it.timurovets.com Open in urlscan Pro
2606:4700:3037::ac43:b989 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://it.timurovets.com/
Submission: On February 16 via api (February 16th 2022, 1:21:20 am UTC) from IT — Scanned from IT

Summary HTTP 149 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 31 IPs in 6 countries across 31 domains to perform 149 HTTP transactions. The main IP is 2606:4700:3037::ac43:b989, located in United States and belongs to CLOUDFLARENET, US. The main domain is it.timurovets.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.

This is the only time it.timurovets.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3037::ac43:b989	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	2a06:98c1:312... 2a06:98c1:3121::f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:224... 2600:9000:224a:1e00:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	46.4.91.20 46.4.91.20	24940 (HETZNER-AS) (HETZNER-AS)
2	45.133.44.24 45.133.44.24	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	45.133.44.25 45.133.44.25	7018 (ATT-INTER...) (ATT-INTERNET4)
1 2	88.212.201.210 88.212.201.210	39134 (UNITEDNET) (UNITEDNET)
3 12	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400e:803::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:400e:810::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400e:80f::200a	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:400e:800::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400e:803::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3 5	2.21.43.236 2.21.43.236	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
9	2a00:1450:400... 2a00:1450:400e:801::2006	15169 (GOOGLE) (GOOGLE)
2	216.58.214.2 216.58.214.2	15169 (GOOGLE) (GOOGLE)
2 2	2a01:4f8:c0:3... 2a01:4f8:c0:33d8::1	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2a02:128:7:59... 2a02:128:7:5917::2	50245 (SERVEREL-AS) (SERVEREL-AS)
1 1	2a02:128:7:52... 2a02:128:7:5241::2	50245 (SERVEREL-AS) (SERVEREL-AS)
3	2a06:98c1:312... 2a06:98c1:3120::f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400e:800::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:128:7:47... 2a02:128:7:4777::1	() ()
12	2a00:1450:400... 2a00:1450:4001:82a::200e	() ()
1	2a00:1450:400... 2a00:1450:400e:802::2006	() ()
1	2a00:1450:400... 2a00:1450:400e:80c::2001	() ()
149	31

1 2606:4700:3037::ac43:b989 (United States)

ASN13335 (CLOUDFLARENET, US)

it.timurovets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a06:98c1:3121::f (United States)

ASN13335 (CLOUDFLARENET, US)

timurovets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lodder7.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:224a:1e00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.91.20 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.20.91.4.46.clients.your-server.de

cst.wpu.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.24 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cst.cstwpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
7ccbc65df5.a615d4c326.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.25 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

js.wpadmngr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.cabnnr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.210 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.181.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:803::2001 (Ireland)

ASN15169 (GOOGLE, US)

483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:400e:810::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400e:80f::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400e:800::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400e:803::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.21.43.236 (Amsterdam, Netherlands) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-43-236.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.249 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400e:801::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.214.2 (United States)

ASN15169 (GOOGLE, US)
PTR: ams17s09-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:c0:33d8::1 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)

rtbbnr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:128:7:5917::2 (Czech Republic) 1 redirects

ASN50245 (SERVEREL-AS, NL)

tcimp.zog.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:128:7:5241::2 (Czech Republic) 1 redirects

ASN50245 (SERVEREL-AS, NL)

tb.baimgfroggd.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3120::f (United States)

ASN13335 (CLOUDFLARENET, US)

stream.bantgoau.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:800::2001 (Ireland)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:128:7:4777::1 (None, )

ASN- ()

vs.bantgoau.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82a::200e (None, )

ASN- ()

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:802::2006 (None, )

ASN- ()

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:80c::2001 (None, )

ASN- ()

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	googlesyndication.com 483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92 tpc.googlesyndication.com — Cisco Umbrella Rank: 120	124 KB
28	timurovets.com it.timurovets.com timurovets.com	2 MB
19	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 cm.g.doubleclick.net — Cisco Umbrella Rank: 175 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276 static.doubleclick.net	212 KB
12	youtube.com www.youtube.com	772 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 346	221 KB
9	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	186 KB
7	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 59 www.google.com — Cisco Umbrella Rank: 2	15 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	92 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 jnn-pa.googleapis.com	24 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488	4 KB
4	bantgoau.com stream.bantgoau.com — Cisco Umbrella Rank: 53809 vs.bantgoau.com	716 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	4 KB
2	rtbbnr.com 2 redirects rtbbnr.com — Cisco Umbrella Rank: 35918	2 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 8633	1 KB
2	wpadmngr.com js.wpadmngr.com — Cisco Umbrella Rank: 29894	30 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 197	8 KB
2	optad360.io get.optad360.io — Cisco Umbrella Rank: 25229	231 KB
1	ggpht.com yt3.ggpht.com	3 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 46	39 KB
1	baimgfroggd.site 1 redirects tb.baimgfroggd.site — Cisco Umbrella Rank: 43300	689 B
1	zog.link 1 redirects tcimp.zog.link — Cisco Umbrella Rank: 46844	320 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	38 KB
1	google.it adservice.google.it — Cisco Umbrella Rank: 43233	792 B
1	cabnnr.com js.cabnnr.com — Cisco Umbrella Rank: 41899	10 KB
1	a615d4c326.com 7ccbc65df5.a615d4c326.com	199 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 401	1 KB
1	nawpush.com na.nawpush.com — Cisco Umbrella Rank: 42228	507 B
1	cstwpush.com cst.cstwpush.com — Cisco Umbrella Rank: 115418	597 B
1	wpu.sh 1 redirects cst.wpu.sh — Cisco Umbrella Rank: 165396	97 B
1	lodder7.biz lodder7.biz	9 KB
0	googlevideo.com Failed rr1---sn-5hne6nsy.googlevideo.com Failed
149	31

	Domain	Requested by
27	timurovets.com	it.timurovets.com timurovets.com
15	tpc.googlesyndication.com	securepubads.g.doubleclick.net it.timurovets.com tpc.googlesyndication.com cdn.ampproject.org 483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com
12	www.youtube.com	www.google.com www.youtube.com
11	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
9	s0.2mdn.net	it.timurovets.com s0.2mdn.net
8	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net it.timurovets.com
6	www.google.com	1 redirects it.timurovets.com tpc.googlesyndication.com stream.bantgoau.com www.youtube.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	it.timurovets.com 483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com www.youtube.com
3	stream.bantgoau.com	js.cabnnr.com stream.bantgoau.com
2	rtbbnr.com	2 redirects
2	googleads4.g.doubleclick.net	it.timurovets.com
2	fonts.googleapis.com	securepubads.g.doubleclick.net
2	483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	counter.yadro.ru	1 redirects it.timurovets.com
2	js.wpadmngr.com	cst.wpu.sh js.wpadmngr.com
2	cdnjs.cloudflare.com	it.timurovets.com
2	get.optad360.io	it.timurovets.com get.optad360.io
1	www.gstatic.com	www.youtube.com www.gstatic.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	vs.bantgoau.com	stream.bantgoau.com
1	lh3.googleusercontent.com	stream.bantgoau.com
1	tb.baimgfroggd.site	1 redirects
1	tcimp.zog.link	1 redirects
1	www.googletagservices.com	483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.it	securepubads.g.doubleclick.net
1	js.cabnnr.com	js.wpadmngr.com
1	7ccbc65df5.a615d4c326.com	js.wpadmngr.com
1	cdn.jsdelivr.net	get.optad360.io
1	na.nawpush.com	js.wpadmngr.com
1	cst.cstwpush.com	it.timurovets.com
1	cst.wpu.sh	1 redirects
1	lodder7.biz	it.timurovets.com
1	it.timurovets.com
0	rr1---sn-5hne6nsy.googlevideo.com Failed	www.youtube.com
149	42

This site contains links to these domains. Also see Links.

Domain
cookiesandyou.com
nl.timurovets.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.optad360.io Amazon	`2021-11-17` - `2022-12-15`	a year	crt.sh
js.wpadmngr.com R3	`2022-01-16` - `2022-04-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
na.nawpush.com R3	`2022-02-09` - `2022-05-10`	3 months	crt.sh
7ccbc65df5.a615d4c326.com R3	`2022-01-19` - `2022-04-19`	3 months	crt.sh
js.cabnnr.com R3	`2021-12-28` - `2022-03-28`	3 months	crt.sh
*.google.it GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
vs.bantgoau.com R3	`2022-02-15` - `2022-05-16`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://it.timurovets.com/
Frame ID: D5122CCC071424355897A771AB6A344F
Requests: 52 HTTP requests in this frame

Frame: https://483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 43DC2E24D118A8C4446C79EE685BEB62
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Frame ID: C29FE7591D349523A99AD3DB96BC546C
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 42C95DA9B2309389E37D3B14056A267C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8AE1FAE8ADB74557E7AD7EF3B7569954
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Frame ID: 519C1B38F68F23B8332D0811CE07A1C9
Requests: 17 HTTP requests in this frame

Frame: https://483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C6381A565380681B928FA234A9BA9F17
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKOipgEQkJurARjTkNW-ATAB&v=APEucNV6WncOJRQ2PHCkhMzcGW1Q996NPoCSv8v1ZfrQWpT4SGz5piFWDmSmh6-oTnFbWJZsAVM4YAovdwifFkt2rHiV8qHi-_t1r0C6n2YK-dpPcqRjU6_SEgco_V-nHVOFcoxjUtaiKKoi6Uuk99ZH5GSTtiIa2kITZzVVIhS59V7yKf1pWxAw_YC-KhPwXIX_-EAdYLCJdA1GTt45D7K50AlCfToIzQ
Frame ID: BF70EA11A6B9ED2A9A3E9E0A7A49E265
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7F516F3576290F307EB614672FA71468
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/6871190/1642778149093/IT_DISPLAY728X90_Q122-A_VALENTINES_WOMAN_MIXED/index.html
Frame ID: 3A9EAEEFE003B44F27F35856614EA114
Requests: 8 HTTP requests in this frame

Frame: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FBuSgFuFYPCY%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0200&oid=1449704&sp=0.043750&spp=1000&se=impression&vi=BuSgFuFYPCY&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644974477&utm1=tcb&utm2=803629915-1&utm3=195-21720-0&utm4=0-9033275-14
Frame ID: 6D3971C4C89B39BDD2AD447B836F75D3
Requests: 4 HTTP requests in this frame

Frame: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-v.js
Frame ID: 9B469BFE98371F118FE9F7879B6B97D4
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/BuSgFuFYPCY?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Frame ID: D831A21BAF7C9DF305A7A85587A40B9A
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tutto Su Tessuti, Moda E Bellezza | 2022

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

149
Requests

93 %
HTTPS

76 %
IPv6

31
Domains

42
Subdomains

31
IPs

6
Countries

5135 kB
Transfer

10602 kB
Size

15
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://nl.timurovets.com/
Title: it.timurovets.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://cst.wpu.sh/static/adManager.js HTTP 301
https://cst.cstwpush.com/static/adManager.js

Request Chain 33

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//it.timurovets.com/;0.2314780832649126 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//it.timurovets.com/;0.2314780832649126

Request Chain 67

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 94

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKmv5_2M_VjoIhH6521liZ4&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKmv5_2M_VjoIhH6521liZ4&google_cver=1&C=1

Request Chain 95

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YgxRi7PBX9gH5hz7UZ9dMwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKmv5_2M_VjoIhH6521liZ4&google_cver=1

Request Chain 96

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMNe6Nq88WduUpDqGmEQujg&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMNe6Nq88WduUpDqGmEQujg%26google_cver%3D1

Request Chain 97

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjI2OTg0NTA0MjY4MzU1NzMwNw%3D%3D

