37Z9CA9zcewAP9dFkZpGViH9kVsm2OtabE1wQQ0u41I7KsxEHqX6BUB9Tsfg_GzMrMY1lfb9CCRWmUNxODx1fqKEBcLkzrzKxuAFn09CqHXzT9h4ifMQi-DKfz9dI9LmkQJx_FFzkgGGfwkokiQo_Q2wYbpF-KjfvBE-HhGVwZO4P702L0ilp7klWmJh6IwHbsSEDv90WqcAEyYrGmbMDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB_DurKICqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwUQyOqHAdIICQiA4YAQEAEYH4AKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi05NTk2NzYxMTc5Njk5NTQ2GAA&sigh=znpxvgQpMNk&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9596761179699546&output=html&h=280&slotname=2250780395&adk=282559597&adf=2356487172&pi=t.ma~as.2250780395&w=948&fwrn=4&fwrnh=100&lmt=1649569055&rafmt=1&psa=0&format=948x280&url=http%3A%2F%2Fmp3.couver.ru%2F%23t%3Dorden_ogan_-_chapter_ii_(prelude)_&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1649569054323&bpp=3&bdt=344&idt=894&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7545364660717&frm=20&pv=1&ga_vid=814360591.1649569055&ga_sid=1649569055&ga_hid=634449652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=326&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474&oid=2&pvsid=2746613170817092&pem=698&tmod=112918895&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jRRNDWAOCa&p=http%3A//mp3.couver.ru&dtd=899
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9596761179699546&output=html&h=280&slotname=2250780395&adk=282559597&adf=2356487172&pi=t.ma~as.2250780395&w=948&fwrn=4&fwrnh=100&lmt=1649569055&rafmt=1&psa=0&format=948x280&url=http%3A%2F%2Fmp3.couver.ru%2F%23t%3Dorden_ogan_-_chapter_ii_(prelude)_&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1649569054323&bpp=3&bdt=344&idt=894&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7545364660717&frm=20&pv=1&ga_vid=814360591.1649569055&ga_sid=1649569055&ga_hid=634449652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=326&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474&oid=2&pvsid=2746613170817092&pem=698&tmod=112918895&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jRRNDWAOCa&p=http%3A//mp3.couver.ru&dtd=899
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 10 Apr 2022 05:37:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame A66D 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9596761179699546&output=html&h=280&slotname=2250780395&adk=282559597&adf=2356487172&pi=t.ma~as.2250780395&w=948&fwrn=4&fwrnh=100&lmt=1649569055&rafmt=1&psa=0&format=948x280&url=http%3A%2F%2Fmp3.couver.ru%2F%23t%3Dorden_ogan_-_chapter_ii_(prelude)_&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1649569054323&bpp=3&bdt=344&idt=894&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7545364660717&frm=20&pv=1&ga_vid=814360591.1649569055&ga_sid=1649569055&ga_hid=634449652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=326&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474&oid=2&pvsid=2746613170817092&pem=698&tmod=112918895&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jRRNDWAOCa&p=http%3A//mp3.couver.ru&dtd=899
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9596761179699546&output=html&h=280&slotname=2250780395&adk=282559597&adf=2356487172&pi=t.ma~as.2250780395&w=948&fwrn=4&fwrnh=100&lmt=1649569055&rafmt=1&psa=0&format=948x280&url=http%3A%2F%2Fmp3.couver.ru%2F%23t%3Dorden_ogan_-_chapter_ii_(prelude)_&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1649569054323&bpp=3&bdt=344&idt=894&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7545364660717&frm=20&pv=1&ga_vid=814360591.1649569055&ga_sid=1649569055&ga_hid=634449652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=326&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474&oid=2&pvsid=2746613170817092&pem=698&tmod=112918895&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jRRNDWAOCa&p=http%3A//mp3.couver.ru&dtd=899
