ttdown.org Open in urlscan Pro
51.38.158.6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ttdown.org/
Submission: On May 23 via manual (May 23rd 2023, 1:18:18 pm UTC) from NL — Scanned from GE

Summary HTTP 205 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 38 IPs in 8 countries across 36 domains to perform 205 HTTP transactions. The main IP is 51.38.158.6, located in France and belongs to OVH, FR. The main domain is ttdown.org.
TLS certificate: Issued by R3 on May 11th 2023. Valid for: 3 months.

This is the only time ttdown.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	51.38.158.6 51.38.158.6	16276 (OVH) (OVH)
6	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.250.186.74 142.250.186.74	15169 (GOOGLE) (GOOGLE)
32	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.16.175.10 69.16.175.10	20446 (STACKPATH...) (STACKPATH-CDN)
7	142.250.185.163 142.250.185.163	15169 (GOOGLE) (GOOGLE)
25	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
11	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
35	142.250.186.161 142.250.186.161	15169 (GOOGLE) (GOOGLE)
5	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
3 9	142.250.186.100 142.250.186.100	15169 (GOOGLE) (GOOGLE)
2	142.250.185.170 142.250.185.170	15169 (GOOGLE) (GOOGLE)
4 20	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 4	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
5	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
4	66.102.1.94 66.102.1.94	15169 (GOOGLE) (GOOGLE)
1	74.125.133.154 74.125.133.154	15169 (GOOGLE) (GOOGLE)
1	130.211.27.62 130.211.27.62	15169 (GOOGLE) (GOOGLE)
7	138.199.37.227 138.199.37.227	60068 (CDN77 ^_^) (CDN77 ^_^)
5	34.120.139.69 34.120.139.69	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	34.236.164.132 34.236.164.132	14618 (AMAZON-AES) (AMAZON-AES)
2 2	37.157.4.24 37.157.4.24	198622 (ADFORM) (ADFORM)
2 2	52.45.175.185 52.45.175.185	14618 (AMAZON-AES) (AMAZON-AES)
4 4	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	142.250.186.110 142.250.186.110	15169 (GOOGLE) (GOOGLE)
2	74.125.104.73 74.125.104.73	15169 (GOOGLE) (GOOGLE)
1	35.186.201.99 35.186.201.99	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.160.236.64 34.160.236.64	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 3	213.180.193.90 213.180.193.90	13238 (YANDEX) (YANDEX)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.214.153.92 35.214.153.92	15169 (GOOGLE) (GOOGLE)
1 2	52.28.232.169 52.28.232.169	16509 (AMAZON-02) (AMAZON-02)
1	34.95.81.88 34.95.81.88	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	142.250.186.104 142.250.186.104	15169 (GOOGLE) (GOOGLE)
3	142.250.186.78 142.250.186.78	() ()
205	38

5 51.38.158.6 (France)

ASN16276 (OVH, FR)
PTR: ip6.ip-51-38-158.eu

ttdown.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.ge	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

adservice.google.ge	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.100 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.184.226 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.123 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 66.102.1.94 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f94.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.133.154 (Nashville, United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.27.62 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 62.27.211.130.bc.googleusercontent.com

win.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 138.199.37.227 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-37-227.bunnyinfra.net

dsp-media.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.120.139.69 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 69.139.120.34.bc.googleusercontent.com

dsp-trk.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.236.164.132 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-164-132.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.24 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.175.185 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 174.137.133.49 (United States) 4 redirects

ASN27257 (WEBAIR-INTERNET, US)

rtb2-useast.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.110 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f14.1e100.net

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.104.73 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s24-in-f9.1e100.net

r4---sn-4g5lznlz.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.201.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.201.186.35.bc.googleusercontent.com

dsp-ap.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (Hessen, Germany) 1 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.180.193.90 (Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.153.92 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 92.153.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.232.169 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-232-169.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.81.88 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 88.81.95.34.bc.googleusercontent.com

s-cs.rmp.rakuten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.78 (None, )

ASN- ()

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 tpc.googlesyndication.com — Cisco Umbrella Rank: 132	583 KB
44	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 bid.g.doubleclick.net — Cisco Umbrella Rank: 764 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 337	237 KB
22	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	419 KB
14	eskimi.com win.eskimi.com — Cisco Umbrella Rank: 77709 dsp-media.eskimi.com — Cisco Umbrella Rank: 40885 dsp-trk.eskimi.com — Cisco Umbrella Rank: 39962 dsp-ap.eskimi.com — Cisco Umbrella Rank: 44347	102 KB
13	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	56 KB
8	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 276 gcdn.2mdn.net — Cisco Umbrella Rank: 1100 r4---sn-4g5lznlz.c.2mdn.net	2 MB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 imasdk.googleapis.com — Cisco Umbrella Rank: 437	135 KB
6	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 199	159 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	266 KB
5	ttdown.org ttdown.org	17 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 214 secure.adnxs.com Failed	4 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530	3 KB
4	google.ge adservice.google.ge — Cisco Umbrella Rank: 73522	940 B
3	google-analytics.com www.google-analytics.com	21 KB
3	yandex.ru 2 redirects an.yandex.ru — Cisco Umbrella Rank: 3501	959 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	135 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 290	889 B
2	openx.net 1 redirects eu-u.openx.net — Cisco Umbrella Rank: 2294	527 B
2	adkernel.com 2 redirects dsp.adkernel.com — Cisco Umbrella Rank: 5842	1 KB
2	e-volution.ai 2 redirects rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 7776	972 B
2	bluevoox.com 2 redirects im.bluevoox.com — Cisco Umbrella Rank: 12233	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 562	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 306	1 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2440	37 KB
1	rakuten.com s-cs.rmp.rakuten.com — Cisco Umbrella Rank: 39945	275 B
1	loopme.me csync.loopme.me — Cisco Umbrella Rank: 849	156 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 315	787 B
1	adpartner.pro a4p.adpartner.pro — Cisco Umbrella Rank: 25277	458 B
1	ctnsnet.com 1 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 6525	623 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 729	517 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1108	213 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1812	172 B
1	fksnk.com 1 redirects fksnk.com — Cisco Umbrella Rank: 4356	611 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 606	542 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 902	601 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 696	30 KB
205	36

	Domain	Requested by
35	tpc.googlesyndication.com	googleads.g.doubleclick.net ttdown.org tpc.googlesyndication.com imasdk.googleapis.com pagead2.googlesyndication.com
28	pagead2.googlesyndication.com	ttdown.org pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
23	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net ttdown.org
18	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net ttdown.org
11	www.gstatic.com	googleads.g.doubleclick.net www.google.com
9	www.google.com	3 redirects googleads.g.doubleclick.net tpc.googlesyndication.com code.jquery.com www.gstatic.com
7	dsp-media.eskimi.com	googleads.g.doubleclick.net
7	fonts.gstatic.com	fonts.googleapis.com
6	cdnjs.cloudflare.com	ttdown.org cdnjs.cloudflare.com
5	dsp-trk.eskimi.com	googleads.g.doubleclick.net
5	s0.2mdn.net	ttdown.org s0.2mdn.net
5	www.googletagservices.com	googleads.g.doubleclick.net ttdown.org
5	fonts.googleapis.com	ttdown.org googleads.g.doubleclick.net
5	ttdown.org	ttdown.org
4	csi.gstatic.com	imasdk.googleapis.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	adservice.google.com	pagead2.googlesyndication.com
4	adservice.google.ge	pagead2.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	an.yandex.ru	2 redirects
2	www.googletagmanager.com	code.jquery.com www.googletagmanager.com
2	x.bidswitch.net	1 redirects
2	eu-u.openx.net	1 redirects
2	r4---sn-4g5lznlz.c.2mdn.net	ttdown.org
2	googleads4.g.doubleclick.net	ttdown.org
2	dsp.adkernel.com	2 redirects
2	rtb2-useast.e-volution.ai	2 redirects
2	im.bluevoox.com	2 redirects
2	c1.adform.net	2 redirects
2	match.adsrvr.org	2 redirects
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	stackpath.bootstrapcdn.com	ttdown.org
1	s-cs.rmp.rakuten.com
1	csync.loopme.me
1	pixel.rubiconproject.com
1	a4p.adpartner.pro
1	ius.ctnsnet.com	1 redirects
1	onetag-sys.com	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	tr.blismedia.com	googleads.g.doubleclick.net
1	dsp-ap.eskimi.com	dsp-media.eskimi.com
1	gcdn.2mdn.net	1 redirects
1	fksnk.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	win.eskimi.com	ttdown.org
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	code.jquery.com	ttdown.org
0	secure.adnxs.com Failed
205	50

This site contains links to these domains. Also see Links.

Domain
www.tiktok.com
en.wikipedia.org
www.facebook.com
twitter.com
www.linkedin.com
www.tumblr.com

Subject Issuer	Validity	Valid
ttdown.org R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com.ge GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.eskimi.com GeoTrust TLS RSA CA G1	`2023-03-20` - `2024-04-12`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-04-12` - `2023-07-11`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
adpartner.pro R3	`2023-02-24` - `2023-05-25`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
loopme.com R3	`2023-05-04` - `2023-08-02`	3 months	crt.sh
*.rmp.rakuten.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-20` - `2024-01-19`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-05-16` - `2023-07-25`	2 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 32 frames:

Primary Page: https://ttdown.org/
Frame ID: 688926CBD5ADED7D146360112C7CFED1
Requests: 44 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20190131/zrt_lookup.html
Frame ID: B3BC8CF738A973D484803F5ABDD959B2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&adk=2020088507&adf=637443794&lmt=1684847892&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l%7C212x540_r&format=0x0&url=https%3A%2F%2Fttdown.org%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847892073&bpp=8&bdt=646&idt=515&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3186862124183&frm=20&pv=2&ga_vid=1312077257.1684847893&ga_sid=1684847893&ga_hid=1378733181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44789779&oid=2&pvsid=3867253434869664&tmod=329237808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=534
Frame ID: D3AA03EC9CDAEEC4F9DE10B9A13B41BA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=280&adk=1266370990&adf=2427394704&pi=t.aa~a.2146518072~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684847892&rafmt=1&to=qs&pwprc=4777445207&format=1200x280&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847892081&bpp=2&bdt=654&idt=531&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3186862124183&frm=20&pv=1&ga_vid=1312077257.1684847893&ga_sid=1684847893&ga_hid=1378733181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44789779&oid=2&pvsid=3867253434869664&tmod=329237808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XGb1kw1Tu2&p=https%3A//ttdown.org&dtd=540
Frame ID: 1A583790D0FA5175EBAF62C28177BB81
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=280&adk=2655906738&adf=2641485162&pi=t.aa~a.827312887~i.4~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1684847893&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4777445207&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847893751&bpp=1&bdt=2325&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df021167263dd2045-22fe57cae8dd0063%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_MY-sLfBzkJ_hMfqTphWdk1ZpI-ZqQ&gpic=UID%3D00000c1a28cc22a7%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_Ma-0s_D5mWwOTkSjUD988idkncIGQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=3186862124183&frm=20&pv=1&ga_vid=1312077257.1684847893&ga_sid=1684847893&ga_hid=1378733181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1937&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44789779&oid=2&pvsid=3867253434869664&tmod=329237808&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=YavYS4gR3t&p=https%3A//ttdown.org&dtd=7
Frame ID: 2AF26336D49673028505F8CB318048A1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=280&adk=2655906738&adf=2244495584&pi=t.aa~a.827312887~i.13~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1684847893&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4777445207&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847893751&bpp=1&bdt=2324&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df021167263dd2045-22fe57cae8dd0063%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_MY-sLfBzkJ_hMfqTphWdk1ZpI-ZqQ&gpic=UID%3D00000c1a28cc22a7%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_Ma-0s_D5mWwOTkSjUD988idkncIGQ&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=3186862124183&frm=20&pv=1&ga_vid=1312077257.1684847893&ga_sid=1684847893&ga_hid=1378733181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44789779&oid=2&pvsid=3867253434869664&tmod=329237808&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=PCy2zds6qk&p=https%3A//ttdown.org&dtd=12
Frame ID: 00F03AA7AC75B0C7B07FB93C5372CEC7
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=280&adk=2655906738&adf=4242353128&pi=t.aa~a.827312887~i.15~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1684847893&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4777445207&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847893751&bpp=1&bdt=2325&idt=1&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df021167263dd2045-22fe57cae8dd0063%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_MY-sLfBzkJ_hMfqTphWdk1ZpI-ZqQ&gpic=UID%3D00000c1a28cc22a7%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_Ma-0s_D5mWwOTkSjUD988idkncIGQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280&nras=5&correlator=3186862124183&frm=20&pv=1&ga_vid=1312077257.1684847893&ga_sid=1684847893&ga_hid=1378733181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44789779&oid=2&pvsid=3867253434869664&tmod=329237808&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=L9sqL0aSfc&p=https%3A//ttdown.org&dtd=17
Frame ID: 4B12596981DC853DE0BB000499661D4D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=280&adk=723392857&adf=1724911246&pi=t.aa~a.3732354746~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1684847893&rafmt=1&to=qs&pwprc=4777445207&format=1200x280&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847893773&bpp=1&bdt=2346&idt=1&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df021167263dd2045-22fe57cae8dd0063%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_MY-sLfBzkJ_hMfqTphWdk1ZpI-ZqQ&gpic=UID%3D00000c1a28cc22a7%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_Ma-0s_D5mWwOTkSjUD988idkncIGQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=3186862124183&frm=20&pv=1&ga_vid=1312077257.1684847893&ga_sid=1684847893&ga_hid=1378733181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44789779&oid=2&pvsid=3867253434869664&tmod=329237808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=1PMHMfGGDy&p=https%3A//ttdown.org&dtd=13
Frame ID: B263B5F1DC9A1020AA0E31530D4DA88C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1
Frame ID: 454B12CBFC976CDDEECA5211EB47FAD2
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1
Frame ID: 036D50F9A58D2E8008186DDAD3DF61C1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1
Frame ID: D1438051DA0E43CAB9012DC9F22214FB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F136195590F9C955F516E44A60D01DBF
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.701953935~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1684847894&rafmt=1&to=qs&pwprc=4777445207&format=1200x280&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847893777&bpp=1&bdt=2351&idt=1&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df021167263dd2045-22fe57cae8dd0063%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_MY-sLfBzkJ_hMfqTphWdk1ZpI-ZqQ&gpic=UID%3D00000c1a28cc22a7%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_Ma-0s_D5mWwOTkSjUD988idkncIGQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280%2C1200x280%2C200x540%2C144x540%2C728x90&nras=10&correlator=3186862124183&frm=20&pv=1&ga_vid=1312077257.1684847893&ga_sid=1684847893&ga_hid=1378733181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4662&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44789779&oid=2&pvsid=3867253434869664&tmod=329237808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=8&fsb=1&xpc=dSFje3R2Sm&p=https%3A//ttdown.org&dtd=471
Frame ID: BD039D28313A089BF0D564CA51F0A6CF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/index.html
Frame ID: C3A7BAD7333151B9A9A81546D6572DBD
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite_fy2021.js
Frame ID: DA5E314A140BACCEF4C5C75490383489
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEMGZ6MsDGNzcwuUBMAE&v=APEucNVUrf28V4WR62mYCudYSs30fSpf_DE1dMb055Oe9LTCpeWEt8OWOMklHseSH7pWpAwD_86si8JbSlqgaiNoj__aKMqEzA
Frame ID: 8B4533DB915D311FD36404C1236C510D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 179BED2EB04FFAEB8EC367347105257B
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E69271EBCC812B382A00F52DF770EEDA
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 62779100D5194AA33E7812270B213FA7
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=90&adk=3101682924&adf=4123552606&pi=t.aa~a.3220248052~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1684847894&rafmt=1&to=qs&pwprc=4777445207&format=1200x90&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847893780&bpp=1&bdt=2354&idt=0&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df021167263dd2045-22fe57cae8dd0063%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_MY-sLfBzkJ_hMfqTphWdk1ZpI-ZqQ&gpic=UID%3D00000c1a28cc22a7%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_Ma-0s_D5mWwOTkSjUD988idkncIGQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280%2C1200x280%2C200x540%2C144x540%2C728x90%2C1200x280&nras=11&correlator=3186862124183&frm=20&pv=1&ga_vid=1312077257.1684847893&ga_sid=1684847893&ga_hid=1378733181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44789779&oid=2&psts=ABHeCvh0nwr9rkAj0k5EdyXuIRtDfOroBQgga73I9yOymICSRO1EqsOkJd9rsY7xle7JO7CAOafqfbhLJeQbV4TRhF2OwbH4%2CABHeCvharcbcIbtI_SeAdcrdNxiLkNum3O8oVrUDv32B3hySzmL2MtXbKq_hFAx4p10ub43FeVdB6ZTzycSeUWJRKF_LF_Kp8sV8EjvGHGjqk_4IZkY&pvsid=3867253434869664&tmod=329237808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=9&fsb=1&xpc=IbothmDOnX&p=https%3A//ttdown.org&dtd=947
Frame ID: 9E53AD2979938BA3F106F7F046061706
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Frame ID: 9077B5B0C7A427D1A93681809AF1A660
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Frame ID: DCC851DAC4F71BF6788B87454E8A69A7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E038C1B722B94575BDE878742C0735CF
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6506F123F747291BEA181E1E3BF82DDF
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CF68jFr1sZL7HNO78xtYP36K4gAyj0ObUcMn4wd_WEMCNtwEQASAAYI0CggEXY2EtcHViLTA5MTY3NjY4NTExMDMzMzjIAQmoAwGqBLwBT9C65-MhG58kHMFkfxZl1oW6fRi6-nsgoGm4NZx7JBb7KelMebAA8ebb3ZA-tckmz21EsvC5sHilkq5D9mkCh3i1RjqhIyKub1CFwrFTkXfFqtCm72fQ8aLQnNTaPO3lztLaOjVPTBnm_6XIluuBmTdXPiMBD7cRHiaMA8sBphbmjwNVN9u2UmoSafnCSA19i3r8JrudMB-i6r24liQ31_QU1a67psa-R86ImS5WogcGlFmARJhIrQ0OulSABry--YOl26PO0wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0wOTE2NzY2ODUxMTAzMzM4GAA&sigh=tMxMm8ef_cU&uach_m=[UACH]&cid=CAQSPABygQiDcg87Bz_iMbAAyh6drLAzgDFrE4QDjPYAh7SMxzQIrLMd7JlJ27xA7NF3fAddnB-rNn0g-8mMHBgB
Frame ID: 81A1F97919AB89872C917236A28A7C6A
Requests: 27 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13359178174328754851/index.html
Frame ID: 87AF0BE97F6888BFDBFC17F627DD25D8
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 6E721F5D6258BA90AADD81B908922F91
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 48636CE7708147CD608FE06BCA8D566E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7F5A73C86E001C03693F09507819DDEA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7351087C031E7214044C480FD5F10A30
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lem16sZAAAAALBFSPRbts6QawPUTh7pZgaoXXQn&co=aHR0cHM6Ly90dGRvd24ub3JnOjQ0Mw..&hl=ka&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&cb=fku5fbc77jb
Frame ID: 5DD368133DBDAAF8183E40DC5468985C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lem16sZAAAAALBFSPRbts6QawPUTh7pZgaoXXQn&co=aHR0cHM6Ly90dGRvd24ub3JnOjQ0Mw..&hl=ka&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&sa=submit&cb=e8kgojqattkt
Frame ID: CCCCCC4FB818F1929A96BC0EBE32DAF9
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

download tiktok video in mp4 & mp3 formats free at ttdown.org

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

205
Requests

91 %
HTTPS

0 %
IPv6

36
Domains

50
Subdomains

38
IPs

8
Countries

4665 kB
Transfer

8432 kB
Size

43
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.tiktok.com/
Title: click here

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Bookmarklet
Title: bookmarklet

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://ttdown.org

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Download+twitter+Videos+Free+Fast+Secire&url=https://ttdown.org

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://ttdown.org&title=Download+twitter+Videos&summary=you+gotta+get+on+this&source=https://ttdown.org

Search URL Search Domain Scan URL

URL: https://www.tumblr.com/share/link?url=https://ttdown.org&name=twitter+Video+Downloader&description=good+stuff

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 85

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAbsOTmSwn8YDe5esAQHx8w&google_cver=1

Request Chain 86

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZGy9FkCOJ2lu2KDQ6b.d1gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAbsOTmSwn8YDe5esAQHx8w&google_cver=1&google_hm=2

Request Chain 87

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPeyxIofgUTZ9R2VM2BEtMM&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPeyxIofgUTZ9R2VM2BEtMM%26google_cver%3D1

Request Chain 88

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk2Mzc0NDUyMzY1MjkwMjc4NA%3D%3D

Request Chain 93

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 106

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 135

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEFZRKag0BqEEIcvapmqEYj8&google_cver=1&google_push=ATf1kGN0vJCjkbwOmP2xcF6bg8wnKBANNBUIccNx55jTirxzmtwvGx6I_rNQS-yBg1ez_PyHjBlcZ9FiDoYnr5NPVqDmooZyX9nM435K HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFZRKag0BqEEIcvapmqEYj8&google_push=ATf1kGN0vJCjkbwOmP2xcF6bg8wnKBANNBUIccNx55jTirxzmtwvGx6I_rNQS-yBg1ez_PyHjBlcZ9FiDoYnr5NPVqDmooZyX9nM435K

Request Chain 136

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPNOSTyvekZuaSAjqw4Vuuc&google_cver=1&google_push=ATf1kGND7dLtLQIa2qqDMvxVCyyjKxZxoVz7jHJl29ND2po8MfbJ5mnW0DpakjQP8jgXNVW2H3usz7IPYmAhOyxusxcohGBYAPHRg1y5 HTTP 302
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEPNOSTyvekZuaSAjqw4Vuuc&google_cver=1&google_push=ATf1kGND7dLtLQIa2qqDMvxVCyyjKxZxoVz7jHJl29ND2po8MfbJ5mnW0DpakjQP8jgXNVW2H3usz7IPYmAhOyxusxcohGBYAPHRg1y5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YTlhNjIzYzUtNGIzMi00MTk5LWE0YzAtNzUwZGM1ZDEzNjU2&google_push&gdpr=0&gdpr_consent=&ttd_tdid=a9a623c5-4b32-4199-a4c0-750dc5d13656

Request Chain 137

https://fksnk.com/cs/google?google_gid=CAESEIkkdkcjryRz-zQ5kPh4qSE&google_cver=1&google_push=ATf1kGNbTlOBq9RxoUmtPcWJhDUn1vjq6u52A2DGvAc5kwlj625Rm34DXoPc9Gwo02eadiRGXdggH9s6oSW4lr_NlhlY_6KBqBMFAzd- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OUUwMDE3NzE4QUMwOEI5Rg==

Request Chain 138

https://a.clickcertain.com/px/img/g/?google_gid=CAESEJtQy8YasWDoo0aXFqRQ9F8&google_cver=1&google_push=ATf1kGOCigpdKCIgtEZMuH0He2e7fCW48v9MEVuhhO9f0-_O74E4LFxYcqVmqOm8L8d3G5CCQqkF8qbYAGTl5rB7fUGBLVZ1egZKKr8 HTTP 302
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=7544d613-7fd3-4150-ae2e-6c5f1e4774a7&ccid=7544d613-7fd3-4150-ae2e-6c5f1e4774a7&redir=https%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fg%252f%253fdone%253dtrue%2526google_gid%253dCAESEJtQy8YasWDoo0aXFqRQ9F8%2526google_cver%253d1%2526google_push%253dATf1kGOCigpdKCIgtEZMuH0He2e7fCW48v9MEVuhhO9f0%252d_O74E4LFxYcqVmqOm8L8d3G5CCQqkF8qbYAGTl5rB7fUGBLVZ1egZKKr8%2526anx_uId%253d%2524UID HTTP 303
https://i.liadm.com/s/56408?redir=https%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fg%252f%253fdone%253dtrue%2526google_gid%253dCAESEJtQy8YasWDoo0aXFqRQ9F8%2526google_cver%253d1%2526google_push%253dATf1kGOCigpdKCIgtEZMuH0He2e7fCW48v9MEVuhhO9f0%252d_O74E4LFxYcqVmqOm8L8d3G5CCQqkF8qbYAGTl5rB7fUGBLVZ1egZKKr8%2526anx_uId%253d%2524UID&bidder_id=200441&bidder_uuid=7544d613-7fd3-4150-ae2e-6c5f1e4774a7&_li_chk=true&ccid=7544d613-7fd3-4150-ae2e-6c5f1e4774a7&previous_uuid=1e49e44d586c458d90c0664844c2115a HTTP 303
https://a.clickcertain.com/px/li/?redir=https%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fg%252f%253fdone%253dtrue%2526google_gid%253dCAESEJtQy8YasWDoo0aXFqRQ9F8%2526google_cver%253d1%2526google_push%253dATf1kGOCigpdKCIgtEZMuH0He2e7fCW48v9MEVuhhO9f0%252d_O74E4LFxYcqVmqOm8L8d3G5CCQqkF8qbYAGTl5rB7fUGBLVZ1egZKKr8%2526anx_uId%253d%2524UID&ccid=7544d613-7fd3-4150-ae2e-6c5f1e4774a7 HTTP 302
https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/g/?done=true&google_gid=CAESEJtQy8YasWDoo0aXFqRQ9F8&google_cver=1&google_push=ATf1kGOCigpdKCIgtEZMuH0He2e7fCW48v9MEVuhhO9f0-_O74E4LFxYcqVmqOm8L8d3G5CCQqkF8qbYAGTl5rB7fUGBLVZ1egZKKr8&anx_uId=$UID