Request Chain 119

https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJpZHpvbmUiOm51bGwsImFkX3RhZ3MiOiIiLCJsYWJlbHMiOiI0LDUsNiw3LDgsOSwyNiw0Niw0Nyw1NCw1NSw2MSIsImFsbG93ZWRfbGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjQ3MTY5Mzk3MiIsInV0bTEiOiIiLCJ1dG0yIjoiIiwidXRtNCI6IiIsInNwb3RfaWQiOjEwMjc5LCJtdWx0aXBsZSI6ZmFsc2UsImlzX2lmcmFtZSI6ZmFsc2UsInJlZmRvbWFpbiI6IiJ9LCJiYW5uZXIiOnsidyI6MSwiaCI6MX19XSwic2l0ZSI6eyJpZCI6IjEwMjc5IiwicGFnZSI6Imh0dHBzOi8vaXQudGltdXJvdmV0cy5jb20vIn0sImRldmljZSI6eyJ3IjoxNjAwLCJoIjoxMjAwfSwidXNlciI6eyJpZCI6ImE0MDc5NTIxMzc5OGExNzEwOTc5YWM0MzQxYmFjOGU1In0sImV4dCI6eyJkdCI6MTY0NDk3NDQ3NzA5NH19 HTTP 302
https://rtbbnr.com/banner/in/show/?mid=1444417390&pid=0&site=10279&sc=IT&usage_type=DCH&subid=471693972&sid=0&cid=12098&price=0&is_cpm=1&cpm=0.035&ecpm=0.035&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=it.timurovets.com&hostname=auc-banner-hz-6&site_id=0&spot_id=10279&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&burl=&pop_winurl=&ip=2001:ac8:24:44::11&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&min_cpm=0&ttl=&space_id=1695&banner_width=1&banner_height=1&url=%2F%2Ftcimp.zog.link%2Fin%2Fbanners%3Fkatds_ep%3D4GortcOK6Ms_uBj8KKdmBTBioF2MJJRxqxDkfank5lM2LL40tdTe4vVFYGYXcuhIHvGBxcwOE3f8_8OQsvqX_1Y3WXJRASAf1e7L5khOLT8FCrhn6oh5D8B0eZdA0_iG7Py9CGkIJQyEadM06JN7PjTwM3zvFYamQdPhfXAcjud1X0GDbHqX8e0kFGbd8wS1uEAyvovlEvpp5AKWezDFnCmZkJOXw9cwmuf9HWzoquu3Y2H1ei1jmacVDGJEw2R1zirqaJeUDMAaabhrBQ6WiNSRCHN-Tt8oCyuv5emK_uLAFvtSTj9nutvD7ecsWXwo1pfbh-q6-2HGEL1tfk6-fJ_Q8hcm6Twcpijqn--Kk3eRjAqVzpmE7qoxztGGKLNCy27tw7pxJjfEIVpq5bSLcxrX4_fdY2Ipy13NeuOf9URRIIq6KeJJBZZreAjdL2nYV7qK0gSMJxrOlQwqsqvcsX9-FtGqUZvXCqW_mQK66w&pr=&bid_crid=&bid_cid=&is_iframe=0 HTTP 302
https://tcimp.zog.link/in/banners?katds_ep=4GortcOK6Ms_uBj8KKdmBTBioF2MJJRxqxDkfank5lM2LL40tdTe4vVFYGYXcuhIHvGBxcwOE3f8_8OQsvqX_1Y3WXJRASAf1e7L5khOLT8FCrhn6oh5D8B0eZdA0_iG7Py9CGkIJQyEadM06JN7PjTwM3zvFYamQdPhfXAcjud1X0GDbHqX8e0kFGbd8wS1uEAyvovlEvpp5AKWezDFnCmZkJOXw9cwmuf9HWzoquu3Y2H1ei1jmacVDGJEw2R1zirqaJeUDMAaabhrBQ6WiNSRCHN-Tt8oCyuv5emK_uLAFvtSTj9nutvD7ecsWXwo1pfbh-q6-2HGEL1tfk6-fJ_Q8hcm6Twcpijqn--Kk3eRjAqVzpmE7qoxztGGKLNCy27tw7pxJjfEIVpq5bSLcxrX4_fdY2Ipy13NeuOf9URRIIq6KeJJBZZreAjdL2nYV7qK0gSMJxrOlQwqsqvcsX9-FtGqUZvXCqW_mQK66w HTTP 302
https://tb.baimgfroggd.site/in/1816/?user_id=7955c2577bda66b6b173b1f579d0fcbef659437f&bid=0.043750&katds_labels=&utm1=tcb&utm2=803629915-1&utm3=195-21720-0&utm4=0-9033275-14&ts=1644974477 HTTP 302
https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FBuSgFuFYPCY%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0200&oid=1449704&sp=0.043750&spp=1000&se=impression&vi=BuSgFuFYPCY&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644974477&utm1=tcb&utm2=803629915-1&utm3=195-21720-0&utm4=0-9033275-14

149 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
it.timurovets.com/ 19 KB
4 KB 99ms
60ms Document
text/html 2606:4700:3037::ac43:b989
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://it.timurovets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b989 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ade4c59d8de0584485af43b8dae03cae6f72a06f433fc6dbc74a6e3e190f07da

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9

Response headers

date: Wed, 16 Feb 2022 01:21:13 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s94UVDz0usQwvtSEaV6UMeRbkLQCQFtxEc5IQZnGvrtavPmnNJhZrbKJlb0Ndq8wApRwrROGs8SwGEeCB0Ln3kkyiswjTHA6jJGeZjaVgRrsxLYXfDURC6S6eMDSTquYHa5VjVxA6Aw7BLKLPYTooQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6de2f539b9ce83be-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 eNqdV.css
timurovets.com/template/css/ 82 KB
14 KB 80ms
24ms Stylesheet
text/css 2a06:98c1:3121::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://timurovets.com/template/css/eNqdV.css
Requested by: Host: it.timurovets.com
URL: https://it.timurovets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7126ae3381709f10abee774d28d802728603de621a5ebdb838d0b11272dc1260

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2551
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 11 Jun 2019 15:29:00 GMT
server: cloudflare
etag: W/"146dd-58b0df4b6a700-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yGaNwTtXJIYWiecLnkVkmKw2fzoA6sennjqvajC6T3vZB8D2QfpX7viApQby8Dum%2B7lrdFHTxmNN9HBb3afKnrVHNXqYJaLoO%2B65b247D9Gl3x4yYGzkykl1KY%2BnU0OC%2BUYSRFUfZ30WZsNvfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6de2f53a9ea60f62-MXP

GET
H2 200 / Show response
lodder7.biz/ 20 KB
9 KB 103ms
49ms Script
application/javascript 2a06:98c1:3121::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lodder7.biz/?pu=gi4damteg45ha3ddf4ytinry
Requested by: Host: it.timurovets.com
URL: https://it.timurovets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56918b2319848631e9062ebeb3d1f1af2d478dffa24e130761f1b45f376a3822

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eoo3dhuyCwn0WjE%2B8shGjBmYj4%2BgkHzdxv5X9hoh%2B%2BEbASj0moql8kTq2CAANaq%2FUuXaas0bjAe6ljJr22Rl4TAw7EiukaMAlmbJw0aMmz9adBmdYQVJGUeoIFHdNb%2BHeX1hWCneAxiDIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cf-ray: 6de2f53a9dfe59cb-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 eNqdVG1yhCAMvVAdD7F_e4dOxIDMBuIQ7M729AXcD-myOtMfwnvxJYYk0kuEaFWvRPoM8aPfWBxYXxkmdjiD2ajYzezRR-lhLE_r1cWOBtM-oTVTPE3gDX5aiegxN....css
timurovets.com/template/css/ 75 KB
13 KB 122ms
67ms Stylesheet
text/css 2a06:98c1:3121::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://timurovets.com/template/css/eNqdVG1yhCAMvVAdD7F_e4dOxIDMBuIQ7M729AXcD-myOtMfwnvxJYYk0kuEaFWvRPoM8aPfWBxYXxkmdjiD2ajYzezRR-lhLE_r1cWOBtM-oTVTPE3gDX5aiegxN....css
Requested by: Host: it.timurovets.com
URL: https://it.timurovets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c350f4cd789435efd055a5c73d7662e0b6aa7a358a70698acb7067beb72d0b8e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 11 Jun 2019 15:29:00 GMT
server: cloudflare
etag: W/"12db0-58b0df4b6a700-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aI7pBMoUWIkVSQrBzLgL2fxeB6bj1sD2%2FeVuGP3DFLGNhyEvSlXaeN4yTfQfgHKVnDPQoVBxc9yt4gaOxyooBWdc25Xd4MELicPfbHwONIH%2FEYzE8po2rvFLxfRV7LwOsQngGUsHp1KHPm9FDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6de2f53a9ea80f62-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/3cba4edf-ae55-4040-82ce-127f9b09b680/ 377 KB
89 KB 188ms
78ms Script
application/javascript 2600:9000:224a:1e00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/3cba4edf-ae55-4040-82ce-127f9b09b680/plugin.min.js
Requested by: Host: it.timurovets.com
URL: https://it.timurovets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:1e00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a5477e2b5079109112bb44e3ffbf51d3b68f76b58f558d2ab00f6439d960ccec

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:14 GMT
content-encoding: gzip
last-modified: Tue, 15 Feb 2022 08:09:04 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: W/"6dc18e47a2df61926855f11b11b485bb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 acf8dc23ea92f292049638fbd5d718e2.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-id: egz-cL6Yu3911JKXIGH54GXzewzzUOb4wewEQW3pa2b_ry1ALAW-7w==

GET
H2

200

adManager.js Show response
cst.cstwpush.com/static/
Redirect Chain

https://cst.wpu.sh/static/adManager.js
https://cst.cstwpush.com/static/adManager.js

451 B
597 B

151ms
63ms

Script
application/javascript

45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cst.cstwpush.com/static/adManager.js
Requested by: Host: it.timurovets.com
URL: https://it.timurovets.com/
Protocol: H2
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:13 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 09:03:43 GMT
server: nginx/1.18.0
etag: W/"6166a0ef-1c3"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 16 Feb 2022 01:26:13 GMT
cache-control: max-age=300
x-proxy-cache: HIT

Redirect headers

location: https://cst.cstwpush.com/static/adManager.js
date: Wed, 16 Feb 2022 01:21:13 GMT
server: nginx/1.18.0
content-length: 169
content-type: text/html

GET
H2 200 logo1.png
timurovets.com/template/img/ 7 KB
7 KB 78ms
26ms Image
image/png 2a06:98c1:3121::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timurovets.com/template/img/logo1.png
Requested by: Host: it.timurovets.com
URL: https://it.timurovets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48555f28f5acba039499fc452d3154569b927820337696c444fa346fe966c9a2

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2550
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7001
last-modified: Wed, 16 Oct 2019 20:16:06 GMT
server: cloudflare
etag: "1b59-5950cc54f2d80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tSIJxJbsKpN1TGWToGgIRl6wK8S7cHdOOXIAEu2sKfFM6h4WATTK71BeHFZFEoAJXlsnMS064VdYD132%2BO3vLw4abKOTf8h%2BdSG5grHmdiJF7IxOFvu2o%2BGtvzq31vmnjJbmbNNXOiMxPfV4%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6de2f53a9ea90f62-MXP

GET
H2 200 109.jpg
timurovets.com/pic/109/ 58 KB
59 KB 144ms
92ms Image
image/jpeg 2a06:98c1:3121::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timurovets.com/pic/109/109.jpg
Requested by: Host: it.timurovets.com
URL: https://it.timurovets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbe47bda23a4405be354007402d0f63a8da91a26c1b67bba271e571c632b3232

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 59869
last-modified: Wed, 16 Oct 2019 20:55:56 GMT
server: cloudflare
etag: "e9dd-5950d53c3af00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZnGmroM6rgg0JFD8dWNfxitERG8n1UuvNviSb0lHGVeOZUv57Ej3hy4MjpH3Fi4Ico056c0CLNdBOTCMhv57A7n%2BJR%2BwoSLp7N43ainz0yzDXL%2BOiTdxI30pOqNOOC8SJLpeumhqXv8fqvVDwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6de2f53a9eab0f62-MXP

GET
H2 200 104-2.jpg
timurovets.com/pic/104/ 67 KB
68 KB 148ms
96ms Image
image/jpeg 2a06:98c1:3121::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timurovets.com/pic/104/104-2.jpg
Requested by: Host: it.timurovets.com
URL: https://it.timurovets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 116acfd417281d510f99003579b1945234de4405b5cfcd826a733f23c36a18b4

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 69020
last-modified: Wed, 16 Oct 2019 20:56:02 GMT
server: cloudflare
etag: "10d9c-5950d541f3c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZkTAiuxj8VaWZmjeKREhj%2B196yaorFxdfKIAqS6OsAF%2FIE17JpW7nW38Kh5rosYi2IUq1jUymyO0tlZYNgpjN%2FsL8aKO31dMZJ84e0r%2BBro6D0MYQKGHjydvGkcd2igu02EedXtyclAJ%2FD3HSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6de2f53a9ead0f62-MXP

GET
H2 200 136-min.jpg
timurovets.com/pic/136/ 33 KB
33 KB 123ms
72ms Image
image/jpeg 2a06:98c1:3121::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timurovets.com/pic/136/136-min.jpg
Requested by: Host: it.timurovets.com
URL: https://it.timurovets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03fe10c919d45a962b1db68585594ec1a4db299627643374ac05aecae620e85e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33593
last-modified: Wed, 16 Oct 2019 20:55:24 GMT
server: cloudflare
etag: "8339-5950d51db6700"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GpYXngwxumXBrXLfRhGoySz91wZWnvZ9bu0ado3DZzAaEyUbiXrfjp6carcFNOgtRCCeBqQ%2BbYOcQnoXkW0X90V2PuaWeRYkM869Q%2FYS6YDxUe8LfoKi%2BgZAw2Ox7DwFFBN38A%2FE1ui8wJmEOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6de2f53a9eac0f62-MXP