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1819
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Sun, 10 Apr 2022 05:07:15 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C05F 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
00f8cd5448015dbe4fe452551440cb3333e37ead4ca81fbe1ca3a518b4eff9c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame A66D
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9596761179699546&output=html&h=280&slotname=2250780395&adk=282559597&adf=2356487172&pi=t.ma~as.2250780395&w=948&fwrn=4&fwrnh=100&lmt=1649569055&rafmt=1&psa=0&format=948x280&url=http%3A%2F%2Fmp3.couver.ru%2F%23t%3Dorden_ogan_-_chapter_ii_(prelude)_&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1649569054323&bpp=3&bdt=344&idt=894&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7545364660717&frm=20&pv=1&ga_vid=814360591.1649569055&ga_sid=1649569055&ga_hid=634449652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=326&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474&oid=2&pvsid=2746613170817092&pem=698&tmod=112918895&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jRRNDWAOCa&p=http%3A//mp3.couver.ru&dtd=899
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 10 Apr 2022 05:37:34 GMT
expires
Sun, 10 Apr 2022 05:37:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 10 Apr 2022 05:37:34 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame C05F 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 22:47:37 GMT
x-content-type-options
nosniff
age
370197
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28328
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 21:57:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Apr 2023 22:47:37 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220406&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9596761179699546&plah=mp3.couver.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00de0e1ea2ca686c8f29dba7d8fafd5e4e22622c3a6c02fe567dbd0311fb1484
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mp3.couver.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 10 Apr 2022 05:37:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10538
x-xss-protection
0
6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js
pagead2.googlesyndication.com/bg/ Frame BDEA 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9596761179699546&output=html&h=280&slotname=2250780395&adk=282559597&adf=2356487172&pi=t.ma~as.2250780395&w=948&fwrn=4&fwrnh=100&lmt=1649569055&rafmt=1&psa=0&format=948x280&url=http%3A%2F%2Fmp3.couver.ru%2F%23t%3Dorden_ogan_-_chapter_ii_(prelude)_&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1649569054323&bpp=3&bdt=344&idt=894&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7545364660717&frm=20&pv=1&ga_vid=814360591.1649569055&ga_sid=1649569055&ga_hid=634449652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=326&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474&oid=2&pvsid=2746613170817092&pem=698&tmod=112918895&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jRRNDWAOCa&p=http%3A//mp3.couver.ru&dtd=899
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e831842d5c91b2d38de0b98f14031e00e3f56da5b74ea49d5823b9c726f7bbdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 13:15:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
58942
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13643
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 09 Apr 2023 13:15:12 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9596761179699546&plah=mp3.couver.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mp3.couver.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 05:37:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 10 Apr 2022 05:37:35 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E2E2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mp3.couver.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
