exeo.app Open in urlscan Pro
2606:4700:20::681a:9e9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3VXRsuf
Effective URL:
https://exeo.app/zr97uXcJ
Submission: On January 18 via manual (January 18th 2023, 3:24:11 pm UTC) from IT — Scanned from IT

Summary HTTP 129 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 38 IPs in 7 countries across 35 domains to perform 129 HTTP transactions. The main IP is 2606:4700:20::681a:9e9, located in United States and belongs to CLOUDFLARENET, US. The main domain is exeo.app. The Cisco Umbrella rank of the primary domain is 351490.
TLS certificate: Issued by E1 on November 22nd 2022. Valid for: 3 months.

This is the only time exeo.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:20:... 2606:4700:20::681a:9e9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	172.255.6.120 172.255.6.120	7979 (SERVERS-COM) (SERVERS-COM)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
18	2606:4700::68... 2606:4700::6810:8516	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	188.114.97.12 188.114.97.12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	18.66.15.23 18.66.15.23	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
4	104.21.3.16 104.21.3.16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 4	2a00:1450:400... 2a00:1450:400d:808::200d	15169 (GOOGLE) (GOOGLE)
1	139.45.195.253 139.45.195.253	9002 (RETN-AS) (RETN-AS)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2600:9000:224... 2600:9000:2248:c200:1c:3221:2bc0:21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:806::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
7	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:80a::2001	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 6	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	135.125.160.77 135.125.160.77	16276 (OVH) (OVH)
3 3	52.57.155.9 52.57.155.9	16509 (AMAZON-02) (AMAZON-02)
2 2	34.245.154.233 34.245.154.233	16509 (AMAZON-02) (AMAZON-02)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	3.74.100.208 3.74.100.208	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:808::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.67.134.223 23.67.134.223	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.210.247.152 52.210.247.152	16509 (AMAZON-02) (AMAZON-02)
129	38

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

exe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:9e9 (United States)

ASN13335 (CLOUDFLARENET, US)

exeo.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.255.6.120 (Netherlands)

ASN7979 (SERVERS-COM, US)

qj.wimplesbooklet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdntechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.114.97.12 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

pogothere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.66.15.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-23.vie50.r.cloudfront.net

habitofstic.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.21.3.16 (None, )

ASN13335 (CLOUDFLARENET, US)

motorwardso.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:808::200d (Ireland) 2 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.253 (United Kingdom)

ASN9002 (RETN-AS, GB)

datatechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2248:c200:1c:3221:2bc0:21 (United States)

ASN16509 (AMAZON-02, US)

d4eqyxjqusvjj.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::2001 (Ireland)

ASN15169 (GOOGLE, US)

2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80a::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80a::2001 (Ireland)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 135.125.160.77 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns3195934.ip-135-125-160.eu

c.eu1.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.57.155.9 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-155-9.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.245.154.233 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-245-154-233.eu-west-1.compute.amazonaws.com

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.74.100.208 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-100-208.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.67.134.223 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-67-134-223.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.247.152 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-247-152.eu-west-1.compute.amazonaws.com

ti.tradetracker.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	googlesyndication.com 2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 156	63 KB
18	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 cm.g.doubleclick.net — Cisco Umbrella Rank: 216 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	216 KB
18	demand.supply live.demand.supply — Cisco Umbrella Rank: 34226 api.demand.supply — Cisco Umbrella Rank: 74219	36 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 28836 ad4m.at — Cisco Umbrella Rank: 9591 assets.ad4m.at — Cisco Umbrella Rank: 37206	373 KB
9	google.com 3 redirects accounts.google.com — Cisco Umbrella Rank: 73 adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	3 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 387	110 KB
5	habitofstic.xyz habitofstic.xyz	6 KB
5	exeo.app exeo.app — Cisco Umbrella Rank: 351490	215 KB
4	motorwardso.com.ua motorwardso.com.ua	1 KB
4	pogothere.xyz pogothere.xyz — Cisco Umbrella Rank: 27232	202 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 276	2 KB
3	cloudfront.net d4eqyxjqusvjj.cloudfront.net	2 KB
2	awin1.com www.awin1.com — Cisco Umbrella Rank: 15193	1 KB
2	avct.cloud 2 redirects ads.avct.cloud — Cisco Umbrella Rank: 3289	890 B
2	dyntrk.com 2 redirects c.eu1.dyntrk.com — Cisco Umbrella Rank: 4469	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 721 r.turn.com — Cisco Umbrella Rank: 3102	869 B
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 82915 static-de.ad4mat.net — Cisco Umbrella Rank: 115742	4 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 938 id5-sync.com — Cisco Umbrella Rank: 393	17 KB
2	google.it adservice.google.it — Cisco Umbrella Rank: 43510	957 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 22	20 KB
2	gstatic.com fonts.gstatic.com	72 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
2	exe.io 1 redirects exe.io — Cisco Umbrella Rank: 327616	12 KB
1	tradetracker.net ti.tradetracker.net — Cisco Umbrella Rank: 103728	510 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 507	35 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1592	351 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 11998	553 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 554	537 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185 Failed	49 KB
1	datatechone.com datatechone.com — Cisco Umbrella Rank: 45288	461 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 114
1	cdntechone.com cdntechone.com — Cisco Umbrella Rank: 68643	6 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	44 KB
1	wimplesbooklet.com qj.wimplesbooklet.com — Cisco Umbrella Rank: 724691	1 KB
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 5116	227 B
129	35

	Domain	Requested by
17	live.demand.supply	exeo.app live.demand.supply client
11	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net exeo.app
10	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com www.googletagservices.com
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com exeo.app
6	assets.ad4m.at	as.ad4m.at
6	cm.g.doubleclick.net	1 redirects 2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	habitofstic.xyz	exeo.app
5	exeo.app	exeo.app
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com as.ad4m.at ad4m.at
4	accounts.google.com	2 redirects exeo.app
4	motorwardso.com.ua	exeo.app
4	pogothere.xyz	exeo.app
3	x.bidswitch.net	3 redirects
3	www.google.com	1 redirects tpc.googlesyndication.com exeo.app
3	d4eqyxjqusvjj.cloudfront.net	habitofstic.xyz
2	www.awin1.com	as.ad4m.at
2	ads.avct.cloud	2 redirects
2	c.eu1.dyntrk.com	2 redirects
2	2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.it	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	exeo.app securepubads.g.doubleclick.net
2	exe.io	1 redirects exeo.app
1	ti.tradetracker.net	as.ad4m.at
1	googleads.g.doubleclick.net	exeo.app
1	static-de.ad4mat.net	as.ad4m.at
1	match.sharethrough.com	2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com
1	rtb.openx.net	2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com
1	ads.travelaudience.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	r.turn.com	2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com
1	ad.turn.com	1 redirects
1	prod-rtb.ad4mat.net	exeo.app
1	id5-sync.com	cdn.id5-sync.com
1	www.googletagservices.com	securepubads.g.doubleclick.net 2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	api.demand.supply	live.demand.supply
1	datatechone.com	cdntechone.com
1	www.facebook.com	exeo.app
1	cdntechone.com	exeo.app
1	www.googletagmanager.com	exeo.app
1	qj.wimplesbooklet.com	exeo.app
1	bit.ly	1 redirects
129	47

This site contains links to these domains. Also see Links.

Domain
exe.io
sulvo.com

Subject Issuer	Validity	Valid
*.exeo.app E1	`2022-11-22` - `2023-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
exe.io Cloudflare Inc ECC CA-3	`2022-03-23` - `2023-03-23`	a year	crt.sh
qj.wimplesbooklet.com R3	`2022-12-02` - `2023-03-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2022-03-21` - `2023-03-21`	a year	crt.sh
*.cdntechone.com E1	`2022-11-23` - `2023-02-21`	3 months	crt.sh
*.pogothere.xyz E1	`2022-12-31` - `2023-03-31`	3 months	crt.sh
habitofstic.xyz Amazon RSA 2048 M02	`2023-01-16` - `2024-02-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.motorwardso.com.ua E1	`2023-01-05` - `2023-04-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-27` - `2023-01-25`	3 months	crt.sh
datatechone.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-18` - `2023-12-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.google.it GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-12-13` - `2023-03-13`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
www.awin1.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-18` - `2023-04-19`	a year	crt.sh
*.tradetracker.net Amazon	`2022-10-20` - `2023-11-17`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://exeo.app/zr97uXcJ
Frame ID: 4B9421042BDA971E970F8D6205722228
Requests: 65 HTTP requests in this frame

Frame: https://habitofstic.xyz/bVV0dWkMNxcYVgxoFlMcHzlJUFsrcEYzDVkwBQwRByQBBh8HP1oWBQIgEBMbAjsAWwcIIVFHLzkwGCM+Dy8lLyYHMj42HlltORkgIAYzEQM1BDYWORQANSIOHTowMVgAGRkCASwSLTshFBg4EAUaPTg0GicGGjhfKTkbEQglFD8iAQE6LkUFOx0eERs6LT06Izk+MTY7OGEkNFwLEic4XiwQEBYgKTEnIjs4IyQCJzQSRzcCJgQyIDM1GxA3LyQ8JAIvPBMnPAU+Mi4+JhQfPzcCHT4uHiwoDUYsPD4yLj4gB202NAJYIi4mWT8GMyAcOgQ2IQoqeCYTPzw6GDoOHRE8DwpUFx83DzctNhQrXWRDLz8GBycyP0hnNjcvGho7MRkmFx4ZHjcTTSwsF2EOJg43HjkfJCANDCNRDmREMC45ZR80LwYzFzI4HRchBRoIE0wUPV8TGiIRHRstLScJFzUeWSAUQTIsXhcfPjgrHy0bAQ4UGAIODGRAUwMeOhoFVDcHJiFQGjomAiMYMTo
Frame ID: 31E27F149A91EC4CD000FB02EFD8110A
Requests: 2 HTTP requests in this frame

Frame: https://habitofstic.xyz/eld3anEbNRQHThtqFUwECDtKT0M8ckUsFU4yBhMJECYCGQcQPVkJHRUiEwwDFTkDRB8fI1JYNxkaGho4L2dCODMpDkYJJCMTOy1ESBQbJEkbORg/MD4kTyM0MA88AgIwBSYjSDEuNQMmKB4wCzQjBjstRF9lNSwwIycnORoqAzRaSDYGTggTEB4GPzcebxM+ATkVJCQEMwFPKzouMAM4MBk5Pi0ZMhREP1RIFT4/Fj4dM1IHPGYQJSsXFjQ+Qgo9LQEkPh0dCRkoBRseKCJiFCIcSz8RDT8bDRokAzsEHx4oImIxKwggOxICFSAUGTBJOz89T0M4DUUJKS0fWg0IKjw+LT0pBgU/MD8/PVgCOxs/WxYfBQ8wFxQNTysaMz04EAEcFRpbGT4FEzMUPm8ZPSBDIy4yRCwTDhlFMwUDOhQXGgM9GR05JwMCIgA2XxgcMAMvFDJmQCgdDm8RMho9A0QaGyoBOic6KRIZLEAdGC0EQTwFPx4dGxITMhQrcR0ZHhQnSgg5PSAfHwkUB0QwJA
Frame ID: C0677BB98FB7799A7C250ECC68D382E9
Requests: 2 HTTP requests in this frame

Frame: https://habitofstic.xyz/UmQ3Rm0zBlQrUjNZVWAYIAgKY18UQQUACWYBRj8VOBVCNRs4DhklAT0RUyAfPQpDaAM3EBJ0KzczWyIvA1RYcyIRXFsiPmZBBQQnClFOJAAAHlMeGWo0Yw8eGCdHNyM1IWMPBWYdeXUaazRfCAECDXY8CxoqRAgHCxJ9DglqKV5+CjZWQz4kEQdYHF8cCnkvGTwrXnJYGx5ucSQVPgMOKhgSVHRUPT4FLV0bHmY8ITg1AiBfBBx7Elh3VnEcNRQdUig/PD5/ByQ0VmE+IxEpBx81BAlSFAUrBwQLFDAjeSk3PAxGCAcXHn0sVTUudAMFHx15LQ4DHEEcJX8+QyM6Kh1UdSM7KWN+XB4NbWNfFD5mDAA3I1hxJhEDQSBfBBx9BVVnNHRzHDBWXygkOxcDCDk9D20oCjE+WQBbCCNHcwkaAAAkAz5WU3RUPT5NDwQeIEQqJhU+Aw4qGB1TAT8iPWAlXzZWRGAHIQtZNlAlJm4+JCEQASEEAA
Frame ID: 391703A47C2FAF1EC48274C680C49498
Requests: 2 HTTP requests in this frame

Frame: https://exeo.app/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1674043200
Frame ID: E68C40ED57ED7B151ED90DD654B817E9
Requests: 3 HTTP requests in this frame

Frame: https://2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7ADD7E8186DF90F94C9A97E511E556B6
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu152_pVYC3t6pWOv_tbMuOyd1OsXi85gMsO_KFO7AtQBPSbAVskka_eWdGz38jaKnRIDaTUYjdllc_aG-V6FyJRAGqpIZRtocNswFgIOm2ANHMw2gVjKrcOZXKUzVwPl2CSMxnwx7ghVKPlSXeArOwSj8d-GOguhUG2MDaNh5aO7gqeyuvWJEpkWS7L3cdBmyrKIHEEcAfvGTtrClvjH6lJMWJg86QWN62q7usHEX29BonfyflhCZ6gjjGYxBkB1RvhAa5XW6xJDzbNEt7vCevvfItCRgW5TQvpAvP2tJHLyZElgzK4fLovGa4vetgfEj_bsovHcVkVC3c_1zAWBGDGe-MJSEk9a1vSUwmwUVC79Jt83bQNCrpQdcAz0lDqQ&sai=AMfl-YQ8WwdSQuRwlANrmuqtAVEOWbbJhn2dbQ2St4uu8l6ciS47aY4ySJpdhliGQXXhIYMbUh8oRfbXdAHg4wSWm8XFhs2ylP1ofRnFrKOCYQkcSYWbDfIm8W0IaZt3dN3QHSzC2fl_LsvSUJgQFthrem8&sig=Cg0ArKJSzLiA0c6k4DGYEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: CB65FEB5991B7D3DFD70817A0BA6DA06
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssm0EVbN5TiM3G8kKONgk9sdijU553eWviYLLBu15MFFAByjJaCYNXLlXWxo-Y5omzJoDTgk4Fy7GGeHuPamxC8XUvpSQWdz6LWjDv8FwxqX-fncf75lYtGLPJRdn0_JY525GtisRxj0aWBN7DAVR93jaU18Rg7PGIF2OvRoau330D1hoSNiJzlGIMFgZX4EfZ-mBFfocB9ztkZjfc8B2Vlb8EajB29M3cVX0JUZwJ_l-glJsjfd74c4DWM3a6uR8odWhihX_sPrHhBOMSiCYsoZIijmP7V7hjtCBl0GnSAKh8iOqtNsbDhfqet6BMH0saewJIFpfILC3q1s-fg7MpO_FlBAPJhNHdFg3NxSeCPHs3gdoliUxPMoQFRhD3ChEM&sai=AMfl-YQ3LrvchbKEyMZKi40pEqfhWxUGgGuKc28uj5lZ2MRammXdh_mMAEJYsxqT0iV88Fqbgn9ePLc_SVWkd4Bzaa1SgQSN1chJLh-0g-GXLhysN6t3PrI-aBF1rGX2Rx4R4QYd9uA8jzY51BypxFaGRw&sig=Cg0ArKJSzMXJyI1l3ddpEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C967960A6D03DE616A0A77C4FE54CBA9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F81C4C6C83F7BFDB54CE82063D23E031
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0C48E9BB3B5FBF806F785FE4CCA8D800
Requests: 2 HTTP requests in this frame

Frame: https://2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C3DAC62E3049682A17516F058A835A5C
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gnfcn7sd6c2bk5340nbvg8r9nk1jz3kn5nzbj28wpvxvtx1cw8rfrtaycyytw9e5k0km85rd67ntdmba8j1kan6g7hcyk07ry26zt82429qd5xc3c4vt72ryzv2gnbrw7bbs66e50t2t9jx7rdwf1gfjkfazgfxb0qtjtm72fp50p4ypeqyz96cbr2010szw959a9v764nrnerkfea78dyf4bzy66vge3zdx4sf6yx131z4z2ydjkb6t134gjdwqxp9rny40b5x6cscbjwvpe43papbhe3vsyraqspn561kkcnv4e3t0hgkfpm29222s5k2704jwne1y4stsy8myaymp7skehrp8t4q7k8frmnsyxmzbg67bxj7439g6js8bxqvcvw17zfwwvvtbmc7ry5jqk4qeykg9a995c3vz4mr36p27d96scvp75n18kky6t5fv52d&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC9t3FQ_IY8XVPNOV7_UP6tCN-Afi0rL2YcexjoqOCMCNtwEQASAAYP2CkYToEYIBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI_TaAHcReyPuACAKgDAaoElQJP0CflNd6Ry7JR4Ew6fJtp7Wa3dYpKBKr8dlSlnqRaluerlv63CB9W4VscxfpbHEPnXiQxSqdXv68qe6DTYSVbFWqhWdIV_2-D45IbGEkm1gLpn_RJyRcspImIpqhadBdDtLszQ6u0hlLmqb0mXtdZsfE15pR1RIEdh9plY_GdIY-LhRvl2Yp-etxgac2hsDOp6sP_mSNQ_jSejmquwGy6Hgr5ktbclzWIEfa_xR-uiHtZdvEr4mdfD9hW9hIoZXcmSSTh27hV5nOWHuX8XgpYconDL3g5ZXtwKwrwzEdlC6Lb93myQm-3A2m5pPwA1hQ95bV-mB90TQSCTSPfkXtRmto2GqTln3nc8NfU0Jmb7gGgYsAA4AQBgAaM27ywiYvRrjKgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0sH4seJg_uKosQcUjY1zjgz-8wJA%26client%3Dca-pub-3831894559014614%26adurl%3D
Frame ID: 1974768D56436EAC403B93218451DA13
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B2667612CCA2B569D893FC024CA326F1
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012301041800000/amp4ads-v0.mjs
Frame ID: D103A21A3171179893DC63AC7F5936F5
Requests: 14 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 32D4443356DCA175D8CA8BD0BCA0F0DC
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=34920%2C15710%2C196502&b=eRPT3fVfqJXTjHZHet1tWGJfwSQTKKwUJx5q%2CqV3amfWfD27uZHgHDtJtZZKheSgTJJecq4ZE%2Cw35HdfjfQeQ5fEHRH2tXt24rGFzSATmmgfKJp8&f=DeDh3fwfxmVs3HmH9twCAz2SxSmTYYGuZMP2%2CR6ZHgfQfDRJukHwH3tzCPPZC9SzTYY9uB38Y%2CgXPf8frfYrYpTPHbH8txC7rwMFmSQT992Uwg6j&c=728&d=90&e=&g=c11348ea64803ae3e232abed73d56e8b%2F8126045536877291581&i=17843%2C25196%2C75611&j=16%2C18%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach125_IT_ADX_ONLY&r=1674055447186&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqwg43s8jnqaa53sq0195vb36jyge3281ygdcragq6qwf6qazyzm9kgf6naqnk17gp9s6aa7a1rrhwy4tm1rgmz1rbggprc5ste6h3mrremjxcptktn6cnkej5krvj2nbbjyac436bk1km4g46mch8kkw2604bcajwrapb6k5m0phxd3d56t7gsrxgdd54cy3ak0m42nn878jk4zhkmj2xrr4xk2xr11eqttcepqqytdm1s3gq15h6axnnjzj83r3f8htnnmkz1420ssphm3d40%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCC9t3FQ_IY8XVPNOV7_UP6tCN-Afi0rL2YcexjoqOCMCNtwEQASAAYP2CkYToEYIBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI_TaAHcReyPuACAKgDAaoElQJP0CflNd6Ry7JR4Ew6fJtp7Wa3dYpKBKr8dlSlnqRaluerlv63CB9W4VscxfpbHEPnXiQxSqdXv68qe6DTYSVbFWqhWdIV_2-D45IbGEkm1gLpn_RJyRcspImIpqhadBdDtLszQ6u0hlLmqb0mXtdZsfE15pR1RIEdh9plY_GdIY-LhRvl2Yp-etxgac2hsDOp6sP_mSNQ_jSejmquwGy6Hgr5ktbclzWIEfa_xR-uiHtZdvEr4mdfD9hW9hIoZXcmSSTh27hV5nOWHuX8XgpYconDL3g5ZXtwKwrwzEdlC6Lb93myQm-3A2m5pPwA1hQ95bV-mB90TQSCTSPfkXtRmto2GqTln3nc8NfU0Jmb7gGgYsAA4AQBgAaM27ywiYvRrjKgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0sH4seJg_uKosQcUjY1zjgz-8wJA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Frame ID: CFC8FAE0A143D032C0D110C2CF5EBBF4
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

exe.io

Page URL History Show full URLs

https://bit.ly/3VXRsuf HTTP 301
https://exe.io/zr97uXcJ HTTP 302
https://exeo.app/zr97uXcJ Page URL

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

129
Requests

91 %
HTTPS

60 %
IPv6

35
Domains

47
Subdomains

38
IPs

7
Countries

1455 kB
Transfer

3303 kB
Size

29
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://exe.io/
Title: exe.io

Search URL Search Domain Scan URL

URL: https://exe.io/auth/signup
Title: https://exe.io/auth/signup

Search URL Search Domain Scan URL

URL: https://sulvo.com/?utm_source=https://exeo.app/zr97uXcJ&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3VXRsuf HTTP 301
https://exe.io/zr97uXcJ HTTP 302
https://exeo.app/zr97uXcJ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S520576491%3A1674055445158798&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHdl4RBiT2GVZ3c8oDYLmUF7HhRHTPbaE8j_KXTazEy_ctcHxqyAJN2CV0-aUx8a3oO_nCFq