GET
H2 200 162.jpg
timurovets.com/pic/162/ 46 KB
47 KB 118ms
116ms Image
image/jpeg 2a06:98c1:3121::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timurovets.com/pic/162/162.jpg
Requested by: Host: it.timurovets.com
URL: https://it.timurovets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28f176de13fa7689afd86fa3a978d52cfa55f00af3baefbc7beb293a14855711

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47291
last-modified: Wed, 16 Oct 2019 20:54:40 GMT
server: cloudflare
etag: "b8bb-5950d4f3c0400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2Fz7HEdL7BZSMONNZySbk9qGl2hKLh61UJia%2F8jRZAQAC%2Bct84odfd3eSPHN4TFmupRtrUhdIxGwW7qd3XGc2D1%2FID%2B5jZoqC%2Bmhr4xpvTClfeU%2FMmViLXiOx8TfCfesQ2v8q0t224CSN77Qhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6de2f53aaeb50f62-MXP

GET
H2 200 129.jpg
timurovets.com/pic/129/ 53 KB
53 KB 102ms
100ms Image
image/jpeg 2a06:98c1:3121::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timurovets.com/pic/129/129.jpg
Requested by: Host: it.timurovets.com
URL: https://it.timurovets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98bc248a2d8ace6d503926548d3d0940070e9357bc7cfb03c90e5e9a847270c2

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54182
last-modified: Wed, 16 Oct 2019 20:55:32 GMT
server: cloudflare
etag: "d3a6-5950d52557900"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yaTmGXQfUiuzy7DHzy0uVl1wwA4XVO4aiQEF7GJkGpSiuAf3P6AMgqs%2F6Xyu5i2EYuMwRzbO2AaSg6JgxfTkQujfTby%2F%2BUE4pgedx30u72i9rSgXxgGy5JZMv6mfsi%2BLe9IiKvW%2FqWGj1ze9LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6de2f53aaeb60f62-MXP

GET
H2 200 11-4.jpg
timurovets.com/pic/11/ 35 KB
36 KB 100ms
98ms Image
image/jpeg 2a06:98c1:3121::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timurovets.com/pic/11/11-4.jpg
Requested by: Host: it.timurovets.com
URL: https://it.timurovets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f09a58023080dff07a3c06435a8d3dbbc6e71283b897cbc330e146e479d35a68

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35943
last-modified: Wed, 16 Oct 2019 20:58:18 GMT
server: cloudflare
etag: "8c67-5950d5c3a6e80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FEoH%2F1nNjDlKd3RhINeXxFYKeZakDJDVJwGzK6WM1ts8Nbw52f3p5yczon17fBsb9mkRKW8fLMLWt%2B0MCW1aBn6GJyhmn8LzrCjUBRrAc4kev6w7qiRCWTUi2V%2FBeAqv4tAEDYxbIpzjh9KQFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6de2f53abebd0f62-MXP

GET
H2 200 4104-min.jpg
timurovets.com/pic/4104/ 35 KB
36 KB 100ms
99ms Image
image/jpeg 2a06:98c1:3121::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timurovets.com/pic/4104/4104-min.jpg
Requested by: Host: it.timurovets.com
URL: https://it.timurovets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 188a7a7757cdca11b85b682a7c6f8c85f3fa3df3055f0137819e499e3dd28b0b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36219
last-modified: Wed, 16 Oct 2019 20:09:16 GMT
server: cloudflare
etag: "8d7b-5950cacdf1300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1BhcGWrI%2BhsDfrk8jvCHyjFbDTgDKL8lG5uttblXCkxm%2Fy8mKC4rrsOpUzxmMWycVVyAz8ag7j5hhwIapruKeK0B1Yi6GYl%2BZ4KcxVHf%2FL7nwLYwxshfvZemoUWdzK5Fa%2FrYGlxEVBZESCNXzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6de2f53abebe0f62-MXP

GET
H2 200 2171-min.jpg
timurovets.com/pic/2171/ 56 KB
57 KB 116ms
115ms Image
image/jpeg 2a06:98c1:3121::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timurovets.com/pic/2171/2171-min.jpg
Requested by: Host: it.timurovets.com
URL: https://it.timurovets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d850c7224746463d90bc439fb65fd2e3ac47cb19a76b548dba6bd58ed260a217

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57442
last-modified: Wed, 16 Oct 2019 20:31:46 GMT
server: cloudflare
etag: "e062-5950cfd567080"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7lq7Pmuv4OFHl4t3CBuU0bjyCLz9LhIri748mGM%2FyYj6gpYzYQonWTUpxO%2FTrVXE0RnpSbWmTq6NBVFwQg1Ap48LDbvmb9hUWQd9Xx2mRu1e9Vgjv0nn2mdWN1VuTdsrW9hoOec%2FObcY3j7AA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6de2f53abebf0f62-MXP

GET
H2 200 2666-min.jpg
timurovets.com/pic/2666/ 60 KB
61 KB 142ms
140ms Image
image/jpeg 2a06:98c1:3121::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timurovets.com/pic/2666/2666-min.jpg
Requested by: Host: it.timurovets.com
URL: https://it.timurovets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b28609baf08817ae3ee0bc8d4e180b8ed548cdc82363b4ef925e6c009f41842e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61898
last-modified: Wed, 16 Oct 2019 20:25:36 GMT
server: cloudflare
etag: "f1ca-5950ce748b000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=udiaZuiaOTMEEKaYze215ZwCCxDUOI3uYbCKiTeQnCJ%2Fzf%2F55GbNaQmkrKj1nT%2BOga7Mx4tS%2FVA2%2FU%2BRhw5TUNphj%2FNAh6n9I4RGR3TR6Hq%2Fe0mB%2FlKEQ0d%2F9R2Upsv5joXZGXTykRbObXlpUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6de2f53abec00f62-MXP

GET
H2 200 5088.jpg
timurovets.com/pic/5088/ 61 KB
61 KB 102ms
100ms Image
image/jpeg 2a06:98c1:3121::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timurovets.com/pic/5088/5088.jpg
Requested by: Host: it.timurovets.com
URL: https://it.timurovets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a73bc65b330ea8ce417f94462b8b423b46aab7868fe32f37b53724dfb62c9a17

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 62102
last-modified: Wed, 16 Oct 2019 19:58:42 GMT
server: cloudflare
etag: "f296-5950c87150080"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wG1sZKCXCJmBbSGqyyGNmqLNvSikAVqhW0myzTabFJRpy78H3NmeFOmRTAYrE9HQ6b8F%2F089N1UxdzhG12OdOY0OCBltplbTa44wItwKe2Bi279OedGSX58Kzy4jWJ%2BAB0fQM9%2BBfBECgT8ifQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6de2f53abec10f62-MXP

GET
H2 200 3614-min.jpg
timurovets.com/pic/3614/ 43 KB
43 KB 124ms
123ms Image
image/jpeg 2a06:98c1:3121::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timurovets.com/pic/3614/3614-min.jpg
Requested by: Host: it.timurovets.com
URL: https://it.timurovets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3b1e2bf487d2385d629e0b12ff80df3c780dc8fbe060d044409a80a7777350b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43554
last-modified: Wed, 16 Oct 2019 20:14:42 GMT
server: cloudflare
etag: "aa22-5950cc04d7080"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NNEHhhTsFt%2BTVmT6EFqTlabS0EwrLK5q1IvNdVs6hIg4KmYQkxAl2xpBXEaihKq0N35bkE9vZ46aGzg8%2F8IM2bWTDBRoPZ1Fb843Mn%2BgJe9Tzg5CM5dvX6EM38vf%2FFUvsRi8oRdRyI%2FhWnG38A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6de2f53abec20f62-MXP

GET
H2 200 1476-4.jpg
timurovets.com/pic/1476/ 40 KB
40 KB 100ms
98ms Image
image/jpeg 2a06:98c1:3121::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timurovets.com/pic/1476/1476-4.jpg
Requested by: Host: it.timurovets.com
URL: https://it.timurovets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce8e76c8a101da29a3604e6590f09eb1f13ef39aaa3c37a190f767e0b517b1b5

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40852
last-modified: Wed, 16 Oct 2019 20:38:22 GMT
server: cloudflare
etag: "9f94-5950d14f0eb80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ct9Kctq1IEd7tzK2mjQmrf%2BceQdXrlv8Ox48Cfr09vqKeRh0vCdhoYW%2FHVJvstK9FnT4%2FMvk5WKiv%2BcU6yfUd6gkPCer9vVP3F%2BLZHJ5nfWcWs8wMn7y8ru39weBYbomgbS15ISS8UP6ixrIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6de2f53abec30f62-MXP

GET
H2 200 3187-min.jpg
timurovets.com/pic/3187/ 65 KB
65 KB 119ms
117ms Image
image/jpeg 2a06:98c1:3121::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timurovets.com/pic/3187/3187-min.jpg
Requested by: Host: it.timurovets.com
URL: https://it.timurovets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af99c510e1e5e37ce9a5cce3021ce16f23f43be1e8860765deedfed8a0a8c377

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 66088
last-modified: Wed, 16 Oct 2019 20:20:16 GMT
server: cloudflare
etag: "10228-5950cd435e000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74QDNe4JCxWNH8QZo6BV17BqDqlVXyMoQPyY4WNSrSh%2BSQrvUzdcZ%2FJ5qEWLzPQKeD4R7T4Tzsn%2BLaZbrx1fXFEtgXW42rimE6Cvl7LqIFakx6TVIpVvOBdHQSaJWQYrC8gelfucCB4fFurBzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6de2f53abec40f62-MXP

GET
H2 200 972-3.jpg
timurovets.com/pic/972/ 698 KB
699 KB 118ms
117ms Image
image/jpeg 2a06:98c1:3121::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timurovets.com/pic/972/972-3.jpg
Requested by: Host: it.timurovets.com
URL: https://it.timurovets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe18964d04dc600f9b521bdfbadb085cf0fb3012fa6d84baea8d13c03dc775fe

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 714378
last-modified: Wed, 16 Oct 2019 20:43:40 GMT
server: cloudflare
etag: "ae68a-5950d27e53700"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQmtA0yr%2FBXQXlcSI5NdqDqRFt2we36VpLbXKg8xGWfG%2Bdu1wMli8u%2BzCKB3hz%2F1ycTnGBaMZObPPYEHAADZ%2BRPR%2BNdq9Z76bHafGlo%2FTeRv8xLuV9VdTtYn7TE95Q6sp82rmQoCRcyYx9bzBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6de2f53abec60f62-MXP

GET
H2 200 1056-min.jpg
timurovets.com/pic/1056/ 71 KB
72 KB 116ms
115ms Image
image/jpeg 2a06:98c1:3121::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timurovets.com/pic/1056/1056-min.jpg
Requested by: Host: it.timurovets.com
URL: https://it.timurovets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 000965f60d36b24f9ceacbbb1cdd9932ff8f8ca2777beb1030d2da91cc84519a

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 72910
last-modified: Wed, 16 Oct 2019 20:42:46 GMT
server: cloudflare
etag: "11cce-5950d24ad3d80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tUiEBFow7oIPweWWjd0hOLIYTp1Y8OW1i74LUKjPES9BzF76gH9VHKNXYK54mg8uhp103U%2BFxmiGxhmiCWGNebGd%2BmsIyo%2Bfk%2BU9gaMYNXIRmNSnlZLbc2BZkZ1LWonVgtm8avRUrKKBpukTPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6de2f53abec90f62-MXP

GET
H2 200 5591-min.jpg
timurovets.com/pic/5591/ 68 KB
68 KB 118ms
117ms Image
image/jpeg 2a06:98c1:3121::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timurovets.com/pic/5591/5591-min.jpg
Requested by: Host: it.timurovets.com
URL: https://it.timurovets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51143c3e882d9231f8ceeb41f038545a045748a58ef9f8be9c23303348ad8de3

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 69598
last-modified: Wed, 16 Oct 2019 19:55:24 GMT
server: cloudflare
etag: "10fde-5950c7b47c300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Og2Sag0GySJQle8ydXPPTdKLWEBbxSx2alxF3Z338cO5K1PfcHaiQ%2BYRq%2BE16bml9JrQJRt%2FSwaXNegvGDLNCrrI3saiNLYkgxfU2LxDD0kpJqLeSOyVjK9Jf5IChnZmUU8%2B66w8RTqfBt4cpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6de2f53abeca0f62-MXP