Request Chain 139

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHCMVEuciZp12DBF1CW_U94&google_cver=1&google_push=ATf1kGOAw1yfIioDqeyX3h8Uc9EDDok4a_XsUc0z7LQ1LpIiJBMnBXtiYcHxYNIONv-3oCIeob7derRaHaeZcewQaMZJWGtuN0zm0WvV HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHCMVEuciZp12DBF1CW_U94&google_cver=1&google_push=ATf1kGOAw1yfIioDqeyX3h8Uc9EDDok4a_XsUc0z7LQ1LpIiJBMnBXtiYcHxYNIONv-3oCIeob7derRaHaeZcewQaMZJWGtuN0zm0WvV HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTUyMDM5ODAzNzM4MjgyNA&google_push=ATf1kGOAw1yfIioDqeyX3h8Uc9EDDok4a_XsUc0z7LQ1LpIiJBMnBXtiYcHxYNIONv-3oCIeob7derRaHaeZcewQaMZJWGtuN0zm0WvV

Request Chain 140

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEGsdK0eM5xYwgAtFrGPIv6E&google_cver=1&google_push=ATf1kGNTkiT0lX_vi7CxUrHwiUcnVVmlxsWuouERTkHwP19V8wQxl5Bn-enMqgC2h9Q_WCRyq4z1TWBgSkdFsL0xnSkhANF9L5XHbUrhsw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGNTkiT0lX_vi7CxUrHwiUcnVVmlxsWuouERTkHwP19V8wQxl5Bn-enMqgC2h9Q_WCRyq4z1TWBgSkdFsL0xnSkhANF9L5XHbUrhsw&google_hm=QlMuNDM4OS05OTgzLTQ1NTAtYjczNA==

Request Chain 141

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEHY2srZ5LTyWlKkm_UHqQtk&google_cver=1&google_push=ATf1kGPeVMA1kfjM4wtfF8McPpU91C8W-14kYJUVpOU3Gl1eYDQa-9n-Arlz1zeFRjaAKyzbXYpdMwl4nzYQui6nMjAH2kW2oXT-1QXXDA HTTP 302
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEHY2srZ5LTyWlKkm_UHqQtk%26google_cver%3D1%26google_push%3DATf1kGPeVMA1kfjM4wtfF8McPpU91C8W-14kYJUVpOU3Gl1eYDQa-9n-Arlz1zeFRjaAKyzbXYpdMwl4nzYQui6nMjAH2kW2oXT-1QXXDA HTTP 302
https://rtb2-useast.e-volution.ai/sync?adkuid=A7633871131037786008&exchange=193&google_gid=CAESEHY2srZ5LTyWlKkm_UHqQtk&google_cver=1&google_push=ATf1kGPeVMA1kfjM4wtfF8McPpU91C8W-14kYJUVpOU3Gl1eYDQa-9n-Arlz1zeFRjaAKyzbXYpdMwl4nzYQui6nMjAH2kW2oXT-1QXXDA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTc2MzM4NzExMzEwMzc3ODYwMDg&google_push=ATf1kGPeVMA1kfjM4wtfF8McPpU91C8W-14kYJUVpOU3Gl1eYDQa-9n-Arlz1zeFRjaAKyzbXYpdMwl4nzYQui6nMjAH2kW2oXT-1QXXDA

Request Chain 148

https://gcdn.2mdn.net/videoplayback/id/f640bab4b2b9f3a2/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1716383895/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/0D5B696EAC6E21B150CE055979E2CC91FF959011.7B3A365D5024C1C298D0BB3FB6E165EFFBCDA0F4/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-4g5lznlz.c.2mdn.net/videoplayback/id/f640bab4b2b9f3a2/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1716383895/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/242091B59A0F73CF996E79DFE4C1C10F6E6FC0A1.5E948B5ABB6ECFF138002796BFA652477109ACE3/key/cms1/cms_redirect/yes/mh/mw/mip/91.239.206.129/mm/42/mn/sn-4g5lznlz/ms/onc/mt/1684847574/mv/m/mvi/4/pl/24/file/file.mp4

Request Chain 163

https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEEWOQXWueZws7JQrVW4y8uM&google_cver=1&google_push=ATf1kGPvCTzxfE2r_fZX0bj6llTjZQqDsa7rBAuHewUgkysLAqh00uzZukjZoEKPFWLuGkS9wz1xaRDL9k4cUXieb06V8uTjn7o4-to HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTkzMjk1Nzc2MjUwMjQxNjY4Mg&google_push=ATf1kGPvCTzxfE2r_fZX0bj6llTjZQqDsa7rBAuHewUgkysLAqh00uzZukjZoEKPFWLuGkS9wz1xaRDL9k4cUXieb06V8uTjn7o4-to

Request Chain 164

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJcEho6F_39OoKeBh6g5YBc&google_cver=1&google_push=ATf1kGOgjoTal7cj3ZoTZhWchWegwXpdgPvEzD2YvaUMRREcP_Mk1bkbxTtrFqutPvqKTxy0heZgYw1pXRa8ZFj_WcgZ10XSww5-4_0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiEjCpxqeAV5Dz97VScAfNqBDA0aYK0DDOQ&google_push=ATf1kGOgjoTal7cj3ZoTZhWchWegwXpdgPvEzD2YvaUMRREcP_Mk1bkbxTtrFqutPvqKTxy0heZgYw1pXRa8ZFj_WcgZ10XSww5-4_0

Request Chain 165

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEGsdK0eM5xYwgAtFrGPIv6E&google_cver=1&google_push=ATf1kGP0aZvGV54tVHNcXSuZ-idXlabu7hUbKqmcV2zJRhpMKcXPWRS7zZfUObC40Y1FTKFtsGBKVFgylfvdWCe4a1Pu74UP7yCqQK4Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGP0aZvGV54tVHNcXSuZ-idXlabu7hUbKqmcV2zJRhpMKcXPWRS7zZfUObC40Y1FTKFtsGBKVFgylfvdWCe4a1Pu74UP7yCqQK4Q&google_hm=QlMuZDAxYS0xM2MzLTRhY2UtOGFkNA==

Request Chain 166

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEIGk0BXPGU_9Ahzf4psL2pI&google_cver=1&google_push=ATf1kGOfHQdIoGAe8a-x6fPayvcBeBwVEke6tBpFlyJ4p1qjFQf3uex6Jmq91We40lOl_1JSBvV5TnydYL60wwHJflCkoGNX--SjR2kG HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGOfHQdIoGAe8a-x6fPayvcBeBwVEke6tBpFlyJ4p1qjFQf3uex6Jmq91We40lOl_1JSBvV5TnydYL60wwHJflCkoGNX--SjR2kG&google_hm=3EpQR0AbQ5qXYQKL8tz1fIE

Request Chain 167

https://an.yandex.ru/mapuid/google/CAESEET_SJbmtBbkTSybuP4xCTg?ext-param=ATf1kGPUQTi6GdeWYfCsPaXjrv8VXwBKShX_uZ-VOSclosThzqEfFQVMilzt_Ff6hcQSHzrWPfE4BFqbcgL6ud0XI73gTe3FjR-soYu5&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESEET_SJbmtBbkTSybuP4xCTg?redir-setuniq=1&ext-param=ATf1kGPUQTi6GdeWYfCsPaXjrv8VXwBKShX_uZ-VOSclosThzqEfFQVMilzt_Ff6hcQSHzrWPfE4BFqbcgL6ud0XI73gTe3FjR-soYu5&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEET_SJbmtBbkTSybuP4xCTg&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 178

https://eu-u.openx.net/w/1.0/sd?id=539901412&val=d8f42ce9-5179-438b-a7c7-0bca822c5478&gdpr=0&gdpr_consent= HTTP 302
https://eu-u.openx.net/w/1.0/sd?cc=1&id=539901412&val=d8f42ce9-5179-438b-a7c7-0bca822c5478&gdpr=0&gdpr_consent=

Request Chain 183

https://x.bidswitch.net/sync?dsp_id=364&user_id=d8f42ce9-5179-438b-a7c7-0bca822c5478&expires=30&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=364&user_id=d8f42ce9-5179-438b-a7c7-0bca822c5478&expires=30&gdpr=0&gdpr_consent=

205 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ttdown.org/ 23 KB
8 KB 544ms
209ms Document
text/html 51.38.158.6
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ttdown.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.38.158.6 , France, ASN16276 (OVH, FR),
Reverse DNS: ip6.ip-51-38-158.eu
Software: nginx/1.20.1 / PHP/7.3.15
Resource Hash: e6949d53ceaf277b213f5859edda3fa099350c26009e7b6db7b866df1e135aa6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 23 May 2023 13:18:11 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx/1.20.1
vary: Accept-Encoding
x-powered-by: PHP/7.3.15

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.3.1/css/ 48 KB
9 KB 406ms
139ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.3.1/css/all.min.css

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 62489
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8608
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-be09"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fIGb0irjjUIU7eX4KIB%2F1Uj5UtDonTExVUGsW1R5PCaTIZPoC80NPXP%2FxLdAh7f5Z%2FMPBEWjwr3mAehjygMg9usTcd8x5b3azPqWj8b9NshwV%2Feir6ux6sisXnJ4%2BAvpMUgZ%2FQHJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7cbd955b79269ba6-FRA
expires: Sun, 12 May 2024 13:18:11 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
899 B 441ms
140ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&display=swap

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

ESF /

Resource Hash

3333a2035912d27f9f31d7ef4d7a59aab880a4a89fa54a729dcdf1bc8bcdb81c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 23 May 2023 13:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 23 May 2023 13:10:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 May 2023 13:18:11 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
667 B 483ms
183ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100,400&display=swap

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

ESF /

Resource Hash

687133f955bb2cc174679c6ff91a1d2f6c811dbf1d87672d06ed083614dedb3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 23 May 2023 13:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 23 May 2023 13:18:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 May 2023 13:18:11 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
47 KB 476ms
190ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

d971fc38b1864da00f31de090e98844b807f8bfa04ae0c74b67058245c7dd2a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47490
x-xss-protection: 0
server: cafe
etag: 9294491881248408476
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 23 May 2023 13:18:11 GMT

GET
H2 200 ttdown-tiktok-download-logo-small.gif
ttdown.org/img/ 3 KB
3 KB 207ms
207ms Image
image/gif 51.38.158.6
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ttdown.org/img/ttdown-tiktok-download-logo-small.gif
Requested by: Host: ttdown.org
URL: https://ttdown.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.38.158.6 , France, ASN16276 (OVH, FR),
Reverse DNS: ip6.ip-51-38-158.eu
Software: nginx/1.20.1 /
Resource Hash: 21c2d6302a4d274fba11433436022a7e1e4f076af1017031c2679b6dcf5eb230

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:11 GMT
last-modified: Thu, 05 Mar 2020 03:30:40 GMT
server: nginx/1.20.1
accept-ranges: bytes
etag: "5e607260-d1c"
content-length: 3356
content-type: image/gif

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/ 138 KB
22 KB 440ms
153ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ttdown.org/
Origin: https://ttdown.org
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 756
age: 2300505
cdn-cachedat: 11/21/2022 20:38:40
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"04aca1f4cd3ec3c05a75a879f3be75a3"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 19aab239f8f3bee24d4eaef9bb6d16d4
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7cbd955bbba318cf-FRA
cdn-requestpullsuccess: True

GET
H2 200 default.css
ttdown.org/css/ 10 KB
3 KB 208ms
206ms Stylesheet
text/css 51.38.158.6
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ttdown.org/css/default.css?v00003
Requested by: Host: ttdown.org
URL: https://ttdown.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.38.158.6 , France, ASN16276 (OVH, FR),
Reverse DNS: ip6.ip-51-38-158.eu
Software: nginx/1.20.1 /
Resource Hash: 36b425707de4faa39f3d768f13f7f4c72dbc9103f0a68f6ad7e0298fd5449dba

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:11 GMT
content-encoding: gzip
last-modified: Thu, 05 Mar 2020 03:30:39 GMT
server: nginx/1.20.1
etag: W/"5e60725f-297e"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 418ms
132ms Script
application/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: ttdown.org
URL: https://ttdown.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer: https://ttdown.org/
Origin: https://ttdown.org
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:11 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1538f"
vary: Accept-Encoding
x-hw: 1684847891.dop208.ve1.t,1684847891.cds237.ve1.hn,1684847891.cds239.ve1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 50 KB
14 KB 528ms
241ms Script
application/javascript 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ttdown.org/
Origin: https://ttdown.org
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1048
age: 2300505
cdn-cachedat: 11/11/2022 02:42:40
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"67176c242e1bdc20603c878dee836df3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 4fc42fdbfb74aea769a35e7872b43b57
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7cbd955bbba718cf-FRA
cdn-requestpullsuccess: True

GET
H2 200 jquery.easing.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.4.1/ 2 KB
1 KB 446ms
196ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.4.1/jquery.easing.min.js

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 328281
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 747
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-9e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EtPZfkiM4K1WBAxEdkFhVRTueC1haXzgNAGuqQC5ypYLmtps%2BFhw1EfBNBeVXpy%2FSsWABQd3ikOFgFbrvth67r8J%2BHRGUl%2FGHbunah%2Fp9mxejAco4br3%2FSBjyXxFKI4%2FeTc9%2FNPP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7cbd955b79299ba6-FRA
expires: Sun, 12 May 2024 13:18:11 GMT

GET
H2 200 jquery.lazy.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.10/ 5 KB
2 KB 447ms
197ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.10/jquery.lazy.min.js

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64fbc7f830625ecd6ff3293b96665aebec2a9be9336f02fd47508eb59f7ec23a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7242557
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2092
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-139f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ji1TXv73yMMhObrz9gfi8cY5g%2B5AGiZYDFQwpOU7uR7UpkLqXWoGh0W5%2B7cw4DztPdyz4JgXoCjuNDGDDNAmRATCgECp%2BzKQuxYFNyk7eNadhKgM86EMyZ2m75r%2Bg2e3pDb3rqCs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7cbd955b79279ba6-FRA
expires: Sun, 12 May 2024 13:18:11 GMT

GET
H2 200 default.js Show response
ttdown.org/js/ 4 KB
2 KB 198ms
197ms Script
application/javascript 51.38.158.6
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ttdown.org/js/default.js?v0007
Requested by: Host: ttdown.org
URL: https://ttdown.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.38.158.6 , France, ASN16276 (OVH, FR),
Reverse DNS: ip6.ip-51-38-158.eu
Software: nginx/1.20.1 /
Resource Hash: 8b2474b764a8cfd1b5664776d16b24ba4a2a3519734ebb7d83dda5447f3c976c

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:11 GMT
content-encoding: gzip
last-modified: Tue, 22 Feb 2022 12:29:44 GMT
server: nginx/1.20.1
etag: W/"6214d738-11cc"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 jquery.lazy.av.min.js Show response
ttdown.org/vendor/ 1001 B
737 B 192ms
192ms Script
application/javascript 51.38.158.6
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ttdown.org/vendor/jquery.lazy.av.min.js
Requested by: Host: ttdown.org
URL: https://ttdown.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.38.158.6 , France, ASN16276 (OVH, FR),
Reverse DNS: ip6.ip-51-38-158.eu
Software: nginx/1.20.1 /
Resource Hash: 4b2ddf9caf0636f523f0ce76e534131e699e82a8b79fbf7e37ca48e9c69f1f75

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:11 GMT
content-encoding: gzip
last-modified: Thu, 05 Mar 2020 03:30:44 GMT
server: nginx/1.20.1
etag: W/"5e607264-3e9"
vary: Accept-Encoding
content-type: application/javascript

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.3.1/webfonts/ 66 KB
66 KB 789ms
652ms Font
application/octet-stream 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.3.1/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.3.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90f1126b989142c6bc5d440d488b3cad4e6ef9d421c5735fc733eca246dc37b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.3.1/css/all.min.css
Origin: https://ttdown.org
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:12 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1068086
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67400
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-10748"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AgxKcZyCoFm1F6lfo%2F4PhSHGnQciilEWw%2BqFaQZ0jhUbTxUBf%2B5TaOo%2BiJUBcv%2FJbfiNTqDpxTtP4e3kBOnCafR5jSgBpsQ3mfMUnQ7sGSADfJvPx8pEs%2Buy6H1B9qgjw%2Fn0swn4"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7cbd955d4fed2bf5-FRA
expires: Sun, 12 May 2024 13:18:12 GMT

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.3.1/webfonts/ 64 KB
65 KB 275ms
138ms Font
application/octet-stream 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.3.1/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.3.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b2f16d928f9ac95f54a28ca48aa43ef5196f4870789a5822d781caf6dd51375

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.3.1/css/all.min.css
Origin: https://ttdown.org
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:12 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 330985
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 65316
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-ff24"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=It1xXvkWYHplI%2FQA0uicOA6tuXO%2B0IQ9xwauqlcpx3k0T16qGEFPi0LZzMMCYUvft94Ala3IT5%2FXaEWwRh3Kkk80VpbNqhcgEmv0qxmy5KfDPsGsNPsMzXOXGosyMNZ5DHaqNxdk"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7cbd955d4ff02bf5-FRA
expires: Sun, 12 May 2024 13:18:12 GMT

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.3.1/webfonts/ 15 KB
15 KB 1713ms
1576ms Font
application/octet-stream 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.3.1/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.3.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

086ef1821ec1abf73e68581524767210cbbcc879ae07def1cf46fc9fff4e9d4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.3.1/css/all.min.css
Origin: https://ttdown.org
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:12 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3092151
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14868
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-3a14"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KV%2FhPhlXjLT4R49gnZKWKvRtEo5En7II7LhGqDso2wOz5dqJTYfZkMKGMwLlFNYbmIp%2FnhFZZUvTnsZeRNM%2B8NGjhAhFJwHiSQCwxzSKdJdjlnOWDIROUUivFxRdiv%2Bggrt4atoz"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7cbd955d4ff22bf5-FRA
expires: Sun, 12 May 2024 13:18:12 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 685ms
402ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ttdown.org
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:34:09 GMT
x-content-type-options: nosniff
age: 254643
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 14:34:09 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 636ms
353ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ttdown.org
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 15:41:45 GMT
x-content-type-options: nosniff
age: 250587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 15:41:45 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v24/ 24 KB
24 KB 481ms
198ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ttdown.org
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:40:31 GMT
x-content-type-options: nosniff
age: 268661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24408
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:14:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 10:40:31 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 571ms
291ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ttdown.org
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 13:31:10 GMT
x-content-type-options: nosniff
age: 258422
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 13:31:10 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/ 354 KB
120 KB 273ms
272ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

cb4a33e9cc8a49fb9d67df67aa444e4dddec0c366a6ae7f4198f3ec099445598

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122565
x-xss-protection: 0
server: cafe
etag: 11404687867899053958
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 13:18:12 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230518/r20190131/ Frame B3BC 10 KB
5 KB 742ms
130ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230518/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttdown.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 51819
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 May 2023 22:54:33 GMT
etag: 15057649708203361565
expires: Mon, 05 Jun 2023 22:54:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
601 B 404ms
137ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ttdown.org&callback=_gfp_s_&client=ca-pub-0916766851103338

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

5175a46a59ad96f574a3f9e5842c12ee7010a689b18d33d25b46dabfd7ba3887

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ge/adsid/ 107 B
531 B 422ms
147ms Script
application/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ge/adsid/integrator.js?domain=ttdown.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 416ms
146ms Script
application/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ttdown.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 165ms
165ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&id=mainNav&cls=navbar%20navbar-expand-lg%20bg-secondary%20fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D3AA 340 KB
86 KB 934ms
828ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&adk=2020088507&adf=637443794&lmt=1684847892&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l%7C212x540_r&format=0x0&url=https%3A%2F%2Fttdown.org%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847892073&bpp=8&bdt=646&idt=515&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3186862124183&frm=20&pv=2&ga_vid=1312077257.1684847893&ga_sid=1684847893&ga_hid=1378733181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44789779&oid=2&pvsid=3867253434869664&tmod=329237808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=534

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

d142b6f4a44e3debac46643dea7c839fc48a4cbe1454eba12b7da1eb28ad5d32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttdown.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 87815
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:18:13 GMT
expires: Tue, 23 May 2023 13:18:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1A58 103 KB
36 KB 1071ms
979ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=280&adk=1266370990&adf=2427394704&pi=t.aa~a.2146518072~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684847892&rafmt=1&to=qs&pwprc=4777445207&format=1200x280&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847892081&bpp=2&bdt=654&idt=531&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3186862124183&frm=20&pv=1&ga_vid=1312077257.1684847893&ga_sid=1684847893&ga_hid=1378733181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44789779&oid=2&pvsid=3867253434869664&tmod=329237808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XGb1kw1Tu2&p=https%3A//ttdown.org&dtd=540

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

d19f832dbf2d406e926ba6762bb9699b8121a14b39d3eecc4e266fcd15c69261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttdown.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36599
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:18:13 GMT
expires: Tue, 23 May 2023 13:18:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ef33bde3b6f53b5d50fc677805f1b9fa.js Show response
www.gstatic.com/mysidia/ Frame 1A58 8 KB
4 KB 406ms
136ms Script
text/javascript 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ef33bde3b6f53b5d50fc677805f1b9fa.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=280&adk=1266370990&adf=2427394704&pi=t.aa~a.2146518072~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684847892&rafmt=1&to=qs&pwprc=4777445207&format=1200x280&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847892081&bpp=2&bdt=654&idt=531&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3186862124183&frm=20&pv=1&ga_vid=1312077257.1684847893&ga_sid=1684847893&ga_hid=1378733181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44789779&oid=2&pvsid=3867253434869664&tmod=329237808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XGb1kw1Tu2&p=https%3A//ttdown.org&dtd=540

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

d42e2b0fdb945504b8da66763e41d57d6245ab8218c6df329b56a841ffbcd7ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 May 2023 20:24:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 579231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3674
x-xss-protection: 0
last-modified: Tue, 16 May 2023 20:07:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 14 Aug 2023 20:24:23 GMT

GET
H2 200 ee89b602e2534f412f73bbda73fe42b2.js Show response
www.gstatic.com/mysidia/ Frame 1A58 9 KB
4 KB 407ms
136ms Script
text/javascript 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ee89b602e2534f412f73bbda73fe42b2.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

79b7ea99abb66869005319b8443ee41c65ae93a3ecdfebdc6cee9df87d87b8dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 04:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33467
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4066
x-xss-protection: 0
last-modified: Mon, 22 May 2023 16:52:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 04:00:27 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1A58 9 KB
1 KB 143ms
141ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

ESF /

Resource Hash

b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 23 May 2023 13:18:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 23 May 2023 12:45:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 May 2023 13:18:13 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/ 152 KB
51 KB 201ms
200ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

8de4fc1c83bf24f919e8da8ffa459690d10217a5c0630e7b2bb44702cd999ddd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52640
x-xss-protection: 0
server: cafe
etag: 13848230844004626019
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 13:18:13 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 1A58 2 KB
846 B 135ms
134ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 22:00:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55091
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 22:00:03 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/ Frame 1A58 22 KB
9 KB 405ms
130ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 21:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 21:56:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 1A58 3 KB
1 KB 135ms
134ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 10:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8400
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 10:58:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 1A58 19 KB
8 KB 416ms
141ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 21:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 21:56:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1A58 171 KB
54 KB 414ms
141ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 13:18:14 GMT

GET
H2 200 0a0369f67a094afc57e3321b90807283.js Show response
www.gstatic.com/mysidia/ Frame 1A58 32 KB
13 KB 136ms
135ms Script
text/javascript 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0a0369f67a094afc57e3321b90807283.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

88a51fe784c58c712a93f3f4e123e163e901042438df74cf793bdcf28eb090d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 17:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13649
x-xss-protection: 0
last-modified: Mon, 22 May 2023 16:52:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 20 Aug 2023 17:15:44 GMT

GET
H2 200 integrator.js Show response
adservice.google.ge/adsid/ 107 B
165 B 143ms
142ms Script
application/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ge/adsid/integrator.js?domain=ttdown.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 141ms
141ms Script
application/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ttdown.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2AF2 430 B
501 B 487ms
486ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=280&adk=2655906738&adf=2641485162&pi=t.aa~a.827312887~i.4~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1684847893&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4777445207&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847893751&bpp=1&bdt=2325&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df021167263dd2045-22fe57cae8dd0063%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_MY-sLfBzkJ_hMfqTphWdk1ZpI-ZqQ&gpic=UID%3D00000c1a28cc22a7%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_Ma-0s_D5mWwOTkSjUD988idkncIGQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=3186862124183&frm=20&pv=1&ga_vid=1312077257.1684847893&ga_sid=1684847893&ga_hid=1378733181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1937&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44789779&oid=2&pvsid=3867253434869664&tmod=329237808&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=YavYS4gR3t&p=https%3A//ttdown.org&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