Request Chain 20

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S755084787%3A1674055445178620&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHf1Q-jAOb3ozjGv2lStuGGWmEaPYw99UtxjOY9OnqM-ZskFhDeyU6EFhlEGKy62CvlJpzjf

Request Chain 98

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGDorEWcAhmN-KQ0GdFruvU&google_cver=1&google_push=AavPq0N3B2zTTywjUsQyhOPjmDC6pAJSQ_DweHH0ljwoC_tuiEth0KidKQ0OGEGB8rLGJlTyIhGpea9gQQhwGvqnJrjSU5PibKdi3A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzEzMzA4ODU0MzgwMTE0MTg5Ng==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELB8GnPMtVq6W_HdcS3phio&google_cver=1

Request Chain 99

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEK--VDTfMoXefOMY7qZ2Vm8&google_cver=1&google_push=AavPq0MupElF1YXXGCCthZG0BeZN3baWJa1xPhXs8GTvANUshfp6nEBh3aCFyXx27Km8mX-9uxCgCePmaQDMuuteAfzOrLvzHP3r HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEK--VDTfMoXefOMY7qZ2Vm8&google_push=AavPq0MupElF1YXXGCCthZG0BeZN3baWJa1xPhXs8GTvANUshfp6nEBh3aCFyXx27Km8mX-9uxCgCePmaQDMuuteAfzOrLvzHP3r

Request Chain 100

https://ads.travelaudience.com/google_pixel?google_gid=CAESEAsq5thmiEqV5l1EplXY6Qc&google_cver=1&google_push=AavPq0MlajWkmzGaRVcIln4ww-EVV2__YmSKusKhhZV10yp6OaD7uE2u3RWNZWxR6DbUHzJK2DmezIoFzbpDhN3RzXTAZ2FAlOi0 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=LemlVTE5R9G5JkXq7w50CA2&google_push=AavPq0MlajWkmzGaRVcIln4ww-EVV2__YmSKusKhhZV10yp6OaD7uE2u3RWNZWxR6DbUHzJK2DmezIoFzbpDhN3RzXTAZ2FAlOi0

Request Chain 101

https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEBhwHzKHXzUmiqsqAQc8uE0&google_cver=1&google_push=AavPq0MjUmuNUIjITc3wGqT8Ka47PtJZDQAN8XgCgCV-rCj-Khueg-J2yAthkK-5lNQN8JfWUINWHeo0lBFQUDPkudrtO1M9jZLUuw HTTP 302
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEBhwHzKHXzUmiqsqAQc8uE0&google_cver=1&google_push=AavPq0MjUmuNUIjITc3wGqT8Ka47PtJZDQAN8XgCgCV-rCj-Khueg-J2yAthkK-5lNQN8JfWUINWHeo0lBFQUDPkudrtO1M9jZLUuw&prevuid=&knw= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AavPq0MjUmuNUIjITc3wGqT8Ka47PtJZDQAN8XgCgCV-rCj-Khueg-J2yAthkK-5lNQN8JfWUINWHeo0lBFQUDPkudrtO1M9jZLUuw&google_hm=

Request Chain 102

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEODn2sda-q3clYe07dyHBh4&google_cver=1&google_push=AavPq0MGaH0Rl1GC9cV9ykD00FF_iltcMuFPgO4MI3hhSuXPTRtytm9205g6z9oqhfwGjrN_sh-6K-kvFoLwaBAcza5jip-xDCkIdA HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEODn2sda-q3clYe07dyHBh4&google_cver=1&google_push=AavPq0MGaH0Rl1GC9cV9ykD00FF_iltcMuFPgO4MI3hhSuXPTRtytm9205g6z9oqhfwGjrN_sh-6K-kvFoLwaBAcza5jip-xDCkIdA HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=01431d2e-f65b-448a-925f-cc29bbc166a0&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0MGaH0Rl1GC9cV9ykD00FF_iltcMuFPgO4MI3hhSuXPTRtytm9205g6z9oqhfwGjrN_sh-6K-kvFoLwaBAcza5jip-xDCkIdA&google_hm=CFguyOQLSH-LKD2bOCbFtw==

Request Chain 113

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

129 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request zr97uXcJ Show response
exeo.app/
Redirect Chain

https://bit.ly/3VXRsuf
https://exe.io/zr97uXcJ
https://exeo.app/zr97uXcJ

587 KB
150 KB

202ms
149ms

Document
text/html

2606:4700:20::681a:9e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exeo.app/zr97uXcJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:9e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d068db2c587d67fd032a6ec799187d038b3e80ec7d432e4a9a2065053d109e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 78b855e0dc89bac7-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 18 Jan 2023 15:24:04 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i69pSN4UGv2c9K8ueK%2B66JGA3lGvdKdc7FhiwLPD7OgPOtS8WhvMS9Xw2U7JeBeI2BT37OfauTIF%2FJSn4I%2B2zKkSoa2Ml%2BowGVPm64A9zl9yJHERspxZbwBqivQ39lQuJ2rmF992"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 78b855dfac2d83b2-MXP
content-type: text/html; charset=UTF-8
date: Wed, 18 Jan 2023 15:24:04 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://exeo.app/zr97uXcJ
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ofOgjqlEQ9foJR3Tupdm%2F%2BuMP%2Bb5ycRV8EXWMnL1cC8D14x7q7Gd0zVdUKM95xt09VFHzBtmx3dorPZcQFXJRpHbapmWGdL9wLbP3uXNi%2B85si9CGfpRZo9aS9S7UEVwAofHrZs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 105ms
37ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700

Requested by

Host: exeo.app
URL: https://exeo.app/zr97uXcJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

97d876b0796d55e1a4d9dec67f958fd62674617e5417b92e4584c0397974e9d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 18 Jan 2023 15:24:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 18 Jan 2023 13:50:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 18 Jan 2023 15:24:04 GMT

GET
H2 200 continue.css
exeo.app/css/ 179 KB
41 KB 43ms
42ms Stylesheet
text/css 2606:4700:20::681a:9e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exeo.app/css/continue.css

Requested by

Host: exeo.app
URL: https://exeo.app/zr97uXcJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:9e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23998750e040d16d7cdcc67be18f2c98db45cc55e098f1548107d04a4666d6fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/zr97uXcJ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 577507
cf-polished: origSize=211688
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Mon, 12 Dec 2022 17:28:40 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2B%2Bkd%2FnONQmfjHhk8imrfrSpA3Xr5YZ3KB3MzBjCRC%2F9b97R5%2Ft3IJ2R%2BREHgkE59P0l9wOQWMFcbtewJHigYZMUlQTW4TnfS9AapyYzn2TgX8vMwEFCAavOXSRrQk%2BSBzZAna1E"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 78b855e1cecfbac7-MXP
expires: Fri, 10 Feb 2023 22:58:57 GMT

GET
H2 200 logo_sm.png
exe.io/img/ 11 KB
11 KB 29ms
28ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://exe.io/img/logo_sm.png

Requested by

Host: exeo.app
URL: https://exeo.app/zr97uXcJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c63f2781570d012d67b1e5ed27544bf90097a71ca5ddbbcd86a98a0f52871534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 502560
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10989
x-xss-protection: 1; mode=block
last-modified: Sun, 28 Mar 2021 18:01:57 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fhd5IGdh35E0ulC57w1ioN24uojDpfpBjb7IELo8b1R1LSuuzFTvYqV8%2FFd%2FgPFRHg7DmBbq%2FkDKqG6ABzyi7Fd131Le9xbBlMEvPSkZ3qjwdNSwBD8QsnoM669rFp4dVz7%2FFbU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78b855e22a1f83b2-MXP
expires: Fri, 12 Jan 2024 19:48:04 GMT

GET
H/1.1 200
OK 29529 Show response
qj.wimplesbooklet.com/1clkn/ 6 B
1 KB 235ms
59ms Script
application/javascript 172.255.6.120
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://qj.wimplesbooklet.com/1clkn/29529

Requested by

Host: exeo.app
URL: https://exeo.app/zr97uXcJ

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

172.255.6.120 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 15:24:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Keep-Alive: timeout=20

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
44 KB 117ms
47ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-135952122-1

Requested by

Host: exeo.app
URL: https://exeo.app/zr97uXcJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

83d4bd6abcc594507b30b9b2cf71d66b1e3f9736f4aed3b6f933562b5da8b559

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44174
x-xss-protection: 0
last-modified: Wed, 18 Jan 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 18 Jan 2023 15:24:04 GMT

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 175ms
118ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: exeo.app
URL: https://exeo.app/zr97uXcJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d8e2a7867b8c609f534385500de55f15893edbfa91445597afada68fb4b14d9

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nf-request-id: 01GMX2WC7DDRK600SK19DPWQGC
date: Wed, 18 Jan 2023 15:24:05 GMT
content-encoding: br
cf-cache-status: HIT
age: 308
cf-polished: origSize=4391
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"30cd4982b290dd406327b3dd39f1ea22-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 78b855e2def3bad9-MXP
link: <https://live.demand.supply/impl.v16.3.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-2-0/ZXhlby5hcHAv>; rel=preload; as=script
timing-allow-origin: *

GET
H2 200 stattag.js Show response
cdntechone.com/ 13 KB
6 KB 88ms
41ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdntechone.com/stattag.js
Requested by: Host: exeo.app
URL: https://exeo.app/zr97uXcJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58444808f638e51e082fc66dc748f4064ea56db71a793b319a05068a786668b0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 29 Dec 2022 16:01:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2124
etag: W/"63adb9d2-331f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1eXO%2BCMtgSYtK%2FygyHbLZyrkXLp6FVHyEaOxChbudgwi5NVXab0Po4vp7iGApLuIFhs7dR1Gwrb8v%2F02ypOPpnPKodVPjgWkdmnZkz%2B%2BQ%2Fc0ZT1R5arM0xBfRSaKai1MkQXxUWc2xui12QoJ4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78b855e2c9e1bb26-MXP
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
101 KB 102ms
50ms Fetch
binary/octet-stream 188.114.97.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: exeo.app
URL: https://exeo.app/zr97uXcJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 723
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 18 Jan 2023 15:12:01 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://exeo.app
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1ddPvnam9ThY3lzLxo1i6WYsjhTOpraF6wLPKCgXZIbOafrv2%2FVvF72xHVK0pKJSTPT6pLSgUZzSwBz2CUCg%2BuTfPBBxO0etrsTGBrfYFOB4kpyqDaxb7cDt9vMx%2Bp5"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 78b855e30d110f72-MXP
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 26 B
372 B 190ms
138ms Fetch
text/plain 188.114.97.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: exeo.app
URL: https://exeo.app/zr97uXcJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37d1d1e6e585f8fc6e387a7cdea4ffa932f5f2daa929b8020e276c3211c80fe8

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pBTtX%2FUfZ7PrDbLtDzGrg7Rlifhl9%2FKOz%2FkqwbF87C2hKEpsqsxwzkjeZuLXNy%2F5qqTA6LpkloVXHfhXBp5nyWODl05KwqeJeRMKJWcSG7IXXIBgJnJtiFmGcv1KP8Uq"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://exeo.app
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 78b855e30d120f72-MXP
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
habitofstic.xyz/ 0
485 B 287ms
198ms XHR
text/plain 18.66.15.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://habitofstic.xyz/utx?cb=rzs0cj7qCYXX&top=exeo.app&tid=822524
Requested by: Host: exeo.app
URL: https://exeo.app/zr97uXcJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-23.vie50.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 15:24:05 GMT
via: 1.1 a17242a6cf9be61e0412ecea1610cbde.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop: VIE50-P1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://exeo.app
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: lHjWqhPlmKkfkkslCyFeZVX2ADYyf9rlyLtnqB3EOqV8P_xGkinMgA==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 105ms
34ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://exeo.app
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 14:23:49 GMT
x-content-type-options: nosniff
age: 262816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Jan 2024 14:23:49 GMT

GET
H2 200 bVV0dWkMNxcYVgxoFlMcHzlJUFsrcEYzDVkwBQwRByQBBh8HP1oWBQIgEBMbAjsAWwcIIVFHLzkwGCM+Dy8lLyYHMj42HlltORkgIAYzEQM1BDYWORQANSIOHTowMVgAGRkCASwSLTshFBg4EAUaPTg0GicGGjhfKTkbEQglFD8iAQE6LkUFOx0eERs6LT06Izk+M... Show response
habitofstic.xyz/ Frame 31E2 3 KB
2 KB 195ms
145ms Document
text/html 18.66.15.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://habitofstic.xyz/bVV0dWkMNxcYVgxoFlMcHzlJUFsrcEYzDVkwBQwRByQBBh8HP1oWBQIgEBMbAjsAWwcIIVFHLzkwGCM+Dy8lLyYHMj42HlltORkgIAYzEQM1BDYWORQANSIOHTowMVgAGRkCASwSLTshFBg4EAUaPTg0GicGGjhfKTkbEQglFD8iAQE6LkUFOx0eERs6LT06Izk+MTY7OGEkNFwLEic4XiwQEBYgKTEnIjs4IyQCJzQSRzcCJgQyIDM1GxA3LyQ8JAIvPBMnPAU+Mi4+JhQfPzcCHT4uHiwoDUYsPD4yLj4gB202NAJYIi4mWT8GMyAcOgQ2IQoqeCYTPzw6GDoOHRE8DwpUFx83DzctNhQrXWRDLz8GBycyP0hnNjcvGho7MRkmFx4ZHjcTTSwsF2EOJg43HjkfJCANDCNRDmREMC45ZR80LwYzFzI4HRchBRoIE0wUPV8TGiIRHRstLScJFzUeWSAUQTIsXhcfPjgrHy0bAQ4UGAIODGRAUwMeOhoFVDcHJiFQGjomAiMYMTo
Requested by: Host: exeo.app
URL: https://exeo.app/zr97uXcJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-23.vie50.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 045d76e39e0a6b43ac50b638164d99c3907fd4cffb9f986ed4554435cc94c788

Request headers

Referer: https://exeo.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1238
content-type: text/html
date: Wed, 18 Jan 2023 15:24:05 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 a17242a6cf9be61e0412ecea1610cbde.cloudfront.net (CloudFront)
x-amz-cf-id: osuRRekBzFh3Ct0m2tfEkPJPAZc645ISmbciqBgnurZ_G-dVv7aMEw==
x-amz-cf-pop: VIE50-P1
x-cache: Miss from cloudfront

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 75ms
67ms Fetch
binary/octet-stream 188.114.97.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: exeo.app
URL: https://exeo.app/zr97uXcJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 723
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 18 Jan 2023 15:12:01 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://exeo.app
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BA9KXkX6I%2FlZDQY8b7qXKflCR2veY%2BYrehV7vu4oXwmk8q3VkDBVOHGQ1x5jB%2FMOWc%2Fpuj3%2F%2FpyxTAWC02U90oTbJZVm9cCYkjeJHAiC6GVHGCalObyTOlaDg2i64Gd"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 78b855e31d140f72-MXP
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 27 B
357 B 153ms
145ms Fetch
text/plain 188.114.97.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: exeo.app
URL: https://exeo.app/zr97uXcJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea8d798ef54b9d6d4333b30b3a153b44e7ffbc00d0e8e8f84f03a598880db0ce

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F7U%2FWMBlVZDvIwLdoxlFKfusdRn6nfC9c8sLVvJTrTYVoDV8mYvT88fIPiddJJoh%2F2iyEUiTf80LAHqv6nwZi%2Bsbixk1kArODaJWOcyev%2BsOGZ9D7wIW%2F8%2FLx8Rpe%2BMV"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://exeo.app
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 78b855e30d130f72-MXP
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
habitofstic.xyz/ 0
485 B 188ms
142ms XHR
text/plain 18.66.15.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://habitofstic.xyz/utx?cb=UyFx0ieOcz5U&top=exeo.app&tid=889494
Requested by: Host: exeo.app
URL: https://exeo.app/zr97uXcJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-23.vie50.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 15:24:05 GMT
via: 1.1 a17242a6cf9be61e0412ecea1610cbde.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop: VIE50-P1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://exeo.app
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: uTnIPzlEUZNXoWaFEWN3O970tkWUQae3mM3iFq18Zhv31va7pFD0Kg==

GET
H2 200 WxYfBQ8wFxQNTysaMz04EAEcFRpbGT4FEzMUPm8ZPSBDIy4yRCwTDhlFMwUDOhQXGgM9GR05JwMCIgA2XxgcMAMvFDJmQCgdDm8RMho9A0QaGyoBOic6KRIZLEAdGC0EQTwFPx4dGxITMhQrcR0ZHhQnSgg5PSAfHwkUB0QwJA Show response
habitofstic.xyz/eld3anEbNRQHThtqFUwECDtKT0M8ckUsFU4yBhMJECYCGQcQPVkJHRUiEwwDFTkDRB8fI1JYNxkaGho4L2dCODMpDkYJJCMTOy1ESBQbJEkbORg/MD4kTyM0MA88AgIwBSYjSDEuNQMmKB4wCzQjBjstRF9lNSwwIycnORoqAzRaSDYGTggTE... Frame C067 3 KB
2 KB 177ms
150ms Document
text/html 18.66.15.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://habitofstic.xyz/eld3anEbNRQHThtqFUwECDtKT0M8ckUsFU4yBhMJECYCGQcQPVkJHRUiEwwDFTkDRB8fI1JYNxkaGho4L2dCODMpDkYJJCMTOy1ESBQbJEkbORg/MD4kTyM0MA88AgIwBSYjSDEuNQMmKB4wCzQjBjstRF9lNSwwIycnORoqAzRaSDYGTggTEB4GPzcebxM+ATkVJCQEMwFPKzouMAM4MBk5Pi0ZMhREP1RIFT4/Fj4dM1IHPGYQJSsXFjQ+Qgo9LQEkPh0dCRkoBRseKCJiFCIcSz8RDT8bDRokAzsEHx4oImIxKwggOxICFSAUGTBJOz89T0M4DUUJKS0fWg0IKjw+LT0pBgU/MD8/PVgCOxs/WxYfBQ8wFxQNTysaMz04EAEcFRpbGT4FEzMUPm8ZPSBDIy4yRCwTDhlFMwUDOhQXGgM9GR05JwMCIgA2XxgcMAMvFDJmQCgdDm8RMho9A0QaGyoBOic6KRIZLEAdGC0EQTwFPx4dGxITMhQrcR0ZHhQnSgg5PSAfHwkUB0QwJA
Requested by: Host: exeo.app
URL: https://exeo.app/zr97uXcJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-23.vie50.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 0215ddddb4b296dd5363ace2ce661a6cb6efb75ee9a083fc8cc0394273bd9c09

Request headers

Referer: https://exeo.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1232
content-type: text/html
date: Wed, 18 Jan 2023 15:24:05 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 a17242a6cf9be61e0412ecea1610cbde.cloudfront.net (CloudFront)
x-amz-cf-id: xUPV7hDPonHvlfPxlopxCESiifGsyqHyq-cpFS1Gc2BNO0cSH__HzQ==
x-amz-cf-pop: VIE50-P1
x-cache: Miss from cloudfront

GET
H2 200 ByQ0VmE+IxEpBx81BAlSFAUrBwQLFDAjeSk3PAxGCAcXHn0sVTUudAMFHx15LQ4DHEEcJX8+QyM6Kh1UdSM7KWN+XB4NbWNfFD5mDAA3I1hxJhEDQSBfBBx9BVVnNHRzHDBWXygkOxcDCDk9D20oCjE+WQBbCCNHcwkaAAAkAz5WU3RUPT5NDwQeIEQqJhU+Aw4qG... Show response
habitofstic.xyz/UmQ3Rm0zBlQrUjNZVWAYIAgKY18UQQUACWYBRj8VOBVCNRs4DhklAT0RUyAfPQpDaAM3EBJ0KzczWyIvA1RYcyIRXFsiPmZBBQQnClFOJAAAHlMeGWo0Yw8eGCdHNyM1IWMPBWYdeXUaazRfCAECDXY8CxoqRAgHCxJ9DglqKV5+CjZWQz4kE... Frame 3917 3 KB
2 KB 161ms
144ms Document
text/html 18.66.15.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://habitofstic.xyz/UmQ3Rm0zBlQrUjNZVWAYIAgKY18UQQUACWYBRj8VOBVCNRs4DhklAT0RUyAfPQpDaAM3EBJ0KzczWyIvA1RYcyIRXFsiPmZBBQQnClFOJAAAHlMeGWo0Yw8eGCdHNyM1IWMPBWYdeXUaazRfCAECDXY8CxoqRAgHCxJ9DglqKV5+CjZWQz4kEQdYHF8cCnkvGTwrXnJYGx5ucSQVPgMOKhgSVHRUPT4FLV0bHmY8ITg1AiBfBBx7Elh3VnEcNRQdUig/PD5/ByQ0VmE+IxEpBx81BAlSFAUrBwQLFDAjeSk3PAxGCAcXHn0sVTUudAMFHx15LQ4DHEEcJX8+QyM6Kh1UdSM7KWN+XB4NbWNfFD5mDAA3I1hxJhEDQSBfBBx9BVVnNHRzHDBWXygkOxcDCDk9D20oCjE+WQBbCCNHcwkaAAAkAz5WU3RUPT5NDwQeIEQqJhU+Aw4qGB1TAT8iPWAlXzZWRGAHIQtZNlAlJm4+JCEQASEEAA
Requested by: Host: exeo.app
URL: https://exeo.app/zr97uXcJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-23.vie50.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 9af3a48e750a9125c8ef85b117aed1604028e3a4662b661b726e7a6fff2e5742

Request headers

Referer: https://exeo.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1211
content-type: text/html
date: Wed, 18 Jan 2023 15:24:05 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 a17242a6cf9be61e0412ecea1610cbde.cloudfront.net (CloudFront)
x-amz-cf-id: UcArcbIZB3nOhLV2m95ZmBb2sySRynpfgTJ3AX-elNGydeyHzuw49g==
x-amz-cf-pop: VIE50-P1
x-cache: Miss from cloudfront

GET
H2 204 ZXlQWndKRjMpSgEXFgskHzsTCSAzTBEfLS8YGBMzNBIKNBESGnYuHgFEaGhFUEtkfAcMHW1rURYNMS4CFkRhfB4LHz9nURNEYXREUVdja1lXXyVnRkMNIDsQWEh2KgMRFW1rQVJNYG9CUU1kY0ZQ
motorwardso.com.ua/ 0
416 B 188ms
132ms Image
text/plain 104.21.3.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://motorwardso.com.ua/ZXlQWndKRjMpSgEXFgskHzsTCSAzTBEfLS8YGBMzNBIKNBESGnYuHgFEaGhFUEtkfAcMHW1rURYNMS4CFkRhfB4LHz9nURNEYXREUVdja1lXXyVnRkMNIDsQWEh2KgMRFW1rQVJNYG9CUU1kY0ZQ
Requested by: Host: exeo.app
URL: https://exeo.app/zr97uXcJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.3.16 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UI%2BGJNUBQj3Ocv6Bx%2B0vSADMwQLRgNYDYyUTDgl7htroIYQLXld%2FXZI9%2FH5yh8o0BWOKJNqhTHreTMXPCZW5EvLhR919UFjhz8QXnP0YnCYVwXoX9toc2QCQt8zSx9rzkNerhfM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 78b855e38d80374f-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 176ms
117ms Image
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: exeo.app
URL: https://exeo.app/zr97uXcJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
https://accounts.google.com/v3/signin/identifier?dsh=S520576491%3A1674055445158798&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn...