GET
H2 200 299-21.jpg
timurovets.com/pic/299/ 84 KB
84 KB 116ms
115ms Image
image/jpeg 2a06:98c1:3121::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timurovets.com/pic/299/299-21.jpg
Requested by: Host: it.timurovets.com
URL: https://it.timurovets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38ed1a7a8a6fc6427a2a86150bee22783ecf9b7fca641d35cff18e1918788519

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85817
last-modified: Wed, 16 Oct 2019 20:52:22 GMT
server: cloudflare
etag: "14f39-5950d47024d80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJjFoS36sVEhBZ3WawMXRQS2C9GGtls5dsR42k76fIL%2BX4Q0GA0IE%2FtTD2yVzkDeqm2GkF1btoA8V3LxhorY9HvVmFoH81tOKhOyvC8FLYeAhLUUe55kDYLKWLUaRa2wn0n1mfmf0kh%2BorpQhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6de2f53abecc0f62-MXP

GET
H2 200 3654-min.jpg
timurovets.com/pic/3654/ 57 KB
57 KB 124ms
122ms Image
image/jpeg 2a06:98c1:3121::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timurovets.com/pic/3654/3654-min.jpg
Requested by: Host: it.timurovets.com
URL: https://it.timurovets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66739c36c32d27366b19478b3248a62cbe51ae1de229ee7aa9b98dfe37890b1f

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58051
last-modified: Wed, 16 Oct 2019 20:14:14 GMT
server: cloudflare
etag: "e2c3-5950cbea23180"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WBO7JfnMNFuNeMe00EHBHB25DA03xtW8eiNZ6%2BWHdwz%2BTgyc6VJguNoakAMj47zsDYvqVmQsAZNVYLPU6Jnkesv8yqNMiQXzldkj7xa8n1v8ofw3BIs%2Fx%2F%2FppTBW9jKhct3r2QtbSeNUNK7JIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6de2f53abecd0f62-MXP

GET
H2 200 4184-min.jpg
timurovets.com/pic/4184/ 69 KB
69 KB 117ms
116ms Image
image/jpeg 2a06:98c1:3121::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timurovets.com/pic/4184/4184-min.jpg
Requested by: Host: it.timurovets.com
URL: https://it.timurovets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0de179f6d69df7c706178ae602fcfa2fca8c88a1bd830bd9503bc48d8fc6d929

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70575
last-modified: Wed, 16 Oct 2019 20:08:26 GMT
server: cloudflare
etag: "113af-5950ca9e42280"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oc1kbrEcabaT61tpe%2B75PnRau6IYnha7dZ6106EndIOcHvq%2F5f0T6aihUp%2BJQy4oyJwyfNJWVZLMZOeXQ2i7RWSldZdo03BqF%2BQTycSMc6YFP7p8nGMRBllZ%2B75KrbMC%2FETh8rplYkWI%2B4WOSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6de2f53abecf0f62-MXP

GET
H2 200 4930-min.jpg
timurovets.com/pic/4930/ 80 KB
80 KB 117ms
116ms Image
image/jpeg 2a06:98c1:3121::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timurovets.com/pic/4930/4930-min.jpg
Requested by: Host: it.timurovets.com
URL: https://it.timurovets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9db9e41512d61e7a9db77af1d1ef52440fd78f5ef0bc2736ecdfa5e1a9c11a53

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 81505
last-modified: Wed, 16 Oct 2019 20:00:18 GMT
server: cloudflare
etag: "13e61-5950c8ccdd880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1p5oZkArCoOtf2eQ5wqOqWxCyE%2BJi3qzz0tZCn2%2F4bjxcJr02QUcEYqozpVhzijwL3%2FSfciROvs11VcXGaioALcif1V2x1LXsU%2FC45TaDNwR%2Bpcy77LvtqguSx3pcgA0zp89hyOT00u8l4Dwnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6de2f53abed20f62-MXP

GET
H2 200 155-17.jpg
timurovets.com/pic/155/ 447 KB
448 KB 114ms
113ms Image
image/jpeg 2a06:98c1:3121::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timurovets.com/pic/155/155-17.jpg
Requested by: Host: it.timurovets.com
URL: https://it.timurovets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35342b4b91a124276dfd941237dd920f69bcd5cf6728ddd7ef557bf8fee7612a

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 458237
last-modified: Wed, 16 Oct 2019 20:54:54 GMT
server: cloudflare
etag: "6fdfd-5950d5011a380"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0cmvSG28rDI0R9W8wYPYRQ3O2rP6SMFCwCCpw409sRUqwvurw7ZE%2BvgIHlJzXrX%2BDvV%2F5LPU%2BQEwC%2FVh%2Bl1T7UolkCXSNtHJf%2FWxjyufAD9%2BorsjiR9Y%2BO38WzaVC16CMc6aKvz5aD6CXNxgcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6de2f53abed40f62-MXP

GET
H2 200 1192-min.jpg
timurovets.com/pic/1192/ 24 KB
24 KB 99ms
98ms Image
image/jpeg 2a06:98c1:3121::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timurovets.com/pic/1192/1192-min.jpg
Requested by: Host: it.timurovets.com
URL: https://it.timurovets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2595a096294b525d335287a112ce0dc209175ac80a179245814868d2190b53f1

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24641
last-modified: Wed, 16 Oct 2019 20:41:22 GMT
server: cloudflare
etag: "6041-5950d1fab8080"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IE113qcQuK8aRnT91oatyl1ZUdM8w%2FZ04osO60s6qS7okntzzMQs9buki0R36%2BSBf5r8qpJ%2BZJ4NwL9m7u0R3DwnWMDAZC5qQrThYOH%2FWHmgBpd9S%2Bv79X%2B6jM9F9Tll%2B70cnLxO6oVSd%2FwZxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6de2f53abed50f62-MXP

GET
H2 200 4147-min.jpg
timurovets.com/pic/4147/ 56 KB
57 KB 117ms
116ms Image
image/jpeg 2a06:98c1:3121::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timurovets.com/pic/4147/4147-min.jpg
Requested by: Host: it.timurovets.com
URL: https://it.timurovets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 814d74960985c84f698fc0855e07a556f85a1dc223b66e1988aef9b48705b1c3

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57800
last-modified: Wed, 16 Oct 2019 20:08:46 GMT
server: cloudflare
etag: "e1c8-5950cab154f80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LPFUKjvN%2BKG836C9OuxDd8Zoya4KM1wyo5HdnjWGFJDxNGr8P8TvN11Sw%2Bqjjg9muiteZeYmDNOn6JsL0P2znt4tynsV90UOCHqORjO3cFH%2BinK%2FDbVcTFwsjwIMOF3Xjnpki5IQ%2FozbDUTA1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6de2f53abed70f62-MXP

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 4 KB
1 KB 61ms
22ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css

Requested by

Host: it.timurovets.com
URL: https://it.timurovets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 12470512
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 975
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-fe0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSgXoTTNzsQuGoxpi7Urzt9lHn%2FNx%2F97eLRQF%2BmebjraOCOhfGKVkAHAFwhdDv9ilEAgEcdVkDq77R9KVcmzx0IjedybeLoSgf9cR4KGpDNzdrXcEs8YpoG8KvcvBc2%2BrwXFj7DTsVzzVrQdSFGsaSfm"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6de2f53a8d1683ac-MXP
expires: Mon, 06 Feb 2023 01:21:13 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 20 KB
7 KB 60ms
21ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js

Requested by

Host: it.timurovets.com
URL: https://it.timurovets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 12043333
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5978
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-5148"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FkHsgY%2BPM3qm8zv4jJP6CVMheCClnQ9fWBUX5UMMnFZcGmEyV4ex%2Bwa4VFdO8jEcmlXJmS4Rhd7188AVZPUro6ARTw9%2Ft3Pc3K%2BbcsNLz%2FDsU6os1dhJTTJ1tosHsgubf88QYHhUrIxKswAE%2FzjM8zW5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6de2f53a8d1983ac-MXP
expires: Mon, 06 Feb 2023 01:21:13 GMT

GET
H2 200 adManager.m.js Show response
js.wpadmngr.com/static/ 80 KB
29 KB 117ms
35ms Script
application/javascript 45.133.44.25
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.m.js
Requested by: Host: cst.wpu.sh
URL: https://cst.wpu.sh/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 8365ad50a44341d8858863fec236793a9b4074461b61cae8aaa25343b47d7ce3

Request headers

Referer: https://it.timurovets.com/
Origin: https://it.timurovets.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:13 GMT
content-encoding: gzip
last-modified: Fri, 11 Feb 2022 11:57:31 GMT
server: nginx/1.18.0
etag: W/"62064f2b-13e4c"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 16 Feb 2022 01:26:13 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H3 200 FSAlbertWeb-ExtraBold.woff
timurovets.com/template/css/ 42 KB
43 KB 67ms
43ms Font
application/font-woff 2a06:98c1:3121::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://timurovets.com/template/css/FSAlbertWeb-ExtraBold.woff
Requested by: Host: timurovets.com
URL: https://timurovets.com/template/css/eNqdV.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25b9874d3479f9fec7a8a2d0d04d17723f662ceb723ec05b18852d53a3fc2c38

Request headers

Referer: https://timurovets.com/template/css/eNqdV.css
Origin: https://it.timurovets.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5850
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 11 Jun 2019 15:29:00 GMT
server: cloudflare
etag: W/"a84c-58b0df4b6a700"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=auMlUwwe53A0KE6tdkj%2B3Dza2dr9z8jJ2zgK09t9J86YlXUJn005sLkg%2F1kwE13%2BHeqSnTKaeazq7s85IxsZU%2BQiJ4%2FWiGY39Xz7HmMD9J53NX1WbSWtqjlw143DgN4Dkl4oFw3CM52Wb0jhAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6de2f53c4aa759f5-MXP

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//it.timurovets.com/;0.2314780832649126
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//it.timurovets.com/;0.2314780832649126

43 B
528 B

61ms
61ms

Image
image/gif

88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//it.timurovets.com/;0.2314780832649126

Requested by

Host: it.timurovets.com
URL: https://it.timurovets.com/

Protocol

HTTP/1.1

Server

88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host210.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Feb 2022 01:21:13 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 15 Feb 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 16 Feb 2022 01:21:13 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//it.timurovets.com/;0.2314780832649126
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Mon, 15 Feb 2021 21:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
27 KB 128ms
49ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/3cba4edf-ae55-4040-82ce-127f9b09b680/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

1f9618131ed580faeb43b8d1cda0605ecff55842bc598b53a0ec98b23d0c76e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27327
x-xss-protection: 0
server: sffe
etag: "1133 / 88 of 1000 / last-modified: 1644966531"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 16 Feb 2022 01:21:13 GMT

GET
H2 200 prebid5.14.0.js Show response
get.optad360.io/sf/ 460 KB
142 KB 41ms
40ms Script
application/javascript 2600:9000:224a:1e00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid5.14.0.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/3cba4edf-ae55-4040-82ce-127f9b09b680/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:1e00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 07:18:43 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 07:59:54 GMT
server: AmazonS3
age: 324151
etag: W/"6dd0a13bde35d2daa452bba998871016"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 acf8dc23ea92f292049638fbd5d718e2.cloudfront.net (CloudFront)
cache-control: public, max-age=360000000
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: HleAyFlsF5DRjrWd77NO-0PK7yyNoBqWm0zM1rSZBiTtsnCTKQYOcQ==

GET
H2 200 1603 Show response
na.nawpush.com/tags/ 600 B
507 B 96ms
32ms XHR
application/json 45.133.44.25
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/1603
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 83e058c0db231e1c6f89f25a7f0d4b8ccb0fb569a4eafe73440643d2553f716c

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 16 Feb 2022 01:21:13 GMT
cache-control: max-age=300, public
content-type: application/json
server: nginx/1.18.0
content-encoding: gzip
x-proxy-cache: HIT

GET
H2 200 wp-banners.js Show response
js.wpadmngr.com/npc/sdk/ 0
238 B 92ms
30ms Script
application/javascript 45.133.44.25
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/npc/sdk/wp-banners.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:13 GMT
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
server: nginx/1.18.0
etag: "611fc6d7-0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 16 Feb 2022 01:26:13 GMT
cache-control: max-age=300
accept-ranges: bytes
content-length: 0
x-proxy-cache: HIT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 62ms
25ms XHR
application/json 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220216

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09a546e7358e4dad9ce3f48afd5e59695a724f04becd6451980c7186fad3f0cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://it.timurovets.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 16 Feb 2022 01:21:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-jsd-version: 1.0.1253
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19140-FRA, cache-mxp6955-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"6a0-RO4We27WtK8+9LAr+u0Wuauf5KU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6de2f53e88b15995-MXP