32232
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Apr 2022 20:40:23 GMT
expires
Sun, 09 Apr 2023 20:40:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0D2B 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ec8aebcb33de7cf9156eb21d7cea9318e40bea14acfda6042a3430d4372d3bf0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8ROwfxzfJlyqj3NL/+7qpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mp3.couver.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-8ROwfxzfJlyqj3NL/+7qpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 10 Apr 2022 05:37:35 GMT
expires
Sun, 10 Apr 2022 05:37:35 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js
pagead2.googlesyndication.com/bg/ Frame E2E2 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e831842d5c91b2d38de0b98f14031e00e3f56da5b74ea49d5823b9c726f7bbdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 13:15:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
58943
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13643
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 09 Apr 2023 13:15:12 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0D2B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220406&jk=2746613170817092&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame E2E2 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?h2AJDQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 05:37:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame B0DB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstT_x9Nuch_eoVUfPQe4qAj4l0pO1ceQLdTH4vKnh2ClYJM6EL9IRMwYiLf4FsbHXezRwnNZZAvw5VQdCz33Y0oX1OauSQcdoK_uy_hI3BhXe3115Wndg&sai=AMfl-YRj-9bVPNriDlOei5o6vJTKGTFH8iSDvw7NyZvdvKJ2OB-rxpZ5IFcmEQ8bMIVORyFYTmH40rhxxcd9&sig=Cg0ArKJSzOzPHyN3dxFWEAE&id=lidar2&mcvt=1000&p=0,0,280,948&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220406&bin=7&avms=nio&bs=0,0&mc=0.79&if=1&vu=1&app=0&itpl=22&adk=2621592769&rs=2&la=1&cr=0&vs=4&r=v&rst=1649569055232&rpt=669&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Apr 2022 05:37:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220406&jk=2746613170817092&bg=!lZalltLNAAZAkm7qYJI7ACkAdvg8WkncUdBY4P-zbClLOn0E-eEkgapypOHO8lmUMMcs-BtbF-hp-wIAAABgUgAAAAJoAQeZAp5Ss8QR8miEN8KpnbMRJWmVVMBVf6yaIeyedLLs_C_hw6IX-JRLbVulGN49Wt_TD2sCxMLbrfXHhgXJ3q3z7OUoWu8x7EdgrktyhlvXh9RE6lxvIpvl8NiGsD5W2JzkjwJ_a4JWKf02qGuV3DHV--XgOlTK8SbASweBCkfFxtWbXUivuWu3ILs2F6JNSkNq4_JSL_LiGkGiJvD054oIpYr46prK-Cw84zqOF45TTbZCHet94cBsIq6jKlmWSxjQaG-WyKDLp9JRTk7KEvDTRj1aQGdvhyx7fO9jtfAQUVlNYQpai9eAME2i3-WRb6-eW71N8AjeHD0fC__6L-qrfgK5Z8vKm1IOMpghGao7H4gAB_7NGWARfOkLHszxg4JmaT7idylx_jzF5raVUc-i7LuLllNRVViC8X1GFMXBX0MHIiqo03M128G43IzWurLoTnHL-7mPzV6oLNZCCjOaH02iS5XFCt7QDMEAQlR968s4jYHY4JE0XcNvxPYim-ENl1N4jEzBvJvCeWpYfKh1PzPP3feSysB1PlHbKwmiV9njCJQ5AsiBa7rYlLN5_8Gzpmjz1gYHbA3iQhLzKGjduDwyrEVzsv0Q7VuAA3aauPvPPaB_KiqL3uEGfZtc5KCWPcNIo6TQQpVqNreeU5hEjZedT2C_5-8FOGU5XSC5RsupzkxmorkAo1b_mkLs9UGuNlo8d8r8m68UABh4v28cVhICmrCyHBzkfeCUx1qH87J002PIjERKcC-DNGkmZVsRw6YB7Uw4WEIPZ6AnvhhcS2ei-8n_qr7QmBEzpWVPNm8xe5P01XtxfxYYRVow4KPfI_YgiwNC9pTUUc0V-NE2WVDdjbXm_Nto232kF6lr7xgRGKsSmVcyyGePIQt31ntG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mp3.couver.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Apr 2022 05:37:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C05F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNvlO10a3bIXFOtqRlRPLj1wukiHgX5HXFRFXaQ6dyS5zspSUit1sJeRxPqQ0djba8jDZxAUbcDdloE35RZO-gqhUV6Dj1r327GHFf-0uISycLGuoEcA&sai=AMfl-YS-9fuvtoIdTEguS-yMsft5iNGRy_ckNV-U4BCXAQiPeBgRqraGPdmr6tMVldWCMCoarxjQqrQIIBj7&sig=Cg0ArKJSzMU9ps0u1sn0EAE&id=lidar2&mcvt=1000&p=0,0,280,948&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220406&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=282559597&rs=2&la=1&cr=0&vs=4&r=v&rst=1649569055224&rpt=1010&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Apr 2022 05:37:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| structuredClone object| oncontextlost object| oncontextrestored function| $ function| jQuery function| _ object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