0
0

89ms
88ms

Image
text/html

2a00:1450:400d:808::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S520576491%3A1674055445158798&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHdl4RBiT2GVZ3c8oDYLmUF7HhRHTPbaE8j_KXTazEy_ctcHxqyAJN2CV0-aUx8a3oO_nCFq
Requested by: Host: exeo.app
URL: https://exeo.app/zr97uXcJ
Protocol: H2
Server: 2a00:1450:400d:808::200d , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Redirect headers

date: Wed, 18 Jan 2023 15:24:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-v3-cx2EIuKK0L2nULHWBDQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 390
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S520576491%3A1674055445158798&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHdl4RBiT2GVZ3c8oDYLmUF7HhRHTPbaE8j_KXTazEy_ctcHxqyAJN2CV0-aUx8a3oO_nCFq
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/v3/signin/identifier?dsh=S755084787%3A1674055445178620&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSi...

0
0

127ms
127ms

Image
text/html

2a00:1450:400d:808::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S755084787%3A1674055445178620&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHf1Q-jAOb3ozjGv2lStuGGWmEaPYw99UtxjOY9OnqM-ZskFhDeyU6EFhlEGKy62CvlJpzjf
Requested by: Host: exeo.app
URL: https://exeo.app/zr97uXcJ
Protocol: H2
Server: 2a00:1450:400d:808::200d , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Redirect headers

date: Wed, 18 Jan 2023 15:24:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-kC9M2Qu2yIY99GpNgbXWnQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 395
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S755084787%3A1674055445178620&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHf1Q-jAOb3ozjGv2lStuGGWmEaPYw99UtxjOY9OnqM-ZskFhDeyU6EFhlEGKy62CvlJpzjf
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 bGh4YXNDVxsSTg0COi0iOD4rIB0AXDo3GC4LFjg9OR8yVxAtC14VGghVQFlKWFFMRwMFDEVQVR8cGRUGH1VJRxoCDhdcVRpVSU9AWEZLUF1eTg1cQkocCAAUUVleEQcYBEVQRVtcSFRGWFxMWEZU
motorwardso.com.ua/ 0
249 B 199ms
144ms Image
text/plain 104.21.3.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://motorwardso.com.ua/bGh4YXNDVxsSTg0COi0iOD4rIB0AXDo3GC4LFjg9OR8yVxAtC14VGghVQFlKWFFMRwMFDEVQVR8cGRUGH1VJRxoCDhdcVRpVSU9AWEZLUF1eTg1cQkocCAAUUVleEQcYBEVQRVtcSFRGWFxMWEZU
Requested by: Host: exeo.app
URL: https://exeo.app/zr97uXcJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.3.16 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZSYIcO3f9cuvdj9Xiw93m1gtKkJfA8pZzJceQYcPWkck6nZDecAxhvORhfkDcgzJUd0ItuAseZyjZ0uyJa8xByM%2BTZvtW%2F77v7V%2Fr7x7Cvm3G8vfnbJ4SUm0uuCRRrhkKtQ33A%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 78b855e39d83374f-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 ejdrcFdVCAgDai4EGxoAPF9SJDssRgkoMzNhLEEmHGIhKDUXB00EPh4KU0RkSAFaVicTU1ZBb1xEHxEjD0RWQXETWQ0falxBVkF5ShlZXmVcQlZBcQ5HChdqSxEbBCMWClpGYE4HXkVjTgNSR2A
motorwardso.com.ua/ 0
246 B 188ms
133ms Image
text/plain 104.21.3.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://motorwardso.com.ua/ejdrcFdVCAgDai4EGxoAPF9SJDssRgkoMzNhLEEmHGIhKDUXB00EPh4KU0RkSAFaVicTU1ZBb1xEHxEjD0RWQXETWQ0falxBVkF5ShlZXmVcQlZBcQ5HChdqSxEbBCMWClpGYE4HXkVjTgNSR2A
Requested by: Host: exeo.app
URL: https://exeo.app/zr97uXcJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.3.16 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TVX8Dn18gvaLCMkEQJItLMNnv5FPwOt9Ga149LJ8h1%2B85F10y7JYPHf7osf6Ji68Xe1yoZ0yMgkikNzGyF7gjxv64BhuNQwpE15bt1QwYWAosXO1S84NgX23Kk6F0BZxLaCeCFo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 78b855e39d85374f-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 invisible.js Show response
exeo.app/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame E68C 34 KB
14 KB 27ms
26ms Script
application/javascript 2606:4700:20::681a:9e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://exeo.app/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1674043200
Requested by: Host: exeo.app
URL: https://exeo.app/zr97uXcJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcfc380b911feb81ff128df569b376aec0b69230fe08da4bf248af5f719ae513

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:05 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=okGbryog%2FyiLTLaWi0naGb1E7AEwlyLRPA3E1c5vlS%2FFznrf%2BKBZC8%2ByCGJ%2BzVEX%2FJyEUulwqjRu7xGA5VtguTpR1QqQh%2F280XlrWTjaIssDx7nN38fLsOi20ksiV%2BUT0uByH9R8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 78b855e35a3fbac7-MXP

POST
H/1.1 200
OK add Show response
datatechone.com/log/ 2 B
461 B 120ms
34ms XHR
text/plain 139.45.195.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697
Requested by: Host: cdntechone.com
URL: https://cdntechone.com/stattag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://exeo.app/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 18 Jan 2023 15:24:05 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://exeo.app
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

GET
H2 200 impl.v16.3.0.js Show response
live.demand.supply/ 73 KB
23 KB 32ms
32ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v16.3.0.js
Requested by: Host: exeo.app
URL: https://exeo.app/zr97uXcJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1eb6a860427095d495e066d7a3911ef977a5266b874f76d762fbca1b9b6739ae

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nf-request-id: 01GMX2V689ENQZTBQ4NFCNSXD1
date: Wed, 18 Jan 2023 15:24:05 GMT
content-encoding: br
cf-cache-status: HIT
age: 2337095
cf-polished: origSize=74953
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"b19940580c70e30455a2254a785a8919-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 78b855e398cbbad9-MXP

GET
H2 200 ZXhlby5hcHAv Show response
live.demand.supply/p4/v16-2-0/ 908 B
576 B 81ms
81ms Script
text/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v16-2-0/ZXhlby5hcHAv
Requested by: Host: exeo.app
URL: https://exeo.app/zr97uXcJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fa4020f27528b873cf94b3b837c88aa2a49e34c613d6dcf7955eb486981ab3e

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:05 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 78b855e398cdbad9-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 121ms
35ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-135952122-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 18 Jan 2023 14:26:10 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3475
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20085
expires: Wed, 18 Jan 2023 16:26:10 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
502 B 74ms
47ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=176&cs=c&dsReferer=ZXhlby5hcHAvenI5N3VYY0o=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nf-request-id: 01GPGADBNXCHVSK51WK5YVFSDJ
date: Wed, 18 Jan 2023 15:24:05 GMT
cf-cache-status: HIT
age: 577327
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 78b855e3d992bb0b-MXP

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 148ms
54ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c006f0a750433b29a3eb4b45c5ec99c561fccfdb257ede4439c3d055c34c524f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27795
x-xss-protection: 0
server: sffe
etag: "1455 / 477 of 1000 / last-modified: 1674043613"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Jan 2023 15:24:05 GMT

GET
H2 200 ZXhlby5hcHAvenI5N3VYY0o= Show response
live.demand.supply/p4/v16-2-0/ 908 B
506 B 79ms
78ms Script
text/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v16-2-0/ZXhlby5hcHAvenI5N3VYY0o=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fa4020f27528b873cf94b3b837c88aa2a49e34c613d6dcf7955eb486981ab3e

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:05 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 78b855e3a8f2bad9-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
608 B 62ms
37ms XHR
text/html 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nf-request-id: 01GPGAFB7A85YK1WPYW7SQCTTM
date: Wed, 18 Jan 2023 15:24:05 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 577327
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 78b855e3d990bb0b-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pica.js
exeo.app/cdn-cgi/challenge-platform/h/g/scripts/ Frame E68C 21 KB
9 KB 22ms
22ms Other
application/javascript 2606:4700:20::681a:9e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://exeo.app/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: exeo.app
URL: https://exeo.app/zr97uXcJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2613410bdf0f7da8a8514fc9c97786239999244c3b382fa017b041a328bcd906

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:05 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O74JaHbMdL9pW4c2t45jFGRhm4rcvh6hBQCFl40yaUo7NeG3%2FAhjt8K5zQoFFJIgLxax3xy4fgRmkfx5fQgdaGKpXANT8KR7MTW%2FfJWVQWI1TdvRVEoKmsttpEbEtpWwVnzOWSU8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 78b855e3bb00bac7-MXP

GET
H3 200 exeo.app_fluid_lb+sq_continue_page_before_button_1 Show response
live.demand.supply/cp/ 30 B
391 B 176ms
176ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/exeo.app_fluid_lb+sq_continue_page_before_button_1?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZXhlby5hcHAvenI5N3VYY0o=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 193a1288ce3e92a6b871ea76498918ec1c65a97e3fcc8fc1863f93a91fb0b71f

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:05 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 78b855e3e99cbb0b-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
536 B 24ms
24ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=fs&dsReferer=ZXhlby5hcHAvenI5N3VYY0o=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nf-request-id: 01GPGADFRB8VQ9MK9FGPGE3HDW
date: Wed, 18 Jan 2023 15:24:05 GMT
cf-cache-status: HIT
age: 577327
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 78b855e3e9a0bb0b-MXP

GET
H3 200 exeo.app_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 30 B
392 B 170ms
169ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/exeo.app_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZXhlby5hcHAvenI5N3VYY0o=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6a21117a540ebcd4c3ec8de98b11fa52b279866799f2088ac950e370de280c6

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:05 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 78b855e44a61bb0b-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30

GET
H2 200 ZQJmeGo7KCgvf2VxJC85PC5qb2hnIis4NTokZngcZnF6ZGp5dHd7bnl2d29oZzIiLDslKGZ4HGJydGRpYWc2d2s Show response
d4eqyxjqusvjj.cloudfront.net/eWldBQ0o5OC8ldS4+JX5ybmRzdXt8PTIsJCpqNgETIh4yN3w9PhNlPiAzfHNsNjYvJHd8Mi8gd2txICcoZ2NnNitnOi45IzY7IGZ4HGJvc29oZ2k0IzQzLjQ5f2VxLT5/ZXFyenRnZHAIf2VxNCM0YXVmeRhyc3MybGNoZnh... Frame 3917 191 B
462 B 262ms
203ms Script
text/plain 2600:9000:2248:c200:1c:3221:2bc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d4eqyxjqusvjj.cloudfront.net/eWldBQ0o5OC8ldS4+JX5ybmRzdXt8PTIsJCpqNgETIh4yN3w9PhNlPiAzfHNsNjYvJHd8Mi8gd2txICcoZ2NnNitnOi45IzY7IGZ4HGJvc29oZ2k0IzQzLjQ5f2VxLT5/ZXFyenRnZHAIf2VxNCM0YXVmeRhyc3MybGNoZnhqNjEzJj8gJCEhMyNkcQxvZH-ZteWxyc3NiMT81LiZ/ZQJmeGo7KCgvf2VxJC85PC5qb2hnIis4NTokZngcZnF6ZGp5dHd7bnl2d29oZzIiLDslKGZ4HGJydGRpYWc2d2s
Requested by: Host: habitofstic.xyz
URL: https://habitofstic.xyz/UmQ3Rm0zBlQrUjNZVWAYIAgKY18UQQUACWYBRj8VOBVCNRs4DhklAT0RUyAfPQpDaAM3EBJ0KzczWyIvA1RYcyIRXFsiPmZBBQQnClFOJAAAHlMeGWo0Yw8eGCdHNyM1IWMPBWYdeXUaazRfCAECDXY8CxoqRAgHCxJ9DglqKV5+CjZWQz4kEQdYHF8cCnkvGTwrXnJYGx5ucSQVPgMOKhgSVHRUPT4FLV0bHmY8ITg1AiBfBBx7Elh3VnEcNRQdUig/PD5/ByQ0VmE+IxEpBx81BAlSFAUrBwQLFDAjeSk3PAxGCAcXHn0sVTUudAMFHx15LQ4DHEEcJX8+QyM6Kh1UdSM7KWN+XB4NbWNfFD5mDAA3I1hxJhEDQSBfBBx9BVVnNHRzHDBWXygkOxcDCDk9D20oCjE+WQBbCCNHcwkaAAAkAz5WU3RUPT5NDwQeIEQqJhU+Aw4qGB1TAT8iPWAlXzZWRGAHIQtZNlAlJm4+JCEQASEEAA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2248:c200:1c:3221:2bc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e85c2e3a075320c1e1de71ebbd6f0878f5f92996459c2d26e698528d57d3d6ca

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://habitofstic.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:05 GMT
content-encoding: gzip
via: 1.1 d2a765f1074cbe4a82f40c5927183e80.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P3
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 186
x-amz-cf-id: M2SBhg2uifuG_kvWAumal1gZv-7U7jd_OrcV_-xAhcpyaKIn1D5sdg==

GET
H2 200 TelVWbzQZOjgJCw48MlIMSGdjXQBcPyUAWgpoDD1mLmwhAGYNHyMLelwhLAsJSnM6DlodaHAKWhloZ0lVHjdrWxIOJTkECRU4PA5fGSM7AEdcIDdSWRUvPwNYG3BkKQFUZXNdBFIiPwFQFSIlSgZKOyJKBkpkZkEEX2YUSgZKIj8BAk5wZS0RSGUuWQBTcG-RfVQo... Show response
d4eqyxjqusvjj.cloudfront.net/ Frame 31E2 693 B
797 B 213ms
170ms Script
text/plain 2600:9000:2248:c200:1c:3221:2bc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d4eqyxjqusvjj.cloudfront.net/TelVWbzQZOjgJCw48MlIMSGdjXQBcPyUAWgpoDD1mLmwhAGYNHyMLelwhLAsJSnM6DlodaHAKWhloZ0lVHjdrWxIOJTkECRU4PA5fGSM7AEdcIDdSWRUvPwNYG3BkKQFUZXNdBFIiPwFQFSIlSgZKOyJKBkpkZkEEX2YUSgZKIj8BAk5wZS0RSGUuWQBTcG-RfVQolOgpDHzc9BkBfZxBaB017ZVkRSGV+BFwOODpKBjlwZF9YEz4zSgZKMjMMXxV8c10EGT0kAFkfcGQpBUpseF8aT2FnWxpNYXNdBAk0MA5GE3BkKQFJYnhcAlwga14
Requested by: Host: habitofstic.xyz
URL: https://habitofstic.xyz/bVV0dWkMNxcYVgxoFlMcHzlJUFsrcEYzDVkwBQwRByQBBh8HP1oWBQIgEBMbAjsAWwcIIVFHLzkwGCM+Dy8lLyYHMj42HlltORkgIAYzEQM1BDYWORQANSIOHTowMVgAGRkCASwSLTshFBg4EAUaPTg0GicGGjhfKTkbEQglFD8iAQE6LkUFOx0eERs6LT06Izk+MTY7OGEkNFwLEic4XiwQEBYgKTEnIjs4IyQCJzQSRzcCJgQyIDM1GxA3LyQ8JAIvPBMnPAU+Mi4+JhQfPzcCHT4uHiwoDUYsPD4yLj4gB202NAJYIi4mWT8GMyAcOgQ2IQoqeCYTPzw6GDoOHRE8DwpUFx83DzctNhQrXWRDLz8GBycyP0hnNjcvGho7MRkmFx4ZHjcTTSwsF2EOJg43HjkfJCANDCNRDmREMC45ZR80LwYzFzI4HRchBRoIE0wUPV8TGiIRHRstLScJFzUeWSAUQTIsXhcfPjgrHy0bAQ4UGAIODGRAUwMeOhoFVDcHJiFQGjomAiMYMTo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2248:c200:1c:3221:2bc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 210707097ecda5062eb47b6cd89a753147bbf4c95867e45ef75027063c33f58a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://habitofstic.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:05 GMT
content-encoding: gzip
via: 1.1 d2a765f1074cbe4a82f40c5927183e80.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P3
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 518
x-amz-cf-id: 7U5FBhugngpixmYIEyFZWh-NkRzwo6g15jm-YpujpC9OZtXOdxYCNA==

GET
H2 200 cMmpIU05RBSY1cUYDLG52ClN8anoUADs8IEJXKhsJRQI9KyBiWRIGaEYQLG5+FAYpPSkPTC09LQ9bbjIqUFd8dTpCBSNuIV8AKTgtRAcnIGhHC3U+IUgDJD8vF1gOZmACT3pjZkUDJjchRRltYX5cHm1hfgNaZmNrAShtYX5FAyZlehdZCnZ8AhJ+Z2cXWH-gyPkI... Show response
d4eqyxjqusvjj.cloudfront.net/ Frame C067 864 B
886 B 214ms
176ms Script
text/plain 2600:9000:2248:c200:1c:3221:2bc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d4eqyxjqusvjj.cloudfront.net/cMmpIU05RBSY1cUYDLG52ClN8anoUADs8IEJXKhsJRQI9KyBiWRIGaEYQLG5+FAYpPSkPTC09LQ9bbjIqUFd8dTpCBSNuIV8AKTgtRAcnIGhHC3U+IUgDJD8vF1gOZmACT3pjZkUDJjchRRltYX5cHm1hfgNaZmNrAShtYX5FAyZlehdZCnZ8AhJ+Z2cXWH-gyPkIGLSQrUAEhJ2sALH1geRxZfnZ8AkIjOzpfBm1hDRdYeD8nWQ9tYX5VDys4IRtPemMtWhgnPisXWA5ifgtEeH17Blt8fXkGT3pjPVMMKSEnF1gOZn0FRHtlaEdXeQ
Requested by: Host: habitofstic.xyz
URL: https://habitofstic.xyz/eld3anEbNRQHThtqFUwECDtKT0M8ckUsFU4yBhMJECYCGQcQPVkJHRUiEwwDFTkDRB8fI1JYNxkaGho4L2dCODMpDkYJJCMTOy1ESBQbJEkbORg/MD4kTyM0MA88AgIwBSYjSDEuNQMmKB4wCzQjBjstRF9lNSwwIycnORoqAzRaSDYGTggTEB4GPzcebxM+ATkVJCQEMwFPKzouMAM4MBk5Pi0ZMhREP1RIFT4/Fj4dM1IHPGYQJSsXFjQ+Qgo9LQEkPh0dCRkoBRseKCJiFCIcSz8RDT8bDRokAzsEHx4oImIxKwggOxICFSAUGTBJOz89T0M4DUUJKS0fWg0IKjw+LT0pBgU/MD8/PVgCOxs/WxYfBQ8wFxQNTysaMz04EAEcFRpbGT4FEzMUPm8ZPSBDIy4yRCwTDhlFMwUDOhQXGgM9GR05JwMCIgA2XxgcMAMvFDJmQCgdDm8RMho9A0QaGyoBOic6KRIZLEAdGC0EQTwFPx4dGxITMhQrcR0ZHhQnSgg5PSAfHwkUB0QwJA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2248:c200:1c:3221:2bc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 03be5cc0bd4a8261f47d98d522c79dbe6a4c557544dd379e5c3c5cc41e40c8b6

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://habitofstic.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:05 GMT
content-encoding: gzip
via: 1.1 d2a765f1074cbe4a82f40c5927183e80.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P3
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 608
x-amz-cf-id: gJX5pX24ooELSKcKjW5d_-T3Q6IICvVBvzkW_jy557C4SukMe6HRkQ==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
202 B 44ms
44ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=113158212&t=pageview&_s=1&dl=https%3A%2F%2Fexeo.app%2Fzr97uXcJ&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1562631723&gjid=1232186917&cid=1658363732.1674055445&tid=UA-135952122-1&_gid=1180496373.1674055445&_r=1&_slc=1&gtm=2ou1a1&z=212218441

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://exeo.app/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 15:24:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://exeo.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2023011001.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
129 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba08a3d19225206e1f616f14c7d6e4f214002374c7086834026cb977a09748fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:02:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1322
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132153
x-xss-protection: 0
last-modified: Tue, 10 Jan 2023 09:35:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 18 Jan 2024 15:02:03 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 133 B
105 B 132ms
63ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=exeo.app