GET
H2 200 track Show response
7ccbc65df5.a615d4c326.com/in/ 0
199 B 141ms
78ms XHR
text/plain 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://7ccbc65df5.a615d4c326.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIzMTI1NDMwMTEyNzAxMzEzMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjIuMTUuMCIsInRhZ19pZCI6MTYwMywic2NyZWVuX3Jlc29sdXRpb24iOiIxNjAweDEyMDAiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IkV0Yy9Vbmtub3duIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowfQ==
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 01:21:14 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 0

GET
H2 200 build.m.js Show response
js.cabnnr.com/banner-admanager/ 27 KB
10 KB 94ms
31ms Script
application/javascript 45.133.44.25
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.cabnnr.com/banner-admanager/build.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 115c4e7dec8f340b0a47357787d56e8d5f3b58a470e8e70d42a8d76c00df7be9

Request headers

Referer: https://it.timurovets.com/
Origin: https://it.timurovets.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:14 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 10:26:36 GMT
server: nginx/1.18.0
etag: W/"620a2e5c-6bcb"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 16 Feb 2022 01:26:14 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H3 200 pubads_impl_2022021001.js Show response
securepubads.g.doubleclick.net/gpt/ 358 KB
120 KB 73ms
34ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

7b151c4e5fcb8f0c9d627ae90eee08ccb54786c8b80a9624ce4a58d385f4a4ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 00:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4683
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122668
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 09:35:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Feb 2023 00:03:11 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 73 B
100 B 72ms
37ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=it.timurovets.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

3bba2b4daf9de388462059a4883bc6c3dd318b438f56ef219270e6b2562e17d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Feb 2022 01:21:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75
x-xss-protection: 0
expires: Wed, 16 Feb 2022 01:21:14 GMT

GET
H2 200 integrator.js Show response
adservice.google.it/adsid/ 107 B
792 B 97ms
36ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.it/adsid/integrator.js?domain=it.timurovets.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Feb 2022 01:21:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 97ms
38ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=it.timurovets.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Feb 2022 01:21:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 50 KB
12 KB 535ms
534ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2767926793659738&correlator=3691513957706946&output=ldjh&eid=31060889%2C31064868%2C31063247%2C31062930&output=ldjh&gdfp_req=1&vrg=2022021001&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220216&iu_parts=121764058%3A22563361973%2Ctimurovets.com_adi_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C970x300%7C728x90&cookie_enabled=1&bc=31&abxe=1&dt=1644974474173&lmt=1644974474&dlt=1644974473295&idt=851&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=93&adks=2426510423&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fit.timurovets.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=970x0&ga_vid=726934770.1644974474&ga_sid=1644974474&ga_hid=1205291996&ga_fc=false&fws=132&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

5fa978c984916c2d5d30cd73847917393efc880e2ad8c7f08aedfcb417043249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12070
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://it.timurovets.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 751ms
751ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2767926793659738&correlator=3691513957706946&output=ldjh&eid=31060889%2C31064868%2C31063247%2C31062930&output=ldjh&gdfp_req=1&vrg=2022021001&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220216&iu_parts=121764058%3A22563361973%2Ctimurovets.com_SF&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C750x100%7C970x90&cookie_enabled=1&bc=31&abxe=1&dt=1644974474181&lmt=1644974474&dlt=1644974473295&idt=851&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1200&adks=2734754662&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fit.timurovets.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=728x-1&ga_vid=726934770.1644974474&ga_sid=1644974474&ga_hid=1205291996&ga_fc=false&fws=640&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

b2dc715f4abfbca20204b3377a0718a465c1917b961a369f616025e56d0f65b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8181
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://it.timurovets.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 50 KB
12 KB 322ms
321ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2767926793659738&correlator=3691513957706946&output=ldjh&eid=31060889%2C31064868%2C31063247%2C31062930&output=ldjh&gdfp_req=1&vrg=2022021001&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220216&iu_parts=121764058%3A22563361973%2Ctimurovets.com_adi_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C970x300%7C728x90&cookie_enabled=1&bc=31&abxe=1&dt=1644974474184&lmt=1644974474&dlt=1644974473295&idt=851&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=1521&adks=2351522444&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fit.timurovets.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=970x0&ga_vid=726934770.1644974474&ga_sid=1644974474&ga_hid=1205291996&ga_fc=false&fws=128&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

3c65e83d0255d08e8d941592e78fef18288fb932b808ff0b0fdc47295c3fe72c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11868
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://it.timurovets.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 43DC 6 KB
4 KB 119ms
35ms Document
text/html 2a00:1450:400e:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 16 Feb 2022 01:21:14 GMT
expires: Thu, 16 Feb 2023 01:21:14 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 108ms
39ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022021001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05c31269d7b68151bfc0b1cc6270c1143caf6b6c200255e90cbc422d1fe40595

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Feb 2022 01:21:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9874
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 130ms
43ms Script
text/javascript 2a00:1450:400e:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:810::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Feb 2022 01:21:14 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012202072236000/ Frame C29F 220 KB
60 KB 114ms
30ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 37798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61519
x-xss-protection: 0
server: sffe
date: Tue, 15 Feb 2022 14:51:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "609f9f524fc23ab6"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Feb 2023 14:51:16 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame C29F 16 KB
6 KB 112ms
27ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 37798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5708
x-xss-protection: 0
server: sffe
date: Tue, 15 Feb 2022 14:51:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4c9170e21c83610c"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Feb 2023 14:51:16 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame C29F 96 KB
29 KB 156ms
72ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 37798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29623
x-xss-protection: 0
server: sffe
date: Tue, 15 Feb 2022 14:51:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f660f99fdfd5d6c6"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Feb 2023 14:51:16 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame C29F 5 KB
3 KB 110ms
26ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 37798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1844
x-xss-protection: 0
server: sffe
date: Tue, 15 Feb 2022 14:51:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b0f41eb8e6d0a727"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Feb 2023 14:51:16 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame C29F 42 KB
13 KB 166ms
82ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 37798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13623
x-xss-protection: 0
server: sffe
date: Tue, 15 Feb 2022 14:51:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "14164defe327400f"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Feb 2023 14:51:16 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C29F 8 KB
1 KB 111ms
38ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Feb 2022 00:49:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 16 Feb 2022 01:21:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Feb 2022 01:21:14 GMT

GET
H2 200 it.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C29F 2 KB
2 KB 42ms
42ms Image
image/png 2a00:1450:400e:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/it.png

Requested by

Host: it.timurovets.com
URL: https://it.timurovets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:810::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7c5866bd803a7e09f3290be34496f42fe89547cf203367f25a1a5e8cf633ed2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:26:39 GMT
x-content-type-options: nosniff
server: cafe
age: 46475
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 11478399397312847468
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2073
x-xss-protection: 0
expires: Wed, 16 Feb 2022 12:26:39 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C29F 295 B
757 B 37ms
37ms Image
image/png 2a00:1450:400e:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: it.timurovets.com
URL: https://it.timurovets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:810::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 02:47:58 GMT
x-content-type-options: nosniff
server: cafe
age: 81196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 16 Feb 2022 02:47:58 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C29F 0
0 106ms
40ms Image
text/html 2a00:1450:400e:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTRpbwE7mOdIB223pAlNbsuhZk2Qe_VauNcRAmQedZe84mvIz3-hKG2F74bu3Q2iCCUBNkNsmaGJv2HLxdSps23vlIGRg
Requested by: Host: it.timurovets.com
URL: https://it.timurovets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:800::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C29F 0
0 71ms
70ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CwhVMilEMYq_hDqaO7_UPy_K5sALH_NrZX9b4k9KSD7Pah8iMDhABIKqAwyJg_YKRhOgRoAG5vLm5AsgBAakCCf3DOvsOsz7gAgCoAwHIAwqqBJkCT9CHNMMR7L0hMuQUkZqEVPS_9O9Gsko6I9UVQjGlzkaRhD3e48uh7GSrXPy8YkC7PLhFG5Gt-maqcVB6IRva99qULNfc__QAC04tPKsSotD2PhrLkFvw83eNeo-nxp-iIEOVqEtUJMcHeSeMgVW8ROQ-nWj-AXJ9aBcZBJfUSQ5sUcs0GKIwUWW39qf6feNta1UEAheMXvBmqODlOEEhAkhTonQ6Z5uGcvHc3vi_HAHCI1YvPIcfwy19-ZjNI3crQSaP5HEuuKs9vxDz0PEkw5F5jDoDvW6N5YT19lxg511dLmJSUde1jalVLWjKL7-_QwoX76YLr6RZArYaFr-T4AQvzTW0CWCXN7FG6ENn-pXyyXEcJUg_zHfABOuxj7eEA-AEAZIFBAgEGAGSBQQIBRgEoAZRgAevw8bGAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPP-A9IICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tOTE2MTg2MzY4NTgyNjk1NoAKA8gLAdgTCtAVAYAXAbIXHgocCAASFHB1Yi01NTEyMzkwNzA1MTM3NTA3GJLvIQ&sigh=w8ud9uik_-I&uach_m=[UACH]
Requested by: Host: it.timurovets.com
URL: https://it.timurovets.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 42C9 13 KB
5 KB 75ms
35ms Document
text/html 2a00:1450:400e:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:810::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 13 Feb 2022 17:30:16 GMT
expires: Mon, 13 Feb 2023 17:30:16 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 201058
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8AE1 783 B
1004 B 58ms
42ms Document
text/html 2a00:1450:400e:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:800::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

78eeba614bbfed81b21a9d0ced27ec9975f6994ab1ca98b66998901667a60e9b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-06kFWmXy1LW4uYbWzCKHSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 16 Feb 2022 01:21:14 GMT
date: Wed, 16 Feb 2022 01:21:14 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-06kFWmXy1LW4uYbWzCKHSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 515
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame C29F 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed98d015aca964f44ff6d72b2b1d74958c17f2d2a574892e5656edc42d61d04c

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame C29F 28 KB
28 KB 111ms
38ms Font
font/woff2 2a00:1450:400e:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://it.timurovets.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 18:41:12 GMT
x-content-type-options: nosniff
age: 24002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28196
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 17:53:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Feb 2023 18:41:12 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8AE1 0
0 124ms
88ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022021001&jk=2767926793659738&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 -KWncqjjGzUwfkE9Iz7kKrmGQUyasx7mQMa73T4tfiM.js Show response
pagead2.googlesyndication.com/bg/ Frame 42C9 35 KB
13 KB 60ms
26ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-KWncqjjGzUwfkE9Iz7kKrmGQUyasx7mQMa73T4tfiM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8a5a772a8e31b35307e413d233ee42ab986414c9ab31ee640c6bbdd3e2d7e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 18:14:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13554
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 18:14:52 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame C29F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

116ms
46ms

Image
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: it.timurovets.com
URL: https://it.timurovets.com/
Protocol: H2
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date: Wed, 16 Feb 2022 01:21:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012202072236000/ Frame 519C 220 KB
60 KB 84ms
31ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 37798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61519
x-xss-protection: 0
server: sffe
date: Tue, 15 Feb 2022 14:51:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "609f9f524fc23ab6"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Feb 2023 14:51:16 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 519C 16 KB
6 KB 81ms
29ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 37798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5708
x-xss-protection: 0
server: sffe
date: Tue, 15 Feb 2022 14:51:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4c9170e21c83610c"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Feb 2023 14:51:16 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 519C 96 KB
29 KB 115ms
63ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 37798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29623
x-xss-protection: 0
server: sffe
date: Tue, 15 Feb 2022 14:51:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f660f99fdfd5d6c6"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Feb 2023 14:51:16 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 519C 5 KB
2 KB 127ms
75ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 37798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1844
x-xss-protection: 0
server: sffe
date: Tue, 15 Feb 2022 14:51:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b0f41eb8e6d0a727"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Feb 2023 14:51:16 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 519C 42 KB
13 KB 129ms
76ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 37798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13623
x-xss-protection: 0
server: sffe
date: Tue, 15 Feb 2022 14:51:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "14164defe327400f"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Feb 2023 14:51:16 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 519C 6 KB
670 B 71ms
36ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Feb 2022 00:46:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 16 Feb 2022 01:21:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Feb 2022 01:21:14 GMT