271d7ad162501b23e32fb70e44face9a5e35d06a47737efb6afc7b7d59bea129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttdown.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:18:14 GMT
expires: Tue, 23 May 2023 13:18:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 00F0 79 KB
26 KB 635ms
634ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=280&adk=2655906738&adf=2244495584&pi=t.aa~a.827312887~i.13~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1684847893&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4777445207&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847893751&bpp=1&bdt=2324&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df021167263dd2045-22fe57cae8dd0063%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_MY-sLfBzkJ_hMfqTphWdk1ZpI-ZqQ&gpic=UID%3D00000c1a28cc22a7%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_Ma-0s_D5mWwOTkSjUD988idkncIGQ&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=3186862124183&frm=20&pv=1&ga_vid=1312077257.1684847893&ga_sid=1684847893&ga_hid=1378733181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44789779&oid=2&pvsid=3867253434869664&tmod=329237808&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=PCy2zds6qk&p=https%3A//ttdown.org&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

5392acfee6a297cd34c04c65c97ad706f252dc95c7d5df49fedfdc1dd9cca985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttdown.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 26043
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:18:14 GMT
expires: Tue, 23 May 2023 13:18:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4B12 430 B
527 B 421ms
420ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=280&adk=2655906738&adf=4242353128&pi=t.aa~a.827312887~i.15~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1684847893&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4777445207&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847893751&bpp=1&bdt=2325&idt=1&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df021167263dd2045-22fe57cae8dd0063%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_MY-sLfBzkJ_hMfqTphWdk1ZpI-ZqQ&gpic=UID%3D00000c1a28cc22a7%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_Ma-0s_D5mWwOTkSjUD988idkncIGQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280&nras=5&correlator=3186862124183&frm=20&pv=1&ga_vid=1312077257.1684847893&ga_sid=1684847893&ga_hid=1378733181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44789779&oid=2&pvsid=3867253434869664&tmod=329237808&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=L9sqL0aSfc&p=https%3A//ttdown.org&dtd=17

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e4da7bb375e25cd5b30844545a5ece6910abb0f390eb340700eb96eb9410a2ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttdown.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:18:14 GMT
expires: Tue, 23 May 2023 13:18:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B263 430 B
501 B 455ms
450ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=280&adk=723392857&adf=1724911246&pi=t.aa~a.3732354746~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1684847893&rafmt=1&to=qs&pwprc=4777445207&format=1200x280&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847893773&bpp=1&bdt=2346&idt=1&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df021167263dd2045-22fe57cae8dd0063%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_MY-sLfBzkJ_hMfqTphWdk1ZpI-ZqQ&gpic=UID%3D00000c1a28cc22a7%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_Ma-0s_D5mWwOTkSjUD988idkncIGQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=3186862124183&frm=20&pv=1&ga_vid=1312077257.1684847893&ga_sid=1684847893&ga_hid=1378733181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44789779&oid=2&pvsid=3867253434869664&tmod=329237808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=1PMHMfGGDy&p=https%3A//ttdown.org&dtd=13

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

a3d4e56929d6eeb2b30122521698dc4acfa6ffc73640904d00daa178b3498792

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttdown.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:18:14 GMT
expires: Tue, 23 May 2023 13:18:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.ge/adsid/ 107 B
122 B 149ms
148ms Script
application/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ge/adsid/integrator.js?domain=ttdown.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 144ms
143ms Script
application/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ttdown.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/ Frame 454B 10 KB
4 KB 137ms
136ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttdown.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 51995
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 May 2023 22:51:39 GMT
etag: 15057649708203361565
expires: Mon, 05 Jun 2023 22:51:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/ Frame 036D 10 KB
4 KB 142ms
142ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttdown.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 51995
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 May 2023 22:51:39 GMT
etag: 15057649708203361565
expires: Mon, 05 Jun 2023 22:51:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/ Frame D143 10 KB
4 KB 157ms
156ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttdown.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 51995
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 May 2023 22:51:39 GMT
etag: 15057649708203361565
expires: Mon, 05 Jun 2023 22:51:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1A58 0
0 186ms
185ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ct_-kFL1sZN-xM9O7vPIPrIGVSJ2E_vVu_cWu4bsQ3aq81_ICEAEgjt2fA2CNAqAB3oKbnQLIAQGoAwHIA8sEqgTWAU_QyiYVl5evkNWpvymidskDUkC_NHavrzFrdwszyw9-YbAklOelskWhywnpqVneNElY6GmEmG1HORxwWw7uqorqEpa_XHwO0IDEUipscmOa2x22Gi298jw5A8mKDUZvhlg0UdT-NTWiTz0B2w5eF0xFE686gRy84qRl8rkm93n_s-s7GEpC08K3P37s0wcw7CFpPad5Iw4JEiWHdQehYk8FRd6kUnbgLm2_OgZJg9G5FtqEudfG026PsgjzKvCKMBRRSXG7bJDpjM3XTIhLgvYVIS1euQvABLPAu-zIA5IFBAgEGAGSBQQIBRgEgAeK_eTiAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELOJBNIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB2BMK0BUBgBcBshccChoIABIUcHViLTA5MTY3NjY4NTExMDMzMzgYAA&sigh=nU6XetOq7fs&uach_m=[UACH]&cid=CAQSGwBygQiDu3073eXZnqTdD4vgJKTnyOTRNcZjnRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=280&adk=1266370990&adf=2427394704&pi=t.aa~a.2146518072~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684847892&rafmt=1&to=qs&pwprc=4777445207&format=1200x280&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847892081&bpp=2&bdt=654&idt=531&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3186862124183&frm=20&pv=1&ga_vid=1312077257.1684847893&ga_sid=1684847893&ga_hid=1378733181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44789779&oid=2&pvsid=3867253434869664&tmod=329237808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XGb1kw1Tu2&p=https%3A//ttdown.org&dtd=540
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 23 May 2023 13:18:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 23 May 2023 13:18:14 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F136 143 B
166 B 135ms
134ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=280&adk=1266370990&adf=2427394704&pi=t.aa~a.2146518072~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684847892&rafmt=1&to=qs&pwprc=4777445207&format=1200x280&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847892081&bpp=2&bdt=654&idt=531&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3186862124183&frm=20&pv=1&ga_vid=1312077257.1684847893&ga_sid=1684847893&ga_hid=1378733181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44789779&oid=2&pvsid=3867253434869664&tmod=329237808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XGb1kw1Tu2&p=https%3A//ttdown.org&dtd=540
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 440
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:10:54 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BD03 430 B
226 B 459ms
457ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.701953935~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1684847894&rafmt=1&to=qs&pwprc=4777445207&format=1200x280&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847893777&bpp=1&bdt=2351&idt=1&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df021167263dd2045-22fe57cae8dd0063%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_MY-sLfBzkJ_hMfqTphWdk1ZpI-ZqQ&gpic=UID%3D00000c1a28cc22a7%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_Ma-0s_D5mWwOTkSjUD988idkncIGQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280%2C1200x280%2C200x540%2C144x540%2C728x90&nras=10&correlator=3186862124183&frm=20&pv=1&ga_vid=1312077257.1684847893&ga_sid=1684847893&ga_hid=1378733181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4662&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44789779&oid=2&pvsid=3867253434869664&tmod=329237808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=8&fsb=1&xpc=dSFje3R2Sm&p=https%3A//ttdown.org&dtd=471

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

932a705bb285b599138e75295592a59fe9279ab0e3e98ad6b4ad45734d83c0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttdown.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 206
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:18:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1A58 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37e249c28e9b2e8386d649ecaae4e1dfab94820845085ac53c7526f847775988

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/ Frame C3A7 78 KB
19 KB 142ms
141ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/index.html

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

0faedd2819c623985a1b68d34507498882d1d7c5611acfecfa507ac5ded6a798

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 262383
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 17685
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 12:25:11 GMT
expires: Sun, 19 May 2024 12:25:11 GMT
last-modified: Mon, 06 Mar 2023 21:39:23 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/ Frame DA5E 22 KB
9 KB 132ms
132ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite_fy2021.js

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 21:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 21:56:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame DA5E 3 KB
1 KB 273ms
272ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 10:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8400
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 10:58:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame DA5E 19 KB
8 KB 162ms
162ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 21:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 21:56:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DA5E 171 KB
53 KB 149ms
148ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 13:18:14 GMT

GET
H2 200 ef33bde3b6f53b5d50fc677805f1b9fa.js Show response
www.gstatic.com/mysidia/ Frame 454B 8 KB
4 KB 132ms
131ms Script
text/javascript 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ef33bde3b6f53b5d50fc677805f1b9fa.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

d42e2b0fdb945504b8da66763e41d57d6245ab8218c6df329b56a841ffbcd7ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 May 2023 20:24:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 579231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3674
x-xss-protection: 0
last-modified: Tue, 16 May 2023 20:07:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 14 Aug 2023 20:24:23 GMT

GET
H2 200 ee89b602e2534f412f73bbda73fe42b2.js Show response
www.gstatic.com/mysidia/ Frame 454B 9 KB
4 KB 136ms
136ms Script
text/javascript 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ee89b602e2534f412f73bbda73fe42b2.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

79b7ea99abb66869005319b8443ee41c65ae93a3ecdfebdc6cee9df87d87b8dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 04:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33467
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4066
x-xss-protection: 0
last-modified: Mon, 22 May 2023 16:52:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 04:00:27 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 454B 9 KB
932 B 142ms
141ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

ESF /

Resource Hash

b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 23 May 2023 13:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 23 May 2023 12:50:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 May 2023 13:18:14 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 454B 2 KB
799 B 279ms
278ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 22:00:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55091
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 22:00:03 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/ Frame 454B 22 KB
9 KB 262ms
261ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 21:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 21:56:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 454B 3 KB
1 KB 280ms
278ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 10:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8400
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 10:58:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 454B 19 KB
8 KB 265ms
264ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 21:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 21:56:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 454B 171 KB
53 KB 272ms
271ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 13:18:14 GMT

GET
H2 200 0a0369f67a094afc57e3321b90807283.js Show response
www.gstatic.com/mysidia/ Frame 454B 32 KB
13 KB 140ms
140ms Script
text/javascript 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0a0369f67a094afc57e3321b90807283.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

88a51fe784c58c712a93f3f4e123e163e901042438df74cf793bdcf28eb090d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 17:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13649
x-xss-protection: 0
last-modified: Mon, 22 May 2023 16:52:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 20 Aug 2023 17:15:44 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8B45 624 B
242 B 179ms
178ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEMGZ6MsDGNzcwuUBMAE&v=APEucNVUrf28V4WR62mYCudYSs30fSpf_DE1dMb055Oe9LTCpeWEt8OWOMklHseSH7pWpAwD_86si8JbSlqgaiNoj__aKMqEzA

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:18:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 179B 78 KB
27 KB 236ms
235ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 23 May 2023 13:18:14 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 179B 3 KB
1 KB 273ms
270ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 10:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8400
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 10:58:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 179B 19 KB
8 KB 265ms
263ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 21:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 21:56:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 179B 171 KB
53 KB 275ms
273ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 13:18:14 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 179B 42 B
63 B 169ms
168ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AUnoAckjOdd2V5MjLKU3Z_O3BZ5jYnqSSZZ83a3rA2c9cc7lqm74MUXkVeKbjLSRtL4NjEXcM_hMutYcgrh9mY14nFpIaaoKNRsF9G0pmLv0dytsg

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 179B 0
20 B 168ms
167ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11532094695929373388&x=1&ct=119

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 1A58 29 KB
29 KB 130ms
130ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 05:24:40 GMT
x-content-type-options: nosniff
age: 287614
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 05:24:40 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F136
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

153ms
153ms

Document
text/html

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:18:14 GMT
expires: Tue, 23 May 2023 13:18:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:18:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/ Frame 00F0 22 KB
9 KB 190ms
189ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=280&adk=2655906738&adf=2244495584&pi=t.aa~a.827312887~i.13~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1684847893&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4777445207&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847893751&bpp=1&bdt=2324&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df021167263dd2045-22fe57cae8dd0063%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_MY-sLfBzkJ_hMfqTphWdk1ZpI-ZqQ&gpic=UID%3D00000c1a28cc22a7%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_Ma-0s_D5mWwOTkSjUD988idkncIGQ&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=3186862124183&frm=20&pv=1&ga_vid=1312077257.1684847893&ga_sid=1684847893&ga_hid=1378733181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44789779&oid=2&pvsid=3867253434869664&tmod=329237808&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=PCy2zds6qk&p=https%3A//ttdown.org&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 21:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 21:56:23 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 00F0 8 KB
750 B 141ms
141ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 23 May 2023 13:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 23 May 2023 13:17:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 May 2023 13:18:14 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame 00F0 15 KB
3 KB 426ms
141ms Stylesheet
text/css 142.250.185.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f10.1e100.net

Software

sffe /

Resource Hash

7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 May 2023 12:23:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 521705
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2883
x-xss-protection: 0
last-modified: Wed, 17 May 2023 00:43:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 May 2024 12:23:09 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame 00F0 371 KB
127 KB 427ms
142ms Script
text/javascript 142.250.185.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f10.1e100.net

Software

sffe /

Resource Hash

464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 03:44:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34437
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130330
x-xss-protection: 0
last-modified: Wed, 17 May 2023 00:43:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2024 03:44:17 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 00F0 19 KB
8 KB 187ms
187ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 21:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 21:56:23 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 00F0 0
0 417ms
148ms Image
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTtd58IGUf1A_GoYRxkewUj5iZNKBaKoPQyw1eIul6VlFERDTVJJiTf7pPt2OZm4T55fdJYqUHwa_dykDiWOKjpabG8xA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=280&adk=2655906738&adf=2244495584&pi=t.aa~a.827312887~i.13~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1684847893&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4777445207&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847893751&bpp=1&bdt=2324&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df021167263dd2045-22fe57cae8dd0063%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_MY-sLfBzkJ_hMfqTphWdk1ZpI-ZqQ&gpic=UID%3D00000c1a28cc22a7%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_Ma-0s_D5mWwOTkSjUD988idkncIGQ&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=3186862124183&frm=20&pv=1&ga_vid=1312077257.1684847893&ga_sid=1684847893&ga_hid=1378733181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44789779&oid=2&pvsid=3867253434869664&tmod=329237808&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=PCy2zds6qk&p=https%3A//ttdown.org&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E692 143 B
166 B 139ms
139ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 440
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:10:54 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C3A7 16 KB
6 KB 146ms
146ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 19:40:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63476
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 23 May 2023 19:40:18 GMT

GET
H2 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C3A7 34 KB
13 KB 136ms
136ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 01:47:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41429
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 24 May 2023 01:47:45 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8B45
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAbsOTmSwn8YDe5esAQHx8w&google_cver=1

43 B
766 B

255ms
133ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAbsOTmSwn8YDe5esAQHx8w&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEMGZ6MsDGNzcwuUBMAE&v=APEucNVUrf28V4WR62mYCudYSs30fSpf_DE1dMb055Oe9LTCpeWEt8OWOMklHseSH7pWpAwD_86si8JbSlqgaiNoj__aKMqEzA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 May 2023 13:18:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAbsOTmSwn8YDe5esAQHx8w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8B45
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZGy9FkCOJ2lu2KDQ6b.d1gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAbsOTmSwn8YDe5esAQHx8w&google_cver=1&google_hm=2

43 B
766 B

134ms
134ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAbsOTmSwn8YDe5esAQHx8w&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEMGZ6MsDGNzcwuUBMAE&v=APEucNVUrf28V4WR62mYCudYSs30fSpf_DE1dMb055Oe9LTCpeWEt8OWOMklHseSH7pWpAwD_86si8JbSlqgaiNoj__aKMqEzA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 May 2023 13:18:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAbsOTmSwn8YDe5esAQHx8w&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 8B45
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPeyxIofgUTZ9R2VM2BEtMM&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPeyxIofgUTZ9R2VM2BEtMM%26google_cver%3D1

43 B
1 KB

227ms
144ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPeyxIofgUTZ9R2VM2BEtMM%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEMGZ6MsDGNzcwuUBMAE&v=APEucNVUrf28V4WR62mYCudYSs30fSpf_DE1dMb055Oe9LTCpeWEt8OWOMklHseSH7pWpAwD_86si8JbSlqgaiNoj__aKMqEzA

Protocol

HTTP/1.1

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.2 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 May 2023 13:18:15 GMT
AN-X-Request-Uuid: 60f4b160-265f-4dcb-b4d3-449d465bea20
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 91.239.206.129; 91.239.206.129; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 23 May 2023 13:18:15 GMT
AN-X-Request-Uuid: cf8d219d-4982-43e5-921d-5aa02c112d72
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPeyxIofgUTZ9R2VM2BEtMM%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 91.239.206.129; 91.239.206.129; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8B45
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk2Mzc0NDUyMzY1MjkwMjc4NA%3D%3D

170 B
243 B

147ms
145ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk2Mzc0NDUyMzY1MjkwMjc4NA%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 23 May 2023 13:18:15 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.129; 91.239.206.129; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 81aed1a0-a665-413d-a6fa-3532c7ffe672
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk2Mzc0NDUyMzY1MjkwMjc4NA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6277 143 B
166 B 141ms
139ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 440
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:10:54 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 179B 0
20 B 174ms
173ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=399701156567&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 179B 0
20 B 171ms
170ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=399701156567&version=m202301230201&ct=119&x=1&cor=11532094695929373000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 179B 83 KB
35 KB 188ms
187ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DtkX1BRKlrUgfhmb37tC7c00Ba1hoBQH0EB2aAo7D27H5SaSAs3ChC0Wbxue6h3PwcZkd1R8BAj7bzQVFlKpFjQKRpw1m57FJWcnHmZFbYwrHYAuR1oAvCDt73_X_OBHWkF74FATT1G42di5mQzhRzSmnsJXRLESMEfqfMjLYxUK6vOyM&cry=1&dbm_d=AKAmf-CaFANuCvCvBf9QkZzqZCS9kzLZRcIa68GImhGYX5Cxt8u4KI9mGGYQ-TqED_S4zw-DR9B9OcPc2CKyq6fWTJ3rruIyggeOesD3htpGacaz4BjdFsjLqWPfMkp5WRHNx2vVsb-gWma9oi4QfC_hah7csObKBcWpNNF7_-OlUrZlRnvObAQIVjXozifiWKVd6l6Rat4ippchuFOBJ7KoM7pruEhVQs_v87kPjH1-UGNZ__jb1FDaE-E2DuxS0J7HQRkH6UJfFdVGatqM4AiMONtzZ_Wsrsk_GQvDFaumTwAtIFwntY8Id7CQ5w1o0CIcYCOoC13So8C-ZbAoG7bD_L10RCLHsQtjl6nyLNiICWjT01wKxEoTHYwW6Jt6z0Iyk3yF9K3F_i1qK1Gbt_em0jJW0LBlVcVYDxbuKlaEDRevJ5VsEt7AloYa96buewdskbs72ZfCxIfCQ2ofbCR04TWrPI_1L1z9Rq3FXn4WfO3PNgbqP2RxNHNg2ncdGL24gyLODG916xKdQcdFp0ObYOkC1ejUWaywsZf7qsm59SsTQ2tyn9GglSvAGlcwIJCDud8bWZI7XAGIfPv1xOURcgsCwTb5GAK8Lrrpt5fKHgdkkHy_cDUL4KCNX4689Cb0HV50SJXHmwevdzArqRcTIYw51_tunri6AKPx6M87_o2sBC1ir3wGLD36txagdreSOCsDzXEv54YUFhaeCJJdOkwioL-GhNG9JBGo6IF8sH5fGm3fejyBDBpL_AtvbwsH1Hw2y6SgYRZ2lr4mYqMOcAa49jHXLx04pZ_x9cIk0CO8JRROJcw5aRDSjAGZ5jV5pGxKDGadlzhmo05cESBYfGp3Y3P0SlofrrbatSNFTiFJPBXQ7ZNrICPMjq_aGWH_7RJkC2s_GUqU_S1fUhQ5ey1JxXoGIw3aaJHDhXCvHT318FcxF-a3aLc4T_R3hJpuvlAwSeGye3BOCMt7J8K1ER8jhE_GYe0jCgH0DoEiD_WIzZ3yaEXm-QrPKpS2Fk8YsFCVexqvnGN2LEEmq2PeawFErBUK7ueJ0Z5TFDOZGDL736esJIgwOxP2QTN5TOilP7wgPQdhcY2IXUsStMzW48d2ZmwRyQZQweOCNMxEaMrnvX-7nPlUIAdK4xe8HYXt-qarx2r2dGjL_WJ4yWRJkTB7zXTQNKgQZWRCghdTGmExaruKLOrY0g_MqrwuDaU5xuDyq2b5ZT_kSkZBlwRvV6QmvSJebL1CmstvedpcMAiKhpIpFKFNPJDbWQrVIUFrKtWqvDpbup4wofpsr7z7xMw_ey_sjCjftJBkWNQHC4ksJLQAKqpRBIW7qd_VYVYW4mVh9bF3Czsb2HakmuKvXqt6hCPAiLnu_PrOQNMrVRtX5Z4isQdq4s48P2YmMHMz_WCU9o1fKuuVMyyiR-W0j_a10n9k_BSfThQ1o1tWcsLEynHrEseJJIgNlca5r23Z_gGkHYMcmvfSn_AtlAVsH_MenBHGP5zYLmn0lS0Soud9l-BO_HsgxsB_GmwZHj7UZYc6WkPOcZs-0s0uOFVvhfRNdFes9YqmSls3lb0A7GKOO2D2hiC5519hngMsZ20cIYyc1A4KbIziHL186prEbUXl_ZcTbVbWF_SMKk33PxoWTtJZFuGhuUJQLwrue0ZWmObNXYPwmsdVQ3NZhwz_iwO2ZNnwqW7gYOLNb-OSmmnKuee1vikWL-EEpgtLWCE9Db5E1KxWjDPg7GjcFVsb0CX1_zJYJphhV5dato0PvivrpVzTKRWI9G-HsyEUXUAwgRrAC0IMIvNuFEZvYN9rTIKraSabJm7L4w6zxqz91mDMsW4N-9lLuoGYTyiNiA-EVT9Iu-eJ8mLi3_iOPqh42PCGV-_1MvnKxfEySLN8n91bu7K7kllV1R2YRB0f76cwmM2KFtNhjWPcjahSfH0Nboya_XXClk8eSrNnw5ulcGufboPNDr1eHEKi_kJgsmv33iypGBj_gCkQsGzERsLkEb6xoXQ28V3UkWBSzJjDwfDejxoG7923uixScXzivu7KcoWWlGZJq1HgWMknJ9tE7pzcOCXTIfK7HjWjftPK0KU4_ecgRHXU7zDsg6wQidshZ-7rZnL8v2kRmts10ETu_zr-gjZja7zXTtKt01j1BzckVihtaZQYSiRWYz5eMqW-hvwKrM6qszV9BHckSTlrauivpuCOaIh5VhjPSN6cNrEyTLhEanSbo7qORL2I5t5rprkGbBC8lS3EnD8GuVaHqcvRg8FlGVJTXmSufwmaID4LHYa0Zr62mfuwCevE7qJMWoEhwg6RK3XgdMWN6FBho2u8Bdczf3_1CHzKAr7CenzY2zjFdEeb8LJNNOTySPSz2z3InT6L-Q7p7aNxazfFm9vtui1QMFX0uGcQYZy8QIrSq0Qd-C2ODEB4-vpg8lyiqbvorrIp-ggPN9Y0sydSvErJ9qFuSr_qEp4dMTmVWOt-wE2gskQeu8SOKrjULGvYB0wCeIClnxri5ZzYI-J_RrAouY7Xvdpm2fEC4EveHz6zdwDRfCvcBzQJUJWnrH_vqrCGO6pYPSo6sjyY1IaZuiGpALacXzMba4holRxJNE1g_xxDwxZO-N4C8UMA3YRIE6xWCnrb3JwVd8aslJ2cRt5gCDyT4a2U_rXTZQ8jIKubD64nF9lgoy7KVdJx-lGOdEpNUcB9Ndwik1noGmAQ2q7NJvaMcRFSA4eVjmTQxdD7xOzhi36OlIj1RdZHDk5Q0UmuMrg4CZXJH9ccizhbhTgP6B1nagXfN9UtpAzrQx_Yv9bYk52Z47my3w5GbL4NfVwJbChpI-tTB-hR5_JKgtNUNxwWm7IO9Nm_87aE0RD2kXjeqf7ckiG4TgUiOSNAl9UjqwMZzO3gu_2tdoKoDQxocI23FcHReqB1s5Erbev_Ae8vmQYQUwbBM-pgHLtzCPvchMvA6KR5auTKlsdAOKpzzrTsGRhFpa5V9TLrZq0_CCT9oE3NjZ5E0Y6lm1etRfN8bOGgb67euSRcZTvK4zJ_joRmeoybBasfYlo9G8845kwlhYkukNqLSfjsYQsQIGuyDgqL5DhWVt4M5_du_unKyL3NuFWl5C0hnoMbCmwNYWh19iiKUnG7_BqrneC82cumA6qAA6LkZfnP-dkMdCY6mZvZdHuT5ThKQJ42VwtL1OY0o0LCEvqPf_SLvjZbg_cexvlIMdQ2DX1tL7dpPhVk73mgWgxBQTV_-JHoYyJyIejGN1Qz0qpljh7SaR0qsHMuQAUCW_yhS2iTqT1MrT4OgNm708iKEZ5PBlHLD6rtsi71o5MJIOCmnCIwH0x7bfnX48iWEeW-WaZQclWtoiOp__7hhXSYB_kcDXhzDGVVv6o0Fc2U7bT4JV2r-jNIAj2r9-xplyUEaX8L2vaAzOQz7ZUSSdNMIOKV2xWq27Cob9VIYiZr974FqYV5IW0PxtKhDDVEIitOskMji7_7shZ9pjBv-iAUNdH_S0Sh0VrCufZdghUue-RPthzq-R20g_zGQ3vX&cid=CAQSGwBygQiDD98hPqgF3LlJwwNBTvE8G9zKgdNTaRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fttdown.org%2F&ds=l&xdt=1&iif=1&cor=11532094695929373000&adk=2988274607&idt=258&cac=0&dtd=19