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

741a8e1556800bdd1233f8139c4d82c005565a2a1bfe6a2ba811a5572b1255b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80
x-xss-protection: 0
expires: Wed, 18 Jan 2023 15:24:05 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
499 B 116ms
116ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=exeo.app_fluid_lb%2Bsq_continue_page_before_button_1&pdc=0.23314685821533204&ucv=null&e=tcp&dsReferer=ZXhlby5hcHAvenI5N3VYY0o=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nf-request-id: 01GPGADBNXCHVSK51WK5YVFSDJ
date: Wed, 18 Jan 2023 15:24:05 GMT
cf-cache-status: HIT
age: 577327
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 78b855e4fc0dbb0b-MXP

GET
H2 200 exeo.app_fluid_lb+sq_continue_page_before_button_1 Show response
api.demand.supply/v16-2-0/a/ 304 B
694 B 128ms
73ms XHR
application/json 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v16-2-0/a/exeo.app_fluid_lb+sq_continue_page_before_button_1?&dsReferer=ZXhlby5hcHAvenI5N3VYY0o=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.3.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 773487eaa622ec6bbf0e3e65b4a2964e8fc6265e45b284e96053b9a1ca2c64d3

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:05 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 4710
etag: W/"130-sjP5il3nLi83SkjVq7N8oLrdGeo"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 78b855e55f74d60c-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 78b855e0dc89bac7 Show response
exeo.app/cdn-cgi/challenge-platform/h/g/cv/result/ Frame E68C 2 B
540 B 66ms
66ms XHR
text/plain 2606:4700:20::681a:9e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://exeo.app/cdn-cgi/challenge-platform/h/g/cv/result/78b855e0dc89bac7
Requested by: Host: exeo.app
URL: https://exeo.app/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1674043200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 18 Jan 2023 15:24:05 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78b855e689a1bac7-MXP
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zbi0DnVTmnpEnkSULjV9K97zbHtroh18wroaX8sfN%2FkyyOxYkaEWKZ57UO8VPLwAHsFBQUYghN2qCqJ54aZGBAmn6aJPYb9zMbYUa9%2Bye%2F8QaHlG0GZUmRoqNDIzP3LC6ZpVmhw7"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
500 B 26ms
26ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=exeo.app_auto_728x90_sticky_display_bottom&pdc=0.13673036992549895&ucv=null&e=tcp&dsReferer=ZXhlby5hcHAvenI5N3VYY0o=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nf-request-id: 01GPGADBNXCHVSK51WK5YVFSDJ
date: Wed, 18 Jan 2023 15:24:05 GMT
cf-cache-status: HIT
age: 577327
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 78b855e68f71bb0b-MXP

GET
H3 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 46ms
46ms Stylesheet
text/css 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nf-request-id: 01GNVRAWWEVV0FNCNA1W6NSR50
date: Wed, 18 Jan 2023 15:24:05 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 675872
etag: W/"1d4502a12de3cc5a1f0e398c3e53f4ab-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 78b855e6890859dd-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 integrator.js Show response
adservice.google.it/adsid/ 107 B
792 B 234ms
65ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.it/adsid/integrator.js?domain=exeo.app

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 96ms
33ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=exeo.app

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
793 B 299ms
299ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1526883150084695&correlator=2678513165951683&eid=31071523&output=ldjh&gdfp_req=1&vrg=2023011001&ptt=17&impl=fif&iu_parts=44890869%3A22855689125%2Cca-pub-3831894559014614-tag%2C7ee716ae-b3e6-4091-8929-3dc5d06775a6&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=2893322063&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3D3330f4e4-e0ca-4c17-a2d8-011e4681c8c5%26pof%3D0%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D92&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1674055445590&lmt=1674055445&dlt=1674055444760&idt=788&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fexeo.app%2Fzr97uXcJ&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1658363732.1674055445&ga_sid=1674055446&ga_hid=113158212&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03a2b9f547a3632b78fff7ce6738aee331736c9da8f04ceb280c0cb5d6e676a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 763
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://exeo.app
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
10 KB 309ms
309ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1526883150084695&correlator=678255842062898&eid=31071523&output=ldjh&gdfp_req=1&vrg=2023011001&ptt=17&impl=fif&iu_parts=44890869%3A22855689125%2Cca-pub-3831894559014614-tag%2Cafafdb0d-39d1-4953-b43d-ab93c1fbc5a3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=2&adks=2231202216&sfv=1-0-40&prev_scp=ti%3D3330f4e4-e0ca-4c17-a2d8-011e4681c8c5%26pof%3D0%26bid%3D0.09%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D92&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1674055445599&lmt=1674055445&dlt=1674055444760&idt=788&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fexeo.app%2Fzr97uXcJ&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1658363732.1674055445&ga_sid=1674055446&ga_hid=113158212&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

548b8249d16de727c8581f3ad033f496c42c21b696e0fb768cbdf8d320b296d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9977
x-xss-protection: 0
google-lineitem-id: 5563949749
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://exeo.app
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
10 KB 351ms
351ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1526883150084695&correlator=2014947291214720&eid=31071523&output=ldjh&gdfp_req=1&vrg=2023011001&ptt=17&impl=fif&iu_parts=44890869%3A22855689125%2Cca-pub-3831894559014614-tag%2C3feeeb45-0f17-4c76-aa93-558e37af35a1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=940x280&ifi=3&adks=2234010598&sfv=1-0-40&prev_scp=ti%3D3330f4e4-e0ca-4c17-a2d8-011e4681c8c5%26pof%3D0%26bid%3D0.15%26bid-p%3Dgoogle%26bsc%3D92&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1674055445605&lmt=1674055445&dlt=1674055444760&idt=788&adxs=328&adys=145&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fexeo.app%2Fzr97uXcJ&frm=20&vis=1&psz=945x116&msz=945x116&fws=0&ohw=0&ga_vid=1658363732.1674055445&ga_sid=1674055446&ga_hid=113158212&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

494636b8f3b69bba8767e4439121767a4323f9c7eb9a27c3c261adbf8ab5c148

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9971
x-xss-protection: 0
google-lineitem-id: 5563931935
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://exeo.app
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7ADD 6 KB
3 KB 265ms
83ms Document
text/html 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://exeo.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 15:24:05 GMT
expires: Thu, 18 Jan 2024 15:24:05 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2023011001.js Show response
securepubads.g.doubleclick.net/gpt/ 37 KB
13 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2023011001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e29202d7cd5c07e8c2b5eaabe83b02511702dd4336cc18252112f1e6c1517a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 15:26:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86265
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13733
x-xss-protection: 0
last-modified: Tue, 10 Jan 2023 09:35:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 17 Jan 2024 15:26:20 GMT

GET
H2 200 popunder.gif
motorwardso.com.ua/ 35 B
400 B 29ms
29ms Image
image/gif 104.21.3.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://motorwardso.com.ua/popunder.gif
Requested by: Host: exeo.app
URL: https://exeo.app/zr97uXcJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.3.16 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: public
date: Wed, 18 Jan 2023 15:24:05 GMT
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 13:44:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5996
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eb5eMkxih4rdSLfXfZXVSSi%2Fxl3i0c%2FFSnSpC3gZKMJgGe7S6MikYuqFJXr2NOhu4%2BSILXPJeuS0DVht4b5JE8%2BsaH19V9qKiWPXS8vD2cHEfrBGaOy7W4198vRs4Qweg%2FRAih4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cf-ray: 78b855e79d58374f-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 138ms
78ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023011001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a76e63fd1ec9d4f6bc442186b047324d1a055872715fd763a3fc549634c7610

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11190
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
501 B 32ms
31ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=exeo.app_auto_interstitial_desktop&e=nai&dsReferer=ZXhlby5hcHAvenI5N3VYY0o=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nf-request-id: 01GPGADBNXCHVSK51WK5YVFSDJ
date: Wed, 18 Jan 2023 15:24:05 GMT
cf-cache-status: HIT
age: 577327
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 78b855e8fdd7bb0b-MXP

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 96ms
48ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc871e89201aa44e7380e81e7f7846c4164e5a5d3374ba722a90e518ad48feae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:58 GMT
server: cloudflare
x-amz-request-id: SRDTF4D6FV87EWN1
age: 799
etag: W/"854d94282c6b6d99cd8ba33bb311e621"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 78b855e96f2183be-MXP
x-amz-id-2: ShuL/PSWvPv4pHbSd/yrQNnEByAGuLErLnAZG1zmJxqomENfteowvlmQQ/oHgwPVaCFO7nOWLJI=

GET view
securepubads.g.doubleclick.net/pcs/ Frame CB65 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CB65 0
0

GET
H2 200 integrator.js Show response
adservice.google.it/adsid/ 107 B
165 B 80ms
79ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.it/adsid/integrator.js?domain=exeo.app

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 36ms
35ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=exeo.app

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
12 KB 318ms
317ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1526883150084695&correlator=1952191190338179&eid=31071523%2C676982961&output=ldjh&gdfp_req=1&vrg=2023011001&ptt=17&impl=fif&iu_parts=44890869%3A22855689125%2Cca-pub-3831894559014614-tag%2C0d7c591c-fb7f-4621-bdc0-c9268b4896ba&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=4&adks=2310731849&sfv=1-0-40&prev_scp=ti%3D3330f4e4-e0ca-4c17-a2d8-011e4681c8c5%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D92&eri=1&sc=1&cookie=ID%3Dfad230bb6caf826d%3AT%3D1674055445%3AS%3DALNI_Mam2JZDJiQGvo0Y0AXX5cAvD_O6Jg&gpic=UID%3D00000ba4b8faeb4b%3AT%3D1674055445%3ART%3D1674055445%3AS%3DALNI_MZBGJnfY0_5Ev1I9pzOoB3Zpdnpjw&abxe=1&dt=1674055445945&lmt=1674055445&dlt=1674055444760&idt=788&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fexeo.app%2Fzr97uXcJ&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1658363732.1674055445&ga_sid=1674055446&ga_hid=113158212&ga_fc=true&a3p=EhsKDGlkNS1zeW5jLmNvbRil2-ur3DBIAFICCGQ.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5933ae5946a25a792103a29d86d1a823b306c1147fa187d6af8b678bba543d52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11894
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://exeo.app
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET view
securepubads.g.doubleclick.net/pcs/ Frame C967 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C967 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 54 KB
12 KB 369ms
369ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1526883150084695&correlator=1954951478525906&eid=31071523%2C676982961&output=ldjh&gdfp_req=1&vrg=2023011001&ptt=17&impl=fif&iu_parts=44890869%3A22855689125%2Cca-pub-3831894559014614-tag%2C6b0586cb-e26b-4919-be16-13138a3299c2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=940x280&ifi=5&adks=2328792604&sfv=1-0-40&prev_scp=ti%3D3330f4e4-e0ca-4c17-a2d8-011e4681c8c5%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D92&eri=1&sc=1&cookie=ID%3D2dc79d6a410b0400%3AT%3D1674055445%3AS%3DALNI_MZ6lYBYrB4uW-rfM21cwXk6AesSeA&gpic=UID%3D00000ba4b9a4d9bf%3AT%3D1674055445%3ART%3D1674055445%3AS%3DALNI_MZJys6TKBVb3S6-N_ii_ag6ZlRiww&abxe=1&dt=1674055445982&lmt=1674055445&dlt=1674055444760&idt=788&adxs=328&adys=145&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fexeo.app%2Fzr97uXcJ&frm=20&vis=1&psz=945x116&msz=945x116&fws=0&ohw=0&ga_vid=1658363732.1674055445&ga_sid=1674055446&ga_hid=113158212&ga_fc=true&a3p=EhsKDGlkNS1zeW5jLmNvbRil2-ur3DBIAFICCGQ.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89e99089898cea06dc05f6641aaee84d2976391967949a5025876fb6835d9530

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12378
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://exeo.app
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
317 B 108ms
33ms XHR
text/plain 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://exeo.app/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://exeo.app
date: Wed, 18 Jan 2023 15:24:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 197ms
128ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 18 Jan 2023 15:24:06 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F81C 13 KB
5 KB 27ms
25ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://exeo.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
age: 653
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 15:13:13 GMT
expires: Thu, 18 Jan 2024 15:13:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0C48 783 B
1 KB 177ms
72ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

30daed9eb087325b7aae86066de067b8e41113660e72c04927194a949026f83d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MPR8PA0sdiAoUOkgfk9dPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://exeo.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-MPR8PA0sdiAoUOkgfk9dPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 15:24:06 GMT
expires: Wed, 18 Jan 2023 15:24:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 container.html Show response
2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C3DA 6 KB
3 KB 46ms
45ms Document
text/html 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://exeo.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 15:24:05 GMT
expires: Thu, 18 Jan 2024 15:24:05 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
499 B 30ms
29ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=exeo.app_auto_728x90_sticky_display_bottom&pn=2&sn=3&pc=0.13673036992549895&ds=true&e=wdp&dsReferer=ZXhlby5hcHAvenI5N3VYY0o=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nf-request-id: 01GPGADBNXCHVSK51WK5YVFSDJ
date: Wed, 18 Jan 2023 15:24:06 GMT
cf-cache-status: HIT
age: 577328
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 78b855eb4bc9bb0b-MXP

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 834 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
501 B 40ms
39ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=exeo.app_auto_728x90_sticky_display_bottom&sy=0447f745-0dc4-45bb-a5ed-bbd4ddadc496&ts=92&cd=2&pud=176&pus=c&pue=849&pid=37&pis=c&pie=889&ppd=83&pps=a&ppe=936&pcl=811&ttc=948&tti=2090&ttif=0&lca=936&lcak=ppe&lct=936&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=exeo.app&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=3330f4e4-e0ca-4c17-a2d8-011e4681c8c5&e=lm&dsReferer=ZXhlby5hcHAvenI5N3VYY0o=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nf-request-id: 01GPGADBNXCHVSK51WK5YVFSDJ
date: Wed, 18 Jan 2023 15:24:06 GMT
cf-cache-status: HIT
age: 577328
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 78b855eb5bdabb0b-MXP

GET
H3 200 OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js Show response
pagead2.googlesyndication.com/bg/ Frame F81C 36 KB
16 KB 97ms
35ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 20:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16095
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jan 2024 20:15:56 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C3DA 0
0 77ms
76ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ChunxFQ_IY8XVPNOV7_UP6tCN-Afi0rL2YcexjoqOCMCNtwEQASAAYP2CkYToEYIBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI_TaAHcReyPuACAKgDAaoEkgJP0CflNd6Ry7JR4Ew6fJtp7Wa3dYpKBKr8dlSlnqRaluerlv63CB9W4VscxfpbHEPnXiQxSqdXv68qe6DTYSVbFWqhWdIV_2-D45IbGEkm1gLpn_RJyRcspImIpqhadBdDtLszQ6u0hlLmqb0mXtdZsfE15pR1RIEdh9plY_GdIY-LhRvl2Yp-etxgac2hsDOp6sP_mSNQ_jSejmquwGy6Hgr5ktbclzWIEfa_xR-uiHtZdvEr4mdfD9hW9hIoZXcmSSTh27hV5nOWHuX8XgpYconDL3g5ZXtwKwrwzEdlC6Lb93myQm-3A2m5pL4C94bqHDI-UJhohaXijqqbinH8kPQuk3pc_7pfGcb4yExHcUFo4AQBgAaM27ywiYvRrjKgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=-QJaEtodZH8&uach_m=[UACH]&cid=CAQSPADq26N92xh3OxL6dWpmBQzPooBuHelwm64yYZDBjVPIYH64TL7M0qEaiL6ncFsnnCXh_KFgkWfIRiM4yxgBIBM
Requested by: Host: exeo.app
URL: https://exeo.app/zr97uXcJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame C3DA 0
0 86ms
35ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gj34hg19c245tj9r7sq2a1rsrpjnph9vq515y1nzqnkqd046qnys5s8ttfbc385vtk3qk0ba983f6mx3409f6xf9ppev8y0ks9qdxqrwagck1pkycfck1ck9h4j0vh3yess2tkg3jncm4ym8mgaasg5wpwvner41cb9sth01g8g2g7dpp80bc7jn3nyes386f5jnetdra7200y2e1vka96zw31zz3n8s48gnj7s6qh852jerrhjwfh8rch7ztq0x14tfbyag0qnjsndvyqhnwahfag253j8pk8dcbdmrdthe4hksx6sa6vq3606mb16p2q51ya019e5z9dgjvyjk82q3600fskghqe1h5r6j4q4ebkfz6r1sdyrtedxsmksmj7mxwew4zbq5g0&b=Y8gPFQAPKsUIu8rTAANoaoyeFR2KFUnIi9BiMQ
Requested by: Host: exeo.app
URL: https://exeo.app/zr97uXcJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 18 Jan 2023 15:24:06 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 1974 2 KB
3 KB 103ms
54ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gnfcn7sd6c2bk5340nbvg8r9nk1jz3kn5nzbj28wpvxvtx1cw8rfrtaycyytw9e5k0km85rd67ntdmba8j1kan6g7hcyk07ry26zt82429qd5xc3c4vt72ryzv2gnbrw7bbs66e50t2t9jx7rdwf1gfjkfazgfxb0qtjtm72fp50p4ypeqyz96cbr2010szw959a9v764nrnerkfea78dyf4bzy66vge3zdx4sf6yx131z4z2ydjkb6t134gjdwqxp9rny40b5x6cscbjwvpe43papbhe3vsyraqspn561kkcnv4e3t0hgkfpm29222s5k2704jwne1y4stsy8myaymp7skehrp8t4q7k8frmnsyxmzbg67bxj7439g6js8bxqvcvw17zfwwvvtbmc7ry5jqk4qeykg9a995c3vz4mr36p27d96scvp75n18kky6t5fv52d&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC9t3FQ_IY8XVPNOV7_UP6tCN-Afi0rL2YcexjoqOCMCNtwEQASAAYP2CkYToEYIBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI_TaAHcReyPuACAKgDAaoElQJP0CflNd6Ry7JR4Ew6fJtp7Wa3dYpKBKr8dlSlnqRaluerlv63CB9W4VscxfpbHEPnXiQxSqdXv68qe6DTYSVbFWqhWdIV_2-D45IbGEkm1gLpn_RJyRcspImIpqhadBdDtLszQ6u0hlLmqb0mXtdZsfE15pR1RIEdh9plY_GdIY-LhRvl2Yp-etxgac2hsDOp6sP_mSNQ_jSejmquwGy6Hgr5ktbclzWIEfa_xR-uiHtZdvEr4mdfD9hW9hIoZXcmSSTh27hV5nOWHuX8XgpYconDL3g5ZXtwKwrwzEdlC6Lb93myQm-3A2m5pPwA1hQ95bV-mB90TQSCTSPfkXtRmto2GqTln3nc8NfU0Jmb7gGgYsAA4AQBgAaM27ywiYvRrjKgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0sH4seJg_uKosQcUjY1zjgz-8wJA%26client%3Dca-pub-3831894559014614%26adurl%3D

Requested by

Host: 2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com
URL: https://2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6f67585d9fdceff16c422e864ccd66af53aca21c0b679e9b9fba18a7b4843c6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 78b855ebfdc659fb-MXP
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 15:24:06 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/ Frame C3DA 3 KB
1 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/window_focus_fy2021.js

Requested by

Host: 2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com
URL: https://2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 11:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14674
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 11:19:32 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B266 1 KB
643 B 48ms
34ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com
URL: https://2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 11090
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 12:19:16 GMT
etag: 48472445140208031
expires: Thu, 19 Jan 2023 12:19:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/ Frame C3DA 18 KB
7 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com
URL: https://2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcb2a2d76154a28aee5a1e84fce890f1e5bd8ef41d5a7c8368f1db418409cc83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 19:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71076
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7536
x-xss-protection: 0
server: cafe
etag: 18409170587552385168
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Jan 2023 19:39:30 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C3DA 24 KB
6 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com
URL: https://2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 07:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26738
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 18 Jan 2024 07:58:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C3DA 157 KB
49 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com
URL: https://2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 18 Jan 2023 15:24:06 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012301041800000/ Frame D103 221 KB
61 KB 177ms
59ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301041800000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4e7f21914210e4d6da2b44cc05a554cdd1e538ee43e1d4dc5d6e6a1f1ee1282

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Jan 2023 18:07:13 GMT
age: 76613
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61740
x-xss-protection: 0
server: sffe
etag: "8e9029bac2b10828"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jan 2024 18:07:13 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012301041800000/v0/ Frame D103 15 KB
5 KB 263ms
145ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301041800000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