GET
H3 200 it.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 519C 2 KB
2 KB 37ms
37ms Image
image/png 2a00:1450:400e:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/it.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:810::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7c5866bd803a7e09f3290be34496f42fe89547cf203367f25a1a5e8cf633ed2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:26:39 GMT
x-content-type-options: nosniff
server: cafe
age: 46475
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 11478399397312847468
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2073
x-xss-protection: 0
expires: Wed, 16 Feb 2022 12:26:39 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 519C 295 B
319 B 37ms
36ms Image
image/png 2a00:1450:400e:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:810::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 02:47:58 GMT
x-content-type-options: nosniff
server: cafe
age: 81196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 16 Feb 2022 02:47:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 519C 0
0 68ms
41ms Image
text/html 2a00:1450:400e:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRmfc6GMrj7ikhyhshTtX76foLLo1fYFx8dBoe7HKVdrvWH-J_HpFuQKGV6wVXs958xsDV4UranTZNCb1YY_K4nCPt4VQ
Requested by: Host: it.timurovets.com
URL: https://it.timurovets.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400e:800::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 519C 0
0 72ms
72ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CFgveilEMYpKlHIqN7_UP156nyA-F_uusaIWmw7L4C7i5-Kz0GRABIKqAwyJg_YKRhOgRoAH02syZA8gBCakC0-W9nZgNsz7gAgCoAwHIAwqqBI4CT9AXzV1OB5me1o0GDNJOZatJ1V1qUgcoa2uADH6kU2_fV4urx-bjuJgQZqNDQdJYz_UsDI7Mp16eRumWAj6oYFEwsolXxKC_TRhULzBe_z4HaVUQ058TaRVcU4KJQSSROr1QhOFxwv7fBXdA1P6nAEPFLAHvKhV3zExcAQcvQBo0iDRIoBzWhwXr9mSM0Nytzy7HBJ3dQWnaPXSxcMlEnym0ep7AOwHkucw6d4_rdXvCd2dKfQwKPdURsmOhzgktlXEkBamMDafu3uuqcnodaDQ0owBT_aG-XdGP8DUiUjI5f-8-1bfmTwcy1agn9M9iUnSRdTNNIcRm_aYRupSanVikhGG1Vy7C4xJnqI0xwASL_cupjAPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH9KSzZqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEELCUF9IICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tOTE2MTg2MzY4NTgyNjk1NoAKA8gLAdgTDIgUA9AVAZgWAYAXAbIXHgocCAASFHB1Yi01NTEyMzkwNzA1MTM3NTA3GJLvIQ&sigh=a168IFtfGpk&uach_m=[UACH]&template_id=484
Requested by: Host: it.timurovets.com
URL: https://it.timurovets.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 it.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C29F 2 KB
2 KB 35ms
35ms Image
image/png 2a00:1450:400e:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/it.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:810::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7c5866bd803a7e09f3290be34496f42fe89547cf203367f25a1a5e8cf633ed2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:26:39 GMT
x-content-type-options: nosniff
server: cafe
age: 46475
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 11478399397312847468
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2073
x-xss-protection: 0
expires: Wed, 16 Feb 2022 12:26:39 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C29F 295 B
319 B 36ms
35ms Image
image/png 2a00:1450:400e:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:810::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 02:47:58 GMT
x-content-type-options: nosniff
server: cafe
age: 81196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 16 Feb 2022 02:47:58 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/504128565416840992/ Frame 519C 17 KB
17 KB 37ms
36ms Image
image/jpeg 2a00:1450:400e:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/504128565416840992/downsize_200k_v1?w=400&h=209

Requested by

Host: it.timurovets.com
URL: https://it.timurovets.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:810::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1956925d5647d9e3cef3c7fdef302fab09b15e7a27531b07a480926d96b2d039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:48:21 GMT
x-content-type-options: nosniff
age: 408773
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17328
x-xss-protection: 0
last-modified: Mon, 10 Aug 2020 15:25:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 11 Feb 2023 07:48:21 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11950586043175686122/ Frame 519C 2 KB
2 KB 43ms
41ms Image
image/jpeg 2a00:1450:400e:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11950586043175686122/downsize_200k_v1?w=100&h=100

Requested by

Host: it.timurovets.com
URL: https://it.timurovets.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:810::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1cd8817b146a722e59ab5f874f2a19b0185e2ebb33f49828b40a0658cd8b5fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:54:07 GMT
x-content-type-options: nosniff
age: 30427
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1730
x-xss-protection: 0
last-modified: Mon, 18 Feb 2019 17:42:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Feb 2023 16:54:07 GMT

GET
DATA 200
OK truncated
/ Frame 519C 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7826f4c92170ce87378ef0f8a4944a6b967cc87c7386db6b1336b97bf3f1d556

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 519C 15 KB
15 KB 88ms
53ms Font
font/woff2 2a00:1450:400e:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://it.timurovets.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 17:21:16 GMT
x-content-type-options: nosniff
age: 115198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 14 Feb 2023 17:21:16 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 519C 15 KB
15 KB 74ms
41ms Font
font/woff2 2a00:1450:400e:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://it.timurovets.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 06:18:42 GMT
x-content-type-options: nosniff
age: 241352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 13 Feb 2023 06:18:42 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 519C 15 KB
15 KB 65ms
32ms Font
font/woff2 2a00:1450:400e:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://it.timurovets.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 00:05:40 GMT
x-content-type-options: nosniff
age: 177334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 14 Feb 2023 00:05:40 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 42C9 0
9 B 35ms
35ms Image
text/plain 2a00:1450:400e:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?nUBpWQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400e:810::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 container.html Show response
483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C638 6 KB
3 KB 65ms
31ms Document
text/html 2a00:1450:400e:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Feb 2022 01:21:14 GMT
expires: Thu, 16 Feb 2023 01:21:14 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BF70 624 B
297 B 77ms
44ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKOipgEQkJurARjTkNW-ATAB&v=APEucNV6WncOJRQ2PHCkhMzcGW1Q996NPoCSv8v1ZfrQWpT4SGz5piFWDmSmh6-oTnFbWJZsAVM4YAovdwifFkt2rHiV8qHi-_t1r0C6n2YK-dpPcqRjU6_SEgco_V-nHVOFcoxjUtaiKKoi6Uuk99ZH5GSTtiIa2kITZzVVIhS59V7yKf1pWxAw_YC-KhPwXIX_-EAdYLCJdA1GTt45D7K50AlCfToIzQ

Requested by

Host: 483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com
URL: https://483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 16 Feb 2022 01:21:15 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C638 75 KB
31 KB 100ms
67ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AE6ZhCC5aJWFk6zViC_Km6YNizIod1viuV9rYXEg_Zpg3wuC0YCvetfoiXUz3Z4huzkydUcA-y0jEBNUuhcIizhWTDKR60n-0YObVXoM47Sz9wSo5vKjwayNCxSa_WAShJucSLWRvvawdZ3VPZCspisOmAfg&dbm_d=AKAmf-CAA4NgEmNlWoSG1hGvZm9HWxpJt41aXkwrLQ1aPE3X-LboO8GzKnlWiJTlOdelL41lhzjxUgjQpUA9s77jbvX2AJkPMBS25wPFtbcHflvtxWVvDP2bv2UKswwV5U_0NTMnTNPTptmFZxkB-FKaDdKCisi-uRsYlq-R2Cl96mPbtrPtSY8QF5Usypod3qRWuT5pyQLsfAjTemL3QRRRC5MHAu_oduJAYOhKsyxbNm5w9y7tUQhHR1KkLTmmPK0Sp5iD4p_sNFL-7pPfP5u72H1ywLPy5rqeYtx55Q6ziyf96fsGgft7QJ-EcpoNiqbWahl5pGACv0foDtHdP2tDhEs3Vn5RKRKmyjMDKN5GSRvLD7raGoGn5JXc9B_ToV2psIzgpktyB2gHfpnkvPEIg4vBJwiGDhvg-9SyWN3dB1OcB2pxayKbrXIdLVMzrYJaxRxz7c1nskF77H6l70Oqbb-wWrYsGt847jgsjc82szapySHhRjVy2o-h44TtKXVx-VENGOA5STKwuEPjxnAiJo3560H64MNqCjv-e7FnbunCeXXIgL6cTS7DawMC0zl9Rb49cBBPGfhi5p5d3pYZXNFSHCA-wo4NS-WQd5oRMCTLykITIzsMRUX0TkMTqNGUunP6SqX5TDnMNJEPG8u7db8D1wN-pT-mu8hpD_vQJwyUyM8B-LbFSl_olZklS8XIkDMPbRd3KIL_C_HkZ0jvoaYYsHPrMbU2z6j-_zDiZQ30M2CmaKymAzFXUjn98uomcwrTzJMt8aDgph6FDBEINRumiOR8H0u0z8VQpM_8LZPUeYKo76xNnQaEDW3C5H2UC1r2h3G76yye7fJ_BuW6WXtbX37VQtg9mgUrdQDq-7NntvOxgL2wYK8UAJV6nwiDdn3HPLvsMEvRRnU5fuUPX93AREfDEalPDUkGfFotgf3uza-jE-3LXmDE0RYF-WFMoGh2FFbZ3SYjG3rAdni-u_6Nyw79j_h-bpQqB1oqxEmpMcXCDXTFLbGz47VY4slxq-thhgBI83N2iES_6lBb6z7ecij0iGqcYPMzamuw908JOYOwy3mZukbQuiZJNtvpDmjh_1T5OKKwnJYFWXhrCf8lr8GpbPWHrzBDFjZf0f2wQR27wcVfS7k54Ox7dh5Ud7JA290ZrtQ1dlQy3308vhU81EqMroPKybzsCVgDjZ8AxnDcSB6vGjRX_4vn0ELG7Fmz8YG1Kz-XH-0ko_a1an24nOz2hutWA4T-sfpuG91RIIfzYKpfPayGckQ6DzHcxiNRkITOQ6H1MmYIjMYPmtBWD--zMKXtZfIwU7n0I8Xw-7JQqFWbBSXI_4ZEgAnfjNUdN5mvUaZGKVqtR7mHtkTqvfbd9DMhROmdc9FJ7vGeyunxSm1W0Fv3GKNUyQQcIAdStWvUjmkJJLmepGiY5VBAzZHsGhow1VdvzFnUHnjV-5waxUD2BwOlPT40nzdPENK1aFSyApu6W0NmAhFOlzyY_vwLCBMUWFfAgiO21XHXjckkMIoqOy0xqAeVUkixoW76Iw4_z_MFHszsBkohYDV3Ss7jS-Vxf1-jhr4MVa0cv-ivFKGz3dUZqVlZ02-uZre_86caYYx2K_-lELlRyN-LExG90qIDfYfrKYdLoEwsphd1uk5h3arD6wbzKqMfZUxdA_T8Nh5-AcA29Wdqdgu2A2evpPW_51d3JD0zvuQoXxaP5H8XQxAM-SnB8n1gZbG94AZPI86ztNISkix0gnIHro6Ep7JBodXKvJS1vMwcYsR__b9SAa-Wv727NRfHnaNsDKTIU7Aa92d8EhMT3wLkbCurTpnayzLKPx1OdlFmwuLKOiwoYHQM5silCklMEzpPjpuj7FeYmZ6iJmu1EkcAzWTifU1P5Dcp2iDXun6B8EfEUs_o7s92aZI_iHYdh2V9vERz397Br2hm8-0qTHU-oNVzxZcJf9WvUTBbpBkOwLfEDZDu4DHiZrqhBAn8lUilLicoesSdZXT3ymjw2T-51_9TWNCbFljhKnxa5NAn6Cgy0aZCw7Xnz7yPM6vwTuXSAQJd9wngRUjwIFReZxsDl30ojTp3mz5L1ljEIwm2wrH13atk-9hWbBRtbuoJh_DeeWGxXq6Buf0OzxUBt40l7s3U4Hw4cxL33SoiriYpFdQki2l3i6RI9OsMhSTJtyTNk59RX-9A5wDeKjXudWqS6tn3sXCdWhy1I1VMsaLTr08kxHX0KpYUkr8zYi-J13-I9FpodbVAEgAKa-IUXTqqH7eRKrIr2PSWMDF71KTUsQlFgWaFN5kTOls3Zr4Xd6t8VcU6Cve0FJYZwJiHKgb8oBT4iNOxx8cyBMmWrxNpY_qTeTEnxBCqYC2jX7XwN7BzKMp4sXvUMKRH0qQSs9kn3ePKuE9J06Z8hF0OpHY4ohybt8Kt_PflsnsWJu5htu3F4_xoIYy_EIHuJzX9YRCkfkIXZuLD2QUwGetOo4CgO8G7xad87C2i3wYXWBaUzUd0eLYq4eLjj1XISORFfWJEAii30S-wneWDMlTZsilG6dJPKynvpxwRtVabRHPVOwiNk56vDXFKAm-T0QDaiaOns7Vntl7hoRvIT35TTNB0F5XgguGSdmMoJ4VnHwGFM9EKIbuw8gSxUxm5E-zE7OJ0-uMT8syA2wLonYHF9ZQz1O-6rDinE2LByvqOZTTYPTMe3ymtZgC8_0duLAfU8z62U5MI_lzVXAsORb_hjDd9-u0d9nYDUKsBK6RQyGN4Jj6PEp87MRhRdcGFILive4HTsuekWmUH20Qu7aqEhVrpNjk-kxkwS7zfAYLMzF9aVZpamfMBZH5DB6LefgC6nntiJKPPLfN2FDWuoy_E1ftrFGupGc5EQ2H-DUe7ZwHdps9AJWc_XRGT0Y4yDQ4-fcqkHPLM9_-BE7mW_1oJiIZ8jS398DkTif7egyVbMQcnRfE9w1-xdIkPTKkjKgfqzZdsDn81lrhXU6Vxkms_Ag0g6YRIEmABgoS4PgF33d7KBvATMjAF5TnHJaiDViRZjfqtp9AM__xz7bJ7wOfCMzDCJTe-GCHbD6OiQjG5v6ZayBgR9H_Lok_OpaTYjgYltJT42Hzj2LaWRi9AfrYQ5WpdyoGZ5or5N9JNyBYjBoREpfXfTPwwFfzyxqhQu_0W7JRIZ6NLefDIG8kYb7cnVqNAgjxY5QBwgTGN2dzDDJJtQQw7cd_cE16JnTifSxbsAxgRNOoPl3-iL0HPXjKFOSAUzAfqi2ke2a1kSVBri31jtWHcTMLGOkzbu8jtW38lhQ9Ww_3SBSFUYyxO2hRuCmjAHp6PaXMOkr-tviir1FiUHvIGnSw7fO6rxIz7jHslU2Vp1tVPtIMqOh5S8UbQR9A1hP1KZSPylQXSkIY7OmV9-mPLEw9udZY7NbzN-wbR_hl2dRYvH__rSIRZuuBiCiY8ppm1YYbA0Ingp0PFMr5qQX3JAhmAXigoXz0XdQYayrVnFXLR2w&cid=CAASFeRoQ-tMSWRxr8fClDIJPoJqEn-a7A&rfl=1%2Chttps%253A%252F%252Fit.timurovets.com%252F%240