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

53c0192734f6c397a7d27d068f6068efb4f71db5b841a0f31ea667cebdeca97c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35500
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E692
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

152ms
152ms

Document
text/html

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:18:14 GMT
expires: Tue, 23 May 2023 13:18:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:18:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js Show response
pagead2.googlesyndication.com/bg/ Frame C3A7 37 KB
14 KB 133ms
133ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 09:39:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13127
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14738
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 09:39:27 GMT

GET
H3 200 pointer.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/ Frame C3A7 3 KB
3 KB 144ms
143ms Image
image/png 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/pointer.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

e4813004f9dd490d0c2a5e29573d379a14b2ece47e9df1372b9be4fc09976c3b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 20 May 2023 21:39:05 GMT
x-content-type-options: nosniff
age: 229149
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2647
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 21:39:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 21:39:05 GMT

GET
H3 200 528-160X600-H_update-min.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/ Frame C3A7 10 KB
10 KB 149ms
148ms Image
image/png 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/528-160X600-H_update-min.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

6ced0d1103081681fc1f185912ba4f48dc82c618f37a705321e88d1a1db01fdd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 20 May 2023 17:29:00 GMT
x-content-type-options: nosniff
age: 244154
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10426
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 21:39:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 17:29:00 GMT

GET
H3 200 528-160X600-H_text_03-min.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/ Frame C3A7 3 KB
3 KB 240ms
239ms Image
image/png 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/528-160X600-H_text_03-min.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

51e1cbfe5af810413d8b3ca8ba04ca28a335c96655c7f257b51891be4c92a540

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 23 May 2023 09:21:12 GMT
x-content-type-options: nosniff
age: 14222
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3128
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 21:39:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 22 May 2024 09:21:12 GMT

GET
H3 200 528-160X600-H_text_02-min.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/ Frame C3A7 3 KB
3 KB 135ms
134ms Image
image/png 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/528-160X600-H_text_02-min.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

a8957dd3af4adece81523a6eeac91ca913db89fc6301187b09adea3e007c4612

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 20 May 2023 08:10:20 GMT
x-content-type-options: nosniff
age: 277674
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3119
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 21:39:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 08:10:20 GMT

GET
H3 200 528-160X600-H_highlight-min.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/ Frame C3A7 417 B
445 B 139ms
138ms Image
image/png 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/528-160X600-H_highlight-min.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

2d155b4465661994d76921f55e37218b57391e3da467144b40617a86779bf6f4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 19 May 2023 22:32:34 GMT
x-content-type-options: nosniff
age: 312340
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 417
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 21:39:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 18 May 2024 22:32:34 GMT

GET
H3 200 528-160X600-H_overlay-min.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/ Frame C3A7 10 KB
10 KB 181ms
181ms Image
image/png 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/528-160X600-H_overlay-min.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

22fee121efaae9c42415da69cb891340db51341e73417057d0f4d3e67c4605fa

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 23 May 2023 12:24:51 GMT
x-content-type-options: nosniff
age: 3203
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10659
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 21:39:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 22 May 2024 12:24:51 GMT

GET
H3 200 528-160X600-H_text_01-min.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/ Frame C3A7 3 KB
3 KB 212ms
211ms Image
image/png 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/528-160X600-H_text_01-min.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

87f920c1b37240da3c30c40234508360004510c3ef13cdcac2316ba712c85011

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 20 May 2023 22:53:18 GMT
x-content-type-options: nosniff
age: 224696
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3414
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 21:39:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 22:53:18 GMT

GET
H3 200 528-160X600-H_background-min.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/ Frame C3A7 6 KB
6 KB 219ms
219ms Image
image/jpeg 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/528-160X600-H_background-min.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

12a4fb1b594b0f572b57bef778faaf835507b0c891619ad9920e6bbba4f00f6c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 20 May 2023 17:10:30 GMT
x-content-type-options: nosniff
age: 245264
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5945
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 21:39:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 17:10:30 GMT

GET
H3 200 integrator.js Show response
adservice.google.ge/adsid/ 107 B
122 B 144ms
143ms Script
application/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ge/adsid/integrator.js?domain=ttdown.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 147ms
147ms Script
application/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ttdown.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9E53 44 KB
15 KB 556ms
556ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=90&adk=3101682924&adf=4123552606&pi=t.aa~a.3220248052~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1684847894&rafmt=1&to=qs&pwprc=4777445207&format=1200x90&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847893780&bpp=1&bdt=2354&idt=0&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df021167263dd2045-22fe57cae8dd0063%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_MY-sLfBzkJ_hMfqTphWdk1ZpI-ZqQ&gpic=UID%3D00000c1a28cc22a7%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_Ma-0s_D5mWwOTkSjUD988idkncIGQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280%2C1200x280%2C200x540%2C144x540%2C728x90%2C1200x280&nras=11&correlator=3186862124183&frm=20&pv=1&ga_vid=1312077257.1684847893&ga_sid=1684847893&ga_hid=1378733181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44789779&oid=2&psts=ABHeCvh0nwr9rkAj0k5EdyXuIRtDfOroBQgga73I9yOymICSRO1EqsOkJd9rsY7xle7JO7CAOafqfbhLJeQbV4TRhF2OwbH4%2CABHeCvharcbcIbtI_SeAdcrdNxiLkNum3O8oVrUDv32B3hySzmL2MtXbKq_hFAx4p10ub43FeVdB6ZTzycSeUWJRKF_LF_Kp8sV8EjvGHGjqk_4IZkY&pvsid=3867253434869664&tmod=329237808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=9&fsb=1&xpc=IbothmDOnX&p=https%3A//ttdown.org&dtd=947

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

0ecce0a5a2e53f7dca9daacf6c1fb67cefabdeacd5ce2096db6eb87cb8cf1553

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttdown.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 15815
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:18:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6277
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

146ms
145ms

Document
text/html

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:18:14 GMT
expires: Tue, 23 May 2023 13:18:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:18:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 179B 106 KB
37 KB 452ms
138ms Script
text/javascript 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 10:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8951
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 24 May 2023 10:49:04 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230518/r20110914/elements/html/ Frame 179B 11 KB
4 KB 131ms
130ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230518/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DtkX1BRKlrUgfhmb37tC7c00Ba1hoBQH0EB2aAo7D27H5SaSAs3ChC0Wbxue6h3PwcZkd1R8BAj7bzQVFlKpFjQKRpw1m57FJWcnHmZFbYwrHYAuR1oAvCDt73_X_OBHWkF74FATT1G42di5mQzhRzSmnsJXRLESMEfqfMjLYxUK6vOyM&cry=1&dbm_d=AKAmf-CaFANuCvCvBf9QkZzqZCS9kzLZRcIa68GImhGYX5Cxt8u4KI9mGGYQ-TqED_S4zw-DR9B9OcPc2CKyq6fWTJ3rruIyggeOesD3htpGacaz4BjdFsjLqWPfMkp5WRHNx2vVsb-gWma9oi4QfC_hah7csObKBcWpNNF7_-OlUrZlRnvObAQIVjXozifiWKVd6l6Rat4ippchuFOBJ7KoM7pruEhVQs_v87kPjH1-UGNZ__jb1FDaE-E2DuxS0J7HQRkH6UJfFdVGatqM4AiMONtzZ_Wsrsk_GQvDFaumTwAtIFwntY8Id7CQ5w1o0CIcYCOoC13So8C-ZbAoG7bD_L10RCLHsQtjl6nyLNiICWjT01wKxEoTHYwW6Jt6z0Iyk3yF9K3F_i1qK1Gbt_em0jJW0LBlVcVYDxbuKlaEDRevJ5VsEt7AloYa96buewdskbs72ZfCxIfCQ2ofbCR04TWrPI_1L1z9Rq3FXn4WfO3PNgbqP2RxNHNg2ncdGL24gyLODG916xKdQcdFp0ObYOkC1ejUWaywsZf7qsm59SsTQ2tyn9GglSvAGlcwIJCDud8bWZI7XAGIfPv1xOURcgsCwTb5GAK8Lrrpt5fKHgdkkHy_cDUL4KCNX4689Cb0HV50SJXHmwevdzArqRcTIYw51_tunri6AKPx6M87_o2sBC1ir3wGLD36txagdreSOCsDzXEv54YUFhaeCJJdOkwioL-GhNG9JBGo6IF8sH5fGm3fejyBDBpL_AtvbwsH1Hw2y6SgYRZ2lr4mYqMOcAa49jHXLx04pZ_x9cIk0CO8JRROJcw5aRDSjAGZ5jV5pGxKDGadlzhmo05cESBYfGp3Y3P0SlofrrbatSNFTiFJPBXQ7ZNrICPMjq_aGWH_7RJkC2s_GUqU_S1fUhQ5ey1JxXoGIw3aaJHDhXCvHT318FcxF-a3aLc4T_R3hJpuvlAwSeGye3BOCMt7J8K1ER8jhE_GYe0jCgH0DoEiD_WIzZ3yaEXm-QrPKpS2Fk8YsFCVexqvnGN2LEEmq2PeawFErBUK7ueJ0Z5TFDOZGDL736esJIgwOxP2QTN5TOilP7wgPQdhcY2IXUsStMzW48d2ZmwRyQZQweOCNMxEaMrnvX-7nPlUIAdK4xe8HYXt-qarx2r2dGjL_WJ4yWRJkTB7zXTQNKgQZWRCghdTGmExaruKLOrY0g_MqrwuDaU5xuDyq2b5ZT_kSkZBlwRvV6QmvSJebL1CmstvedpcMAiKhpIpFKFNPJDbWQrVIUFrKtWqvDpbup4wofpsr7z7xMw_ey_sjCjftJBkWNQHC4ksJLQAKqpRBIW7qd_VYVYW4mVh9bF3Czsb2HakmuKvXqt6hCPAiLnu_PrOQNMrVRtX5Z4isQdq4s48P2YmMHMz_WCU9o1fKuuVMyyiR-W0j_a10n9k_BSfThQ1o1tWcsLEynHrEseJJIgNlca5r23Z_gGkHYMcmvfSn_AtlAVsH_MenBHGP5zYLmn0lS0Soud9l-BO_HsgxsB_GmwZHj7UZYc6WkPOcZs-0s0uOFVvhfRNdFes9YqmSls3lb0A7GKOO2D2hiC5519hngMsZ20cIYyc1A4KbIziHL186prEbUXl_ZcTbVbWF_SMKk33PxoWTtJZFuGhuUJQLwrue0ZWmObNXYPwmsdVQ3NZhwz_iwO2ZNnwqW7gYOLNb-OSmmnKuee1vikWL-EEpgtLWCE9Db5E1KxWjDPg7GjcFVsb0CX1_zJYJphhV5dato0PvivrpVzTKRWI9G-HsyEUXUAwgRrAC0IMIvNuFEZvYN9rTIKraSabJm7L4w6zxqz91mDMsW4N-9lLuoGYTyiNiA-EVT9Iu-eJ8mLi3_iOPqh42PCGV-_1MvnKxfEySLN8n91bu7K7kllV1R2YRB0f76cwmM2KFtNhjWPcjahSfH0Nboya_XXClk8eSrNnw5ulcGufboPNDr1eHEKi_kJgsmv33iypGBj_gCkQsGzERsLkEb6xoXQ28V3UkWBSzJjDwfDejxoG7923uixScXzivu7KcoWWlGZJq1HgWMknJ9tE7pzcOCXTIfK7HjWjftPK0KU4_ecgRHXU7zDsg6wQidshZ-7rZnL8v2kRmts10ETu_zr-gjZja7zXTtKt01j1BzckVihtaZQYSiRWYz5eMqW-hvwKrM6qszV9BHckSTlrauivpuCOaIh5VhjPSN6cNrEyTLhEanSbo7qORL2I5t5rprkGbBC8lS3EnD8GuVaHqcvRg8FlGVJTXmSufwmaID4LHYa0Zr62mfuwCevE7qJMWoEhwg6RK3XgdMWN6FBho2u8Bdczf3_1CHzKAr7CenzY2zjFdEeb8LJNNOTySPSz2z3InT6L-Q7p7aNxazfFm9vtui1QMFX0uGcQYZy8QIrSq0Qd-C2ODEB4-vpg8lyiqbvorrIp-ggPN9Y0sydSvErJ9qFuSr_qEp4dMTmVWOt-wE2gskQeu8SOKrjULGvYB0wCeIClnxri5ZzYI-J_RrAouY7Xvdpm2fEC4EveHz6zdwDRfCvcBzQJUJWnrH_vqrCGO6pYPSo6sjyY1IaZuiGpALacXzMba4holRxJNE1g_xxDwxZO-N4C8UMA3YRIE6xWCnrb3JwVd8aslJ2cRt5gCDyT4a2U_rXTZQ8jIKubD64nF9lgoy7KVdJx-lGOdEpNUcB9Ndwik1noGmAQ2q7NJvaMcRFSA4eVjmTQxdD7xOzhi36OlIj1RdZHDk5Q0UmuMrg4CZXJH9ccizhbhTgP6B1nagXfN9UtpAzrQx_Yv9bYk52Z47my3w5GbL4NfVwJbChpI-tTB-hR5_JKgtNUNxwWm7IO9Nm_87aE0RD2kXjeqf7ckiG4TgUiOSNAl9UjqwMZzO3gu_2tdoKoDQxocI23FcHReqB1s5Erbev_Ae8vmQYQUwbBM-pgHLtzCPvchMvA6KR5auTKlsdAOKpzzrTsGRhFpa5V9TLrZq0_CCT9oE3NjZ5E0Y6lm1etRfN8bOGgb67euSRcZTvK4zJ_joRmeoybBasfYlo9G8845kwlhYkukNqLSfjsYQsQIGuyDgqL5DhWVt4M5_du_unKyL3NuFWl5C0hnoMbCmwNYWh19iiKUnG7_BqrneC82cumA6qAA6LkZfnP-dkMdCY6mZvZdHuT5ThKQJ42VwtL1OY0o0LCEvqPf_SLvjZbg_cexvlIMdQ2DX1tL7dpPhVk73mgWgxBQTV_-JHoYyJyIejGN1Qz0qpljh7SaR0qsHMuQAUCW_yhS2iTqT1MrT4OgNm708iKEZ5PBlHLD6rtsi71o5MJIOCmnCIwH0x7bfnX48iWEeW-WaZQclWtoiOp__7hhXSYB_kcDXhzDGVVv6o0Fc2U7bT4JV2r-jNIAj2r9-xplyUEaX8L2vaAzOQz7ZUSSdNMIOKV2xWq27Cob9VIYiZr974FqYV5IW0PxtKhDDVEIitOskMji7_7shZ9pjBv-iAUNdH_S0Sh0VrCufZdghUue-RPthzq-R20g_zGQ3vX&cid=CAQSGwBygQiDD98hPqgF3LlJwwNBTvE8G9zKgdNTaRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fttdown.org%2F&ds=l&xdt=1&iif=1&cor=11532094695929373000&adk=2988274607&idt=258&cac=0&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 21:53:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55512
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 21:53:02 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230518/r20110914/ Frame 179B 28 KB
11 KB 131ms
130ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

21bf4b49938284aaececf999f198f621de0aa792bb5315fc21255d0ab439e145

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 22:03:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54890
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11001
x-xss-protection: 0
server: cafe
etag: 16383942900985251592
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 22:03:24 GMT

GET
H3 200 b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js Show response
pagead2.googlesyndication.com/bg/ Frame 9077 37 KB
14 KB 132ms
131ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 09:39:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13128
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14738
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 09:39:27 GMT

GET
H3 200 b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js Show response
pagead2.googlesyndication.com/bg/ Frame DCC8 37 KB
14 KB 136ms
136ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 09:39:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13128
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14738
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 09:39:27 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 179B 41 KB
15 KB 131ms
131ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20322
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2024 07:39:33 GMT

GET
DATA 200
OK truncated
/ Frame 179B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58728303ae94365fd6ca8c7d39b65ea608c37054ac7654e65381238af3e572c7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame 00F0 0
225 B 419ms
140ms Ping
image/gif 66.102.1.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~li0axo32&c=4566481595369&slotId=2283240797684.5&qqid=CIO03cHDi_8CFQek0QQd_TgOYA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.102.1.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wb-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:15 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 00F0 15 KB
16 KB 140ms
140ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 245640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 17:04:15 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 00F0 15 KB
15 KB 139ms
139ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 May 2023 02:06:17 GMT
x-content-type-options: nosniff
age: 385918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 May 2024 02:06:17 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 00F0 0
20 B 167ms
166ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Ck2kzFb1sZMPVNofIxtYP_fG4gAbx6fvbcKa1wtKmEfAuEAEgjt2fA2CNAsgBBagDAcgDmwSqBPMBT9Cz9DtMb-aKN2ftOGt90hYlXn4dPpoLcY5hyDDlWqrEG8a9OnnFxOBzV81iyOxM5rADHEEeVz2qFR4UlrEAgpXbVkL7uB2wOnLGFQpLjXDZFwbfzK1ARVmjGycid6s3qls68Hn1_EJiac0moDVN3rqWFN48iMINtVxm_PxfAuhAtviHguCF9-cCQy4DnujRgsr6niioKfuv1eStxvWKBytO5EYZJK3431AKxxuPg4cwxInOsZ7fjcfdcy5Kiu8u75lPf2BstRlUdNxS4JjMy7eCiWESmLvN_z46xsbYDz1NK3CjnC5mv1-ouHIYm0xiN_-cwATgyqrLwQTgBAOQBgGgBnaAB66H8_oCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB4AsBgAwBsBP31LoTyBPHvvjiA9gTCogUAtgUAdAVAfgWAYAXAegXBQ&eventType=clickstring&clientTime=1684847895106&ai=Ck2kzFb1sZMPVNofIxtYP_fG4gAbx6fvbcKa1wtKmEfAuEAEgjt2fA2CNAsgBBagDAcgDmwSqBPMBT9Cz9DtMb-aKN2ftOGt90hYlXn4dPpoLcY5hyDDlWqrEG8a9OnnFxOBzV81iyOxM5rADHEEeVz2qFR4UlrEAgpXbVkL7uB2wOnLGFQpLjXDZFwbfzK1ARVmjGycid6s3qls68Hn1_EJiac0moDVN3rqWFN48iMINtVxm_PxfAuhAtviHguCF9-cCQy4DnujRgsr6niioKfuv1eStxvWKBytO5EYZJK3431AKxxuPg4cwxInOsZ7fjcfdcy5Kiu8u75lPf2BstRlUdNxS4JjMy7eCiWESmLvN_z46xsbYDz1NK3CjnC5mv1-ouHIYm0xiN_-cwATgyqrLwQTgBAOQBgGgBnaAB66H8_oCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB4AsBgAwBsBP31LoTyBPHvvjiA9gTCogUAtgUAdAVAfgWAYAXAegXBQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 00F0 0
54 B 401ms
141ms Ping
image/gif 66.102.1.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~li0axo3o&c=4566481595369&slotId=2283240797684.5&qqid=CIO03cHDi_8CFQek0QQd_TgOYA&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.11q&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.102.1.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wb-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:15 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 00F0 26 KB
16 KB 461ms
169ms XHR
text/xml 74.125.133.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DoHta2wzoulvC5oQd1WIkNNT2dHQTvgwpGa7kWRe5rxUO47tihdyzJqufniBh3cvNCqzn5b8_vwfaj0XA2S7B19tsU3A&cry=1&dbm_d=AKAmf-AIrzU_VXwhN8dvggnRJANZHU67BSBYBlo_XWlVlewPnCaruihNPXIpBoRG2hPaOvzWo2Oe0pN7uoA1xmkYS6NRcYISpYXZPn5TkGUEyrWY-L_fvTf07Lb4gs2ia4pCp1MHdUTLO5KSbPZHN569Zn4zAn7saiwHA-H-puLFXfvqOPtz_rdW9E5gSjJU_eVfGq1KnycyI1KUeT07BcZRFz_8wQJJym-PnfBhjT8sRduZNanqn3Sjp7QLKbdTT7p24jaLYyLY1EUMmiSX0N029NzGjfiBkB3Kts3drRLrPe-3ZmhusfcbrgWPM1OJ1sXULr1cBEP-QT866rgLsIpe4GwyxjEuID1eKXw8AyA-oaDIqOG9mI3GWgcNRzTEZM5aceD0HmDiCx_V8hMj0orx5sZmSVVXPbSeG5EqRCn__FAKDTxTP3wXjI4aryRpxgzv8l2D2eTVQZefhhFhgIkCG-YRhqe5F5qXhkphz3z3r1N4nt8qyBNt6DZADz1VTm0B2rvJAnZqyJKQsYdQdym_D29jRN35HSPanyIR-TZxNs9oVeIAtWZ6v4bGImSgNIm9ACdcvv2JqpoEL1-7iQJsqYSkivFkcXKKmv_IQnfVstJKvCT7LlG5JhTIJXbd3vWF_rWWPy6Genx5nzopofW9mgFUEk3v-CzGwtE5Oz09lMKuGUVW0pHBpSS4wzwHgqt0vk5NaYoxg19mVVuQlnOcCY5303XYkrjSlIMMW3n-GDJ2aUUYeP1ITKf_clLzopnjSk8ytOfXtIAnAslHHhoC0AkYxnW2DsRhNKgvP8lzQd0i2OSt_cb3aNwMAy_BLAwQ7r1uj-amWb7joRf68HYxD00oB8nzJu6PDfHijsAYYuwr5cPsAInv61rocCcHz4fFTlhzlPFEHgmJTrqU5t0P0rhEl7BwBXEOPrO6bpz3b3HrGmw5nAXaw5MyAQbcSOJmMySkVb0EpzbJLKIkYPEYoF6GoYHyvm2qNECpUlQ6zjE-Vq6oj5asLtgyMKuqG2TrVOG0UmaVqCCAtmz4zqxRPi-uU-fFVYQaS2_bjRueqG7qv3tH5GPTmBRbpqahV6NSSa-rUKlQz5g45FzZ4ZC5ZcQTffxKdlkgP_wj9mP7fS-FOCWbTLltnvjrhL5pHxsQODZQTulYDT_WkyYsnstgJCwtd2k3NjWgcace5g9B0Wg27TkgUUyfya1OutzCs_bgC8Ggu8yGb-rYd4kwb9wkkF9HX_oCMPuN_amWbjhu3ThCiMlwUs0JWK9ylElah4sarJ8rrkYRC1tIfbdMOcEAZSD0iCnZOohF92hPI9gjm6vcpehYSFyhlVrON-jzPX1KcEm2nktOmq6LMI4V1bRs-D23iw7PEAQMUzH7gb7qSj-ZrWdvnyTupmoloWe8QWJAoO8F267oCpSn0RujQAzHEdpsFfb219sj_BaPvWEXriSaE1VSBX4lxIK8m5JwvcHphj8KQOtrKuhKWCLgkQwswSk15uvNyjhkuViuLaXnjwfWpmCYAaamvBw3I2RgNjSs4lTmt4GF0Z6w9uf3HDC4TcNpF5eDe-WhbOhRj4PIHTK99VRFjT78xl457EaRfhsRul1mRu7Xs8qD_I194Ri_AuTOKeTJtkc2h1Rp7UgJYw53v9F96MyJwpXkGZp0pxLK_V-0fNf-bOTlW0hIs71qYv82rS3UDsrM5Algy3K8tH318H1UqksW6x_X5rdWrninsY9UgMnc6hpzjzS0Wuro0iuYg78-576JEvPvTNIJSjGaseBpJQen6X__SeSDDhC_F6xwdtofCO0CgxRFXzXzMmuPYAIYDEVT80NxcMsarRcIz1tP8-HPwgR6Fsr9u254EqOJWe71bbWUyn9k6PwaPvkDyEn6OTwPnOHnp0hcTUkCC0HKtDhwFX08x0r6NYWtEJy-pjsFHJ2s-cwmn1VAt3qQaBEu4FqVvRiYKG7ZrF77YMxviY_WSwHwfTOFtI2D-wqE2jh6uwh84siWK_5wlD5LpLq2QDE4UfSkWspVcnjJye6f2PT0h8lb9WxfES80nH6H6sNQzkt5PgRpG3ytjWxsnVXVN9gxFljy6MOfxLlPE5J7mtL3yaDmUbsPtF-Hic-1BWCzLU3tYVEjKXPkKQc2VuHnT2kGY-NR77YJe4AoNlFu5UG2qFCseeJMFPuQVu1hWshA_ypoJuKbtisZBz0Zlbuy_hhAf0ixAYAnrb5rM4jWN-9Pl1ILtf4zVlXZC3JoDdOTuBnfx0MjUa_gPxtSDm8lsNwOoYE8i1th-z12FNmIu5eEtBLPJxInOSqKKXU6h6ej6oCk9NqIsX0GA4jX5sW8xdc90zZEn0C2Q1kWJfw0gOqROl5A_pzHunAFmTo0Y_sHkrDRz6hMkNYPgVKGJ7D7xn-lT1ANgwWtKfCkHoypNrsdbEuzk8NowBPu0ePoERtl7et10XoT2mi1zxfOOfK0FgWSDUH8c6SXj89woUd7vJrVooOdBBbzjzeZHSFOpq2v-7NrTRpwF3riMMrh07caAnmR9rYT-gAYruma2YzQNuvSkcp4dHPU27isjXGWDdDXUTsrAIrbVXchVhOj-4WtmzDfqDQtx-sR6GfRIg5K1ZDXmj6UoUIhM9kEqOzes0auYB1yyq199JiWvrcwKteELxVCFvPyV-zE_wKhhxz7R1xswjtuT35SdKtmJkK-SUWceJkoyRvkxkInOWgQ2K75IHj_Sl2iWzqxzSIQaL8SqGml_fp9ASyagLj5aewDM2m0BKlNbf5manvcHcQ1xTc6Aqt_QP0i7QEl1_iP3a0CeLZp2KhIU3Go5YThx2vSH9GKnaZy8aoxYfP_JLR2q1xX2U8A7czfqQ2ySHRKLy3ChkQnB-jXbXRFxYkUYoeQb8AzBaO1hJt1xLPxVVLIeyHKK0zxU-iRjnqRzK_Ppt27Vn0nawaywAO3wR6QiL2lu6TdLJn20CpvQPox-zsMef4k83ILRyp5bArGY4JvCdePVFRe7SEH0Tc5WN76MMB_f1dqdymnggEorbwunkqUtg4wQl5XxZKcdB1x9Lt8OkNtozA6p_l1FyA7HCq-lhcNm5BDP9IS6KFiFXWfKdK1bwZSbei7j_gAYivGCqFkRfRMZDS2kNBPrBhOVelyt2ttmq_bXi5RTtYwQnq_Z3IhX2RTtdpvyw3BDA7pqWji2UqqVrwHTZhoAeF8xbcoUrfxBgWrIyteBb20uzPYFkuvYJKgVij6IHZ27lywhhTaH7qdCWt0u_TAmSWPZvd3TZwa_d5XRcq3XxICz8SuGSiGZCsNy3rQZ9WPkq4s7yvyfswZvgVWSUNxHxRcjuMZWm6bHTtDMJrWyTTy_kpK8XGf01_OkPlHWUJYYBf-4OHedryhjzIQFIpRIcj736zmNc8nVSva-Jp5LGuZos0T-jm9R6GW2APMJoUX1sgiv5U2AChM4UJkuSkZv0q8eEIOJFOJ67aUkdAGBT3Zy4qjZipxAE6gcdJS65y03jDoUwY9JpaVCIYX5HhX2U55H41xbG6lMFMNGjwLFQOzP-jit1h0uugkaBZRyAi_FjpmoWPOW5jZGMAYl2LXwzuz8H0m652ueuVY5GtGMLGHv0Qh41HrrX8mBtc0qnQuNRU93QMscXdMw0pA0E-bGbM40JDlBsnhYpyBPTe2hKd1CtHE7XaZWWiik9pEZ0LiqKRgikT3DdBcWYqqYYLz1SXtzune9oJ_obzdxLqvNs7Npq2PGzfDMPjH7Q&cid=CAQSPABygQiDNS-kMrNVlvFdrIbifhXZboYDpw5xTuWN0XzXCbeGoQy7n0E9xkY4cgA8Eb2rO3ux32LPLb0eGxgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.154 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f154.1e100.net