885cb07503e088de00e0b1502940db47d59817caf2a3e35e1f92432d48d6f8fe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Jan 2023 18:07:13 GMT
age: 76613
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5230
x-xss-protection: 0
server: sffe
etag: "98e8559bf0300638"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jan 2024 18:07:13 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012301041800000/v0/ Frame D103 94 KB
28 KB 269ms
152ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301041800000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6629584f62feeb6b024b50fae7e99ed6bec9942ce434c8163e2d627f1253dbb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Jan 2023 18:07:13 GMT
age: 76613
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28829
x-xss-protection: 0
server: sffe
etag: "80143a542ab189b2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jan 2024 18:07:13 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012301041800000/v0/ Frame D103 5 KB
2 KB 305ms
187ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301041800000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9ed6c0cdb54ddeb561369fa2f9748cd0dcba457ba2cd0cb1955cf48387bcf2a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Jan 2023 18:07:13 GMT
age: 76613
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "c26873ae23a2dfcc"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jan 2024 18:07:13 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012301041800000/v0/ Frame D103 40 KB
13 KB 307ms
189ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301041800000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f239f3f5ba2fe8def7ffc52c0268cfb1cbd362214823676459daa279370a9cfa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Jan 2023 18:07:13 GMT
age: 76613
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12956
x-xss-protection: 0
server: sffe
etag: "a53f7d5e2894160e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jan 2024 18:07:13 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D103 8 KB
991 B 47ms
46ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 18 Jan 2023 15:24:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 18 Jan 2023 14:07:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 18 Jan 2023 15:24:06 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D103 2 KB
2 KB 35ms
34ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: exeo.app
URL: https://exeo.app/zr97uXcJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 09:39:53 GMT
x-content-type-options: nosniff
server: cafe
age: 20653
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 19 Jan 2023 09:39:53 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D103 295 B
319 B 33ms
32ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: exeo.app
URL: https://exeo.app/zr97uXcJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 20:35:32 GMT
x-content-type-options: nosniff
server: cafe
age: 67714
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 18 Jan 2023 20:35:32 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D103 0
0 69ms
67ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSRX4WdVs58dymGBVB4WleCYd3fpl3pWDOCb3nN-NyXxy0PfqfyYGIBKJO-5sqVDLM6rpz_0D9WpnUfOA1dwkp_O51vTw
Requested by: Host: exeo.app
URL: https://exeo.app/zr97uXcJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D103 0
0 78ms
77ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CRyGTFg_IY9fkAfrI7_UPqcKRyAK-nZaybqODnOyNEfiIs5ClFBABIJWbyiFg_YKRhOgRoAGr3snBAcgBAakC_aSDqptDSj7gAgCoAwHIAwqqBOwBT9Du0mIDsTFgcc9p5pZDJHUhH7f2pY9Pu-IZDI1RYmYbjJVdSAFd4Fmub95LTSxsm-Hhlc0O74MJeWfC2SXbz3CdEPhq5qLQksj7hPGIx5THgvlcEVbvfTsL1acJqkgAb4KnwIdhwj9afYs_6DekbFwDepHpzQnjKow0u6zhldeRGJNKz6H5xYgyNFjg-9BBJFfYtNaN3c6p39p58quAw_eWDLEwDI9zE33g8N9Tsli-bkvOkiSo5ep-wnIUDx5Q2DaK0SscUE42uXfowaq1Y83LJYFv9E6sW1om1KyukgT0NSgRFRczyJnGBRnABKzgq56ZBOAEAZIFBAgEGAGSBQQIBRgEgAe9oba-AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDEPAu0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEw2IFAbQFQGYFgGAFwGyFx4KHAgAEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=Dmoj5_0w1K8&uach_m=[UACH]&cid=CAQSOwDq26N9P0EGZN6R1MLVdFnhFK_5mrW6cXowX7ePZpwBJ1IguxZ0-DZlqlMtxEm2XNdLM9eGoHPuodk0GAEgEw
Requested by: Host: exeo.app
URL: https://exeo.app/zr97uXcJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
501 B 36ms
36ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=exeo.app_fluid_lb%2Bsq_continue_page_before_button_1&pn=2&sn=3&pc=0.23314685821533204&ds=true&e=wdp&dsReferer=ZXhlby5hcHAvenI5N3VYY0o=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nf-request-id: 01GPGADBNXCHVSK51WK5YVFSDJ
date: Wed, 18 Jan 2023 15:24:06 GMT
cf-cache-status: HIT
age: 577328
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 78b855ebdd1fbb0b-MXP

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
503 B 53ms
52ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=exeo.app_fluid_lb%2Bsq_continue_page_before_button_1&sy=0447f745-0dc4-45bb-a5ed-bbd4ddadc496&ts=92&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=exeo.app&mlre=undefined&mlin=0&mlsi=940x280&mlbw=4g&mlcs=NaN&mltp=3330f4e4-e0ca-4c17-a2d8-011e4681c8c5&e=lm&dsReferer=ZXhlby5hcHAvenI5N3VYY0o=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nf-request-id: 01GPGADBNXCHVSK51WK5YVFSDJ
date: Wed, 18 Jan 2023 15:24:06 GMT
cf-cache-status: HIT
age: 577328
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 78b855ebdd25bb0b-MXP

GET
DATA 200
OK truncated
/ Frame D103 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd777da191fff9aefa90cd4052a3e450f4f8d30162d2d77a519aba51bf9f4eaa

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C3DA 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db3dca155dac3ba0febb37bf4c0a065bdae601d6da69374d4d5cdc6e6619017c

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame B266
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGDorEWcAhmN-KQ0GdFruvU&google_cver=1&google_push=AavPq0N3B2zTTywjUsQyhOPjmDC6pAJSQ_DweHH0ljwoC_tuiEth0KidKQ0OGEGB8rLGJlTyIhGpea9gQQhwGvqnJrjSU5PibKdi3A
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzEzMzA4ODU0MzgwMTE0MTg5Ng==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELB8GnPMtVq6W_HdcS3phio&google_cver=1

43 B
398 B

81ms
38ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELB8GnPMtVq6W_HdcS3phio&google_cver=1
Requested by: Host: 2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com
URL: https://2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 18 Jan 2023 15:24:06 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 18 Jan 2023 15:24:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELB8GnPMtVq6W_HdcS3phio&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B266
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEK--VDTfMoXefOMY7qZ2Vm8&google_push=AavPq0MupElF1YXXGCCthZG0BeZN3baWJa1xPhXs8GTvANUshfp6nEBh3a...

170 B
188 B

43ms
39ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEK--VDTfMoXefOMY7qZ2Vm8&google_push=AavPq0MupElF1YXXGCCthZG0BeZN3baWJa1xPhXs8GTvANUshfp6nEBh3aCFyXx27Km8mX-9uxCgCePmaQDMuuteAfzOrLvzHP3r

Requested by

Host: 2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com
URL: https://2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 15:24:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-mxp6966-MXP
pragma: no-cache
date: Wed, 18 Jan 2023 15:24:06 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1674055447.520742,VS0,VE98
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEK--VDTfMoXefOMY7qZ2Vm8&google_push=AavPq0MupElF1YXXGCCthZG0BeZN3baWJa1xPhXs8GTvANUshfp6nEBh3aCFyXx27Km8mX-9uxCgCePmaQDMuuteAfzOrLvzHP3r
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B266
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEAsq5thmiEqV5l1EplXY6Qc&google_cver=1&google_push=AavPq0MlajWkmzGaRVcIln4ww-EVV2__YmSKusKhhZV10yp6OaD7uE2u3RWNZWxR6DbUHzJK2DmezIoFzbpDhN3R...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=LemlVTE5R9G5JkXq7w50CA2&google_push=AavPq0MlajWkmzGaRVcIln4ww-EVV2__YmSKusKhhZV10yp6OaD7uE2u3RWNZWxR6DbUHzJK2DmezIoFzbpDhN3RzXTAZ2FAlOi0

170 B
329 B

46ms
44ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=LemlVTE5R9G5JkXq7w50CA2&google_push=AavPq0MlajWkmzGaRVcIln4ww-EVV2__YmSKusKhhZV10yp6OaD7uE2u3RWNZWxR6DbUHzJK2DmezIoFzbpDhN3RzXTAZ2FAlOi0

Requested by

Host: 2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com
URL: https://2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 15:24:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 18 Jan 2023 15:24:06 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=LemlVTE5R9G5JkXq7w50CA2&google_push=AavPq0MlajWkmzGaRVcIln4ww-EVV2__YmSKusKhhZV10yp6OaD7uE2u3RWNZWxR6DbUHzJK2DmezIoFzbpDhN3RzXTAZ2FAlOi0
x-host: tde-deliveryengine-production-fb497649f-w8rbh
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B266
Redirect Chain

https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEBhwHzKHXzUmiqsqAQc8uE0&google_cver=1&google_push=AavPq0MjUmuNUIjITc3wGqT8Ka47PtJZDQAN8XgCgCV-rCj-Khueg-J2yAthkK-5lNQN8JfWUINWHeo0lB...
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEBhwHzKHXzUmiqsqAQc8uE0&google_cver=1&google_push=AavPq0MjUmuNUIjITc3wGqT8Ka47PtJZDQAN8XgCgCV-rCj-Khueg-J2yAthkK-5lNQN8JfWUINWHeo0lB...
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AavPq0MjUmuNUIjITc3wGqT8Ka47PtJZDQAN8XgCgCV-rCj-Khueg-J2yAthkK-5lNQN8JfWUINWHeo0lBFQUDPkudrtO1M9jZLUuw&google_hm=

170 B
188 B

48ms
47ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AavPq0MjUmuNUIjITc3wGqT8Ka47PtJZDQAN8XgCgCV-rCj-Khueg-J2yAthkK-5lNQN8JfWUINWHeo0lBFQUDPkudrtO1M9jZLUuw&google_hm=

Requested by

Host: 2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com
URL: https://2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 15:24:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 18 Jan 2023 15:24:06 GMT
server: nginx
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AavPq0MjUmuNUIjITc3wGqT8Ka47PtJZDQAN8XgCgCV-rCj-Khueg-J2yAthkK-5lNQN8JfWUINWHeo0lBFQUDPkudrtO1M9jZLUuw&google_hm=
content-type: text/html; charset=UTF-8
cache-control: no-cache
keep-alive: timeout=10
access-control-allow-headers: Origin

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B266
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEODn2sda-q3clYe07dyHBh4&google_cver=1&google_push=AavPq0MGaH0Rl1GC9cV9ykD00FF_iltcMuFPgO4MI3hhSuXPTRtytm9205g6z9oqhfwGjrN_sh-6K-kvFoLwaBAcza5j...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEODn2sda-q3clYe07dyHBh4&google_cver=1&google_push=AavPq0MGaH0Rl1GC9cV9ykD00FF_iltcMuFPgO4MI3hhSuXPTRtytm9205g6z9oqhfwGjrN_sh-6K-kvFoLwaB...
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
https://x.bidswitch.net/sync?dsp_id=59&user_id=01431d2e-f65b-448a-925f-cc29bbc166a0&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0MGaH0Rl1GC9cV9ykD00FF_iltcMuFPgO4MI3hhSuXPTRtytm9205g6z9oqhfwGjrN_sh-6K-kvFoLwaBAcza5jip-xDCkIdA&google_hm=CFguyOQLSH-LKD2bOCbFtw==

170 B
188 B

39ms
39ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0MGaH0Rl1GC9cV9ykD00FF_iltcMuFPgO4MI3hhSuXPTRtytm9205g6z9oqhfwGjrN_sh-6K-kvFoLwaBAcza5jip-xDCkIdA&google_hm=CFguyOQLSH-LKD2bOCbFtw==

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 15:24:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0MGaH0Rl1GC9cV9ykD00FF_iltcMuFPgO4MI3hhSuXPTRtytm9205g6z9oqhfwGjrN_sh-6K-kvFoLwaBAcza5jip-xDCkIdA&google_hm=CFguyOQLSH-LKD2bOCbFtw==
date: Wed, 18 Jan 2023 15:24:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame B266 43 B
351 B 156ms
52ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEO6jImgi5_B9x8LyC6CoRr8&google_cver=1&google_push=AavPq0PybgOwTqnIjVouePQck383IVbt8_UTGMoGdOeGmUb-t5LOW2fXRPuOwOM8NRDJqUhO8yRXP3xYVq277gmNoIQ6cCwxcthqHg
Requested by: Host: 2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com
URL: https://2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 15:24:05 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: dc2inq5qcv4phvil72khf5788en4u8go

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame B266 0
35 B 206ms
45ms Image
text/plain 3.74.100.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEFAxohu2s62Q37tMMA7t7hU&google_cver=1&google_push=AavPq0PQKdPK8ANBXZbYK0hcan8ji2m_u17hXPVUchJzjtHZ_H3GKndtNlYFnHMLFscqhXxC3ya7O3v6Beo92hqgYwzALBjoWN_VelM
Requested by: Host: 2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com
URL: https://2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.74.100.208 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-74-100-208.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:06 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B266 0
232 B 111ms
33ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ku2jM4rxp0n0it6t55EhMFnqFliIt5a9U9X0uJtuM_PJCeRSnAyQMi7Bj9A94r-XyqHhwhhA

Requested by

Host: 2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com
URL: https://2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame D103 28 KB
28 KB 37ms
37ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://exeo.app
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 21:35:41 GMT
x-content-type-options: nosniff
age: 496105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jan 2024 21:35:41 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.28/one-ad/ Frame 1974 90 KB
11 KB 44ms
40ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gnfcn7sd6c2bk5340nbvg8r9nk1jz3kn5nzbj28wpvxvtx1cw8rfrtaycyytw9e5k0km85rd67ntdmba8j1kan6g7hcyk07ry26zt82429qd5xc3c4vt72ryzv2gnbrw7bbs66e50t2t9jx7rdwf1gfjkfazgfxb0qtjtm72fp50p4ypeqyz96cbr2010szw959a9v764nrnerkfea78dyf4bzy66vge3zdx4sf6yx131z4z2ydjkb6t134gjdwqxp9rny40b5x6cscbjwvpe43papbhe3vsyraqspn561kkcnv4e3t0hgkfpm29222s5k2704jwne1y4stsy8myaymp7skehrp8t4q7k8frmnsyxmzbg67bxj7439g6js8bxqvcvw17zfwwvvtbmc7ry5jqk4qeykg9a995c3vz4mr36p27d96scvp75n18kky6t5fv52d&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC9t3FQ_IY8XVPNOV7_UP6tCN-Afi0rL2YcexjoqOCMCNtwEQASAAYP2CkYToEYIBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI_TaAHcReyPuACAKgDAaoElQJP0CflNd6Ry7JR4Ew6fJtp7Wa3dYpKBKr8dlSlnqRaluerlv63CB9W4VscxfpbHEPnXiQxSqdXv68qe6DTYSVbFWqhWdIV_2-D45IbGEkm1gLpn_RJyRcspImIpqhadBdDtLszQ6u0hlLmqb0mXtdZsfE15pR1RIEdh9plY_GdIY-LhRvl2Yp-etxgac2hsDOp6sP_mSNQ_jSejmquwGy6Hgr5ktbclzWIEfa_xR-uiHtZdvEr4mdfD9hW9hIoZXcmSSTh27hV5nOWHuX8XgpYconDL3g5ZXtwKwrwzEdlC6Lb93myQm-3A2m5pPwA1hQ95bV-mB90TQSCTSPfkXtRmto2GqTln3nc8NfU0Jmb7gGgYsAA4AQBgAaM27ywiYvRrjKgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0sH4seJg_uKosQcUjY1zjgz-8wJA%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc78d0ae04e90f166274e27a8af76d6a676cbf360f682f3993ef4b453ee5d598

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gnfcn7sd6c2bk5340nbvg8r9nk1jz3kn5nzbj28wpvxvtx1cw8rfrtaycyytw9e5k0km85rd67ntdmba8j1kan6g7hcyk07ry26zt82429qd5xc3c4vt72ryzv2gnbrw7bbs66e50t2t9jx7rdwf1gfjkfazgfxb0qtjtm72fp50p4ypeqyz96cbr2010szw959a9v764nrnerkfea78dyf4bzy66vge3zdx4sf6yx131z4z2ydjkb6t134gjdwqxp9rny40b5x6cscbjwvpe43papbhe3vsyraqspn561kkcnv4e3t0hgkfpm29222s5k2704jwne1y4stsy8myaymp7skehrp8t4q7k8frmnsyxmzbg67bxj7439g6js8bxqvcvw17zfwwvvtbmc7ry5jqk4qeykg9a995c3vz4mr36p27d96scvp75n18kky6t5fv52d&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC9t3FQ_IY8XVPNOV7_UP6tCN-Afi0rL2YcexjoqOCMCNtwEQASAAYP2CkYToEYIBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI_TaAHcReyPuACAKgDAaoElQJP0CflNd6Ry7JR4Ew6fJtp7Wa3dYpKBKr8dlSlnqRaluerlv63CB9W4VscxfpbHEPnXiQxSqdXv68qe6DTYSVbFWqhWdIV_2-D45IbGEkm1gLpn_RJyRcspImIpqhadBdDtLszQ6u0hlLmqb0mXtdZsfE15pR1RIEdh9plY_GdIY-LhRvl2Yp-etxgac2hsDOp6sP_mSNQ_jSejmquwGy6Hgr5ktbclzWIEfa_xR-uiHtZdvEr4mdfD9hW9hIoZXcmSSTh27hV5nOWHuX8XgpYconDL3g5ZXtwKwrwzEdlC6Lb93myQm-3A2m5pPwA1hQ95bV-mB90TQSCTSPfkXtRmto2GqTln3nc8NfU0Jmb7gGgYsAA4AQBgAaM27ywiYvRrjKgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0sH4seJg_uKosQcUjY1zjgz-8wJA%26client%3Dca-pub-3831894559014614%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674054542
age: 599
cf-polished: origSize=92334
x-guploader-uploadid: ADPycduOIlCudx-XVm5qLJi8OhY2jaf2lPA8q3ch1u6Nvu_xQSn08NrWkH7ortp-rZRuBMU9kt_cX7NUmpL0qskSxV4pk8f0m1q2
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 18 Jan 2023 15:09:31 GMT
server: cloudflare
etag: W/"c37ad1fc922bacd7adf1cb37da63f83c"
vary: Accept-Encoding
x-goog-generation: 1674054571046429
content-type: text/css
x-goog-hash: crc32c=4A2ZRg==, md5=w3rR/JIrrNet8cs32mP4PA==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2aEVL%2FcCMJjOnXMJe1V3fox%2Fq29C2t8tnBK7%2F0UPpgaynpFNUhC3VsrxW1K70BQ9sdY9Lx%2BcygTi5%2BOaf6TF0So%2BZ5fcH0Y%2BsihhdbbaTVKuFxq%2BiEUQVa5tn3RwLIQDXkGLkj4xmNU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 92334
cf-ray: 78b855ec7edd59fb-MXP
expires: Wed, 18 Jan 2023 16:24:06 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 1974 35 KB
12 KB 57ms
39ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gnfcn7sd6c2bk5340nbvg8r9nk1jz3kn5nzbj28wpvxvtx1cw8rfrtaycyytw9e5k0km85rd67ntdmba8j1kan6g7hcyk07ry26zt82429qd5xc3c4vt72ryzv2gnbrw7bbs66e50t2t9jx7rdwf1gfjkfazgfxb0qtjtm72fp50p4ypeqyz96cbr2010szw959a9v764nrnerkfea78dyf4bzy66vge3zdx4sf6yx131z4z2ydjkb6t134gjdwqxp9rny40b5x6cscbjwvpe43papbhe3vsyraqspn561kkcnv4e3t0hgkfpm29222s5k2704jwne1y4stsy8myaymp7skehrp8t4q7k8frmnsyxmzbg67bxj7439g6js8bxqvcvw17zfwwvvtbmc7ry5jqk4qeykg9a995c3vz4mr36p27d96scvp75n18kky6t5fv52d&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC9t3FQ_IY8XVPNOV7_UP6tCN-Afi0rL2YcexjoqOCMCNtwEQASAAYP2CkYToEYIBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI_TaAHcReyPuACAKgDAaoElQJP0CflNd6Ry7JR4Ew6fJtp7Wa3dYpKBKr8dlSlnqRaluerlv63CB9W4VscxfpbHEPnXiQxSqdXv68qe6DTYSVbFWqhWdIV_2-D45IbGEkm1gLpn_RJyRcspImIpqhadBdDtLszQ6u0hlLmqb0mXtdZsfE15pR1RIEdh9plY_GdIY-LhRvl2Yp-etxgac2hsDOp6sP_mSNQ_jSejmquwGy6Hgr5ktbclzWIEfa_xR-uiHtZdvEr4mdfD9hW9hIoZXcmSSTh27hV5nOWHuX8XgpYconDL3g5ZXtwKwrwzEdlC6Lb93myQm-3A2m5pPwA1hQ95bV-mB90TQSCTSPfkXtRmto2GqTln3nc8NfU0Jmb7gGgYsAA4AQBgAaM27ywiYvRrjKgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0sH4seJg_uKosQcUjY1zjgz-8wJA%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 15:04:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 87586
etag: W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3qX9dbJMo4FyYUV6f%2FbfBVc6GycjrHtYyYtwm%2Fe7KRrfT%2F%2Fo0d28Si941Fx5GkkF0nSU0GLdanLod8sa0biPmdHh44wlJd0mPcAbqtvigTI4CEl2EwOh5eifoO%2BKbb9XuYlJl7M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 78b855ec8f1759fb-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 17 Jan 2023 15:04:20 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 137ms
137ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=1526883150084695&vrg=2023011001&nw_id=44890869%5C%2C22855689125&nslots=2&eid=31071523%2C676982961&pub_url=https%3A%2F%2Fexeo.app%2Fzr97uXcJ&qid=CJTxr8G20fwCFUuK_QcdQ6sFOw&iu=%2F44890869%2C22855689125%2Fca-pub-3831894559014614-tag%2Fafafdb0d-39d1-4953-b43d-ab93c1fbc5a3&e=0&ret=1x1&req=728x90&bm=0&efh=1&stk=1&ifi=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 15:24:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0C48 0
0 143ms
140ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023011001&jk=1526883150084695&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 134ms
133ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=1526883150084695&vrg=2023011001&nw_id=44890869%5C%2C22855689125&nslots=2&eid=31071523%2C676982961&pub_url=https%3A%2F%2Fexeo.app%2Fzr97uXcJ&qid=CLzir8G20fwCFTFC5Qod7CIP-g&iu=%2F44890869%2C22855689125%2Fca-pub-3831894559014614-tag%2F3feeeb45-0f17-4c76-aa93-558e37af35a1&e=512&ret=1x1&req=940x280&bm=0&efh=1&stk=0&ifi=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 15:24:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 1974 3 KB
4 KB 104ms
44ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3532
x-guploader-uploadid: ADPycds9UegxUXswK4RzZzF6mXDfQy_y0GHXQmo_7EYAAHyEQ16keq-zOTSqb6YP04oikMtdLFTYNybr6iTpruHRyi30S7TEFw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GmXtUzWP4MUeVIRm5lAJj7BH9EKV6aqbovH9yWCHnX6HoLSMvEaG7F8XzD93X5eiW7%2BPgtcOTKHJ7ZF%2FH1V9aUwBZZag0BsJLJq36T7l11%2BxabPQQG761gtreoz4NJuErVzd886hBd4c1DjuKDxBE59x"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 78b855ee9d13374c-MXP
expires: Wed, 18 Jan 2023 15:25:14 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame D103
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