.yadro.ru/ Name: FTID
Value: 1YKcqi17Sr8I1YKcqi001OdS
.couver.ru/ Name: __gads
Value: ID=b38373125116690e-2284397c73cd00f5:T=1649569053:RT=1649569053:S=ALNI_Mbz5snCAqIOJkRqsi7BykZpBSNTbw
.yadro.ru/ Name: VID
Value: 0Qb_0F08W0uI1YKcqi001CwE
.doubleclick.net/ Name: IDE
Value: AHWqTUlLyxPANrpz6sMB680sFNGTrlo28uBS4cJQt3VlELo3SR17oR6VJfhdgIMsR1A
.doubleclick.net/ Name: DSID
Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdnjs.cloudflare.com
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mp3.couver.ru
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.186.162
2606:4700::6811:180e
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2001
45.133.245.59
88.212.201.198
00de0e1ea2ca686c8f29dba7d8fafd5e4e22622c3a6c02fe567dbd0311fb1484
00f8cd5448015dbe4fe452551440cb3333e37ead4ca81fbe1ca3a518b4eff9c3
024d28c8b632da41433608deb666dd4aafce540e623b7b7dd5874384a022b59b
05410fbe1192a21525520421f6ddce4a065a94658a42146ae707a814926fa77d
0a7392b19736b410631509eed55f27418f00215a566d4f060132992407831d1f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b0476eb6fba5462b8a4138835abcc1ac9f44ac501b95278f67ee8bd6ab88fbe
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5
30cb41b3cc202aedfecc5248b48363c03006d97f03847c9b8342bee86575c65c
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
41fa7e8ffbcaa5ce69d951687de0cb45b8e98ea9473635a75615cf49d3b2ff1c
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4b328e42c558197d5b99d7727cfcc60bac9763fad660651230e8baf93f6067ed
55759d409064dfe36163d54ad814850c642d172d5fcd9506d8e8c46dafd4181a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
574a0f739bcf87ca8612f9964c18ed39f07faa2f5d56aef9500ad74e908c1748
59e4ed3dc4806eac7784e00cd6a05811521d037ec7191f2eb7e603621a21552d
602b8b86ac66002f36b471649d90e44e3eafe78260bb7518b48e0238158efacb
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
71e2b762bff70bfaf9561b5aec2b73649101af248300bd562212e92422947af8
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7a720f8796831a3b027a81207b8a12aa740a58873e0eb6680c72b8ca90483cd2
7ffd1fd9f5a21343c723d419f4e0349d4837b1a2b75a42ca1a4c60a3f46d0f14
88d7e078bc848e5c163391b8f6b946f21c062b79e6e9d1c6545676b072d170c2
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
955daf21cd9d1ab86353d79f71f29cba4403c8f2daa45e2f9bcbeef282653bfc
98cacd6c50abc45e5c59a911fc08060dde36f0fe7f096a98964807a848abcaac
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
a92f2b3edb0d9f5e017eaf110749e21ce9aea2121cc492145837afd222a8416e
ac4685cd0c802a0b54dfcffe3968e32533a603e21dd02caea1b9b88481cecef1
ad82d09f2c7ec5bf4f13d4b0a311a450868af87019a41d5fdaee26b0f6cdcf59
ae3a15a3e9733515bb33d29c4820b33c0bcaf30a522fd034ea68d104939901d3
b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61
bd78b1d80a593a1425d9511f8edec737bc5d4052fc763e9254cf90f0220d2be8
cef155a7cdbab22094bb173629945d96400bccb65635bec56899bd2b5991c56d
d2c956d09a44ab87c163dcb83720c402440a747735cf19c690c5af648c4eb511
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d91549f7b7cd4e97e20432e01a4d0148eacb7e807fe8ad42d8922644c8a56a99
da3307e24b436e313453030c5374e876ff5ea0cd66c8d34b658f1c2089511b71
e0c254788ad36f95d44c1786c590263e89ea3976fcbc9ae7c82c52493b254391
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e831842d5c91b2d38de0b98f14031e00e3f56da5b74ea49d5823b9c726f7bbdb
ec8aebcb33de7cf9156eb21d7cea9318e40bea14acfda6042a3430d4372d3bf0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629