Software

cafe /

Resource Hash

799a302021b67346572154190309e70c5e057cba58a1f2c2b383322b37f9bb33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15604
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 00F0 0
0 175ms
174ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CecPWFb1sZMPVNofIxtYP_fG4gAbx6fvbcKa1wtKmEfAuEAEgjt2fA2CNAsgBBagDAaoE8AFP0LP0O0xv5oo3Z-04a33SFiVefh0-mgtxjmHIMOVaqsQbxr06ecXE4HNXzWLI7EzmsAMcQR5XPaoVHhSWsQCCldtWQvu4HbA6csYVCkuNcNkXBt_MrUBFWaMbJyJ3qzeqWzrwefX8QmJpzSagNU3eupYU3jyIwg21XGb8_F8C6EC2-IeC4IX35wJDLgOe6NGCyvqeKKgp-6_V5K3G9YoHK07kRhkkrfjfUArHG4-D3zEWgMX7He4fXSPdH5sk4K5F_fDVVJgFLaDsvXPqO8bir3RdySZsKQ_UECJgXmprgsXpW4-Etq0JbnnjxM1Zp5PABODKqsvBBOAEA4gFtvLWlkuSBQsIIhADGANIod74AZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAHrofz-gKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChCTjwEYl-rh6gHSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAbAT99S6E8gTx7744gPYEwqIFALYFAHQFQGAFwGyFxwKGggAEhRwdWItMDkxNjc2Njg1MTEwMzMzOBgA6BcF&sigh=J0O3QnssECg&uach_m=[UACH]&cid=CAQSPABygQiDNS-kMrNVlvFdrIbifhXZboYDpw5xTuWN0XzXCbeGoQy7n0E9xkY4cgA8Eb2rO3ux32LPLb0eGxgB&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=280&adk=2655906738&adf=2244495584&pi=t.aa~a.827312887~i.13~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1684847893&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4777445207&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847893751&bpp=1&bdt=2324&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df021167263dd2045-22fe57cae8dd0063%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_MY-sLfBzkJ_hMfqTphWdk1ZpI-ZqQ&gpic=UID%3D00000c1a28cc22a7%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_Ma-0s_D5mWwOTkSjUD988idkncIGQ&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=3186862124183&frm=20&pv=1&ga_vid=1312077257.1684847893&ga_sid=1684847893&ga_hid=1378733181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44789779&oid=2&pvsid=3867253434869664&tmod=329237808&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=PCy2zds6qk&p=https%3A//ttdown.org&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 23 May 2023 13:18:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E038 1 KB
643 B 140ms
140ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 9879
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 10:33:36 GMT
etag: 48472445140208031
expires: Wed, 24 May 2023 10:33:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 00F0 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8818aa96972894bdfdd8d1ec7b63652c9b6c48beae8308628902defff89aa469

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6506 22 KB
8 KB 132ms
131ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 355314
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 10:36:21 GMT
expires: Sat, 18 May 2024 10:36:21 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 81A1 0
0 197ms
196ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CF68jFr1sZL7HNO78xtYP36K4gAyj0ObUcMn4wd_WEMCNtwEQASAAYI0CggEXY2EtcHViLTA5MTY3NjY4NTExMDMzMzjIAQmoAwGqBLwBT9C65-MhG58kHMFkfxZl1oW6fRi6-nsgoGm4NZx7JBb7KelMebAA8ebb3ZA-tckmz21EsvC5sHilkq5D9mkCh3i1RjqhIyKub1CFwrFTkXfFqtCm72fQ8aLQnNTaPO3lztLaOjVPTBnm_6XIluuBmTdXPiMBD7cRHiaMA8sBphbmjwNVN9u2UmoSafnCSA19i3r8JrudMB-i6r24liQ31_QU1a67psa-R86ImS5WogcGlFmARJhIrQ0OulSABry--YOl26PO0wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0wOTE2NzY2ODUxMTAzMzM4GAA&sigh=tMxMm8ef_cU&uach_m=[UACH]&cid=CAQSPABygQiDcg87Bz_iMbAAyh6drLAzgDFrE4QDjPYAh7SMxzQIrLMd7JlJ27xA7NF3fAddnB-rNn0g-8mMHBgB

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=90&adk=3101682924&adf=4123552606&pi=t.aa~a.3220248052~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1684847894&rafmt=1&to=qs&pwprc=4777445207&format=1200x90&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847893780&bpp=1&bdt=2354&idt=0&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df021167263dd2045-22fe57cae8dd0063%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_MY-sLfBzkJ_hMfqTphWdk1ZpI-ZqQ&gpic=UID%3D00000c1a28cc22a7%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_Ma-0s_D5mWwOTkSjUD988idkncIGQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280%2C1200x280%2C200x540%2C144x540%2C728x90%2C1200x280&nras=11&correlator=3186862124183&frm=20&pv=1&ga_vid=1312077257.1684847893&ga_sid=1684847893&ga_hid=1378733181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44789779&oid=2&psts=ABHeCvh0nwr9rkAj0k5EdyXuIRtDfOroBQgga73I9yOymICSRO1EqsOkJd9rsY7xle7JO7CAOafqfbhLJeQbV4TRhF2OwbH4%2CABHeCvharcbcIbtI_SeAdcrdNxiLkNum3O8oVrUDv32B3hySzmL2MtXbKq_hFAx4p10ub43FeVdB6ZTzycSeUWJRKF_LF_Kp8sV8EjvGHGjqk_4IZkY&pvsid=3867253434869664&tmod=329237808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=9&fsb=1&xpc=IbothmDOnX&p=https%3A//ttdown.org&dtd=947
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 23 May 2023 13:18:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 doubleWin Show response
win.eskimi.com/ Frame 81A1 43 B
161 B 429ms
146ms Fetch
image/gif 130.211.27.62
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://win.eskimi.com/doubleWin?eid=2&w=EiEKFlVJYXZiRmlzbmd3a1REcmItMUpTZmcQAhi9w4rGhDEYBSCAnL_fBTEpXI_C9Si8P0F7FK5H4XqEP0jW7dSrX1iWkQpoAnDYnwJ4tb3VAYABBpoBG0NBRVNFUDdwcEEyM3ZJRndHSWhpdHQ4SXNCOKIBG0NBRVNFUDdwcEEyM3ZJRndHSWhpdHQ4SXNCOKkB8tJNYhBYyT-yARkgAjoPcmFpb24gc2FjaGtoZXJlQgJnZUgBwgEnCAIQ4-q-DBjEqaqjAiABKLmvATAFOAhYlbRBaANwAXgCiAEBkAEBygEgZjM0ZTk2OTk1ZGRmM2ZmNWViMWJmZGUxMzhjZmUyOWPYAbifndCo9YCSyQHhAQAAAAAAwFBA6gECZW7wAd8MgAIB&esc=false&spent=ZGy9FgANI74E0b5uAA4RXyUOArgulYdZYKG0Ew
Requested by: Host: ttdown.org
URL: https://ttdown.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.27.62 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 62.27.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 mystyle.css
dsp-media.eskimi.com/upload/rich-media-templates/glitch_templates/728x90/ Frame 81A1 2 KB
1 KB 479ms
157ms Stylesheet
text/css 138.199.37.227
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/upload/rich-media-templates/glitch_templates/728x90/mystyle.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=90&adk=3101682924&adf=4123552606&pi=t.aa~a.3220248052~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1684847894&rafmt=1&to=qs&pwprc=4777445207&format=1200x90&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847893780&bpp=1&bdt=2354&idt=0&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df021167263dd2045-22fe57cae8dd0063%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_MY-sLfBzkJ_hMfqTphWdk1ZpI-ZqQ&gpic=UID%3D00000c1a28cc22a7%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_Ma-0s_D5mWwOTkSjUD988idkncIGQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280%2C1200x280%2C200x540%2C144x540%2C728x90%2C1200x280&nras=11&correlator=3186862124183&frm=20&pv=1&ga_vid=1312077257.1684847893&ga_sid=1684847893&ga_hid=1378733181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44789779&oid=2&psts=ABHeCvh0nwr9rkAj0k5EdyXuIRtDfOroBQgga73I9yOymICSRO1EqsOkJd9rsY7xle7JO7CAOafqfbhLJeQbV4TRhF2OwbH4%2CABHeCvharcbcIbtI_SeAdcrdNxiLkNum3O8oVrUDv32B3hySzmL2MtXbKq_hFAx4p10ub43FeVdB6ZTzycSeUWJRKF_LF_Kp8sV8EjvGHGjqk_4IZkY&pvsid=3867253434869664&tmod=329237808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=9&fsb=1&xpc=IbothmDOnX&p=https%3A//ttdown.org&dtd=947

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.37.227 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

138-199-37-227.bunnyinfra.net

Software

BunnyCDN-DE1-860 /

Resource Hash

079f8f14308385941663f01d7b58754374faa6480e5725a3e1f4cff973604649

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Mon, 11 Dec 2023 23:45:20 GMT
date: Tue, 23 May 2023 13:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 722
cdn-cachedat: 12/11/2022 23:45:20
cdn-pullzone: 692289
last-modified: Thu, 01 Dec 2022 11:27:47 GMT
server: BunnyCDN-DE1-860
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"63888fb3-87c"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: e70db9debe94fcba9721f436e6226027
cdn-requestcountrycode: GE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 cap
dsp-trk.eskimi.com/ Frame 81A1 43 B
161 B 421ms
140ms Image
image/gif 34.120.139.69
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-trk.eskimi.com/cap?id=CAESEP7ppA23vIFwGIhitt8IsB8&dc=5&tz=%2B04:00&sgid=25592936150&pid=610964676&cid=166038&crid=1071637
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=90&adk=3101682924&adf=4123552606&pi=t.aa~a.3220248052~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1684847894&rafmt=1&to=qs&pwprc=4777445207&format=1200x90&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847893780&bpp=1&bdt=2354&idt=0&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df021167263dd2045-22fe57cae8dd0063%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_MY-sLfBzkJ_hMfqTphWdk1ZpI-ZqQ&gpic=UID%3D00000c1a28cc22a7%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_Ma-0s_D5mWwOTkSjUD988idkncIGQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280%2C1200x280%2C200x540%2C144x540%2C728x90%2C1200x280&nras=11&correlator=3186862124183&frm=20&pv=1&ga_vid=1312077257.1684847893&ga_sid=1684847893&ga_hid=1378733181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44789779&oid=2&psts=ABHeCvh0nwr9rkAj0k5EdyXuIRtDfOroBQgga73I9yOymICSRO1EqsOkJd9rsY7xle7JO7CAOafqfbhLJeQbV4TRhF2OwbH4%2CABHeCvharcbcIbtI_SeAdcrdNxiLkNum3O8oVrUDv32B3hySzmL2MtXbKq_hFAx4p10ub43FeVdB6ZTzycSeUWJRKF_LF_Kp8sV8EjvGHGjqk_4IZkY&pvsid=3867253434869664&tmod=329237808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=9&fsb=1&xpc=IbothmDOnX&p=https%3A//ttdown.org&dtd=947
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.139.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 69.139.120.34.bc.googleusercontent.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 ad-choice.min.js Show response
dsp-media.eskimi.com/assets/js/e/ Frame 81A1 3 KB
2 KB 479ms
158ms Script
application/javascript 138.199.37.227
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/assets/js/e/ad-choice.min.js?_=2.1.0.8

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.37.227 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

138-199-37-227.bunnyinfra.net

Software

BunnyCDN-DE1-860 /

Resource Hash

cdc7862ae6f3ae80124d8c672dc6d7a4d892ba42f7d651dbf0bd74d1d9e353ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Wed, 29 Nov 2023 14:20:59 GMT
date: Tue, 23 May 2023 13:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1054
cdn-cachedat: 11/29/2022 14:20:59
cdn-pullzone: 692289
last-modified: Mon, 14 Nov 2022 14:24:28 GMT
server: BunnyCDN-DE1-860
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"63724f9c-bdd"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 6821439c2628dc4ed33fb5939cae5e45
cdn-requestcountrycode: GE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 cellularTracking.min.js Show response
dsp-media.eskimi.com/assets/js/e/ Frame 81A1 803 B
1 KB 479ms
158ms Script
application/javascript 138.199.37.227
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/assets/js/e/cellularTracking.min.js?v=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.37.227 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

138-199-37-227.bunnyinfra.net

Software

BunnyCDN-DE1-860 /

Resource Hash

33dc14e1be2ccee701bf1afe545c0602f2723e4bf29a824332bbf55486d38b0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Fri, 05 Jan 2024 13:19:14 GMT
date: Tue, 23 May 2023 13:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 01/05/2023 13:19:14
cdn-pullzone: 692289
last-modified: Tue, 18 Aug 2020 12:41:28 GMT
server: BunnyCDN-DE1-860
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"5f3bcc78-323"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: a71a7e9dbaace8217ec0a55c0444e20c
cdn-requestcountrycode: GE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 utr
dsp-trk.eskimi.com/ Frame 81A1 43 B
99 B 421ms
141ms Image
image/gif 34.120.139.69
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-trk.eskimi.com/utr?coId=CAESEP7ppA23vIFwGIhitt8IsB8&e=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=90&adk=3101682924&adf=4123552606&pi=t.aa~a.3220248052~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1684847894&rafmt=1&to=qs&pwprc=4777445207&format=1200x90&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847893780&bpp=1&bdt=2354&idt=0&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df021167263dd2045-22fe57cae8dd0063%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_MY-sLfBzkJ_hMfqTphWdk1ZpI-ZqQ&gpic=UID%3D00000c1a28cc22a7%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_Ma-0s_D5mWwOTkSjUD988idkncIGQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280%2C1200x280%2C200x540%2C144x540%2C728x90%2C1200x280&nras=11&correlator=3186862124183&frm=20&pv=1&ga_vid=1312077257.1684847893&ga_sid=1684847893&ga_hid=1378733181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44789779&oid=2&psts=ABHeCvh0nwr9rkAj0k5EdyXuIRtDfOroBQgga73I9yOymICSRO1EqsOkJd9rsY7xle7JO7CAOafqfbhLJeQbV4TRhF2OwbH4%2CABHeCvharcbcIbtI_SeAdcrdNxiLkNum3O8oVrUDv32B3hySzmL2MtXbKq_hFAx4p10ub43FeVdB6ZTzycSeUWJRKF_LF_Kp8sV8EjvGHGjqk_4IZkY&pvsid=3867253434869664&tmod=329237808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=9&fsb=1&xpc=IbothmDOnX&p=https%3A//ttdown.org&dtd=947
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.139.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 69.139.120.34.bc.googleusercontent.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 81A1 3 KB
1 KB 136ms
135ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 10:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 10:58:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 81A1 19 KB
8 KB 137ms
136ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 21:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 21:56:23 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 81A1 0
0 147ms
146ms Image
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQGoEqfEO1hflSWFGhthglTDz4BIThXTOQOk5i2zKEWzx4ab36POEhx_FEzT68JIPIZr_BG7Mw0ruCiOj4tN6Kk5f9AJw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=90&adk=3101682924&adf=4123552606&pi=t.aa~a.3220248052~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1684847894&rafmt=1&to=qs&pwprc=4777445207&format=1200x90&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847893780&bpp=1&bdt=2354&idt=0&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df021167263dd2045-22fe57cae8dd0063%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_MY-sLfBzkJ_hMfqTphWdk1ZpI-ZqQ&gpic=UID%3D00000c1a28cc22a7%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_Ma-0s_D5mWwOTkSjUD988idkncIGQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280%2C1200x280%2C200x540%2C144x540%2C728x90%2C1200x280&nras=11&correlator=3186862124183&frm=20&pv=1&ga_vid=1312077257.1684847893&ga_sid=1684847893&ga_hid=1378733181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44789779&oid=2&psts=ABHeCvh0nwr9rkAj0k5EdyXuIRtDfOroBQgga73I9yOymICSRO1EqsOkJd9rsY7xle7JO7CAOafqfbhLJeQbV4TRhF2OwbH4%2CABHeCvharcbcIbtI_SeAdcrdNxiLkNum3O8oVrUDv32B3hySzmL2MtXbKq_hFAx4p10ub43FeVdB6ZTzycSeUWJRKF_LF_Kp8sV8EjvGHGjqk_4IZkY&pvsid=3867253434869664&tmod=329237808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=9&fsb=1&xpc=IbothmDOnX&p=https%3A//ttdown.org&dtd=947
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 81A1 171 KB
53 KB 149ms
148ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 13:18:15 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E038
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFZRKag0BqEEIcvapmqEYj8&google_push=ATf1kGN0vJCjkbwOmP2xcF6bg8wnKBANNBUIccNx55jTirxzmtwvGx6I_r...

170 B
188 B

157ms
156ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFZRKag0BqEEIcvapmqEYj8&google_push=ATf1kGN0vJCjkbwOmP2xcF6bg8wnKBANNBUIccNx55jTirxzmtwvGx6I_rNQS-yBg1ez_PyHjBlcZ9FiDoYnr5NPVqDmooZyX9nM435K

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-mxp6956-MXP
pragma: no-cache
date: Tue, 23 May 2023 13:18:15 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1684847896.650961,VS0,VE96
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFZRKag0BqEEIcvapmqEYj8&google_push=ATf1kGN0vJCjkbwOmP2xcF6bg8wnKBANNBUIccNx55jTirxzmtwvGx6I_rNQS-yBg1ez_PyHjBlcZ9FiDoYnr5NPVqDmooZyX9nM435K
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E038
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPNOSTyvekZuaSAjqw4Vuuc&google_cver=1&google_push=ATf1kGND7dLtLQIa2qqDMvxVCyyjKxZxoVz7jHJl29ND2po8MfbJ5mnW0DpakjQP8jgXNVW2H3usz7IPYmAhOyxusx...
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEPNOSTyvekZuaSAjqw4Vuuc&google_cver=1&google_push=ATf1kGND7dLtLQIa2qqDMvxVCyyjKxZxoVz7jHJl29ND2po8MfbJ5mnW0DpakjQP8jgXNVW2H3usz7IPYmAhOyxusx...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YTlhNjIzYzUtNGIzMi00MTk5LWE0YzAtNzUwZGM1ZDEzNjU2&google_push&gdpr=0&gdpr_consent=&ttd_tdid=a9a623c5-4b32-4199-a4c0-750dc5d13656

170 B
188 B

148ms
148ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YTlhNjIzYzUtNGIzMi00MTk5LWE0YzAtNzUwZGM1ZDEzNjU2&google_push&gdpr=0&gdpr_consent=&ttd_tdid=a9a623c5-4b32-4199-a4c0-750dc5d13656

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:15 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YTlhNjIzYzUtNGIzMi00MTk5LWE0YzAtNzUwZGM1ZDEzNjU2&google_push&gdpr=0&gdpr_consent=&ttd_tdid=a9a623c5-4b32-4199-a4c0-750dc5d13656
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 423

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E038
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEIkkdkcjryRz-zQ5kPh4qSE&google_cver=1&google_push=ATf1kGNbTlOBq9RxoUmtPcWJhDUn1vjq6u52A2DGvAc5kwlj625Rm34DXoPc9Gwo02eadiRGXdggH9s6oSW4lr_NlhlY_6KBqBMFAzd-
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OUUwMDE3NzE4QUMwOEI5Rg==

170 B
188 B

149ms
149ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OUUwMDE3NzE4QUMwOEI5Rg==

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OUUwMDE3NzE4QUMwOEI5Rg==
date: Tue, 23 May 2023 13:18:15 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET

getuidu
secure.adnxs.com/ Frame E038
Redirect Chain

https://a.clickcertain.com/px/img/g/?google_gid=CAESEJtQy8YasWDoo0aXFqRQ9F8&google_cver=1&google_push=ATf1kGOCigpdKCIgtEZMuH0He2e7fCW48v9MEVuhhO9f0-_O74E4LFxYcqVmqOm8L8d3G5CCQqkF8qbYAGTl5rB7fUGBLVZ...
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=7544d613-7fd3-4150-ae2e-6c5f1e4774a7&ccid=7544d613-7fd3-4150-ae2e-6c5f1e4774a7&redir=https%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuid...
https://i.liadm.com/s/56408?redir=https%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fg%252f%253fdone%253dtrue%2526google_...
https://a.clickcertain.com/px/li/?redir=https%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fg%252f%253fdone%253dtrue%2526g...
https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/g/?done=true&google_gid=CAESEJtQy8YasWDoo0aXFqRQ9F8&google_cver=1&google_push=ATf1kGOCigpdKCIgtEZMuH0He2e7fCW48v9MEVuhhO9f0-_O74E4...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E038
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHCMVEuciZp12DBF1CW_U94&google_cver=1&google_push=ATf1kGOAw1yfIioDqeyX3h8Uc9EDDok4a_XsUc0z7LQ1LpIiJBMnBXtiYcHxYNIONv-3oCIeob7derRa...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHCMVEuciZp12DBF1CW_U94&google_cver=1&google_push=ATf1kGOAw1yfIioDqeyX3h8Uc9EDDok4a_XsUc0z7LQ1LpIiJBMnBXtiYcHxYNIONv-3oCIeob7...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTUyMDM5ODAzNzM4MjgyNA&google_push=ATf1kGOAw1yfIioDqeyX3h8Uc9EDDok4a_XsUc0z7LQ1LpIiJBMnBXtiYcHxYNIONv-3oCIeob7derRaHa...