189ms
78ms

Image
text/html

2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: exeo.app
URL: https://exeo.app/zr97uXcJ
Protocol: H2
Server: 2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Redirect headers

date: Wed, 18 Jan 2023 15:24:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 frame.html Show response
ad4m.at/ Frame 32D4 2 KB
1 KB 52ms
52ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 504845
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 78b855eecad7ba8b-MXP
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 18 Jan 2023 15:24:06 GMT
expires: Thu, 12 Jan 2023 18:57:16 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZQB3oa1gyExrisRDqXLB8HaIzp0Xu7%2FFCNXa2GyqBzU9G1b6tPGB6pNGQ096dhtrMbfi4dyPOsr%2F8%2FhjfkdbTNHbs57Wai3coU6cnTClnZieXxQ4sn9JMkfBvU00I9qH0ihLO8M%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 133ms
132ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=1526883150084695&vrg=2023011001&nw_id=44890869%5C%2C22855689125&nslots=2&eid=31071523%2C676982961&pub_url=https%3A%2F%2Fexeo.app%2Fzr97uXcJ&qid=CIW0xcG20fwCFdPKuwgdamgDfw&iu=%2F44890869%2C22855689125%2Fca-pub-3831894559014614-tag%2F0d7c591c-fb7f-4621-bdc0-c9268b4896ba&e=0&ret=728x90&req=728x90&bm=0&efh=1&stk=1&ifi=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 15:24:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame 1974 2 KB
2 KB 63ms
62ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3890a7341180d91f19cf9fec6bb07bc82b40162d1412eb7c99cd0394198b55d

Request headers

Referer
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 18 Jan 2023 15:24:07 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ch6glYV%2F1FhT3JhbfmWAJjulXYpvut6TQDbeIp762nyrsDd1Ufhqou1MwP9QjHtzhkCmNznBU%2Fkqp5%2BjL3CZ46F9Q2cFwOGI5lgdLX9In3P6a2NTq1fDgqmJ9AlCGcxy82fuqMA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 78b855f0dc88bae1-MXP
x-backend-server: aa-reachservice-group-europe-west1-41hh
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 81ms
60ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 78b855f07bbdbae1-MXP
content-length: 24
content-type: text/plain
date: Wed, 18 Jan 2023 15:24:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ErQC17DaCnea9QZ5VYjxE0V9ojmhy0yPYrj7Z7DN9sWOfAxx%2Bvx7HtwKwjBfuq6eJ7bG4j9eQCPpfmQlHxIQfLm1HpJWfxkcfUWdPcKJHulNqWLAW58njABUqPK%2BiNLerH8k%2BUY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-gxt5

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame CFC8 9 KB
4 KB 61ms
60ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=34920%2C15710%2C196502&b=eRPT3fVfqJXTjHZHet1tWGJfwSQTKKwUJx5q%2CqV3amfWfD27uZHgHDtJtZZKheSgTJJecq4ZE%2Cw35HdfjfQeQ5fEHRH2tXt24rGFzSATmmgfKJp8&f=DeDh3fwfxmVs3HmH9twCAz2SxSmTYYGuZMP2%2CR6ZHgfQfDRJukHwH3tzCPPZC9SzTYY9uB38Y%2CgXPf8frfYrYpTPHbH8txC7rwMFmSQT992Uwg6j&c=728&d=90&e=&g=c11348ea64803ae3e232abed73d56e8b%2F8126045536877291581&i=17843%2C25196%2C75611&j=16%2C18%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach125_IT_ADX_ONLY&r=1674055447186&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqwg43s8jnqaa53sq0195vb36jyge3281ygdcragq6qwf6qazyzm9kgf6naqnk17gp9s6aa7a1rrhwy4tm1rgmz1rbggprc5ste6h3mrremjxcptktn6cnkej5krvj2nbbjyac436bk1km4g46mch8kkw2604bcajwrapb6k5m0phxd3d56t7gsrxgdd54cy3ak0m42nn878jk4zhkmj2xrr4xk2xr11eqttcepqqytdm1s3gq15h6axnnjzj83r3f8htnnmkz1420ssphm3d40%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCC9t3FQ_IY8XVPNOV7_UP6tCN-Afi0rL2YcexjoqOCMCNtwEQASAAYP2CkYToEYIBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI_TaAHcReyPuACAKgDAaoElQJP0CflNd6Ry7JR4Ew6fJtp7Wa3dYpKBKr8dlSlnqRaluerlv63CB9W4VscxfpbHEPnXiQxSqdXv68qe6DTYSVbFWqhWdIV_2-D45IbGEkm1gLpn_RJyRcspImIpqhadBdDtLszQ6u0hlLmqb0mXtdZsfE15pR1RIEdh9plY_GdIY-LhRvl2Yp-etxgac2hsDOp6sP_mSNQ_jSejmquwGy6Hgr5ktbclzWIEfa_xR-uiHtZdvEr4mdfD9hW9hIoZXcmSSTh27hV5nOWHuX8XgpYconDL3g5ZXtwKwrwzEdlC6Lb93myQm-3A2m5pPwA1hQ95bV-mB90TQSCTSPfkXtRmto2GqTln3nc8NfU0Jmb7gGgYsAA4AQBgAaM27ywiYvRrjKgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0sH4seJg_uKosQcUjY1zjgz-8wJA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3062ea78bfb38ce2ca7b450bf6a9fd1488b0e3d842c7607bd1c096318999181d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1gnfcn7sd6c2bk5340nbvg8r9nk1jz3kn5nzbj28wpvxvtx1cw8rfrtaycyytw9e5k0km85rd67ntdmba8j1kan6g7hcyk07ry26zt82429qd5xc3c4vt72ryzv2gnbrw7bbs66e50t2t9jx7rdwf1gfjkfazgfxb0qtjtm72fp50p4ypeqyz96cbr2010szw959a9v764nrnerkfea78dyf4bzy66vge3zdx4sf6yx131z4z2ydjkb6t134gjdwqxp9rny40b5x6cscbjwvpe43papbhe3vsyraqspn561kkcnv4e3t0hgkfpm29222s5k2704jwne1y4stsy8myaymp7skehrp8t4q7k8frmnsyxmzbg67bxj7439g6js8bxqvcvw17zfwwvvtbmc7ry5jqk4qeykg9a995c3vz4mr36p27d96scvp75n18kky6t5fv52d&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC9t3FQ_IY8XVPNOV7_UP6tCN-Afi0rL2YcexjoqOCMCNtwEQASAAYP2CkYToEYIBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI_TaAHcReyPuACAKgDAaoElQJP0CflNd6Ry7JR4Ew6fJtp7Wa3dYpKBKr8dlSlnqRaluerlv63CB9W4VscxfpbHEPnXiQxSqdXv68qe6DTYSVbFWqhWdIV_2-D45IbGEkm1gLpn_RJyRcspImIpqhadBdDtLszQ6u0hlLmqb0mXtdZsfE15pR1RIEdh9plY_GdIY-LhRvl2Yp-etxgac2hsDOp6sP_mSNQ_jSejmquwGy6Hgr5ktbclzWIEfa_xR-uiHtZdvEr4mdfD9hW9hIoZXcmSSTh27hV5nOWHuX8XgpYconDL3g5ZXtwKwrwzEdlC6Lb93myQm-3A2m5pPwA1hQ95bV-mB90TQSCTSPfkXtRmto2GqTln3nc8NfU0Jmb7gGgYsAA4AQBgAaM27ywiYvRrjKgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0sH4seJg_uKosQcUjY1zjgz-8wJA%26client%3Dca-pub-3831894559014614%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 78b855f14834ba8b-MXP
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 15:24:07 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.28/one-ad/ Frame CFC8 90 KB
12 KB 35ms
34ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34920%2C15710%2C196502&b=eRPT3fVfqJXTjHZHet1tWGJfwSQTKKwUJx5q%2CqV3amfWfD27uZHgHDtJtZZKheSgTJJecq4ZE%2Cw35HdfjfQeQ5fEHRH2tXt24rGFzSATmmgfKJp8&f=DeDh3fwfxmVs3HmH9twCAz2SxSmTYYGuZMP2%2CR6ZHgfQfDRJukHwH3tzCPPZC9SzTYY9uB38Y%2CgXPf8frfYrYpTPHbH8txC7rwMFmSQT992Uwg6j&c=728&d=90&e=&g=c11348ea64803ae3e232abed73d56e8b%2F8126045536877291581&i=17843%2C25196%2C75611&j=16%2C18%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach125_IT_ADX_ONLY&r=1674055447186&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqwg43s8jnqaa53sq0195vb36jyge3281ygdcragq6qwf6qazyzm9kgf6naqnk17gp9s6aa7a1rrhwy4tm1rgmz1rbggprc5ste6h3mrremjxcptktn6cnkej5krvj2nbbjyac436bk1km4g46mch8kkw2604bcajwrapb6k5m0phxd3d56t7gsrxgdd54cy3ak0m42nn878jk4zhkmj2xrr4xk2xr11eqttcepqqytdm1s3gq15h6axnnjzj83r3f8htnnmkz1420ssphm3d40%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCC9t3FQ_IY8XVPNOV7_UP6tCN-Afi0rL2YcexjoqOCMCNtwEQASAAYP2CkYToEYIBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI_TaAHcReyPuACAKgDAaoElQJP0CflNd6Ry7JR4Ew6fJtp7Wa3dYpKBKr8dlSlnqRaluerlv63CB9W4VscxfpbHEPnXiQxSqdXv68qe6DTYSVbFWqhWdIV_2-D45IbGEkm1gLpn_RJyRcspImIpqhadBdDtLszQ6u0hlLmqb0mXtdZsfE15pR1RIEdh9plY_GdIY-LhRvl2Yp-etxgac2hsDOp6sP_mSNQ_jSejmquwGy6Hgr5ktbclzWIEfa_xR-uiHtZdvEr4mdfD9hW9hIoZXcmSSTh27hV5nOWHuX8XgpYconDL3g5ZXtwKwrwzEdlC6Lb93myQm-3A2m5pPwA1hQ95bV-mB90TQSCTSPfkXtRmto2GqTln3nc8NfU0Jmb7gGgYsAA4AQBgAaM27ywiYvRrjKgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0sH4seJg_uKosQcUjY1zjgz-8wJA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc78d0ae04e90f166274e27a8af76d6a676cbf360f682f3993ef4b453ee5d598

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=34920%2C15710%2C196502&b=eRPT3fVfqJXTjHZHet1tWGJfwSQTKKwUJx5q%2CqV3amfWfD27uZHgHDtJtZZKheSgTJJecq4ZE%2Cw35HdfjfQeQ5fEHRH2tXt24rGFzSATmmgfKJp8&f=DeDh3fwfxmVs3HmH9twCAz2SxSmTYYGuZMP2%2CR6ZHgfQfDRJukHwH3tzCPPZC9SzTYY9uB38Y%2CgXPf8frfYrYpTPHbH8txC7rwMFmSQT992Uwg6j&c=728&d=90&e=&g=c11348ea64803ae3e232abed73d56e8b%2F8126045536877291581&i=17843%2C25196%2C75611&j=16%2C18%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach125_IT_ADX_ONLY&r=1674055447186&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqwg43s8jnqaa53sq0195vb36jyge3281ygdcragq6qwf6qazyzm9kgf6naqnk17gp9s6aa7a1rrhwy4tm1rgmz1rbggprc5ste6h3mrremjxcptktn6cnkej5krvj2nbbjyac436bk1km4g46mch8kkw2604bcajwrapb6k5m0phxd3d56t7gsrxgdd54cy3ak0m42nn878jk4zhkmj2xrr4xk2xr11eqttcepqqytdm1s3gq15h6axnnjzj83r3f8htnnmkz1420ssphm3d40%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCC9t3FQ_IY8XVPNOV7_UP6tCN-Afi0rL2YcexjoqOCMCNtwEQASAAYP2CkYToEYIBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI_TaAHcReyPuACAKgDAaoElQJP0CflNd6Ry7JR4Ew6fJtp7Wa3dYpKBKr8dlSlnqRaluerlv63CB9W4VscxfpbHEPnXiQxSqdXv68qe6DTYSVbFWqhWdIV_2-D45IbGEkm1gLpn_RJyRcspImIpqhadBdDtLszQ6u0hlLmqb0mXtdZsfE15pR1RIEdh9plY_GdIY-LhRvl2Yp-etxgac2hsDOp6sP_mSNQ_jSejmquwGy6Hgr5ktbclzWIEfa_xR-uiHtZdvEr4mdfD9hW9hIoZXcmSSTh27hV5nOWHuX8XgpYconDL3g5ZXtwKwrwzEdlC6Lb93myQm-3A2m5pPwA1hQ95bV-mB90TQSCTSPfkXtRmto2GqTln3nc8NfU0Jmb7gGgYsAA4AQBgAaM27ywiYvRrjKgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0sH4seJg_uKosQcUjY1zjgz-8wJA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674054542
age: 600
cf-polished: origSize=92334
x-guploader-uploadid: ADPycduOIlCudx-XVm5qLJi8OhY2jaf2lPA8q3ch1u6Nvu_xQSn08NrWkH7ortp-rZRuBMU9kt_cX7NUmpL0qskSxV4pk8f0m1q2
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 18 Jan 2023 15:09:31 GMT
server: cloudflare
etag: W/"c37ad1fc922bacd7adf1cb37da63f83c"
vary: Accept-Encoding
x-goog-generation: 1674054571046429
content-type: text/css
x-goog-hash: crc32c=4A2ZRg==, md5=w3rR/JIrrNet8cs32mP4PA==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ZS8DW4ig%2BxupHzjiIXfIBphQAo5pKLTnxsulYFikR36B9k7MeDWNWA02uPbHg8zkYM5%2BTF7boxXTSwXspGkFbKBeeYwSNOLgzgkOjNZZGsKoCnQJ15VhP3jJskELtqK1ZFAuZRUCIA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 92334
cf-ray: 78b855f1b92dba8b-MXP
expires: Wed, 18 Jan 2023 16:24:07 GMT

GET
H2 200 1E7EF87734F8B90B80A5B31CD903BE30F0254FD8EDDA363DEF29B5D31AEDF2DA4F4F63C3174BEDA09FCE05178B2ABDFE317DFBE0F36A9B323186269F73F3A4B8
assets.ad4m.at/logo/ Frame CFC8 5 KB
5 KB 79ms
60ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/1E7EF87734F8B90B80A5B31CD903BE30F0254FD8EDDA363DEF29B5D31AEDF2DA4F4F63C3174BEDA09FCE05178B2ABDFE317DFBE0F36A9B323186269F73F3A4B8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34920%2C15710%2C196502&b=eRPT3fVfqJXTjHZHet1tWGJfwSQTKKwUJx5q%2CqV3amfWfD27uZHgHDtJtZZKheSgTJJecq4ZE%2Cw35HdfjfQeQ5fEHRH2tXt24rGFzSATmmgfKJp8&f=DeDh3fwfxmVs3HmH9twCAz2SxSmTYYGuZMP2%2CR6ZHgfQfDRJukHwH3tzCPPZC9SzTYY9uB38Y%2CgXPf8frfYrYpTPHbH8txC7rwMFmSQT992Uwg6j&c=728&d=90&e=&g=c11348ea64803ae3e232abed73d56e8b%2F8126045536877291581&i=17843%2C25196%2C75611&j=16%2C18%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach125_IT_ADX_ONLY&r=1674055447186&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqwg43s8jnqaa53sq0195vb36jyge3281ygdcragq6qwf6qazyzm9kgf6naqnk17gp9s6aa7a1rrhwy4tm1rgmz1rbggprc5ste6h3mrremjxcptktn6cnkej5krvj2nbbjyac436bk1km4g46mch8kkw2604bcajwrapb6k5m0phxd3d56t7gsrxgdd54cy3ak0m42nn878jk4zhkmj2xrr4xk2xr11eqttcepqqytdm1s3gq15h6axnnjzj83r3f8htnnmkz1420ssphm3d40%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCC9t3FQ_IY8XVPNOV7_UP6tCN-Afi0rL2YcexjoqOCMCNtwEQASAAYP2CkYToEYIBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI_TaAHcReyPuACAKgDAaoElQJP0CflNd6Ry7JR4Ew6fJtp7Wa3dYpKBKr8dlSlnqRaluerlv63CB9W4VscxfpbHEPnXiQxSqdXv68qe6DTYSVbFWqhWdIV_2-D45IbGEkm1gLpn_RJyRcspImIpqhadBdDtLszQ6u0hlLmqb0mXtdZsfE15pR1RIEdh9plY_GdIY-LhRvl2Yp-etxgac2hsDOp6sP_mSNQ_jSejmquwGy6Hgr5ktbclzWIEfa_xR-uiHtZdvEr4mdfD9hW9hIoZXcmSSTh27hV5nOWHuX8XgpYconDL3g5ZXtwKwrwzEdlC6Lb93myQm-3A2m5pPwA1hQ95bV-mB90TQSCTSPfkXtRmto2GqTln3nc8NfU0Jmb7gGgYsAA4AQBgAaM27ywiYvRrjKgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0sH4seJg_uKosQcUjY1zjgz-8wJA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4138b973704124d2f6ee2cc1e88da03fad5b2b4ec7f2f6c1820a1167d683f8d7

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 510734
cf-polished: qual=85, origFmt=jpeg, origSize=8080
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5102
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Jul 2020 15:01:15 GMT
server: cloudflare
etag: "0404d5b4552ad5064f4710af5d4de6fd"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ezz4DrquYU%2FeQ%2F9tMFmxD%2BGWHgpVVuZ%2BulBNKXJvsA%2BPwirZYzSc8Y7LDi4Nx%2F97f%2Bj%2BcdlubRqFgMCm21esuQNVFexpGYG63JhPS3KUce0%2FqDdXplhNq4XbcIdL0cT8U7zeuNGTWMN9OFl4"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78b855f1dc4d59fb-MXP
expires: Thu, 19 Jan 2023 15:24:07 GMT

GET
H2 200 D11E0255CA9EC65DF371EB2AE2A060CEEF8505460A82393925BDA79A6BB187D3315717AE89EC0DE4B16AB0FFC9C462F7BC32571103CF49E5F3F26FFE6A6D7393
assets.ad4m.at/product_image/ Frame CFC8 196 KB
197 KB 76ms
62ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/D11E0255CA9EC65DF371EB2AE2A060CEEF8505460A82393925BDA79A6BB187D3315717AE89EC0DE4B16AB0FFC9C462F7BC32571103CF49E5F3F26FFE6A6D7393
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34920%2C15710%2C196502&b=eRPT3fVfqJXTjHZHet1tWGJfwSQTKKwUJx5q%2CqV3amfWfD27uZHgHDtJtZZKheSgTJJecq4ZE%2Cw35HdfjfQeQ5fEHRH2tXt24rGFzSATmmgfKJp8&f=DeDh3fwfxmVs3HmH9twCAz2SxSmTYYGuZMP2%2CR6ZHgfQfDRJukHwH3tzCPPZC9SzTYY9uB38Y%2CgXPf8frfYrYpTPHbH8txC7rwMFmSQT992Uwg6j&c=728&d=90&e=&g=c11348ea64803ae3e232abed73d56e8b%2F8126045536877291581&i=17843%2C25196%2C75611&j=16%2C18%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach125_IT_ADX_ONLY&r=1674055447186&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqwg43s8jnqaa53sq0195vb36jyge3281ygdcragq6qwf6qazyzm9kgf6naqnk17gp9s6aa7a1rrhwy4tm1rgmz1rbggprc5ste6h3mrremjxcptktn6cnkej5krvj2nbbjyac436bk1km4g46mch8kkw2604bcajwrapb6k5m0phxd3d56t7gsrxgdd54cy3ak0m42nn878jk4zhkmj2xrr4xk2xr11eqttcepqqytdm1s3gq15h6axnnjzj83r3f8htnnmkz1420ssphm3d40%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCC9t3FQ_IY8XVPNOV7_UP6tCN-Afi0rL2YcexjoqOCMCNtwEQASAAYP2CkYToEYIBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI_TaAHcReyPuACAKgDAaoElQJP0CflNd6Ry7JR4Ew6fJtp7Wa3dYpKBKr8dlSlnqRaluerlv63CB9W4VscxfpbHEPnXiQxSqdXv68qe6DTYSVbFWqhWdIV_2-D45IbGEkm1gLpn_RJyRcspImIpqhadBdDtLszQ6u0hlLmqb0mXtdZsfE15pR1RIEdh9plY_GdIY-LhRvl2Yp-etxgac2hsDOp6sP_mSNQ_jSejmquwGy6Hgr5ktbclzWIEfa_xR-uiHtZdvEr4mdfD9hW9hIoZXcmSSTh27hV5nOWHuX8XgpYconDL3g5ZXtwKwrwzEdlC6Lb93myQm-3A2m5pPwA1hQ95bV-mB90TQSCTSPfkXtRmto2GqTln3nc8NfU0Jmb7gGgYsAA4AQBgAaM27ywiYvRrjKgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0sH4seJg_uKosQcUjY1zjgz-8wJA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d063feea696b33810b5bf78332d88217479a22f23a2fe2500183ebe32c33120c