Requested by

Host: it.timurovets.com
URL: https://it.timurovets.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6710c7ab63c2c8c12d9fc80667d6f90450ddc74f3b627d7345a1079267d53f92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 01:21:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32221
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C638 42 B
63 B 60ms
59ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CGkwrGuJZCEvWuAxO2Zh5uoPayreiT9nQWywBubZ-0gwPCBIwxX5eTwMg2Yj52ZJ8fnBUwwWn-grThe3aEi9WXY09gr6lsAUQJR6IkpQ_ZoQmVOOQ

Requested by

Host: 483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com
URL: https://483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 01:21:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/ Frame C638 2 KB
1 KB 36ms
36ms Script
text/javascript 2a00:1450:400e:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/window_focus_fy2019.js

Requested by

Host: 483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com
URL: https://483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:810::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 00:36:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Mar 2022 00:36:04 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C638 124 KB
38 KB 103ms
42ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com
URL: https://483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38569
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644842073869169"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Feb 2022 01:21:15 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/ Frame C638 15 KB
6 KB 37ms
36ms Script
text/javascript 2a00:1450:400e:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com
URL: https://483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:810::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3975966229b1c0ceebf499c9785110a8142f42b5bddb0122e3eca5666707ae45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 531
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6405
x-xss-protection: 0
server: cafe
etag: 2993485572248006277
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Mar 2022 01:12:24 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BF70
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKmv5_2M_VjoIhH6521liZ4&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKmv5_2M_VjoIhH6521liZ4&google_cver=1&C=1

43 B
1013 B

37ms
37ms

Image
image/gif

2.21.43.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKmv5_2M_VjoIhH6521liZ4&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKOipgEQkJurARjTkNW-ATAB&v=APEucNV6WncOJRQ2PHCkhMzcGW1Q996NPoCSv8v1ZfrQWpT4SGz5piFWDmSmh6-oTnFbWJZsAVM4YAovdwifFkt2rHiV8qHi-_t1r0C6n2YK-dpPcqRjU6_SEgco_V-nHVOFcoxjUtaiKKoi6Uuk99ZH5GSTtiIa2kITZzVVIhS59V7yKf1pWxAw_YC-KhPwXIX_-EAdYLCJdA1GTt45D7K50AlCfToIzQ
Protocol: HTTP/1.1
Server: 2.21.43.236 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-43-236.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Feb 2022 01:21:15 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 16 Feb 2022 01:21:15 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 16 Feb 2022 01:21:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKmv5_2M_VjoIhH6521liZ4&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Wed, 16 Feb 2022 01:21:15 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BF70
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YgxRi7PBX9gH5hz7UZ9dMwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKmv5_2M_VjoIhH6521liZ4&google_cver=1

43 B
893 B

39ms
39ms

Image
image/gif

2.21.43.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKmv5_2M_VjoIhH6521liZ4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKOipgEQkJurARjTkNW-ATAB&v=APEucNV6WncOJRQ2PHCkhMzcGW1Q996NPoCSv8v1ZfrQWpT4SGz5piFWDmSmh6-oTnFbWJZsAVM4YAovdwifFkt2rHiV8qHi-_t1r0C6n2YK-dpPcqRjU6_SEgco_V-nHVOFcoxjUtaiKKoi6Uuk99ZH5GSTtiIa2kITZzVVIhS59V7yKf1pWxAw_YC-KhPwXIX_-EAdYLCJdA1GTt45D7K50AlCfToIzQ
Protocol: HTTP/1.1
Server: 2.21.43.236 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-43-236.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Feb 2022 01:21:15 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 16 Feb 2022 01:21:15 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Feb 2022 01:21:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKmv5_2M_VjoIhH6521liZ4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame BF70
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMNe6Nq88WduUpDqGmEQujg&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMNe6Nq88WduUpDqGmEQujg%26google_cver%3D1

43 B
1 KB

25ms
25ms

Image
image/gif

37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMNe6Nq88WduUpDqGmEQujg%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKOipgEQkJurARjTkNW-ATAB&v=APEucNV6WncOJRQ2PHCkhMzcGW1Q996NPoCSv8v1ZfrQWpT4SGz5piFWDmSmh6-oTnFbWJZsAVM4YAovdwifFkt2rHiV8qHi-_t1r0C6n2YK-dpPcqRjU6_SEgco_V-nHVOFcoxjUtaiKKoi6Uuk99ZH5GSTtiIa2kITZzVVIhS59V7yKf1pWxAw_YC-KhPwXIX_-EAdYLCJdA1GTt45D7K50AlCfToIzQ

Protocol

HTTP/1.1

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Feb 2022 01:21:15 GMT
X-Proxy-Origin: 192.145.127.211; 192.145.127.211; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1241c9db-df4c-44f1-a81f-51e564e8fc07
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 16 Feb 2022 01:21:15 GMT
X-Proxy-Origin: 192.145.127.211; 192.145.127.211; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: e1fc4ba2-69bc-4c14-a303-b2ce5c00387d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMNe6Nq88WduUpDqGmEQujg%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BF70
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjI2OTg0NTA0MjY4MzU1NzMwNw%3D%3D

170 B
188 B

38ms
38ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjI2OTg0NTA0MjY4MzU1NzMwNw%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 01:21:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 16 Feb 2022 01:21:15 GMT
X-Proxy-Origin: 192.145.127.211; 192.145.127.211; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3e30d4a3-df0c-49b8-b57f-dfda526a4de0
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjI2OTg0NTA0MjY4MzU1NzMwNw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame C638 106 KB
38 KB 116ms
32ms Script
text/javascript 2a00:1450:400e:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: it.timurovets.com
URL: https://it.timurovets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:801::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com/
Origin: https://483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 10:23:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53881
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Feb 2022 10:23:14 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220214/r20110914/elements/html/ Frame C638 8 KB
3 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220214/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AE6ZhCC5aJWFk6zViC_Km6YNizIod1viuV9rYXEg_Zpg3wuC0YCvetfoiXUz3Z4huzkydUcA-y0jEBNUuhcIizhWTDKR60n-0YObVXoM47Sz9wSo5vKjwayNCxSa_WAShJucSLWRvvawdZ3VPZCspisOmAfg&dbm_d=AKAmf-CAA4NgEmNlWoSG1hGvZm9HWxpJt41aXkwrLQ1aPE3X-LboO8GzKnlWiJTlOdelL41lhzjxUgjQpUA9s77jbvX2AJkPMBS25wPFtbcHflvtxWVvDP2bv2UKswwV5U_0NTMnTNPTptmFZxkB-FKaDdKCisi-uRsYlq-R2Cl96mPbtrPtSY8QF5Usypod3qRWuT5pyQLsfAjTemL3QRRRC5MHAu_oduJAYOhKsyxbNm5w9y7tUQhHR1KkLTmmPK0Sp5iD4p_sNFL-7pPfP5u72H1ywLPy5rqeYtx55Q6ziyf96fsGgft7QJ-EcpoNiqbWahl5pGACv0foDtHdP2tDhEs3Vn5RKRKmyjMDKN5GSRvLD7raGoGn5JXc9B_ToV2psIzgpktyB2gHfpnkvPEIg4vBJwiGDhvg-9SyWN3dB1OcB2pxayKbrXIdLVMzrYJaxRxz7c1nskF77H6l70Oqbb-wWrYsGt847jgsjc82szapySHhRjVy2o-h44TtKXVx-VENGOA5STKwuEPjxnAiJo3560H64MNqCjv-e7FnbunCeXXIgL6cTS7DawMC0zl9Rb49cBBPGfhi5p5d3pYZXNFSHCA-wo4NS-WQd5oRMCTLykITIzsMRUX0TkMTqNGUunP6SqX5TDnMNJEPG8u7db8D1wN-pT-mu8hpD_vQJwyUyM8B-LbFSl_olZklS8XIkDMPbRd3KIL_C_HkZ0jvoaYYsHPrMbU2z6j-_zDiZQ30M2CmaKymAzFXUjn98uomcwrTzJMt8aDgph6FDBEINRumiOR8H0u0z8VQpM_8LZPUeYKo76xNnQaEDW3C5H2UC1r2h3G76yye7fJ_BuW6WXtbX37VQtg9mgUrdQDq-7NntvOxgL2wYK8UAJV6nwiDdn3HPLvsMEvRRnU5fuUPX93AREfDEalPDUkGfFotgf3uza-jE-3LXmDE0RYF-WFMoGh2FFbZ3SYjG3rAdni-u_6Nyw79j_h-bpQqB1oqxEmpMcXCDXTFLbGz47VY4slxq-thhgBI83N2iES_6lBb6z7ecij0iGqcYPMzamuw908JOYOwy3mZukbQuiZJNtvpDmjh_1T5OKKwnJYFWXhrCf8lr8GpbPWHrzBDFjZf0f2wQR27wcVfS7k54Ox7dh5Ud7JA290ZrtQ1dlQy3308vhU81EqMroPKybzsCVgDjZ8AxnDcSB6vGjRX_4vn0ELG7Fmz8YG1Kz-XH-0ko_a1an24nOz2hutWA4T-sfpuG91RIIfzYKpfPayGckQ6DzHcxiNRkITOQ6H1MmYIjMYPmtBWD--zMKXtZfIwU7n0I8Xw-7JQqFWbBSXI_4ZEgAnfjNUdN5mvUaZGKVqtR7mHtkTqvfbd9DMhROmdc9FJ7vGeyunxSm1W0Fv3GKNUyQQcIAdStWvUjmkJJLmepGiY5VBAzZHsGhow1VdvzFnUHnjV-5waxUD2BwOlPT40nzdPENK1aFSyApu6W0NmAhFOlzyY_vwLCBMUWFfAgiO21XHXjckkMIoqOy0xqAeVUkixoW76Iw4_z_MFHszsBkohYDV3Ss7jS-Vxf1-jhr4MVa0cv-ivFKGz3dUZqVlZ02-uZre_86caYYx2K_-lELlRyN-LExG90qIDfYfrKYdLoEwsphd1uk5h3arD6wbzKqMfZUxdA_T8Nh5-AcA29Wdqdgu2A2evpPW_51d3JD0zvuQoXxaP5H8XQxAM-SnB8n1gZbG94AZPI86ztNISkix0gnIHro6Ep7JBodXKvJS1vMwcYsR__b9SAa-Wv727NRfHnaNsDKTIU7Aa92d8EhMT3wLkbCurTpnayzLKPx1OdlFmwuLKOiwoYHQM5silCklMEzpPjpuj7FeYmZ6iJmu1EkcAzWTifU1P5Dcp2iDXun6B8EfEUs_o7s92aZI_iHYdh2V9vERz397Br2hm8-0qTHU-oNVzxZcJf9WvUTBbpBkOwLfEDZDu4DHiZrqhBAn8lUilLicoesSdZXT3ymjw2T-51_9TWNCbFljhKnxa5NAn6Cgy0aZCw7Xnz7yPM6vwTuXSAQJd9wngRUjwIFReZxsDl30ojTp3mz5L1ljEIwm2wrH13atk-9hWbBRtbuoJh_DeeWGxXq6Buf0OzxUBt40l7s3U4Hw4cxL33SoiriYpFdQki2l3i6RI9OsMhSTJtyTNk59RX-9A5wDeKjXudWqS6tn3sXCdWhy1I1VMsaLTr08kxHX0KpYUkr8zYi-J13-I9FpodbVAEgAKa-IUXTqqH7eRKrIr2PSWMDF71KTUsQlFgWaFN5kTOls3Zr4Xd6t8VcU6Cve0FJYZwJiHKgb8oBT4iNOxx8cyBMmWrxNpY_qTeTEnxBCqYC2jX7XwN7BzKMp4sXvUMKRH0qQSs9kn3ePKuE9J06Z8hF0OpHY4ohybt8Kt_PflsnsWJu5htu3F4_xoIYy_EIHuJzX9YRCkfkIXZuLD2QUwGetOo4CgO8G7xad87C2i3wYXWBaUzUd0eLYq4eLjj1XISORFfWJEAii30S-wneWDMlTZsilG6dJPKynvpxwRtVabRHPVOwiNk56vDXFKAm-T0QDaiaOns7Vntl7hoRvIT35TTNB0F5XgguGSdmMoJ4VnHwGFM9EKIbuw8gSxUxm5E-zE7OJ0-uMT8syA2wLonYHF9ZQz1O-6rDinE2LByvqOZTTYPTMe3ymtZgC8_0duLAfU8z62U5MI_lzVXAsORb_hjDd9-u0d9nYDUKsBK6RQyGN4Jj6PEp87MRhRdcGFILive4HTsuekWmUH20Qu7aqEhVrpNjk-kxkwS7zfAYLMzF9aVZpamfMBZH5DB6LefgC6nntiJKPPLfN2FDWuoy_E1ftrFGupGc5EQ2H-DUe7ZwHdps9AJWc_XRGT0Y4yDQ4-fcqkHPLM9_-BE7mW_1oJiIZ8jS398DkTif7egyVbMQcnRfE9w1-xdIkPTKkjKgfqzZdsDn81lrhXU6Vxkms_Ag0g6YRIEmABgoS4PgF33d7KBvATMjAF5TnHJaiDViRZjfqtp9AM__xz7bJ7wOfCMzDCJTe-GCHbD6OiQjG5v6ZayBgR9H_Lok_OpaTYjgYltJT42Hzj2LaWRi9AfrYQ5WpdyoGZ5or5N9JNyBYjBoREpfXfTPwwFfzyxqhQu_0W7JRIZ6NLefDIG8kYb7cnVqNAgjxY5QBwgTGN2dzDDJJtQQw7cd_cE16JnTifSxbsAxgRNOoPl3-iL0HPXjKFOSAUzAfqi2ke2a1kSVBri31jtWHcTMLGOkzbu8jtW38lhQ9Ww_3SBSFUYyxO2hRuCmjAHp6PaXMOkr-tviir1FiUHvIGnSw7fO6rxIz7jHslU2Vp1tVPtIMqOh5S8UbQR9A1hP1KZSPylQXSkIY7OmV9-mPLEw9udZY7NbzN-wbR_hl2dRYvH__rSIRZuuBiCiY8ppm1YYbA0Ingp0PFMr5qQX3JAhmAXigoXz0XdQYayrVnFXLR2w&cid=CAASFeRoQ-tMSWRxr8fClDIJPoJqEn-a7A&rfl=1%2Chttps%253A%252F%252Fit.timurovets.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Mar 2022 01:15:47 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220214/r20110914/ Frame C638 25 KB
9 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220214/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6df0e79bf174f517cea1f243496e6a4e577650894430e419f398d393cda9db9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:02:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9617
x-xss-protection: 0
server: cafe
etag: 10975767963254409397
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Mar 2022 01:02:52 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C638 41 KB
15 KB 36ms
35ms Script
text/javascript 2a00:1450:400e:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com
URL: https://483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:810::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 10:22:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 313132
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Feb 2023 10:22:23 GMT