170 B
188 B

148ms
147ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTUyMDM5ODAzNzM4MjgyNA&google_push=ATf1kGOAw1yfIioDqeyX3h8Uc9EDDok4a_XsUc0z7LQ1LpIiJBMnBXtiYcHxYNIONv-3oCIeob7derRaHaeZcewQaMZJWGtuN0zm0WvV

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTUyMDM5ODAzNzM4MjgyNA&google_push=ATf1kGOAw1yfIioDqeyX3h8Uc9EDDok4a_XsUc0z7LQ1LpIiJBMnBXtiYcHxYNIONv-3oCIeob7derRaHaeZcewQaMZJWGtuN0zm0WvV
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E038
Redirect Chain

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEGsdK0eM5xYwgAtFrGPIv6E&google_cver=1&google_push=ATf1kGNTkiT0lX_vi7CxUrHwiUcnVVmlxsWuouERTkHwP19V8wQxl5Bn-...
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGNTkiT0lX_vi7CxUrHwiUcnVVmlxsWuouERTkHwP19V8wQxl5Bn-enMqgC2h9Q_WCRyq4z1TWBgSkdFsL0xnSkhANF9L5XHbUrhsw&google_hm=QlMuNDM4OS05...

170 B
188 B

147ms
147ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGNTkiT0lX_vi7CxUrHwiUcnVVmlxsWuouERTkHwP19V8wQxl5Bn-enMqgC2h9Q_WCRyq4z1TWBgSkdFsL0xnSkhANF9L5XHbUrhsw&google_hm=QlMuNDM4OS05OTgzLTQ1NTAtYjczNA==

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGNTkiT0lX_vi7CxUrHwiUcnVVmlxsWuouERTkHwP19V8wQxl5Bn-enMqgC2h9Q_WCRyq4z1TWBgSkdFsL0xnSkhANF9L5XHbUrhsw&google_hm=QlMuNDM4OS05OTgzLTQ1NTAtYjczNA==
Date: Tue, 23 May 2023 13:18:15 GMT
Server: openresty
Connection: close
Content-Length: 142
Content-Type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E038
Redirect Chain

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEHY2srZ5LTyWlKkm_UHqQtk&google_cver=1&google_push=ATf1kGPeVMA1kfjM4wtfF8McPpU91C8W-14kYJUVpOU3Gl1eYDQa-9n-Arlz1zeFRjaAKyzbXYpdMwl4...
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEHY2srZ5LTyWlKkm_UHqQtk%26google_cver%3D1%26google_push%3DATf1kGPeVMA1kfjM4wtfF8...
https://rtb2-useast.e-volution.ai/sync?adkuid=A7633871131037786008&exchange=193&google_gid=CAESEHY2srZ5LTyWlKkm_UHqQtk&google_cver=1&google_push=ATf1kGPeVMA1kfjM4wtfF8McPpU91C8W-14kYJUVpOU3Gl1eYDQa...
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTc2MzM4NzExMzEwMzc3ODYwMDg&google_push=ATf1kGPeVMA1kfjM4wtfF8McPpU91C8W-14kYJUVpOU3Gl1eYDQa-9n-Arlz1zeFRjaAKyzbXYpdMwl...

170 B
188 B

146ms
146ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTc2MzM4NzExMzEwMzc3ODYwMDg&google_push=ATf1kGPeVMA1kfjM4wtfF8McPpU91C8W-14kYJUVpOU3Gl1eYDQa-9n-Arlz1zeFRjaAKyzbXYpdMwl4nzYQui6nMjAH2kW2oXT-1QXXDA

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTc2MzM4NzExMzEwMzc3ODYwMDg&google_push=ATf1kGPeVMA1kfjM4wtfF8McPpU91C8W-14kYJUVpOU3Gl1eYDQa-9n-Arlz1zeFRjaAKyzbXYpdMwl4nzYQui6nMjAH2kW2oXT-1QXXDA
Date: Tue, 23 May 2023 13:18:16 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E038 0
12 B 146ms
145ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LDZEeUtMvronm5I2SpHjCQ4ibb3wXONbecIjnQVbNWbamCDT3ibISNezqLt8AWLe0RjW0jwJ8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:15 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js Show response
pagead2.googlesyndication.com/bg/ Frame 6506 37 KB
14 KB 133ms
133ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 09:39:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13128
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14738
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 09:39:27 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/13359178174328754851/ Frame 87AF 72 KB
19 KB 409ms
150ms Document
text/html 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13359178174328754851/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

ee717bda8301eba7f83587f2bbc5cd593ba9addbada1fd26814b2ae41d8ca704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 423843
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 19851
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 18 May 2023 15:34:12 GMT
expires: Fri, 17 May 2024 15:34:12 GMT
last-modified: Fri, 31 Mar 2023 14:24:22 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 179B 0
0 455ms
178ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss-bxa2ltz86HcRTKZACFpRXbqGrBDRKfH-5741A0bNMSMfqWBAKoYNiDZ_Y_eUyEnf7REz8wtdbGYRizz0rktN5MsX1VMt1Lt2WC580uLv8OOpJxVsDUTyl6Do2Uh4c3JwM62l7KzxGBYOr104NBL-wK9CHsALBfXpb86PXPoa8JwyofVUlM74nMjHvDUPgvmc8TvOC8Ks82KL3gDTE9ggqcSy29a4rJSRpcurfEnO3Y2rF-AmMxbpFb_ipLuOjrPQfp3jfHWGDnmONB22Mt3_06DFY5rmWjIiK5U0-mqLTXBiBcaLWRoKJZkiWZ8Zr8GLNElDmutam_AndEhvwbEFou9H5s9gBZ0plGJuDPLmS9tSknZEjvE49b97p5VEKMuzLAX9mz9Lu31pZKhgeLMxveSFS6k2JMgMCBUvco7TIpARV6bdB4OSxmaSTmgvV4OB02oUtMrNe58OCi28lGxvycRhNManlZzIUFis4J2YqIHLL4k3LzgQCf5dqHfU_Wd15d-eSOvjiiNecDT1EnYKPuiSIa9J15MeEVoLQI6tBeoMwWn5NQiNPDdQLfYfo_pWEyoE5gZm6JQbnFe6oQcFbxmf1GgKJAGvcs6-so3m-8Mygv5jHdiyIM1gVBgEtbcRr7aNvHiH476rgQ4sxrzBriEqnAUNRsoCSIoyRzrz1MdrYFfeMVNAa3rk5ZP9cKr4lhxiiAzQpJ0xmDRI7aU9auCAglBX8y43UJPwoIBb8jilP-uTfUdGUoa6PXPaioubL9cgpHqqLK0-KRCepEm7gk0Oq3rlyaFVmenI3wwW8I3IIBtn-O0yyxZPqmZdUBNNoeJemABoEpyAw55WfWqaLFsdJIkMA-7JRko6kt53U_qCT6O3R6E-Vmp9ujfPIzD9puzT_8ELoAIynVYNVRhefDnJQDBe6_ediHbQDahztIY4y-ja2gpycn8SNb1KjFVejXHkbuQ29BAhclliT_EZ1sZby11khJrVb83pBQRCC92u0ZrK5erlETycjDj8VlAfBHAf7OPH2RjfmZJcXXXcEiZ3mMMLp3JyJacnQTDHQn_l8cb1Po5OE0Ru0Qd2y1h3XYForS-Wuu8-UEWWbFIjKOGZr96-njDT0AU_EIPnyeIzWAiza4_Mja7--X7W5orqCe8K3Q9kaf2wpzfDeWXa4mD5KMbg2cUlU4TEjuDRWdAeUgVt31QMQhylTJxLtX_v&sai=AMfl-YR80mq_gi_KWT2oTW90vkehxyGqrFQT11SLRLmE9-D5g66uFflTpX8JrMEbSO8DBKFLCOhrLZMIDRtzQEksc0kB8ObMkRVLibi7IibEsEi_B9sGWoma31aNhmAQhvVU9j5-_DcX6nxu9-o2t03aJS5G66djDVRhKQtmXEf18hucyqMmsSoYo_1q9FYMuccNc6bz-wnGrFtZ8A&sig=Cg0ArKJSzJjbl0TALMHgEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=573&cbvp=1&cstd=566&cisv=r20230518.23235&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 23 May 2023 13:18:15 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 23 May 2023 13:18:15 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 00F0 0
45 B 139ms
138ms Ping
image/gif 66.102.1.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~li0axo47&c=4566481595369&slotId=2283240797684.5&qqid=CIO03cHDi_8CFQek0QQd_TgOYA&fb=outstream-lima&vast_v=2.0&vmfc=4&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.102.1.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wb-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:15 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 00F0 41 KB
15 KB 135ms
134ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:06:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7933
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2024 11:06:02 GMT

HEAD
H/1.1

200
OK

file.mp4
r4---sn-4g5lznlz.c.2mdn.net/videoplayback/id/f640bab4b2b9f3a2/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1716383895/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 00F0
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/f640bab4b2b9f3a2/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1716383895/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r4---sn-4g5lznlz.c.2mdn.net/videoplayback/id/f640bab4b2b9f3a2/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1716383895/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

426ms
132ms

Fetch
video/mp4

74.125.104.73
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5lznlz.c.2mdn.net/videoplayback/id/f640bab4b2b9f3a2/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1716383895/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/242091B59A0F73CF996E79DFE4C1C10F6E6FC0A1.5E948B5ABB6ECFF138002796BFA652477109ACE3/key/cms1/cms_redirect/yes/mh/mw/mip/91.239.206.129/mm/42/mn/sn-4g5lznlz/ms/onc/mt/1684847574/mv/m/mvi/4/pl/24/file/file.mp4

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

HTTP/1.1

Server

74.125.104.73 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s24-in-f9.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 May 2023 13:18:16 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2080737
Last-Modified: Sun, 21 May 2023 20:33:09 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Tue, 23 May 2023 13:18:16 GMT

Redirect headers

date: Tue, 23 May 2023 13:18:16 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 644
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r4---sn-4g5lznlz.c.2mdn.net/videoplayback/id/f640bab4b2b9f3a2/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1716383895/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/242091B59A0F73CF996E79DFE4C1C10F6E6FC0A1.5E948B5ABB6ECFF138002796BFA652477109ACE3/key/cms1/cms_redirect/yes/mh/mw/mip/91.239.206.129/mm/42/mn/sn-4g5lznlz/ms/onc/mt/1684847574/mv/m/mvi/4/pl/24/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6506 0
20 B 173ms
173ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BiXs5Fr1sZIqxKprs3wPVtabgDQAAAAA4AeAEAg&bg=!QkGlQRXNAAZ8_aWmXP07ADkAdvg8WutK9Lc4GiYt6IWmEdhSsQ2jXcS5Ixp9Nseq7NR1wk_iX4-bg9q-eUA87y_Pv_AUKnoP8dECAAAAfVIAAAACaAEHmQLlTYPujjKb8o7AgSsjlxrgLNcuyu9WXTdFqIcP63D6P1MCO2ysFaDs8krjQdKknBFjOKhhicLddu1Sl_t60NXA6okK2jDMclHv9vo6OQ6t7mx1FuKC2RtetNXy5RItebZq9abWHTrSJTt7G90YGO1FPu4spsY1xtMRK55pzIHtc-7fLjZZ-lRVX5Qf2KTGCcBD6FalFeDYmWiFTGriuyYoDaydEUXEFGaQOwVfrAg0y3Q4Q7Eg0NZOShFtQ3BHgLUvDG3h-3UFQasBcgfdAaJmhrTwLMsFJHW9-IL99ijqZjN_hPMwXe60UwxMlBFr5-55FiZ6e5et2_xhCpVp5N55Cfh7hm-Ln9bw9kiqL3q4q1lFLROA4xArGSlZ9x1jrqgQxZd_ChxYh0cah_ias5hHutSeAtjT8p768IGMiyI-E8B3piHIwZ8a_MUO6xXAa0lnHMl5TgjkNMQFHiLDkvzLe2ccWRsVQBLTeOABZRNaJjtAV7_LLuZBmHQc1Po9XUeoNAPSM4yvcGYIW2ESU4GDzA940NVqC_HPyCOPi4pouUwt5PiqCpT_4F6BpjLYEyx_S_rUTHm9bTLTR-BJ3HPY2Hlk8XLXWCkfobBvyUj7LZD6lFRwQ9bAONSV5Hb6lR270RP0epQOx1a9YPjJ7JhmGUvb0SDVaAelX5f_LJD35r2TmV5xAuiWytDxMbGnp-32-TL7Tp0N-os5ixsOH0q7VK35DBdgeM5_Lvcq9mXLtWwO2DN5OzgcK-ORo6cjqtKmo3EPHf0D2oOY2cw4ApsZjlp4e53bKVtsfklAF2X3T6rZ0ZWF4ZgzbbNgEQk6cVWh9Gse1LuNw14ieF7fLeB8Vz7gJDofReo3f4XbpExsNCTunfuUZYLJDMpPDdk6sWFlIE-NFGha4xMbjJlp1Q6bp1gWkyEAizuZpS707g_k8dhVxeeDxfiJBebYen_wzyP7CdGY_UIzUqokJZDtnVyAEaxQPQ6M

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 6E72 23 KB
9 KB 132ms
131ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 355308
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 10:36:27 GMT
expires: Sat, 18 May 2024 10:36:27 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adchoice_logo_15x15_v2.png
dsp-media.eskimi.com/upload/wl/eskimi/ Frame 81A1 360 B
831 B 152ms
151ms Image
image/png 138.199.37.227
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-media.eskimi.com/upload/wl/eskimi/adchoice_logo_15x15_v2.png?_=2.1.0.8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=90&adk=3101682924&adf=4123552606&pi=t.aa~a.3220248052~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1684847894&rafmt=1&to=qs&pwprc=4777445207&format=1200x90&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847893780&bpp=1&bdt=2354&idt=0&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df021167263dd2045-22fe57cae8dd0063%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_MY-sLfBzkJ_hMfqTphWdk1ZpI-ZqQ&gpic=UID%3D00000c1a28cc22a7%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_Ma-0s_D5mWwOTkSjUD988idkncIGQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280%2C1200x280%2C200x540%2C144x540%2C728x90%2C1200x280&nras=11&correlator=3186862124183&frm=20&pv=1&ga_vid=1312077257.1684847893&ga_sid=1684847893&ga_hid=1378733181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44789779&oid=2&psts=ABHeCvh0nwr9rkAj0k5EdyXuIRtDfOroBQgga73I9yOymICSRO1EqsOkJd9rsY7xle7JO7CAOafqfbhLJeQbV4TRhF2OwbH4%2CABHeCvharcbcIbtI_SeAdcrdNxiLkNum3O8oVrUDv32B3hySzmL2MtXbKq_hFAx4p10ub43FeVdB6ZTzycSeUWJRKF_LF_Kp8sV8EjvGHGjqk_4IZkY&pvsid=3867253434869664&tmod=329237808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=9&fsb=1&xpc=IbothmDOnX&p=https%3A//ttdown.org&dtd=947
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.227 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-37-227.bunnyinfra.net
Software: BunnyCDN-DE1-860 /
Resource Hash: 04dd17131968a07c34224fb2e34a25d3bdd06fed40c6025f20ecdfc9e6eff2a0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Tue, 23 May 2023 13:18:15 GMT
cdn-edgestorageid: 1047
cdn-cachedat: 02/28/2023 09:40:28
cdn-pullzone: 692289
content-length: 360
last-modified: Tue, 28 Feb 2023 09:21:44 GMT
server: BunnyCDN-DE1-860
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "63fdc7a8-168"
content-type: image/png
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
cache-control: public, max-age=31536000
cdn-requestid: 81f24a8253bd133236e2304d74e4fa27
accept-ranges: bytes
cdn-requestcountrycode: GE
cdn-status: 200
expires: Wed, 28 Feb 2024 09:40:28 GMT

GET
H2 200 col
dsp-trk.eskimi.com/ Frame 81A1 43 B
99 B 140ms
139ms Image
image/gif 34.120.139.69
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-trk.eskimi.com/col?u=CAESEP7ppA23vIFwGIhitt8IsB8&exid=9rX-JGHN3HZNo6ifKyfVZJZyi1kQ-cdFiBRlzsIhen8pcSJxIaayuIDwFI4SoxWY&exidtmp=1&ct=0&cntr=ge&ipl=1542442496&op=0&conn=0&extid=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=90&adk=3101682924&adf=4123552606&pi=t.aa~a.3220248052~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1684847894&rafmt=1&to=qs&pwprc=4777445207&format=1200x90&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847893780&bpp=1&bdt=2354&idt=0&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df021167263dd2045-22fe57cae8dd0063%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_MY-sLfBzkJ_hMfqTphWdk1ZpI-ZqQ&gpic=UID%3D00000c1a28cc22a7%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_Ma-0s_D5mWwOTkSjUD988idkncIGQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280%2C1200x280%2C200x540%2C144x540%2C728x90%2C1200x280&nras=11&correlator=3186862124183&frm=20&pv=1&ga_vid=1312077257.1684847893&ga_sid=1684847893&ga_hid=1378733181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44789779&oid=2&psts=ABHeCvh0nwr9rkAj0k5EdyXuIRtDfOroBQgga73I9yOymICSRO1EqsOkJd9rsY7xle7JO7CAOafqfbhLJeQbV4TRhF2OwbH4%2CABHeCvharcbcIbtI_SeAdcrdNxiLkNum3O8oVrUDv32B3hySzmL2MtXbKq_hFAx4p10ub43FeVdB6ZTzycSeUWJRKF_LF_Kp8sV8EjvGHGjqk_4IZkY&pvsid=3867253434869664&tmod=329237808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=9&fsb=1&xpc=IbothmDOnX&p=https%3A//ttdown.org&dtd=947
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.139.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 69.139.120.34.bc.googleusercontent.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 utr.min.js Show response
dsp-media.eskimi.com/assets/js/e/ Frame 81A1 10 KB
5 KB 337ms
337ms Script
application/javascript 138.199.37.227
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/assets/js/e/utr.min.js?vv=0&trv=0&trve=0&src=utr&bId=1684847894973.2.UIavbFisngwkTDrb-1JSfg&baId=ead-ce52998643e17974def0df1ff52a54b3&mr=0

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.37.227 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

138-199-37-227.bunnyinfra.net

Software

BunnyCDN-DE1-860 /

Resource Hash

7f5feab8115fb17c8945b5b22a6382315c264a9878b2de8d1916013720e496ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Wed, 22 May 2024 13:18:15 GMT
date: Tue, 23 May 2023 13:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1049
cdn-cachedat: 05/23/2023 13:18:15
cdn-pullzone: 692289
last-modified: Thu, 01 Dec 2022 09:59:55 GMT
server: BunnyCDN-DE1-860
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"63887b1b-29ad"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: MISS
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: c1f56e2895666a9a2ce99b09bda8b94f
cdn-requestcountrycode: GE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 gtr.min.js Show response
dsp-media.eskimi.com/assets/js/e/ Frame 81A1 6 KB
3 KB 155ms
154ms Script
application/javascript 138.199.37.227
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.37.227 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

138-199-37-227.bunnyinfra.net

Software

BunnyCDN-DE1-860 /

Resource Hash

c82c372cd5c4a3b46fddb13499d36d8818044e818b53a6794f340effeea5673a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Tue, 27 Feb 2024 09:17:18 GMT
date: Tue, 23 May 2023 13:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 02/27/2023 09:17:18
cdn-pullzone: 692289
last-modified: Fri, 24 Feb 2023 12:08:35 GMT
server: BunnyCDN-DE1-860
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"63f8a8c3-19cc"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 279330c65fdde2c5ccbc7d71a9c57933
cdn-requestcountrycode: GE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4863 1 KB
643 B 136ms
134ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 9879
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 10:33:36 GMT
etag: 48472445140208031
expires: Wed, 24 May 2023 10:33:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 101076_114052452_7cf0cbc1966f83864cc770d260034e8b.png
dsp-media.eskimi.com/upload/ Frame 81A1 85 KB
86 KB 178ms
178ms Image
image/png 138.199.37.227
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-media.eskimi.com/upload/101076_114052452_7cf0cbc1966f83864cc770d260034e8b.png
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=90&adk=3101682924&adf=4123552606&pi=t.aa~a.3220248052~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1684847894&rafmt=1&to=qs&pwprc=4777445207&format=1200x90&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847893780&bpp=1&bdt=2354&idt=0&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df021167263dd2045-22fe57cae8dd0063%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_MY-sLfBzkJ_hMfqTphWdk1ZpI-ZqQ&gpic=UID%3D00000c1a28cc22a7%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_Ma-0s_D5mWwOTkSjUD988idkncIGQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280%2C1200x280%2C200x540%2C144x540%2C728x90%2C1200x280&nras=11&correlator=3186862124183&frm=20&pv=1&ga_vid=1312077257.1684847893&ga_sid=1684847893&ga_hid=1378733181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44789779&oid=2&psts=ABHeCvh0nwr9rkAj0k5EdyXuIRtDfOroBQgga73I9yOymICSRO1EqsOkJd9rsY7xle7JO7CAOafqfbhLJeQbV4TRhF2OwbH4%2CABHeCvharcbcIbtI_SeAdcrdNxiLkNum3O8oVrUDv32B3hySzmL2MtXbKq_hFAx4p10ub43FeVdB6ZTzycSeUWJRKF_LF_Kp8sV8EjvGHGjqk_4IZkY&pvsid=3867253434869664&tmod=329237808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=9&fsb=1&xpc=IbothmDOnX&p=https%3A//ttdown.org&dtd=947
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.227 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-37-227.bunnyinfra.net
Software: BunnyCDN-DE1-860 /
Resource Hash: 10d0f3790a633e0dd1625e0fd9867bc2d8f8d28fa0195f3927eda5cef45641ae

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Tue, 23 May 2023 13:18:15 GMT
cdn-edgestorageid: 1076
cdn-cachedat: 05/17/2023 15:55:13
cdn-pullzone: 692289
content-length: 87478
last-modified: Mon, 15 May 2023 12:26:04 GMT
server: BunnyCDN-DE1-860
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "646224dc-155b6"
content-type: image/png
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
cache-control: public, max-age=31536000
cdn-requestid: 693b0b5203df89ba66dd29d81dbba710
accept-ranges: bytes
cdn-requestcountrycode: GE
cdn-status: 200
expires: Thu, 16 May 2024 15:55:12 GMT

GET
DATA 200
OK truncated
/ Frame 81A1 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2247ac62b0c0960fa63bef92e321f70d5f7c1c37b2fe5de30f2a43a36a01a547

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 87AF 29 KB
10 KB 135ms
134ms Script
text/javascript 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13359178174328754851/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13359178174328754851/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 00:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44978
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 24 May 2023 00:48:37 GMT

GET
H3 200 b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js Show response
pagead2.googlesyndication.com/bg/ Frame 6E72 37 KB
14 KB 131ms
131ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 09:39:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14738
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 09:39:27 GMT

GET
H2 200 gtr Show response
dsp-ap.eskimi.com/v2/ Frame 81A1 731 B
1 KB 426ms
142ms XHR
application/json 35.186.201.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dsp-ap.eskimi.com/v2/gtr?&t=1684847895996
Requested by: Host: dsp-media.eskimi.com
URL: https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.201.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.201.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 9214d33ab3af5fdb26cf0952965948aef6063973884bf4be37711c163b970d68

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://googleads.g.doubleclick.net
date: Tue, 23 May 2023 13:18:15 GMT
cache-control: no-cache
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 4863 0
172 B 412ms
139ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEG_d6bC3iEUgWDSvSYQFhy0&google_cver=1&google_push=ATf1kGNP_OG97t-ZncBXYZNjcIeYAJL94Lf28rX8jHdBeomBCS9I9N5wg-V7VqpAHRT6YoGd-I9BpB9tfetvt2ig1DoPyK5YirRbjqI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=90&adk=3101682924&adf=4123552606&pi=t.aa~a.3220248052~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1684847894&rafmt=1&to=qs&pwprc=4777445207&format=1200x90&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847893780&bpp=1&bdt=2354&idt=0&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df021167263dd2045-22fe57cae8dd0063%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_MY-sLfBzkJ_hMfqTphWdk1ZpI-ZqQ&gpic=UID%3D00000c1a28cc22a7%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_Ma-0s_D5mWwOTkSjUD988idkncIGQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280%2C1200x280%2C200x540%2C144x540%2C728x90%2C1200x280&nras=11&correlator=3186862124183&frm=20&pv=1&ga_vid=1312077257.1684847893&ga_sid=1684847893&ga_hid=1378733181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44789779&oid=2&psts=ABHeCvh0nwr9rkAj0k5EdyXuIRtDfOroBQgga73I9yOymICSRO1EqsOkJd9rsY7xle7JO7CAOafqfbhLJeQbV4TRhF2OwbH4%2CABHeCvharcbcIbtI_SeAdcrdNxiLkNum3O8oVrUDv32B3hySzmL2MtXbKq_hFAx4p10ub43FeVdB6ZTzycSeUWJRKF_LF_Kp8sV8EjvGHGjqk_4IZkY&pvsid=3867253434869664&tmod=329237808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=9&fsb=1&xpc=IbothmDOnX&p=https%3A//ttdown.org&dtd=947
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:16 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 4863 42 B
213 B 421ms
137ms Image
image/gif 34.160.236.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESENFWm93x9juuVB1hSlRtHWI&google_cver=1&google_push=ATf1kGOjqAg3RBf-5cxPzIDmQcER1aPNdZUQwrr9EI8NO1IXWcz5R4P223mkeKBFTLCX0AsEe8Fkyn5uWCYBlcGd-u6-SFOUBIJjgFY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=90&adk=3101682924&adf=4123552606&pi=t.aa~a.3220248052~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1684847894&rafmt=1&to=qs&pwprc=4777445207&format=1200x90&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847893780&bpp=1&bdt=2354&idt=0&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df021167263dd2045-22fe57cae8dd0063%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_MY-sLfBzkJ_hMfqTphWdk1ZpI-ZqQ&gpic=UID%3D00000c1a28cc22a7%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_Ma-0s_D5mWwOTkSjUD988idkncIGQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280%2C1200x280%2C200x540%2C144x540%2C728x90%2C1200x280&nras=11&correlator=3186862124183&frm=20&pv=1&ga_vid=1312077257.1684847893&ga_sid=1684847893&ga_hid=1378733181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44789779&oid=2&psts=ABHeCvh0nwr9rkAj0k5EdyXuIRtDfOroBQgga73I9yOymICSRO1EqsOkJd9rsY7xle7JO7CAOafqfbhLJeQbV4TRhF2OwbH4%2CABHeCvharcbcIbtI_SeAdcrdNxiLkNum3O8oVrUDv32B3hySzmL2MtXbKq_hFAx4p10ub43FeVdB6ZTzycSeUWJRKF_LF_Kp8sV8EjvGHGjqk_4IZkY&pvsid=3867253434869664&tmod=329237808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=9&fsb=1&xpc=IbothmDOnX&p=https%3A//ttdown.org&dtd=947
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:16 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4863
Redirect Chain

https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEEWOQXWueZws7JQrVW4y8uM&google_cver=1&google_push=ATf1kGPvCTzxfE2r_fZX0bj6llTjZQqDsa7rBAuHewUgkysLAqh00uzZukjZoEKPFWLuGkS9wz1xaRDL9k4cUXieb0...
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTkzMjk1Nzc2MjUwMjQxNjY4Mg&google_push=ATf1kGPvCTzxfE2r_fZX0bj6llTjZQqDsa7rBAuHewUgkysLAqh00uzZukjZoEKPFWLuGkS9wz1xaRDL9k4cUXieb06V8...