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1282565
cf-polished: origFmt=png, origSize=360786
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 200970
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Jul 2020 13:53:52 GMT
server: cloudflare
etag: "3d29cee5f3aaa7f1faacbac76561c4da"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WmCokui16m27psw0%2BxdRGsl%2BNuGho7pwG%2FOOT7I9RPN7XKReidC5q5aaJPob%2FKbPgjMi4nBZs7M0OfoX7B75qFjuZKqaUWCl%2BgvveWaWht195WeyDMVaSCO%2Fi2kWLCz0VwKiR2l%2BiOnk7%2Boe"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78b855f1dc5059fb-MXP
expires: Thu, 19 Jan 2023 15:24:07 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame CFC8 43 B
702 B 177ms
77ms Image
image/gif 23.67.134.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2177319&v=13454&q=338396&r=412871&pv=1&pref3=oneideRPT3fVfqJXTjHZHet1tWGJfwSQTKKwUJx5qoneid__suite_Netmix_Reach125_IT_ADX_ONLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34920%2C15710%2C196502&b=eRPT3fVfqJXTjHZHet1tWGJfwSQTKKwUJx5q%2CqV3amfWfD27uZHgHDtJtZZKheSgTJJecq4ZE%2Cw35HdfjfQeQ5fEHRH2tXt24rGFzSATmmgfKJp8&f=DeDh3fwfxmVs3HmH9twCAz2SxSmTYYGuZMP2%2CR6ZHgfQfDRJukHwH3tzCPPZC9SzTYY9uB38Y%2CgXPf8frfYrYpTPHbH8txC7rwMFmSQT992Uwg6j&c=728&d=90&e=&g=c11348ea64803ae3e232abed73d56e8b%2F8126045536877291581&i=17843%2C25196%2C75611&j=16%2C18%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach125_IT_ADX_ONLY&r=1674055447186&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqwg43s8jnqaa53sq0195vb36jyge3281ygdcragq6qwf6qazyzm9kgf6naqnk17gp9s6aa7a1rrhwy4tm1rgmz1rbggprc5ste6h3mrremjxcptktn6cnkej5krvj2nbbjyac436bk1km4g46mch8kkw2604bcajwrapb6k5m0phxd3d56t7gsrxgdd54cy3ak0m42nn878jk4zhkmj2xrr4xk2xr11eqttcepqqytdm1s3gq15h6axnnjzj83r3f8htnnmkz1420ssphm3d40%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCC9t3FQ_IY8XVPNOV7_UP6tCN-Afi0rL2YcexjoqOCMCNtwEQASAAYP2CkYToEYIBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI_TaAHcReyPuACAKgDAaoElQJP0CflNd6Ry7JR4Ew6fJtp7Wa3dYpKBKr8dlSlnqRaluerlv63CB9W4VscxfpbHEPnXiQxSqdXv68qe6DTYSVbFWqhWdIV_2-D45IbGEkm1gLpn_RJyRcspImIpqhadBdDtLszQ6u0hlLmqb0mXtdZsfE15pR1RIEdh9plY_GdIY-LhRvl2Yp-etxgac2hsDOp6sP_mSNQ_jSejmquwGy6Hgr5ktbclzWIEfa_xR-uiHtZdvEr4mdfD9hW9hIoZXcmSSTh27hV5nOWHuX8XgpYconDL3g5ZXtwKwrwzEdlC6Lb93myQm-3A2m5pPwA1hQ95bV-mB90TQSCTSPfkXtRmto2GqTln3nc8NfU0Jmb7gGgYsAA4AQBgAaM27ywiYvRrjKgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0sH4seJg_uKosQcUjY1zjgz-8wJA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.67.134.223 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-67-134-223.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Jan 2023 15:24:07 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 0F243B57EE434B57AE204DD4E265A5A772E9D4329F4CDA52DA7237380ED415082E58C60A3EDC32D62729A612FCA18F8A70E62AE0820221694B1C403B0FAA0A85
assets.ad4m.at/logo/ Frame CFC8 37 KB
37 KB 71ms
60ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/0F243B57EE434B57AE204DD4E265A5A772E9D4329F4CDA52DA7237380ED415082E58C60A3EDC32D62729A612FCA18F8A70E62AE0820221694B1C403B0FAA0A85
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34920%2C15710%2C196502&b=eRPT3fVfqJXTjHZHet1tWGJfwSQTKKwUJx5q%2CqV3amfWfD27uZHgHDtJtZZKheSgTJJecq4ZE%2Cw35HdfjfQeQ5fEHRH2tXt24rGFzSATmmgfKJp8&f=DeDh3fwfxmVs3HmH9twCAz2SxSmTYYGuZMP2%2CR6ZHgfQfDRJukHwH3tzCPPZC9SzTYY9uB38Y%2CgXPf8frfYrYpTPHbH8txC7rwMFmSQT992Uwg6j&c=728&d=90&e=&g=c11348ea64803ae3e232abed73d56e8b%2F8126045536877291581&i=17843%2C25196%2C75611&j=16%2C18%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach125_IT_ADX_ONLY&r=1674055447186&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqwg43s8jnqaa53sq0195vb36jyge3281ygdcragq6qwf6qazyzm9kgf6naqnk17gp9s6aa7a1rrhwy4tm1rgmz1rbggprc5ste6h3mrremjxcptktn6cnkej5krvj2nbbjyac436bk1km4g46mch8kkw2604bcajwrapb6k5m0phxd3d56t7gsrxgdd54cy3ak0m42nn878jk4zhkmj2xrr4xk2xr11eqttcepqqytdm1s3gq15h6axnnjzj83r3f8htnnmkz1420ssphm3d40%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCC9t3FQ_IY8XVPNOV7_UP6tCN-Afi0rL2YcexjoqOCMCNtwEQASAAYP2CkYToEYIBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI_TaAHcReyPuACAKgDAaoElQJP0CflNd6Ry7JR4Ew6fJtp7Wa3dYpKBKr8dlSlnqRaluerlv63CB9W4VscxfpbHEPnXiQxSqdXv68qe6DTYSVbFWqhWdIV_2-D45IbGEkm1gLpn_RJyRcspImIpqhadBdDtLszQ6u0hlLmqb0mXtdZsfE15pR1RIEdh9plY_GdIY-LhRvl2Yp-etxgac2hsDOp6sP_mSNQ_jSejmquwGy6Hgr5ktbclzWIEfa_xR-uiHtZdvEr4mdfD9hW9hIoZXcmSSTh27hV5nOWHuX8XgpYconDL3g5ZXtwKwrwzEdlC6Lb93myQm-3A2m5pPwA1hQ95bV-mB90TQSCTSPfkXtRmto2GqTln3nc8NfU0Jmb7gGgYsAA4AQBgAaM27ywiYvRrjKgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0sH4seJg_uKosQcUjY1zjgz-8wJA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4aa3b79e333ec24b9a90313940d8ca4d8540a7ae7541da1f59b00c6764c3d1b

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2406479
cf-polished: origFmt=png, origSize=63898
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37900
cf-bgj: imgq:85,h2pri
last-modified: Thu, 22 Oct 2020 07:04:03 GMT
server: cloudflare
etag: "449b44c209867fbf7d9766199c36bf30"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2CwwBx7pIjiA0o7TuKEj3%2FTui4BHA7%2BX7TzQ3GYaMQAyoQSecRsV8lGlbyvaEjA2mb25GTHMxgJe6qowlxFT4%2B7XneQ6ZiHlpkkozEE7KBwxyLovSRMjpWYIubecJYq5VdEwu80buY2s5PSL"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78b855f1dc5359fb-MXP
expires: Thu, 19 Jan 2023 15:24:07 GMT

GET
H2 200 FCC5582034CF702C05693763B9005169047A9805BF05B4EEA9BC743F90C89033BC5B86010A599AF4EA29BC8DF8BA45C90CB6FE2B044D6F595EACF14C1D511342
assets.ad4m.at/ Frame CFC8 58 KB
58 KB 41ms
37ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/FCC5582034CF702C05693763B9005169047A9805BF05B4EEA9BC743F90C89033BC5B86010A599AF4EA29BC8DF8BA45C90CB6FE2B044D6F595EACF14C1D511342
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34920%2C15710%2C196502&b=eRPT3fVfqJXTjHZHet1tWGJfwSQTKKwUJx5q%2CqV3amfWfD27uZHgHDtJtZZKheSgTJJecq4ZE%2Cw35HdfjfQeQ5fEHRH2tXt24rGFzSATmmgfKJp8&f=DeDh3fwfxmVs3HmH9twCAz2SxSmTYYGuZMP2%2CR6ZHgfQfDRJukHwH3tzCPPZC9SzTYY9uB38Y%2CgXPf8frfYrYpTPHbH8txC7rwMFmSQT992Uwg6j&c=728&d=90&e=&g=c11348ea64803ae3e232abed73d56e8b%2F8126045536877291581&i=17843%2C25196%2C75611&j=16%2C18%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach125_IT_ADX_ONLY&r=1674055447186&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqwg43s8jnqaa53sq0195vb36jyge3281ygdcragq6qwf6qazyzm9kgf6naqnk17gp9s6aa7a1rrhwy4tm1rgmz1rbggprc5ste6h3mrremjxcptktn6cnkej5krvj2nbbjyac436bk1km4g46mch8kkw2604bcajwrapb6k5m0phxd3d56t7gsrxgdd54cy3ak0m42nn878jk4zhkmj2xrr4xk2xr11eqttcepqqytdm1s3gq15h6axnnjzj83r3f8htnnmkz1420ssphm3d40%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCC9t3FQ_IY8XVPNOV7_UP6tCN-Afi0rL2YcexjoqOCMCNtwEQASAAYP2CkYToEYIBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI_TaAHcReyPuACAKgDAaoElQJP0CflNd6Ry7JR4Ew6fJtp7Wa3dYpKBKr8dlSlnqRaluerlv63CB9W4VscxfpbHEPnXiQxSqdXv68qe6DTYSVbFWqhWdIV_2-D45IbGEkm1gLpn_RJyRcspImIpqhadBdDtLszQ6u0hlLmqb0mXtdZsfE15pR1RIEdh9plY_GdIY-LhRvl2Yp-etxgac2hsDOp6sP_mSNQ_jSejmquwGy6Hgr5ktbclzWIEfa_xR-uiHtZdvEr4mdfD9hW9hIoZXcmSSTh27hV5nOWHuX8XgpYconDL3g5ZXtwKwrwzEdlC6Lb93myQm-3A2m5pPwA1hQ95bV-mB90TQSCTSPfkXtRmto2GqTln3nc8NfU0Jmb7gGgYsAA4AQBgAaM27ywiYvRrjKgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0sH4seJg_uKosQcUjY1zjgz-8wJA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 642c0c281bcf851bc34caea4b69495288b8bc6292a5ca2c0ea3a3bfa9c4b4cf4

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2059299
cf-polished: qual=85, origFmt=jpeg, origSize=132157
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58988
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Jan 2020 13:25:18 GMT
server: cloudflare
etag: "f8fb890a68a4a5912f85da59a5929e3f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nXrBlOGD6kQIy9OQMEelhUt4EOK57hh%2FgzggRyWqIe3wdj2LdrUlmrec4KdBTzDFbNXdEB3fkS7ItM18cKLAyXMOzTP%2BMFsfCgHwKHyaz6g2wGOX0VGVaOvGBxB40fYZsfjxZBCu4wOyfLHr"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78b855f1dc3f59fb-MXP
expires: Thu, 19 Jan 2023 15:24:07 GMT

GET
H2 200 /
ti.tradetracker.net/ Frame CFC8 43 B
510 B 209ms
88ms Image
image/gif 52.210.247.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ti.tradetracker.net/?c=17919&m=1653169&a=283873&t=track&r=oneidqV3amfWfD27uZHgHDtJtZZKheSgTJJecq4ZEoneid__suite_Netmix_Reach125_IT_ADX_ONLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34920%2C15710%2C196502&b=eRPT3fVfqJXTjHZHet1tWGJfwSQTKKwUJx5q%2CqV3amfWfD27uZHgHDtJtZZKheSgTJJecq4ZE%2Cw35HdfjfQeQ5fEHRH2tXt24rGFzSATmmgfKJp8&f=DeDh3fwfxmVs3HmH9twCAz2SxSmTYYGuZMP2%2CR6ZHgfQfDRJukHwH3tzCPPZC9SzTYY9uB38Y%2CgXPf8frfYrYpTPHbH8txC7rwMFmSQT992Uwg6j&c=728&d=90&e=&g=c11348ea64803ae3e232abed73d56e8b%2F8126045536877291581&i=17843%2C25196%2C75611&j=16%2C18%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach125_IT_ADX_ONLY&r=1674055447186&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqwg43s8jnqaa53sq0195vb36jyge3281ygdcragq6qwf6qazyzm9kgf6naqnk17gp9s6aa7a1rrhwy4tm1rgmz1rbggprc5ste6h3mrremjxcptktn6cnkej5krvj2nbbjyac436bk1km4g46mch8kkw2604bcajwrapb6k5m0phxd3d56t7gsrxgdd54cy3ak0m42nn878jk4zhkmj2xrr4xk2xr11eqttcepqqytdm1s3gq15h6axnnjzj83r3f8htnnmkz1420ssphm3d40%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCC9t3FQ_IY8XVPNOV7_UP6tCN-Afi0rL2YcexjoqOCMCNtwEQASAAYP2CkYToEYIBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI_TaAHcReyPuACAKgDAaoElQJP0CflNd6Ry7JR4Ew6fJtp7Wa3dYpKBKr8dlSlnqRaluerlv63CB9W4VscxfpbHEPnXiQxSqdXv68qe6DTYSVbFWqhWdIV_2-D45IbGEkm1gLpn_RJyRcspImIpqhadBdDtLszQ6u0hlLmqb0mXtdZsfE15pR1RIEdh9plY_GdIY-LhRvl2Yp-etxgac2hsDOp6sP_mSNQ_jSejmquwGy6Hgr5ktbclzWIEfa_xR-uiHtZdvEr4mdfD9hW9hIoZXcmSSTh27hV5nOWHuX8XgpYconDL3g5ZXtwKwrwzEdlC6Lb93myQm-3A2m5pPwA1hQ95bV-mB90TQSCTSPfkXtRmto2GqTln3nc8NfU0Jmb7gGgYsAA4AQBgAaM27ywiYvRrjKgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0sH4seJg_uKosQcUjY1zjgz-8wJA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.247.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-247-152.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Wed, 18 Jan 2023 15:24:07 GMT
cache-control: no-cache, must-revalidate
server: nginx
content-type: image/gif

GET
H2 200 7251B56F02E4781A9B3CC4A095A69B2037951E3D9523F54F143154E2780D56E960BB825BFA39F483C219174C8FBB5E2E93B7F8A2370E9F22DE411BC4EA5460A1
assets.ad4m.at/logo/ Frame CFC8 3 KB
3 KB 38ms
36ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/7251B56F02E4781A9B3CC4A095A69B2037951E3D9523F54F143154E2780D56E960BB825BFA39F483C219174C8FBB5E2E93B7F8A2370E9F22DE411BC4EA5460A1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34920%2C15710%2C196502&b=eRPT3fVfqJXTjHZHet1tWGJfwSQTKKwUJx5q%2CqV3amfWfD27uZHgHDtJtZZKheSgTJJecq4ZE%2Cw35HdfjfQeQ5fEHRH2tXt24rGFzSATmmgfKJp8&f=DeDh3fwfxmVs3HmH9twCAz2SxSmTYYGuZMP2%2CR6ZHgfQfDRJukHwH3tzCPPZC9SzTYY9uB38Y%2CgXPf8frfYrYpTPHbH8txC7rwMFmSQT992Uwg6j&c=728&d=90&e=&g=c11348ea64803ae3e232abed73d56e8b%2F8126045536877291581&i=17843%2C25196%2C75611&j=16%2C18%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach125_IT_ADX_ONLY&r=1674055447186&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqwg43s8jnqaa53sq0195vb36jyge3281ygdcragq6qwf6qazyzm9kgf6naqnk17gp9s6aa7a1rrhwy4tm1rgmz1rbggprc5ste6h3mrremjxcptktn6cnkej5krvj2nbbjyac436bk1km4g46mch8kkw2604bcajwrapb6k5m0phxd3d56t7gsrxgdd54cy3ak0m42nn878jk4zhkmj2xrr4xk2xr11eqttcepqqytdm1s3gq15h6axnnjzj83r3f8htnnmkz1420ssphm3d40%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCC9t3FQ_IY8XVPNOV7_UP6tCN-Afi0rL2YcexjoqOCMCNtwEQASAAYP2CkYToEYIBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI_TaAHcReyPuACAKgDAaoElQJP0CflNd6Ry7JR4Ew6fJtp7Wa3dYpKBKr8dlSlnqRaluerlv63CB9W4VscxfpbHEPnXiQxSqdXv68qe6DTYSVbFWqhWdIV_2-D45IbGEkm1gLpn_RJyRcspImIpqhadBdDtLszQ6u0hlLmqb0mXtdZsfE15pR1RIEdh9plY_GdIY-LhRvl2Yp-etxgac2hsDOp6sP_mSNQ_jSejmquwGy6Hgr5ktbclzWIEfa_xR-uiHtZdvEr4mdfD9hW9hIoZXcmSSTh27hV5nOWHuX8XgpYconDL3g5ZXtwKwrwzEdlC6Lb93myQm-3A2m5pPwA1hQ95bV-mB90TQSCTSPfkXtRmto2GqTln3nc8NfU0Jmb7gGgYsAA4AQBgAaM27ywiYvRrjKgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0sH4seJg_uKosQcUjY1zjgz-8wJA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc1fe41c7dbe5f0907f47ccb21983da9fe15d69cbae2a2691deaeb597fae12c8

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2051500
cf-polished: qual=85, origFmt=jpeg, origSize=7054
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3116
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 09:41:08 GMT
server: cloudflare
etag: "1d3e178b13ba7c25acda7a99007f4363"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z2MYU3kNL6sr9JxhxQzgPI9encNEvemTMR0lodSjnguh5IjnpjS%2FAYQXtYzuC3RIVtx%2B9iK8vGOmjR0043dp2f0%2F9tZJAW20C82Qm9OmWonEQNqvsyB6yaC3dgdHiWcWuh0n%2BHA6BNniakoG"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78b855f1dc4559fb-MXP
expires: Thu, 19 Jan 2023 15:24:07 GMT

GET
H2 200 E9D05505DBEFDD21133B6EB56508EA8148BF7F7501D9AC53B915B28F5CAC52CF98660F66472589E61E24CAEE16B61DBAA36BA94BD0E6A545350D25BFDDCF890F
assets.ad4m.at/product_image/ Frame CFC8 26 KB
26 KB 34ms
32ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/E9D05505DBEFDD21133B6EB56508EA8148BF7F7501D9AC53B915B28F5CAC52CF98660F66472589E61E24CAEE16B61DBAA36BA94BD0E6A545350D25BFDDCF890F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34920%2C15710%2C196502&b=eRPT3fVfqJXTjHZHet1tWGJfwSQTKKwUJx5q%2CqV3amfWfD27uZHgHDtJtZZKheSgTJJecq4ZE%2Cw35HdfjfQeQ5fEHRH2tXt24rGFzSATmmgfKJp8&f=DeDh3fwfxmVs3HmH9twCAz2SxSmTYYGuZMP2%2CR6ZHgfQfDRJukHwH3tzCPPZC9SzTYY9uB38Y%2CgXPf8frfYrYpTPHbH8txC7rwMFmSQT992Uwg6j&c=728&d=90&e=&g=c11348ea64803ae3e232abed73d56e8b%2F8126045536877291581&i=17843%2C25196%2C75611&j=16%2C18%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach125_IT_ADX_ONLY&r=1674055447186&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqwg43s8jnqaa53sq0195vb36jyge3281ygdcragq6qwf6qazyzm9kgf6naqnk17gp9s6aa7a1rrhwy4tm1rgmz1rbggprc5ste6h3mrremjxcptktn6cnkej5krvj2nbbjyac436bk1km4g46mch8kkw2604bcajwrapb6k5m0phxd3d56t7gsrxgdd54cy3ak0m42nn878jk4zhkmj2xrr4xk2xr11eqttcepqqytdm1s3gq15h6axnnjzj83r3f8htnnmkz1420ssphm3d40%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCC9t3FQ_IY8XVPNOV7_UP6tCN-Afi0rL2YcexjoqOCMCNtwEQASAAYP2CkYToEYIBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI_TaAHcReyPuACAKgDAaoElQJP0CflNd6Ry7JR4Ew6fJtp7Wa3dYpKBKr8dlSlnqRaluerlv63CB9W4VscxfpbHEPnXiQxSqdXv68qe6DTYSVbFWqhWdIV_2-D45IbGEkm1gLpn_RJyRcspImIpqhadBdDtLszQ6u0hlLmqb0mXtdZsfE15pR1RIEdh9plY_GdIY-LhRvl2Yp-etxgac2hsDOp6sP_mSNQ_jSejmquwGy6Hgr5ktbclzWIEfa_xR-uiHtZdvEr4mdfD9hW9hIoZXcmSSTh27hV5nOWHuX8XgpYconDL3g5ZXtwKwrwzEdlC6Lb93myQm-3A2m5pPwA1hQ95bV-mB90TQSCTSPfkXtRmto2GqTln3nc8NfU0Jmb7gGgYsAA4AQBgAaM27ywiYvRrjKgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0sH4seJg_uKosQcUjY1zjgz-8wJA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 190ae78311b9fabe8a87a5672470c730be06e87a409142b27a3c57689044e82f