170 B
188 B

148ms
148ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTkzMjk1Nzc2MjUwMjQxNjY4Mg&google_push=ATf1kGPvCTzxfE2r_fZX0bj6llTjZQqDsa7rBAuHewUgkysLAqh00uzZukjZoEKPFWLuGkS9wz1xaRDL9k4cUXieb06V8uTjn7o4-to

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTkzMjk1Nzc2MjUwMjQxNjY4Mg&google_push=ATf1kGPvCTzxfE2r_fZX0bj6llTjZQqDsa7rBAuHewUgkysLAqh00uzZukjZoEKPFWLuGkS9wz1xaRDL9k4cUXieb06V8uTjn7o4-to
Date: Tue, 23 May 2023 13:18:16 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4863
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJcEho6F_39OoKeBh6g5YBc&google_cver=1&google_push=ATf1kGOgjoTal7cj3ZoTZhWchWegwXpdgPvEzD2YvaUMRREcP_Mk1bkbxTtrFqutPvqKTxy0heZgYw1pXRa8...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiEjCpxqeAV5Dz97VScAfNqBDA0aYK0DDOQ&google_push=ATf1kGOgjoTal7cj3ZoTZhWchWegwXpdgPvEzD2YvaUMRREcP_Mk1bkbxTtrFqutPvqKTxy0heZgYw1pXR...

170 B
188 B

148ms
148ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiEjCpxqeAV5Dz97VScAfNqBDA0aYK0DDOQ&google_push=ATf1kGOgjoTal7cj3ZoTZhWchWegwXpdgPvEzD2YvaUMRREcP_Mk1bkbxTtrFqutPvqKTxy0heZgYw1pXRa8ZFj_WcgZ10XSww5-4_0

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiEjCpxqeAV5Dz97VScAfNqBDA0aYK0DDOQ&google_push=ATf1kGOgjoTal7cj3ZoTZhWchWegwXpdgPvEzD2YvaUMRREcP_Mk1bkbxTtrFqutPvqKTxy0heZgYw1pXRa8ZFj_WcgZ10XSww5-4_0
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4863
Redirect Chain

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEGsdK0eM5xYwgAtFrGPIv6E&google_cver=1&google_push=ATf1kGP0aZvGV54tVHNcXSuZ-idXlabu7hUbKqmcV2zJRhpMKcXPWRS7z...
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGP0aZvGV54tVHNcXSuZ-idXlabu7hUbKqmcV2zJRhpMKcXPWRS7zZfUObC40Y1FTKFtsGBKVFgylfvdWCe4a1Pu74UP7yCqQK4Q&google_hm=QlMuZDAxYS0xM2...

170 B
188 B

147ms
146ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGP0aZvGV54tVHNcXSuZ-idXlabu7hUbKqmcV2zJRhpMKcXPWRS7zZfUObC40Y1FTKFtsGBKVFgylfvdWCe4a1Pu74UP7yCqQK4Q&google_hm=QlMuZDAxYS0xM2MzLTRhY2UtOGFkNA==

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGP0aZvGV54tVHNcXSuZ-idXlabu7hUbKqmcV2zJRhpMKcXPWRS7zZfUObC40Y1FTKFtsGBKVFgylfvdWCe4a1Pu74UP7yCqQK4Q&google_hm=QlMuZDAxYS0xM2MzLTRhY2UtOGFkNA==
Date: Tue, 23 May 2023 13:18:16 GMT
Server: openresty
Connection: close
Content-Length: 142
Content-Type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4863
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEIGk0BXPGU_9Ahzf4psL2pI&google_cver=1&google_push=ATf1kGOfHQdIoGAe8a-x6fPayvcBeBwVEke6tBpFlyJ4p1qjFQf3uex6Jmq91We40l...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGOfHQdIoGAe8a-x6fPayvcBeBwVEke6tBpFlyJ4p1qjFQf3uex6Jmq91We40lOl_1JSBvV5TnydYL60wwHJflCkoGNX--SjR2kG&google_hm...

170 B
188 B

148ms
147ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGOfHQdIoGAe8a-x6fPayvcBeBwVEke6tBpFlyJ4p1qjFQf3uex6Jmq91We40lOl_1JSBvV5TnydYL60wwHJflCkoGNX--SjR2kG&google_hm=3EpQR0AbQ5qXYQKL8tz1fIE

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:15 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGOfHQdIoGAe8a-x6fPayvcBeBwVEke6tBpFlyJ4p1qjFQf3uex6Jmq91We40lOl_1JSBvV5TnydYL60wwHJflCkoGNX--SjR2kG&google_hm=3EpQR0AbQ5qXYQKL8tz1fIE
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 4863
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEET_SJbmtBbkTSybuP4xCTg?ext-param=ATf1kGPUQTi6GdeWYfCsPaXjrv8VXwBKShX_uZ-VOSclosThzqEfFQVMilzt_Ff6hcQSHzrWPfE4BFqbcgL6ud0XI73gTe3FjR-soYu5&partner-tag=yandex_...
https://an.yandex.ru/mapuid/google/CAESEET_SJbmtBbkTSybuP4xCTg?redir-setuniq=1&ext-param=ATf1kGPUQTi6GdeWYfCsPaXjrv8VXwBKShX_uZ-VOSclosThzqEfFQVMilzt_Ff6hcQSHzrWPfE4BFqbcgL6ud0XI73gTe3FjR-soYu5&par...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEET_SJbmtBbkTSybuP4xCTg&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
144 B

116ms
115ms

Image
image/gif

213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 07 May 2024 13:18:16 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4863 0
12 B 146ms
145ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IqCTxhUPbm6aTGg1Vb3WIBb3AiBNX7xqe5DvgO92dvOvZeYTZckX_sg4lEIogg8_oVc-BJ0S-0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:16 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1A58 42 B
64 B 460ms
177ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8xlkWCuV-UiAvcHV9AG2dTKgk0RLIgW7d1OujtPvddgD8m3oCgXdy7cL3FVoRrKacayBvpFhsQbsBa7i4zn_rsR9c8ado4a-JeVyIUd3MigvKbGcrmSXSdG-8u2qXi2_InGA&sai=AMfl-YSzfpc_OVGDUFCBa0H9PT_10DvhGIq1Uq6mnwfXy5pHYdMzTM3h12olxRC-ifNkOlge8_cGXTo6jdez&sig=Cg0ArKJSzHLRCCAZIxemEAE&cid=CAQSGwBygQiDu3073eXZnqTdD4vgJKTnyOTRNcZjnRgB&id=lidar2&mcvt=1002&p=0,0,280,1200&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230522&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1266370990&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684847892622&rpt=2399&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 179B 0
0 169ms
168ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss-bxa2ltz86HcRTKZACFpRXbqGrBDRKfH-5741A0bNMSMfqWBAKoYNiDZ_Y_eUyEnf7REz8wtdbGYRizz0rktN5MsX1VMt1Lt2WC580uLv8OOpJxVsDUTyl6Do2Uh4c3JwM62l7KzxGBYOr104NBL-wK9CHsALBfXpb86PXPoa8JwyofVUlM74nMjHvDUPgvmc8TvOC8Ks82KL3gDTE9ggqcSy29a4rJSRpcurfEnO3Y2rF-AmMxbpFb_ipLuOjrPQfp3jfHWGDnmONB22Mt3_06DFY5rmWjIiK5U0-mqLTXBiBcaLWRoKJZkiWZ8Zr8GLNElDmutam_AndEhvwbEFou9H5s9gBZ0plGJuDPLmS9tSknZEjvE49b97p5VEKMuzLAX9mz9Lu31pZKhgeLMxveSFS6k2JMgMCBUvco7TIpARV6bdB4OSxmaSTmgvV4OB02oUtMrNe58OCi28lGxvycRhNManlZzIUFis4J2YqIHLL4k3LzgQCf5dqHfU_Wd15d-eSOvjiiNecDT1EnYKPuiSIa9J15MeEVoLQI6tBeoMwWn5NQiNPDdQLfYfo_pWEyoE5gZm6JQbnFe6oQcFbxmf1GgKJAGvcs6-so3m-8Mygv5jHdiyIM1gVBgEtbcRr7aNvHiH476rgQ4sxrzBriEqnAUNRsoCSIoyRzrz1MdrYFfeMVNAa3rk5ZP9cKr4lhxiiAzQpJ0xmDRI7aU9auCAglBX8y43UJPwoIBb8jilP-uTfUdGUoa6PXPaioubL9cgpHqqLK0-KRCepEm7gk0Oq3rlyaFVmenI3wwW8I3IIBtn-O0yyxZPqmZdUBNNoeJemABoEpyAw55WfWqaLFsdJIkMA-7JRko6kt53U_qCT6O3R6E-Vmp9ujfPIzD9puzT_8ELoAIynVYNVRhefDnJQDBe6_ediHbQDahztIY4y-ja2gpycn8SNb1KjFVejXHkbuQ29BAhclliT_EZ1sZby11khJrVb83pBQRCC92u0ZrK5erlETycjDj8VlAfBHAf7OPH2RjfmZJcXXXcEiZ3mMMLp3JyJacnQTDHQn_l8cb1Po5OE0Ru0Qd2y1h3XYForS-Wuu8-UEWWbFIjKOGZr96-njDT0AU_EIPnyeIzWAiza4_Mja7--X7W5orqCe8K3Q9kaf2wpzfDeWXa4mD5KMbg2cUlU4TEjuDRWdAeUgVt31QMQhylTJxLtX_v&sai=AMfl-YR80mq_gi_KWT2oTW90vkehxyGqrFQT11SLRLmE9-D5g66uFflTpX8JrMEbSO8DBKFLCOhrLZMIDRtzQEksc0kB8ObMkRVLibi7IibEsEi_B9sGWoma31aNhmAQhvVU9j5-_DcX6nxu9-o2t03aJS5G66djDVRhKQtmXEf18hucyqMmsSoYo_1q9FYMuccNc6bz-wnGrFtZ8A&sig=Cg0ArKJSzJjbl0TALMHgEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1185&vt=11&dtpt=612&dett=3&cstd=566&cisv=r20230518.23235&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 23 May 2023 13:18:16 GMT

GET
H3 200 SAREKLAMO_PHARMA_DA_JPS-09.png
s0.2mdn.net/sadbundle/13359178174328754851/ Frame 87AF 134 KB
134 KB 129ms
129ms Image
image/png 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13359178174328754851/SAREKLAMO_PHARMA_DA_JPS-09.png

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

b2d585a8b18f35ad3f2e7f55ecb28ff43b62789334b38b3794ab1b06cf98aefe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13359178174328754851/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 May 2023 15:36:08 GMT
x-content-type-options: nosniff
age: 423728
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137460
x-xss-protection: 0
last-modified: Fri, 31 Mar 2023 14:24:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 May 2024 15:36:08 GMT

GET
H3 200 SAREKLAMO_PHARMA_DA_JPS-01.jpg
s0.2mdn.net/sadbundle/13359178174328754851/ Frame 87AF 230 KB
230 KB 181ms
181ms Image
image/jpeg 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13359178174328754851/SAREKLAMO_PHARMA_DA_JPS-01.jpg

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

3dadfb490fb37acaf15e86fc80691a5de68237ce7e31f4a8fa58b0cff864a628

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13359178174328754851/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 May 2023 15:36:08 GMT
x-content-type-options: nosniff
age: 423728
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 235098
x-xss-protection: 0
last-modified: Fri, 31 Mar 2023 14:24:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 May 2024 15:36:08 GMT

GET
H3 200 trv
dsp-trk.eskimi.com/ Frame 81A1 43 B
54 B 139ms
139ms Image
image/gif 34.120.139.69
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-trk.eskimi.com/trv?bId=1684847894973.2.UIavbFisngwkTDrb-1JSfg&trve=0&trv=0&src=utr&_=1684847896215
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=90&adk=3101682924&adf=4123552606&pi=t.aa~a.3220248052~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1684847894&rafmt=1&to=qs&pwprc=4777445207&format=1200x90&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847893780&bpp=1&bdt=2354&idt=0&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df021167263dd2045-22fe57cae8dd0063%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_MY-sLfBzkJ_hMfqTphWdk1ZpI-ZqQ&gpic=UID%3D00000c1a28cc22a7%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_Ma-0s_D5mWwOTkSjUD988idkncIGQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280%2C1200x280%2C200x540%2C144x540%2C728x90%2C1200x280&nras=11&correlator=3186862124183&frm=20&pv=1&ga_vid=1312077257.1684847893&ga_sid=1684847893&ga_hid=1378733181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44789779&oid=2&psts=ABHeCvh0nwr9rkAj0k5EdyXuIRtDfOroBQgga73I9yOymICSRO1EqsOkJd9rsY7xle7JO7CAOafqfbhLJeQbV4TRhF2OwbH4%2CABHeCvharcbcIbtI_SeAdcrdNxiLkNum3O8oVrUDv32B3hySzmL2MtXbKq_hFAx4p10ub43FeVdB6ZTzycSeUWJRKF_LF_Kp8sV8EjvGHGjqk_4IZkY&pvsid=3867253434869664&tmod=329237808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=9&fsb=1&xpc=IbothmDOnX&p=https%3A//ttdown.org&dtd=947
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.139.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 69.139.120.34.bc.googleusercontent.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 trv
dsp-trk.eskimi.com/ Frame 81A1 43 B
54 B 140ms
139ms Image
image/gif 34.120.139.69
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-trk.eskimi.com/trv?bId=1684847894973.2.UIavbFisngwkTDrb-1JSfg&trve=1&trv=0&src=utr&_=1684847896216
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=90&adk=3101682924&adf=4123552606&pi=t.aa~a.3220248052~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1684847894&rafmt=1&to=qs&pwprc=4777445207&format=1200x90&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847893780&bpp=1&bdt=2354&idt=0&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df021167263dd2045-22fe57cae8dd0063%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_MY-sLfBzkJ_hMfqTphWdk1ZpI-ZqQ&gpic=UID%3D00000c1a28cc22a7%3AT%3D1684847892%3ART%3D1684847892%3AS%3DALNI_Ma-0s_D5mWwOTkSjUD988idkncIGQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280%2C1200x280%2C200x540%2C144x540%2C728x90%2C1200x280&nras=11&correlator=3186862124183&frm=20&pv=1&ga_vid=1312077257.1684847893&ga_sid=1684847893&ga_hid=1378733181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44789779&oid=2&psts=ABHeCvh0nwr9rkAj0k5EdyXuIRtDfOroBQgga73I9yOymICSRO1EqsOkJd9rsY7xle7JO7CAOafqfbhLJeQbV4TRhF2OwbH4%2CABHeCvharcbcIbtI_SeAdcrdNxiLkNum3O8oVrUDv32B3hySzmL2MtXbKq_hFAx4p10ub43FeVdB6ZTzycSeUWJRKF_LF_Kp8sV8EjvGHGjqk_4IZkY&pvsid=3867253434869664&tmod=329237808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=9&fsb=1&xpc=IbothmDOnX&p=https%3A//ttdown.org&dtd=947
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.139.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 69.139.120.34.bc.googleusercontent.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E72 0
20 B 169ms
169ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BfJQKF71sZK2rHtqplgSHmpLQBAAAAAA4AeAEAg&bg=!8vGl8aXNAAZ8_aWmXP07ADkAdvg8WgOxj0u3M7wQV5NWQJnkK4W6ikmtkktTIIj4lohJNAhIroQfXXerANY0YGx5l9g6dhbpfe8CAAAAVVIAAAACaAEHCgBoLxcqoVx8W0IKN4VQH6swB3Jacxeyx-prtGWaf1JG6xPnGEh0Kx0H-o4CmmLM5zm0yN9gmeNc3pIoJA4JdS9OG6ZRzi_R43LGkFrXk94yuLbA7zULYChXMdqhp3QnbhePFPU-3B0vCfWZAsASDsdZPxL2Muvl1fpzEfnsZkRzyx4KeI1IKBrTCPpcbKheuIIQhg7ATHz3MJd2JRqq2LnJNrho10FsYuaoQ2XQcH_P6ukDEW4RU38qiFNKpi0NdjAgyhLECcrRLTpUPmSoYMGQngXNiLtFHrvhe3gSsTFGFHrShTnhkgbe521r0nEn4gkaFK6Ev5XPR23LeZNyhEXBvyEWzmdTGTsjYtu_sI2n4H8nLInRQgsC3tOqpPW0n3Jj23ZBtN_9Vzi2T4AHCaJn8_zsFsuy6iYAkFV52zbFcA8ovJbK-1Zv7iqqhN0dxne0a20J29UeWT7In1AyA0vZJvioMGFeTYVZxyW_u_57MAXfeC8sWYshJswEHi9FTiUpeEQ0zl2Ynn07RL9O0OLs91yJAI5dK9b93lIqdPgcvn_JIrLibt148oMuoUZvA0ZHaaQdEubDYD7Sxr_DIlozyEV5QkiJ9sP5TwGXjbUUElDxJy2Sj5LdvmfOOLLAaCEtoMhRE2NJA7IavjGk5dMJAkCFujkfXE5HXil7FsrBEgAzsp8lq1DH6ZfbvA9EVMdEFMrcfpHqwAD9zvTHzRlioIwxW0gsqWMklSn-Gm2jpVq3m7ByYGhhzYHpmPsdBTMAuLYFMQkNfcxCFWISeiaKB1KLfKFVJlv33x8GqqI68jHXbD_q-4CK3FbejtCwlKqOuw1AWs5brt2jkWlFAt163uEk4w6ggfbteLFp35AD8k9P_HVsD3yV0a7pHDyEjVVLp8usiRKNjINFP0-0AuYh_S3X16LCyWOmnZk2VqzbZ0mpuPWz7SmKr-Hwg_s3V22aWrINs6r4QBKoAGJh7pP_I-cnQN4RoavJzkijBafSPeAi-kvLaIUYYhmzr0XuFZT-Ro83CnLg8HNHn6GWaID0pDADyhUSuG_B6Vv73mJeVifOVvzoeQ88YCLJ5Q

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 191ms
190ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230518&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

adf04a191d0b6d49c0d816920e1fbdb2113f985bcd82ce6e95341b7fb5798354

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11175
x-xss-protection: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 81A1
Redirect Chain

https://eu-u.openx.net/w/1.0/sd?id=539901412&val=d8f42ce9-5179-438b-a7c7-0bca822c5478&gdpr=0&gdpr_consent=
https://eu-u.openx.net/w/1.0/sd?cc=1&id=539901412&val=d8f42ce9-5179-438b-a7c7-0bca822c5478&gdpr=0&gdpr_consent=

43 B
180 B

140ms
140ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?cc=1&id=539901412&val=d8f42ce9-5179-438b-a7c7-0bca822c5478&gdpr=0&gdpr_consent=
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:16 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://eu-u.openx.net/w/1.0/sd?cc=1&id=539901412&val=d8f42ce9-5179-438b-a7c7-0bca822c5478&gdpr=0&gdpr_consent=
date: Tue, 23 May 2023 13:18:16 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 match
a4p.adpartner.pro/ssp/ Frame 81A1 43 B
458 B 685ms
141ms Image
image/gif 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4p.adpartner.pro/ssp/match?dsp_id=27&user_id=d8f42ce9-5179-438b-a7c7-0bca822c5478
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:17 GMT
last-modified: Tue, 23 May 2023 13:18:17 GMT
server: nginx
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 81A1 170 B
188 B 147ms
146ms Image
image/png 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=eskimi&google_hm=d8f42ce9-5179-438b-a7c7-0bca822c5478

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 81A1 42 B
787 B 529ms
132ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=103804&nid=3846&put=d8f42ce9-5179-438b-a7c7-0bca822c5478&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 /
csync.loopme.me/ Frame 81A1 0
156 B 685ms
142ms Image
text/plain 35.214.153.92
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csync.loopme.me/?partner_id=2157&gdpr=0&gdpr_consent=&uid=d8f42ce9-5179-438b-a7c7-0bca822c5478
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.153.92 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 92.153.214.35.bc.googleusercontent.com
Software: _ /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:17 GMT
server: _

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 81A1
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=364&user_id=d8f42ce9-5179-438b-a7c7-0bca822c5478&expires=30&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?dsp_id=364&user_id=d8f42ce9-5179-438b-a7c7-0bca822c5478&expires=30&gdpr=0&gdpr_consent=

43 B
345 B

133ms
133ms

Image
image/gif

52.28.232.169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=364&user_id=d8f42ce9-5179-438b-a7c7-0bca822c5478&expires=30&gdpr=0&gdpr_consent=
Protocol: H2
Server: 52.28.232.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-232-169.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=364&user_id=d8f42ce9-5179-438b-a7c7-0bca822c5478&expires=30&gdpr=0&gdpr_consent=
date: Tue, 23 May 2023 13:18:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 /
s-cs.rmp.rakuten.com/ Frame 81A1 43 B
275 B 682ms
152ms Image
image/gif 34.95.81.88
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-cs.rmp.rakuten.com/?d=23&uid=d8f42ce9-5179-438b-a7c7-0bca822c5478
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.81.88 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 88.81.95.34.bc.googleusercontent.com
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:16 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

POST
H3 204 csi
csi.gstatic.com/ Frame 00F0 0
17 B 137ms
137ms Ping
image/gif 66.102.1.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~li0axoij&c=4566481595369&slotId=2283240797684.5&qqid=CIO03cHDi_8CFQek0QQd_TgOYA&fb=outstream-lima&gpm_i=2&gpm_c=2&gpm_a=2&smb=1000&br=283&mt=video%2Fmp4&vs=428x242&msm=1&aits=0%2C18%2C692%2C342&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=342&vsrc=web_video_ads&met.4=arp_a_e.1gb&ape=1&ple=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 66.102.1.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wb-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:16 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 179B 42 B
64 B 176ms
175ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_jQaOqCk6u24E5v7S8YwHverIW4Pmk8g-DrahDaoJ1uMfd9NIO_7x_rpjprpdkxvB0IIE4dsZJgqJ9lr-rTXV3py7OXodoyLdUpe6sLbZFrdsm7wKpF2PpA&sai=AMfl-YTZZ82MEsHlrFdOR3JmoAlZxHiSkNIcR4R-OaDrB6O0kT-kJW990KHpth8s4P8qZMRpFle_X8PLDSVU&sig=Cg0ArKJSzBsAu5epNPpfEAE&cid=CAQSGwBygQiDD98hPqgF3LlJwwNBTvE8G9zKgdNTaRgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230522&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2020088501&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684847894318&rpt=1138&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 file.mp4
r4---sn-4g5lznlz.c.2mdn.net/videoplayback/id/f640bab4b2b9f3a2/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1716383895/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 00F0 2 MB
2 MB 276ms
136ms Media
video/mp4 74.125.104.73
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.104.73 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s24-in-f9.1e100.net