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:24:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1602724
cf-polished: qual=85, origFmt=jpeg, origSize=57959
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26358
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 10:12:06 GMT
server: cloudflare
etag: "84aa3c1aa59d2adf12ae58fabb672ce2"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=awW6tQHfqlO5vhGG%2Fc5JEscxW%2FsH2yccU4xMNvwRgUkQPEAor47nTNYuUhAOJ7kA%2FnN9vsYswk1vTRnvTZGQXWxE%2Frx%2BmK5Doy%2FeTvIrpCnvVS9zMxbE%2FvcQN%2F37z1uNsGdrwCkZOuNn1JWm"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78b855f1dc4a59fb-MXP
expires: Thu, 19 Jan 2023 15:24:07 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame CFC8 43 B
702 B 151ms
62ms Image
image/gif 23.67.134.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3143086&v=29725&q=437387&r=412871&pv=1&pref3=oneidw35HdfjfQeQ5fEHRH2tXt24rGFzSATmmgfKJp8oneid__suite_Netmix_Reach125_IT_ADX_ONLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.67.134.223 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-67-134-223.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Jan 2023 15:24:07 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C3DA 42 B
174 B 133ms
132ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvy7FtvHEl1x9u-VKfdDxFJTgIhaJW88J63ztqfqLmD0a5d6Zgj4ZxNN47Fo76UNSoONZX8YLi5sx-qYEEw8t1iRV-t&sig=Cg0ArKJSzLIghah3aYbYEAE&cid=CAASF-RoYrmMU5rNpfpe9MT3xI8JYo3m_IJU&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230111&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2310731849&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674055446279&rpt=267&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 15:24:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 131ms
130ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023011001&jk=1526883150084695&bg=!mpmlmd3NAAYDMoyoIzI7ACkAdvg8WicyW5HtjnsBMLnivUu50I0l6kMuLZuu3psB2XmnMC0wvbgJ_QIAAAJRUgAAAANoAQeZAsmAFXV6DopfHxiSslk-jAGilIPBP4iqTvh0pBo72-dXplg24IODtzJzrcTeyGPxHsCppGGICBmeq_Yy0WlPrQ5nWMOxOuqqF9u80ZYNVO427nmXc1ohOwBrT5XXvmyQw4IPZQ0-J8ffkISNrttVaru6cC7yeBQ4IScYpy45wI0k25-qDmRZkWtqsmu-FGkR0f5Wym1vjyoYvpHPxyixT94SLd0IaGJ58i_npjacWB_3kk0m7dm6fpab2vWpIIN_xdNeFAw6H1QYkuEennybCOaRDICv98wTo97FcBoz_ruhlhniYEacx7mBpu7TdFoR1YmRr_4hk4C0D-PwS3m9bX53VYapGw0unWnnj_M0Lq3W24gE7jXJ6yjYdN66D4cLHel--U8m4rmSDkvPOp6lEQ7TVCgXAnWtjs0-NnfZiAP7CBJAMJ7BpoX7drA0GAxK9xssMwRtxWf8ethyxgRffRAPa3RRmE0TgL8Xn5RVCrRIftQf0In_yBUSSQpqP5P-JWoYXt3xyeklspJ4Ay0Q3e0cTktpaCac_2gfytZq9Rl5OhK32wYA9FluBfV9u5WPa318YcrZuS4W5zwu6HGh69jywM_bs5ZVLSaBsPmWCxc8qpfmZ1PF0J7CdRekqRwh2fl-kTP_7Em136tLraEsyHfe1dEUStsfEOXzFOPpnKTM8j4hcKAAkz-08iJlvCiY_VPQ-U6TLHQzv__dcdiQnTqZMG5rY52V3f8U9OfYt_W_9bxkZS1MWPZeyBK89Cz3YZgM82ILBKFp844XQRSJ-VWvUPSFrOAlJV6Mi3wlDJSzh4g0U7XS6cXtwXivNtCdG8h-svQJg3mr8Xwmr0Nbf52M8MOB1hhLACB_65dPmhkUknq1Cznwl7xAtf5G4XlglBR4bpnYIlyiEvVWnJ2dZ1kzAAWsxSe5vwOssBT0srWQ8n46ge5mmNmM_Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D103 42 B
64 B 137ms
137ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvih3xEFA9fe5xuZO6jZGUmn1yfX3kC3sDcq7PNjXImb04bAwNiZ8UlDlw05MUxZJkkBEc951RM3ILhRRpkBlpRmRc-Bg-hA9IiLxAp2E2FVGcb_LrBQpNVTDK0Xer-Jj_lVQJNzA&sai=AMfl-YTiOJ5QTV61Z_Gh1Qfg_GBpr8yoLpsxwRTqme1kDbjtSP10KtxZCVOkaxQDrmWOfnBhHJy22fRInHBPAavxD6mbw0r5hqedBo1uLLqK2pdTtCAihVa2rL_4upq66g&sig=Cg0ArKJSzPIFcRbTs8l0EAE&cid=CAQSOwDq26N9P0EGZN6R1MLVdFnhFK_5mrW6cXowX7ePZpwBJ1IguxZ0-DZlqlMtxEm2XNdLM9eGoHPuodk0GAEgEw&id=ampim&o=330,145&d=940,280&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=643&tls=1644&g=100&h=100&tt=1644&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 15:24:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu152_pVYC3t6pWOv_tbMuOyd1OsXi85gMsO_KFO7AtQBPSbAVskka_eWdGz38jaKnRIDaTUYjdllc_aG-V6FyJRAGqpIZRtocNswFgIOm2ANHMw2gVjKrcOZXKUzVwPl2CSMxnwx7ghVKPlSXeArOwSj8d-GOguhUG2MDaNh5aO7gqeyuvWJEpkWS7L3cdBmyrKIHEEcAfvGTtrClvjH6lJMWJg86QWN62q7usHEX29BonfyflhCZ6gjjGYxBkB1RvhAa5XW6xJDzbNEt7vCevvfItCRgW5TQvpAvP2tJHLyZElgzK4fLovGa4vetgfEj_bsovHcVkVC3c_1zAWBGDGe-MJSEk9a1vSUwmwUVC79Jt83bQNCrpQdcAz0lDqQ&sai=AMfl-YQ8WwdSQuRwlANrmuqtAVEOWbbJhn2dbQ2St4uu8l6ciS47aY4ySJpdhliGQXXhIYMbUh8oRfbXdAHg4wSWm8XFhs2ylP1ofRnFrKOCYQkcSYWbDfIm8W0IaZt3dN3QHSzC2fl_LsvSUJgQFthrem8&sig=Cg0ArKJSzLiA0c6k4DGYEAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssm0EVbN5TiM3G8kKONgk9sdijU553eWviYLLBu15MFFAByjJaCYNXLlXWxo-Y5omzJoDTgk4Fy7GGeHuPamxC8XUvpSQWdz6LWjDv8FwxqX-fncf75lYtGLPJRdn0_JY525GtisRxj0aWBN7DAVR93jaU18Rg7PGIF2OvRoau330D1hoSNiJzlGIMFgZX4EfZ-mBFfocB9ztkZjfc8B2Vlb8EajB29M3cVX0JUZwJ_l-glJsjfd74c4DWM3a6uR8odWhihX_sPrHhBOMSiCYsoZIijmP7V7hjtCBl0GnSAKh8iOqtNsbDhfqet6BMH0saewJIFpfILC3q1s-fg7MpO_FlBAPJhNHdFg3NxSeCPHs3gdoliUxPMoQFRhD3ChEM&sai=AMfl-YQ3LrvchbKEyMZKi40pEqfhWxUGgGuKc28uj5lZ2MRammXdh_mMAEJYsxqT0iV88Fqbgn9ePLc_SVWkd4Bzaa1SgQSN1chJLh-0g-GXLhysN6t3PrI-aBF1rGX2Rx4R4QYd9uA8jzY51BypxFaGRw&sig=Cg0ArKJSzMXJyI1l3ddpEAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-20 13:20:07	Name: _bit Value: n0ifo4-3db1123a09635f55b8-005
exe.io/	1969-12-31 23:59:59	Name: AppSession Value: 91b013d3b82a7e737349c828806168f3
exeo.app/	1969-12-31 23:59:59	Name: AppSession Value: 9da92a97e4aaf12e043dad4496433e2c
exeo.app/	1969-12-31 23:59:59	Name: csrfToken Value: 41c5981874332f6cd645e5abbc74d9ca982467a506bf2b914c14d1a25342876db28a13db39b38a7c6a321bb4637ae1f53d1aeb99bba25c277ce000b990473f7b
live.demand.supply/	1970-01-20 18:36:55	Name: demandSupplyTi Value: 3330f4e4-e0ca-4c17-a2d8-011e4681c8c5
.demand.supply/	1970-01-20 09:00:57	Name: __cf_bm Value: _TsK2V9mSGGr4ZXtN4idynPNeIxGR.RX6.fOGJpBt0k-1674055445-0-ATbc4IX7gmH7b8XkjjGrfB4c8JRBfdY86N8quY+gmyylcQWVouaKQRUNL1Ko+BQjg8NQ3BMmS1uezP0jActQdkA=
qj.wimplesbooklet.com/	1970-01-20 09:02:21	Name: GL_UI4 Value: eJw9jUtugzAYhCHm0SgFdSQOkCPYApqwrHqILpGx%2FxA3YEeGBvX2tSq1q%2Fk0D00URbuqRPzIGNiXbHE800nWomsv6qS7ph5EQ207vKozca5r0WBvln6Vw0RrgueRLHmjeuU0FXgJ0Z9zs26zCdLBS6sLpHNoTAXywbttIV8xJFbOhOz96l3QdJafzoMJ3gU2NnDMsXNLxco98g9jdRiWB%2BwEL4sswuE%2ByfXi%2FNwbncVIRy81IX7Dk5Irjc5%2FI9e03FZ3B9yk%2B%2F%2F%2B7y%2FbBEem6WFUOHfrlfwPe0hKnQ%3D%3D
qj.wimplesbooklet.com/	1970-01-20 09:02:21	Name: GL_GI10 Value: eJxNjkELgkAQhW0tUQxloB%2FQH0hYMaJzdBDyUt0X0VEWamdZt8h%2BfakQnebxvfeG5zgOW0XApIaY79OEZ9uEp7sk5RzcFglYfoVlRQ9lTS9UeUdY5La89eAZbCUpYEUO4aRFRfXgXzd%2FbOoU8lYqmFfS9lEIwXCntD%2BkR9OV3XdEkWa79fFhSOP6cj5BoNCKTiPWEBzIaDKlRYh%2BdPziueDLTmhDr96bQWzlHd%2BkUFDTdGi%2FaPb02AecOEQO
pogothere.xyz/	1970-01-20 17:39:19	Name: csu Value: 1718838891511260@1@1674055445
.exeo.app/	1970-01-20 18:36:55	Name: _ga Value: GA1.2.1658363732.1674055445
.exeo.app/	1970-01-20 09:02:21	Name: _gid Value: GA1.2.1180496373.1674055445
.exeo.app/	1970-01-20 09:00:55	Name: _gat_gtag_UA_135952122_1 Value: 1
.exeo.app/	1970-01-20 09:00:57	Name: __cf_bm Value: IN5lDTxrBdRTiOr8LOr7w466qxDq5M4Ref2RUyaNa1Y-1674055445-0-AZctaobvLhr81aFMboiL3fIUHcRNPXbn9eZvMTQjuHSPZEZdVoKVuBKQ0hFWNFTJ4U8uWde3JLscoo9aqAFnGPeOhnbPExvE2GYQOXLsw47THx6yqE4u+PuIWXraLmk4o48ZnJNLyl9uCoBmHOGvOng=
.exeo.app/	1970-01-20 18:22:31	Name: __gads Value: ID=2dc79d6a410b0400:T=1674055445:S=ALNI_MZ6lYBYrB4uW-rfM21cwXk6AesSeA
.exeo.app/	1970-01-20 18:22:31	Name: __gpi Value: UID=00000ba4b9a4d9bf:T=1674055445:RT=1674055445:S=ALNI_MZJys6TKBVb3S6-N_ii_ag6ZlRiww
.doubleclick.net/	1970-01-20 18:22:31	Name: IDE Value: AHWqTUkDgycSH-f5SfU-xla6bZftAew997EOv5kBRUMf4Tm5ywUzktxkoFOydZWrAYY
.travelaudience.com/	1970-01-20 18:31:09	Name: _tracker Value: %7B%22UUID%22%3A%222DE9A555-3139-47D1-B926-45EAEF0E7408%22%7D
.turn.com/	1970-01-20 13:20:07	Name: uid Value: 3133088543801141896
.bidswitch.net/	1970-01-20 17:46:31	Name: tuuid Value: 08582ec8-e40b-487f-8b28-3d9b3826c5b7
.bidswitch.net/	1970-01-20 17:46:31	Name: c Value: 1674055446
.bidswitch.net/	1970-01-20 17:46:31	Name: tuuid_lu Value: 1674055446
.everesttech.net/	1970-01-20 17:46:31	Name: everest_g_v2 Value: g_surferid~Y8gPFgAAWiimxABB
ads.avct.cloud/	1970-01-20 17:46:31	Name: uuid Value: 01431d2e-f65b-448a-925f-cc29bbc166a0
.doubleclick.net/	1970-01-20 09:00:59	Name: DSID Value: NO_DATA
.awin1.com/	1970-01-20 09:03:48	Name: awpv29725 Value: 412871\|1674055447\|264cc890-9744-11ed-ad7b-22332650e18d
.awin1.com/	1970-01-20 09:03:48	Name: awpv13454 Value: 412871\|1674055447\|264f60a0-9744-11ed-b33b-2234e47d173f
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 338396:2177319
.tradetracker.net/	1970-01-20 17:46:31	Name: uf Value: rp6%2Fjwwf8EXmZLhZaGKfFFcxZ3Q1RGE0ZFNTU1VlWHAwRkZTUTJQN3A3WFlKckVpdjVkWEFHdUt1Y2g5dHZ0eXpiVG1oeTBQaHVhTkVTQnpnMkpXQlN3Z1BPN2J3ZFlZa0V6NlRnPT0%3D
.tradetracker.net/	1970-01-20 11:24:51	Name: pi Value: 242214b6fd83d8b1efcffe2fdb24f721

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S520576491%3A1674055445158798&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHdl4RBiT2GVZ3c8oDYLmUF7HhRHTPbaE8j_KXTazEy_ctcHxqyAJN2CV0-aUx8a3oO_nCFq Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S755084787%3A1674055445178620&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHf1Q-jAOb3ozjGv2lStuGGWmEaPYw99UtxjOY9OnqM-ZskFhDeyU6EFhlEGKy62CvlJpzjf Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js(Line 9) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
other	warning	URL: https://cdn.ampproject.org/rtv/012301041800000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
javascript	warning	URL: https://exeo.app/zr97uXcJ Message: The resource https://live.demand.supply/p4/v16-2-0/ZXhlby5hcHAv was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2df994db9e07dae35f85bb98efe51ea4.safeframe.googlesyndication.com
accounts.google.com
ad.turn.com
ad4m.at
ads.avct.cloud
ads.travelaudience.com
adservice.google.com
adservice.google.it
api.demand.supply
as.ad4m.at
assets.ad4m.at
bit.ly
c.eu1.dyntrk.com
cdn.ampproject.org
cdn.id5-sync.com
cdntechone.com
cm.g.doubleclick.net
d4eqyxjqusvjj.cloudfront.net
datatechone.com
exe.io
exeo.app
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
habitofstic.xyz
id5-sync.com
live.demand.supply
match.sharethrough.com
motorwardso.com.ua
pagead2.googlesyndication.com
pogothere.xyz
prod-rtb.ad4mat.net
qj.wimplesbooklet.com
r.turn.com
rtb.openx.net
securepubads.g.doubleclick.net
static-de.ad4mat.net
sync-tm.everesttech.net
ti.tradetracker.net
tpc.googlesyndication.com
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
securepubads.g.doubleclick.net
www.googletagservices.com
104.21.3.16
135.125.160.77
139.45.195.253
141.95.33.111
142.250.186.66
151.101.194.49
172.255.6.120
18.66.15.23
188.114.97.12
2001:678:cb4:bbbb::11
23.67.134.223
2600:1901:0:76b9::
2600:9000:2248:c200:1c:3221:2bc0:21
2606:4700:10::ac43:266a
2606:4700:20::681a:71b
2606:4700:20::681a:9e9
2606:4700:20::681a:ad1
2606:4700:20::ac43:4a81
2606:4700::6810:8516
2a00:1450:4001:801::2001
2a00:1450:4001:803::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:812::2002
2a00:1450:4001:813::2008
2a00:1450:4001:829::2003
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:400d:806::2001
2a00:1450:400d:808::2002
2a00:1450:400d:808::200d
2a00:1450:400d:80a::2001
2a00:1450:400d:80a::2004
2a00:1450:400d:80e::2002
2a03:2880:f11c:8183:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3121::3
3.74.100.208
34.245.154.233
35.186.253.211
35.190.0.66
52.210.247.152
52.57.155.9
67.199.248.10
0215ddddb4b296dd5363ace2ce661a6cb6efb75ee9a083fc8cc0394273bd9c09
03a2b9f547a3632b78fff7ce6738aee331736c9da8f04ceb280c0cb5d6e676a9
03be5cc0bd4a8261f47d98d522c79dbe6a4c557544dd379e5c3c5cc41e40c8b6
045d76e39e0a6b43ac50b638164d99c3907fd4cffb9f986ed4554435cc94c788
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d8e2a7867b8c609f534385500de55f15893edbfa91445597afada68fb4b14d9
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
190ae78311b9fabe8a87a5672470c730be06e87a409142b27a3c57689044e82f
193a1288ce3e92a6b871ea76498918ec1c65a97e3fcc8fc1863f93a91fb0b71f
1eb6a860427095d495e066d7a3911ef977a5266b874f76d762fbca1b9b6739ae
210707097ecda5062eb47b6cd89a753147bbf4c95867e45ef75027063c33f58a
23998750e040d16d7cdcc67be18f2c98db45cc55e098f1548107d04a4666d6fa
2613410bdf0f7da8a8514fc9c97786239999244c3b382fa017b041a328bcd906
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3062ea78bfb38ce2ca7b450bf6a9fd1488b0e3d842c7607bd1c096318999181d
30daed9eb087325b7aae86066de067b8e41113660e72c04927194a949026f83d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37d1d1e6e585f8fc6e387a7cdea4ffa932f5f2daa929b8020e276c3211c80fe8
394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c
4138b973704124d2f6ee2cc1e88da03fad5b2b4ec7f2f6c1820a1167d683f8d7
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
494636b8f3b69bba8767e4439121767a4323f9c7eb9a27c3c261adbf8ab5c148
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548b8249d16de727c8581f3ad033f496c42c21b696e0fb768cbdf8d320b296d7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58444808f638e51e082fc66dc748f4064ea56db71a793b319a05068a786668b0
5933ae5946a25a792103a29d86d1a823b306c1147fa187d6af8b678bba543d52
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
642c0c281bcf851bc34caea4b69495288b8bc6292a5ca2c0ea3a3bfa9c4b4cf4
741a8e1556800bdd1233f8139c4d82c005565a2a1bfe6a2ba811a5572b1255b6
773487eaa622ec6bbf0e3e65b4a2964e8fc6265e45b284e96053b9a1ca2c64d3
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d4bd6abcc594507b30b9b2cf71d66b1e3f9736f4aed3b6f933562b5da8b559
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
885cb07503e088de00e0b1502940db47d59817caf2a3e35e1f92432d48d6f8fe
89e99089898cea06dc05f6641aaee84d2976391967949a5025876fb6835d9530
8a76e63fd1ec9d4f6bc442186b047324d1a055872715fd763a3fc549634c7610
8fa4020f27528b873cf94b3b837c88aa2a49e34c613d6dcf7955eb486981ab3e
97d876b0796d55e1a4d9dec67f958fd62674617e5417b92e4584c0397974e9d9
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9af3a48e750a9125c8ef85b117aed1604028e3a4662b661b726e7a6fff2e5742
9d068db2c587d67fd032a6ec799187d038b3e80ec7d432e4a9a2065053d109e8
9e29202d7cd5c07e8c2b5eaabe83b02511702dd4336cc18252112f1e6c1517a9
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a9ed6c0cdb54ddeb561369fa2f9748cd0dcba457ba2cd0cb1955cf48387bcf2a
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
ba08a3d19225206e1f616f14c7d6e4f214002374c7086834026cb977a09748fc
bc1fe41c7dbe5f0907f47ccb21983da9fe15d69cbae2a2691deaeb597fae12c8
bd777da191fff9aefa90cd4052a3e450f4f8d30162d2d77a519aba51bf9f4eaa
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c006f0a750433b29a3eb4b45c5ec99c561fccfdb257ede4439c3d055c34c524f
c63f2781570d012d67b1e5ed27544bf90097a71ca5ddbbcd86a98a0f52871534
c6629584f62feeb6b024b50fae7e99ed6bec9942ce434c8163e2d627f1253dbb
c6a21117a540ebcd4c3ec8de98b11fa52b279866799f2088ac950e370de280c6
c6f67585d9fdceff16c422e864ccd66af53aca21c0b679e9b9fba18a7b4843c6
cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c
d063feea696b33810b5bf78332d88217479a22f23a2fe2500183ebe32c33120c
d4e7f21914210e4d6da2b44cc05a554cdd1e538ee43e1d4dc5d6e6a1f1ee1282
db3dca155dac3ba0febb37bf4c0a065bdae601d6da69374d4d5cdc6e6619017c
dc78d0ae04e90f166274e27a8af76d6a676cbf360f682f3993ef4b453ee5d598
dcfc380b911feb81ff128df569b376aec0b69230fe08da4bf248af5f719ae513
e3890a7341180d91f19cf9fec6bb07bc82b40162d1412eb7c99cd0394198b55d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4aa3b79e333ec24b9a90313940d8ca4d8540a7ae7541da1f59b00c6764c3d1b
e85c2e3a075320c1e1de71ebbd6f0878f5f92996459c2d26e698528d57d3d6ca
ea8d798ef54b9d6d4333b30b3a153b44e7ffbc00d0e8e8f84f03a598880db0ce
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f239f3f5ba2fe8def7ffc52c0268cfb1cbd362214823676459daa279370a9cfa
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
fc871e89201aa44e7380e81e7f7846c4164e5a5d3374ba722a90e518ad48feae
fcb2a2d76154a28aee5a1e84fce890f1e5bd8ef41d5a7c8368f1db418409cc83

exeo.app Open in urlscan Pro 2606:4700:20::681a:9e9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

129 Requests

91 %HTTPS

60 %IPv6

35 Domains

47 Subdomains

38 IPs

7 Countries

1455 kBTransfer

3303 kBSize

29 Cookies

3 Outgoing links

Page URL History

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

exeo.app Open in urlscan Pro
2606:4700:20::681a:9e9 Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

91 %
HTTPS

60 %
IPv6

35
Domains

47
Subdomains

38
IPs

7
Countries

1455 kB
Transfer

3303 kB
Size

29
Cookies

129 HTTP transactions
4 data transactions