Software

gvs 1.0 /

Resource Hash

835ca853d30e99357a05d7ebc2cbc4f64f971a93a5c006175e872b1d2d9602fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

expires: Tue, 23 May 2023 13:18:16 GMT
date: Tue, 23 May 2023 13:18:16 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2080736/2080737
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2080737
last-modified: Sun, 21 May 2023 20:33:09 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 146ms
145ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 23 May 2023 13:18:16 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7F5A 13 KB
5 KB 133ms
131ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttdown.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 2201
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 12:41:35 GMT
expires: Wed, 22 May 2024 12:41:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7351 783 B
536 B 142ms
141ms Document
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

97df371375216ae73ca9f0d09c4331adbbe54aaa12488a7179e0fb2c3426699d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LO7fm1NqYdRZINS7v-X81A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ttdown.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-LO7fm1NqYdRZINS7v-X81A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:18:16 GMT
expires: Tue, 23 May 2023 13:18:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7351 0
0 165ms
164ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230518&jk=3867253434869664&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js Show response
pagead2.googlesyndication.com/bg/ Frame 7F5A 37 KB
14 KB 131ms
131ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 09:39:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14738
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 09:39:27 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 884 B
608 B 144ms
144ms Script
text/javascript 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lem16sZAAAAALBFSPRbts6QawPUTh7pZgaoXXQn&_=1684847891983

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

a932d457ee38dac0ab2173f423a524a4f707df4c25adaa0672b0d6fb1b763601

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 587
x-xss-protection: 1; mode=block
expires: Tue, 23 May 2023 13:18:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 170 KB
62 KB 684ms
152ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-137035942-1&_=1684847891984

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

223aa41d90ff8d2b41c39b4b502932a90d14736bcbb0b8a6822969960ba0169f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63558
x-xss-protection: 0
last-modified: Tue, 23 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 23 May 2023 13:18:17 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 179B 0
20 B 165ms
164ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=399701156567&version=m202301230201&ct=119&x=1&cor=11532094695929373000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7F5A 0
12 B 133ms
133ms Image
text/plain 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?FLJeIw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 recaptcha__ka.js Show response
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/ 443 KB
167 KB 395ms
131ms Script
text/javascript 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__ka.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lem16sZAAAAALBFSPRbts6QawPUTh7pZgaoXXQn&_=1684847891983

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

2f9d4ed6cb64a77560860ca3735c9100246eb33d9064c232db2b76dd98cbe543

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttdown.org/
Origin: https://ttdown.org
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 May 2023 15:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 511967
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170954
x-xss-protection: 0
last-modified: Mon, 15 May 2023 04:00:52 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 May 2024 15:05:30 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 181ms
179ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230518&jk=3867253434869664&bg=!ubqluu7NAAZ8_aWmXP07ADkAdvg8WhMNCH6uEnBZgnN3sN3iEtJiq20PKmCtgcllcEdGzZqGiGM3T1O0mFlUezEc-VWmqmEC6D0CAAAAaFIAAAACaAEHCgAiPTIICQWcZk6T-Ti4x0hpXexkAKav1-3ogUikibx1Dlzmf5kCloovh8U2wMeK00ByQagDdFo1OdPCB-VwIG5GBYOYMNjOhsytBNT0EAeJzviQY1jXURIomRgMXR-nTvEirWKRiHgcyvLoafEj9jfGAJ0gJ03APm_6V9AsFVAuZtRrknH5yxLeodC1Ihr46vIP29V95gTn4PRf1gQcvnstGr1AHHyFshFNxlKg1qc4bykTmYWyjElgb0un5lM6Xky68UEBp_zf-Ah8OoiRr6lJPfTFrHRVWCARlYeYnFc1bRGc7qI3Czh_PHZbG8YBQ2tM_zG4s7gxrhZmffOV8NLBkeeltk9OQBpi3QoOHemwPdblNHGlxqbWOmrbccXiNzJmno7EYhiVDm-oXyhXl4DJHkvSz64sKZhXm3zQB4SO5iWhLJxGYfLKvfHUujYhbZGBV_332hEvgi5Ir3egOIDMEQbYceq83G7F_MpZNd4rc4dmaS6QKVX_TjfYJzdK1alrUvmLKvCb3NzUe3lckSkB91UKIvFaGFhnt96B1KnIKsbLlBGNJdtlj9SkEsFzNkbGiK7v2Mb7hBkuYZ_8MHZ1USD4t88uw2h_GkofhxFNxozT-UfcMmxJ7G8z98iBYQAGfWfdr14wMqzB8UNAV2CAZIuu4fC5lrwkYAWDUVrtJL6SdDE3Lv34kvDiOvtvi5VPl-mbqXrOBGD-chs3iu7ALFSfX62EDi8mjBPPwwm7FWjajCbpZDfitrLSBlB-la4F-T8yle2NEw7InmEpXy1GwhuNpHUZllK5a8q_RIUibASXNvG7C8JNNFVa-YRLJaNLb7hJxBUrPbiNFUSOAKSiTMvkMaSTkO8p7K2YqtNNJzi9osWRHNNUCKUaiHok0xkiAK5LfV9t4J3MNsun_RpyQ0a0c9SoZovQAdOY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 203 KB
73 KB 154ms
152ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K1K043XM9Q&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137035942-1&_=1684847891984

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f4106916abc0700ea8864d206af3e092131e76d407f25595de231542009e9388

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:18:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74321
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 23 May 2023 13:18:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 471ms
137ms Script
text/javascript 142.250.186.78

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137035942-1&_=1684847891984

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 23 May 2023 13:04:56 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 802
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Tue, 23 May 2023 15:04:56 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 5DD3 50 KB
27 KB 153ms
152ms Document
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lem16sZAAAAALBFSPRbts6QawPUTh7pZgaoXXQn&co=aHR0cHM6Ly90dGRvd24ub3JnOjQ0Mw..&hl=ka&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&cb=fku5fbc77jb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__ka.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

966b7559231dca96f1f6c6245507d7ea2567de7e300db59eb901a35f4e4fbe8d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rqAlht7HbEQp1y_ACh8B1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ttdown.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 27821
content-security-policy: script-src 'report-sample' 'nonce-rqAlht7HbEQp1y_ACh8B1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:18:18 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame CCCC 50 KB
27 KB 206ms
205ms Document
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lem16sZAAAAALBFSPRbts6QawPUTh7pZgaoXXQn&co=aHR0cHM6Ly90dGRvd24ub3JnOjQ0Mw..&hl=ka&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&sa=submit&cb=e8kgojqattkt

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__ka.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

3ad0043d6cc2d28c014ff0049a8e392a5f54a2b78c043c89d72e30b546a88954

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-o-jrxS1Aup43fqkw-uxfeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ttdown.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 27611
content-security-policy: script-src 'report-sample' 'nonce-o-jrxS1Aup43fqkw-uxfeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:18:18 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 collect
www.google-analytics.com/g/ 0
167 B 294ms
213ms Ping
text/plain 142.250.186.78

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-K1K043XM9Q&gtm=45je35h0&_p=1378733181&cid=1312077257.1684847893&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&ngs=1&_s=1&sid=1684847898&sct=1&seg=0&dl=https%3A%2F%2Fttdown.org%2F&dt=download%20tiktok%20video%20in%20mp4%20%26%20mp3%20formats%20free%20at%20ttdown.org&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K1K043XM9Q&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.78 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ttdown.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/ Frame 5DD3 55 KB
24 KB 135ms
134ms Stylesheet
text/css 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lem16sZAAAAALBFSPRbts6QawPUTh7pZgaoXXQn&co=aHR0cHM6Ly90dGRvd24ub3JnOjQ0Mw..&hl=ka&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&cb=fku5fbc77jb

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 12:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 15 May 2023 04:00:52 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 12:56:56 GMT

GET
H3 200 recaptcha__ka.js
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/ Frame 5DD3 177 KB
0 248ms
247ms Script
text/javascript 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__ka.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 May 2023 15:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 511968
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170954
x-xss-protection: 0
last-modified: Mon, 15 May 2023 04:00:52 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 May 2024 15:05:30 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/ Frame CCCC 55 KB
24 KB 139ms
138ms Stylesheet
text/css 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 12:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 15 May 2023 04:00:52 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 12:56:56 GMT

GET
H3 200 recaptcha__ka.js
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/ Frame CCCC 157 KB
0 307ms
306ms Script
text/javascript 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__ka.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 May 2023 15:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 511968
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170954
x-xss-protection: 0
last-modified: Mon, 15 May 2023 04:00:52 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 May 2024 15:05:30 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
91 B 142ms
141ms XHR
text/plain 142.250.186.78

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1378733181&t=pageview&_s=1&dl=https%3A%2F%2Fttdown.org%2F&ul=en-us&de=UTF-8&dt=download%20tiktok%20video%20in%20mp4%20%26%20mp3%20formats%20free%20at%20ttdown.org&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1443580660&gjid=770237836&cid=1312077257.1684847893&tid=UA-137035942-1&_gid=675724368.1684847898&_r=1&gtm=457e35h0&jsscut=1&z=1000318309

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ttdown.org/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:18:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ttdown.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/g/?done=true&google_gid=CAESEJtQy8YasWDoo0aXFqRQ9F8&google_cver=1&google_push=ATf1kGOCigpdKCIgtEZMuH0He2e7fCW48v9MEVuhhO9f0-_O74E4LFxYcqVmqOm8L8d3G5CCQqkF8qbYAGTl5rB7fUGBLVZ1egZKKr8&anx_uId=$UID

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

43 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ttdown.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: 49rn3du9d0sn75sttggespd9a8
.ttdown.org/	1970-01-20 21:22:23	Name: __gads Value: ID=f021167263dd2045-22fe57cae8dd0063:T=1684847892:RT=1684847892:S=ALNI_MY-sLfBzkJ_hMfqTphWdk1ZpI-ZqQ
.ttdown.org/	1970-01-20 21:22:23	Name: __gpi Value: UID=00000c1a28cc22a7:T=1684847892:RT=1684847892:S=ALNI_Ma-0s_D5mWwOTkSjUD988idkncIGQ
.doubleclick.net/	1970-01-20 21:36:47	Name: IDE Value: AHWqTUm4RjGlBRwzeuS1GosxzBr8QN1KzDRZ8NYlDO7uWvJkgcahqS-blxiHeqAbNdo
.casalemedia.com/	1970-01-20 20:46:23	Name: CMID Value: ZGy9FkCOJ2lu2KDQ6b.d1gAA
.casalemedia.com/	1970-01-20 14:10:23	Name: CMPS Value: 3220
.casalemedia.com/	1970-01-20 14:10:23	Name: CMPRO Value: 3220
.doubleclick.net/	1970-01-20 12:00:51	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 14:10:23	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVUgP=we!]tbPl1M>e)ZlrFUfJ+tGXvWBG4[-6MXm(5<@iaM?7.TPTEC$^^NFi?VmnB'3If)y3KL9D3I?+oS?DIk
.adnxs.com/	1970-01-20 14:10:23	Name: uuid2 Value: 2614005236764052935
.adform.net/	1970-01-20 12:45:26	Name: C Value: 1
.everesttech.net/	1970-01-20 20:46:23	Name: everest_g_v2 Value: g_surferid~ZGy9FwAMNkMXsgAp
.adsrvr.org/	1970-01-20 20:47:50	Name: TDID Value: a9a623c5-4b32-4199-a4c0-750dc5d13656
.adform.net/	1970-01-20 13:27:11	Name: uid Value: 1520398037382824
fksnk.com/	1970-01-20 12:10:52	Name: AWSALBCORS Value: 3oNstEA4jeuidzYLJ/e8aXiI/h9fFpBOFZcBZEGhbhprCnKN6G84aB7bBHEgpzydR8NABYGjVxCf1/IFsIQBNEIRg0h5grmzdQRY0b6idE5CIVk3nCOVDFumuR36
.fksnk.com/	1970-01-20 14:10:23	Name: f_001 Value: 9E0017718AC08B9F
.fksnk.com/	1970-01-20 12:02:14	Name: g_001 Value: 1
.adsrvr.org/	1970-01-20 20:47:50	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsI7o2wtcbm7TsQBRgFIAEoAjILCJSB7eDc5u07EAU4AQ..
.yandex.ru/	1970-01-20 21:36:47	Name: yuidss Value: 5431359411684847896
.yandex.ru/	1970-01-20 21:36:47	Name: yandexuid Value: 5431359411684847896
.onetag-sys.com/	1970-01-20 21:36:47	Name: OTP Value: IgszlSESo5W_pvfBfbyxiY48QqM_bw71fB1GRvQviTY
.blismedia.com/	1970-01-20 20:46:27	Name: b Value: 646CBD182A637217F5116081BLIS
.eskimi.com/	1970-01-20 12:43:59	Name: __eConsent Value: 1
.eskimi.com/	1970-01-20 12:43:59	Name: __eDId Value: d8f42ce9-5179-438b-a7c7-0bca822c5478
.eskimi.com/	1970-01-20 12:20:57	Name: __eP Value: 1
.ctnsnet.com/	1970-01-20 20:46:23	Name: cid_dc4a5047401b439a9761028bf2dcf57c Value: 1
.ctnsnet.com/	1970-01-20 20:46:23	Name: gid_CAESEIGk0BXPGU_9Ahzf4psL2pI Value: 1
.adkernel.com/	1970-01-20 12:20:57	Name: ADK_EX_11 Value: 1
.bidswitch.net/	1970-01-20 20:46:23	Name: tuuid Value: df39198e-4cc5-4112-b64e-4d74cc8ab546
.bidswitch.net/	1970-01-20 20:46:23	Name: c Value: 1684847896
.bidswitch.net/	1970-01-20 20:46:23	Name: tuuid_lu Value: 1684847896
.openx.net/	1970-01-20 20:46:23	Name: i Value: b00c0397-c3df-42a2-b0a5-905f578a261a\|1684847896
.adkernel.com/	1970-01-20 12:43:59	Name: ADKUID Value: A7633871131037786008
a.clickcertain.com/	1970-01-20 20:46:23	Name: _ccpx_u Value: 7544d613%2d7fd3%2d4150%2dae2e%2d6c5f1e4774a7
.rubiconproject.com/	1970-01-20 20:46:23	Name: khaos Value: LI0AXPH0-1M-LWMQ
.rubiconproject.com/	1970-01-20 20:46:23	Name: audit Value: 1\|vac7UbV7C0QL44QBx6a3FEsS/mIaSAiak5jnb5IZd8btQKxMlrvSDk51WtdjF0UPCsjPM+ZMP/YwHTRO1/p4iIe7twcCuEuBHvJwuuKL1hzToyHj6dKnMbuVQk6YDosFLv8T2xVsoDevhJzOcwcbXqyOyZWlVbJit3Q8+rgX2CxCUznmj/BZGD9Q43dQHIaqsqlSNZOaaDQ=
.e-volution.ai/	1970-01-20 12:20:57	Name: ADK_EX_193 Value: 1
.e-volution.ai/	1970-01-20 12:43:59	Name: ADKUID Value: A7633871131037786008
.rmp.rakuten.com/	1970-01-20 12:43:59	Name: Rp Value: 5a4338381702d93d3038deda0e1646cbd195fc5c38672022
a4p.adpartner.pro/	1970-01-20 13:27:11	Name: apuid Value: 6165736e-2c60-4fc8-a678-84c00448cb9f
a4p.adpartner.pro/	1970-01-20 20:46:23	Name: buyeruid_27 Value: d8f42ce9-5179-438b-a7c7-0bca822c5478
.csync.loopme.me/	1970-01-20 14:13:16	Name: viewer_token Value: 424c454e-7bec-4f43-aa5d-0d9665528def
.liadm.com/	1970-01-20 21:36:47	Name: lidid Value: 1e49e44d-586c-458d-90c0-664844c2115a

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=2020088503&client=ca-pub-0916766851103338&fa=3&ifi=10&uci=a!a&btvi=5&xpc=ZgdoBfwrXQ&p=https%3A//ttdown.org Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a4p.adpartner.pro
adservice.google.com
adservice.google.ge
an.yandex.ru
bid.g.doubleclick.net
c1.adform.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
csi.gstatic.com
csync.loopme.me
dsp-ap.eskimi.com
dsp-media.eskimi.com
dsp-trk.eskimi.com
dsp.adkernel.com
dsum-sec.casalemedia.com
eu-u.openx.net
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
im.bluevoox.com
imasdk.googleapis.com
ius.ctnsnet.com
match.adsrvr.org
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
r4---sn-4g5lznlz.c.2mdn.net
rtb2-useast.e-volution.ai
s-cs.rmp.rakuten.com
s0.2mdn.net
secure.adnxs.com
stackpath.bootstrapcdn.com
sync-tm.everesttech.net
tpc.googlesyndication.com
tr.blismedia.com
ttdown.org
win.eskimi.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
secure.adnxs.com
104.17.24.14
104.18.11.207
130.211.27.62
138.199.37.227
142.250.181.227
142.250.184.226
142.250.185.130
142.250.185.163
142.250.185.170
142.250.185.198
142.250.186.100
142.250.186.104
142.250.186.110
142.250.186.161
142.250.186.66
142.250.186.74
142.250.186.78
142.250.186.98
151.101.194.49
172.217.16.130
172.217.23.98
174.137.133.49
185.80.39.216
213.180.193.90
3.33.220.150
34.120.139.69
34.160.236.64
34.236.164.132
34.95.81.88
34.96.105.8
35.186.193.173
35.186.201.99
35.214.153.92
35.244.159.8
37.157.4.24
37.252.172.123
51.38.120.206
51.38.158.6
51.83.220.94
52.28.232.169
52.45.175.185
66.102.1.94
69.16.175.10
69.173.144.165
74.125.104.73
74.125.133.154
04dd17131968a07c34224fb2e34a25d3bdd06fed40c6025f20ecdfc9e6eff2a0
079f8f14308385941663f01d7b58754374faa6480e5725a3e1f4cff973604649
086ef1821ec1abf73e68581524767210cbbcc879ae07def1cf46fc9fff4e9d4c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ecce0a5a2e53f7dca9daacf6c1fb67cefabdeacd5ce2096db6eb87cb8cf1553
0faedd2819c623985a1b68d34507498882d1d7c5611acfecfa507ac5ded6a798
10d0f3790a633e0dd1625e0fd9867bc2d8f8d28fa0195f3927eda5cef45641ae
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12a4fb1b594b0f572b57bef778faaf835507b0c891619ad9920e6bbba4f00f6c
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349
21bf4b49938284aaececf999f198f621de0aa792bb5315fc21255d0ab439e145
21c2d6302a4d274fba11433436022a7e1e4f076af1017031c2679b6dcf5eb230
223aa41d90ff8d2b41c39b4b502932a90d14736bcbb0b8a6822969960ba0169f
2247ac62b0c0960fa63bef92e321f70d5f7c1c37b2fe5de30f2a43a36a01a547
22fee121efaae9c42415da69cb891340db51341e73417057d0f4d3e67c4605fa
271d7ad162501b23e32fb70e44face9a5e35d06a47737efb6afc7b7d59bea129
2d155b4465661994d76921f55e37218b57391e3da467144b40617a86779bf6f4
2f9d4ed6cb64a77560860ca3735c9100246eb33d9064c232db2b76dd98cbe543
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
3333a2035912d27f9f31d7ef4d7a59aab880a4a89fa54a729dcdf1bc8bcdb81c
33dc14e1be2ccee701bf1afe545c0602f2723e4bf29a824332bbf55486d38b0d
36b425707de4faa39f3d768f13f7f4c72dbc9103f0a68f6ad7e0298fd5449dba
37e249c28e9b2e8386d649ecaae4e1dfab94820845085ac53c7526f847775988
3ad0043d6cc2d28c014ff0049a8e392a5f54a2b78c043c89d72e30b546a88954
3dadfb490fb37acaf15e86fc80691a5de68237ce7e31f4a8fa58b0cff864a628
452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
4b2ddf9caf0636f523f0ce76e534131e699e82a8b79fbf7e37ca48e9c69f1f75
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5175a46a59ad96f574a3f9e5842c12ee7010a689b18d33d25b46dabfd7ba3887
51e1cbfe5af810413d8b3ca8ba04ca28a335c96655c7f257b51891be4c92a540
5392acfee6a297cd34c04c65c97ad706f252dc95c7d5df49fedfdc1dd9cca985
53c0192734f6c397a7d27d068f6068efb4f71db5b841a0f31ea667cebdeca97c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
58728303ae94365fd6ca8c7d39b65ea608c37054ac7654e65381238af3e572c7
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64fbc7f830625ecd6ff3293b96665aebec2a9be9336f02fd47508eb59f7ec23a
687133f955bb2cc174679c6ff91a1d2f6c811dbf1d87672d06ed083614dedb3f
6b2f16d928f9ac95f54a28ca48aa43ef5196f4870789a5822d781caf6dd51375
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ced0d1103081681fc1f185912ba4f48dc82c618f37a705321e88d1a1db01fdd
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
799a302021b67346572154190309e70c5e057cba58a1f2c2b383322b37f9bb33
79b7ea99abb66869005319b8443ee41c65ae93a3ecdfebdc6cee9df87d87b8dc
7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6
7f5feab8115fb17c8945b5b22a6382315c264a9878b2de8d1916013720e496ef
835ca853d30e99357a05d7ebc2cbc4f64f971a93a5c006175e872b1d2d9602fd
87f920c1b37240da3c30c40234508360004510c3ef13cdcac2316ba712c85011
8818aa96972894bdfdd8d1ec7b63652c9b6c48beae8308628902defff89aa469
88a51fe784c58c712a93f3f4e123e163e901042438df74cf793bdcf28eb090d4
8b2474b764a8cfd1b5664776d16b24ba4a2a3519734ebb7d83dda5447f3c976c
8de4fc1c83bf24f919e8da8ffa459690d10217a5c0630e7b2bb44702cd999ddd
90f1126b989142c6bc5d440d488b3cad4e6ef9d421c5735fc733eca246dc37b9
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9214d33ab3af5fdb26cf0952965948aef6063973884bf4be37711c163b970d68
932a705bb285b599138e75295592a59fe9279ab0e3e98ad6b4ad45734d83c0bc
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
966b7559231dca96f1f6c6245507d7ea2567de7e300db59eb901a35f4e4fbe8d
97df371375216ae73ca9f0d09c4331adbbe54aaa12488a7179e0fb2c3426699d
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3d4e56929d6eeb2b30122521698dc4acfa6ffc73640904d00daa178b3498792
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a8957dd3af4adece81523a6eeac91ca913db89fc6301187b09adea3e007c4612
a932d457ee38dac0ab2173f423a524a4f707df4c25adaa0672b0d6fb1b763601
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
adf04a191d0b6d49c0d816920e1fbdb2113f985bcd82ce6e95341b7fb5798354
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2d585a8b18f35ad3f2e7f55ecb28ff43b62789334b38b3794ab1b06cf98aefe
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c82c372cd5c4a3b46fddb13499d36d8818044e818b53a6794f340effeea5673a
cb4a33e9cc8a49fb9d67df67aa444e4dddec0c366a6ae7f4198f3ec099445598
cdc7862ae6f3ae80124d8c672dc6d7a4d892ba42f7d651dbf0bd74d1d9e353ad
d142b6f4a44e3debac46643dea7c839fc48a4cbe1454eba12b7da1eb28ad5d32
d19f832dbf2d406e926ba6762bb9699b8121a14b39d3eecc4e266fcd15c69261
d42e2b0fdb945504b8da66763e41d57d6245ab8218c6df329b56a841ffbcd7ee
d971fc38b1864da00f31de090e98844b807f8bfa04ae0c74b67058245c7dd2a2
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4813004f9dd490d0c2a5e29573d379a14b2ece47e9df1372b9be4fc09976c3b
e4da7bb375e25cd5b30844545a5ece6910abb0f390eb340700eb96eb9410a2ff
e6949d53ceaf277b213f5859edda3fa099350c26009e7b6db7b866df1e135aa6
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ee717bda8301eba7f83587f2bbc5cd593ba9addbada1fd26814b2ae41d8ca704
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4106916abc0700ea8864d206af3e092131e76d407f25595de231542009e9388
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

ttdown.org Open in urlscan Pro 51.38.158.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

205 Requests

91 %HTTPS

0 %IPv6

36 Domains

50 Subdomains

38 IPs

8 Countries

4665 kBTransfer

8432 kBSize

43 Cookies

6 Outgoing links

Redirected requests

205 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ttdown.org Open in urlscan Pro
51.38.158.6 Public Scan

Screenshot
Live screenshot

Full Image

205
Requests

91 %
HTTPS

0 %
IPv6

36
Domains

50
Subdomains

38
IPs

8
Countries

4665 kB
Transfer

8432 kB
Size

43
Cookies

205 HTTP transactions
5 data transactions