GET
DATA 200
OK truncated
/ Frame C638 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 085c342f63f472d1de1dc503459e16402dcd6b19cd210c224419281e4799123f

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7F51 22 KB
8 KB 36ms
36ms Document
text/html 2a00:1450:400e:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:810::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Feb 2022 10:23:14 GMT
expires: Sun, 12 Feb 2023 10:23:14 GMT
cache-control: public, max-age=31536000
age: 313081
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 -KWncqjjGzUwfkE9Iz7kKrmGQUyasx7mQMa73T4tfiM.js Show response
pagead2.googlesyndication.com/bg/ Frame 7F51 35 KB
13 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-KWncqjjGzUwfkE9Iz7kKrmGQUyasx7mQMa73T4tfiM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8a5a772a8e31b35307e413d233ee42ab986414c9ab31ee640c6bbdd3e2d7e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 18:14:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13554
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 18:14:52 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/6871190/1642778149093/IT_DISPLAY728X90_Q122-A_VALENTINES_WOMAN_MIXED/ Frame 3A9E 4 KB
1 KB 67ms
32ms Document
text/html 2a00:1450:400e:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/6871190/1642778149093/IT_DISPLAY728X90_Q122-A_VALENTINES_WOMAN_MIXED/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:801::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03a14c267f360ca5380578f1809838af2634dc24e33faefcae6e4da1542aa541

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 1425
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Feb 2022 11:19:22 GMT
expires: Wed, 16 Feb 2022 11:19:22 GMT
cache-control: public, max-age=86400
age: 50513
last-modified: Fri, 21 Jan 2022 15:15:49 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C638 0
571 B 124ms
46ms Ping
image/gif 216.58.214.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvQ9eLSwmRDe3zyzChAroMYmo8PUzeqyOloARTgUUXWgKBcBOlWAoTKBKhMugydMW5Z2-U0pfpWb4I2y0Qf_TsXCqUKIp3ycoI5iqcumS2SRBuOsHakTipk9AcVdDFbToxYPlieR3e28CeUpF-1BidrH8I1iv9soUacfL5UgHRk3BUDiXMcfHHLpfiKVFX58ZhBYxSgrZZX2uw9zTadNa9shAvuRbigSEQJxkCl_nR8Ews7pF9rC9YGpqwU6hcCmJr1NSAYGENGgzc1a39qqBv60lZKsDjnwqiHNt1FTwRlg6tO6sINXxgDVN9UTMnNuNRd0vq-Ww56TtOhl4YuHgRFyJlUcDURObgqUtfznunKw1luJ72Y6Lac3JCj7HFjElMvYXjzcHKoi4BttdOX1gI2Yzr3XAVRd0lsJXeFI0TEE4iE0RX_yjfM7J0zGw9BMNDQge8abgNmbEeYS1McFgtfnOOssjelNMkDr_nOfbVum42ChMi-cklNwb8CMTS0IL5Baqn4eJodkYgRFaszU4ccmlhrlkq-vh0HRwF_n-Wa20z1K0LUbbM0xxra_3Dc-xl40xLNB8Bd60pVMbBpizgXiPsMMb2so-OQpb-pRdg2eyPetWBWtpisvqFKEBlKnvQRoc-8J-i2Ztt4BCao3dXk4jf7x9SNylRctsp0xRQtZicekplRghAeS6T7ZSSTWyl9BFP3f2mRjQWvEcj2znk6vrDpoCad92Hiqth_suTJa2FnzQFtdq-IicIliNxiGduxFhc_Nj7XDZcbyzaXRYwYIE6ulx6im3K8G6m4ci_nxgsWiJMcrNO5KtgXKVk2_3zrGq1A9qYF56vfCQKkeFbi3Ns_j8Po0jdJDi0jN5U7bnP7f_EOOUbcvAUWHV_9mKifauZ-eDLxEuaPIvMRoYa-XdX2KSwtkW4CA9YZBuqd6w8oXfw-bpMfXUnEDsh1DEHlJlfSad-7_7QYQPepoaMFGQRZUJFKDxd-7gd1DlahMzORGWRtnOwLXSpcZSOOMEEhX-8XkIYymVb09SiPTd5Z0n4RpGYdm7vUc3K6wPZTgqfFjUalKbY10KdNCJBCRwyXRClZNZAKbJbfiBf2jLgzRuW8Ixqikj71O2-vlOn7GjXFJ28d3RAobo36KeCtoYskXVeC3uZfcn6XPVOfN3dQGtyaaP6NiIRZ59Q7UHxLgqQ98K-E8mUzyjf-xISyyE9vaOiQHmXC3OSwYiXdJIhb0bdMF36DGPXT-Xklc8bdZzknzV8k5C8z_TYi-7Oz5S5_RrcKrx4-V9ZwkPCXdItVCYFGGUQda3op7jkVpM-HppE4&sai=AMfl-YSPgxVmq4tw5qbK6_Wdy1EhX2joUA89pR6ck5lihaEzx-dT8sq_SFwhqlYFWrd0oHZkJZMToMt4RjZs1Z-E6bD1VIgvaU16C4tLfAvIaUINHItZDAw3rKonAHOarcy3w1EIEkO9NnECh2dSi5wSnERFIihHUL9vmJOgInY&sig=Cg0ArKJSzAd5cec77otUEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=169&cbvp=1&cstd=167&cisv=r20220214.14672&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: it.timurovets.com
URL: https://it.timurovets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.214.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams17s09-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 16 Feb 2022 01:21:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 style.css
s0.2mdn.net/6871190/1642778149093/IT_DISPLAY728X90_Q122-A_VALENTINES_WOMAN_MIXED/styles/ Frame 3A9E 2 KB
760 B 32ms
32ms Stylesheet
text/css 2a00:1450:400e:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/6871190/1642778149093/IT_DISPLAY728X90_Q122-A_VALENTINES_WOMAN_MIXED/styles/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6871190/1642778149093/IT_DISPLAY728X90_Q122-A_VALENTINES_WOMAN_MIXED/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:801::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a3363c6bff57757bbd398bf06b6065e3f85ac1a9b11f9e177459bd971bdb72f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/6871190/1642778149093/IT_DISPLAY728X90_Q122-A_VALENTINES_WOMAN_MIXED/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 11:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50513
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 734
x-xss-protection: 0
last-modified: Fri, 21 Jan 2022 15:15:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Feb 2022 11:19:22 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 3A9E 60 KB
24 KB 38ms
38ms Script
text/javascript 2a00:1450:400e:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6871190/1642778149093/IT_DISPLAY728X90_Q122-A_VALENTINES_WOMAN_MIXED/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:801::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/6871190/1642778149093/IT_DISPLAY728X90_Q122-A_VALENTINES_WOMAN_MIXED/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Feb 2022 01:21:15 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/6871190/1642778149093/IT_DISPLAY728X90_Q122-A_VALENTINES_WOMAN_MIXED/scripts/ Frame 3A9E 1 KB
425 B 33ms
32ms Script
text/javascript 2a00:1450:400e:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/6871190/1642778149093/IT_DISPLAY728X90_Q122-A_VALENTINES_WOMAN_MIXED/scripts/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6871190/1642778149093/IT_DISPLAY728X90_Q122-A_VALENTINES_WOMAN_MIXED/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:801::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f22a3685fc091e5fed431a86349252baff4850f2a203f201f9ced9e186452fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/6871190/1642778149093/IT_DISPLAY728X90_Q122-A_VALENTINES_WOMAN_MIXED/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 11:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50513
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 399
x-xss-protection: 0
last-modified: Fri, 21 Jan 2022 15:15:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Feb 2022 11:19:22 GMT

GET
H3 200 img1.jpg
s0.2mdn.net/6871190/1642778149093/IT_DISPLAY728X90_Q122-A_VALENTINES_WOMAN_MIXED/images/ Frame 3A9E 52 KB
52 KB 32ms
32ms Image
image/jpeg 2a00:1450:400e:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6871190/1642778149093/IT_DISPLAY728X90_Q122-A_VALENTINES_WOMAN_MIXED/images/img1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6871190/1642778149093/IT_DISPLAY728X90_Q122-A_VALENTINES_WOMAN_MIXED/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:801::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93078cd0210da3e59b16e1f8c38c20bdb8c879b6bc9bb8754cb8b539ba2d9cf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/6871190/1642778149093/IT_DISPLAY728X90_Q122-A_VALENTINES_WOMAN_MIXED/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 11:19:22 GMT
x-content-type-options: nosniff
age: 50513
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53268
x-xss-protection: 0
last-modified: Fri, 21 Jan 2022 15:15:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Feb 2022 11:19:22 GMT

GET
H3 200 img2.jpg
s0.2mdn.net/6871190/1642778149093/IT_DISPLAY728X90_Q122-A_VALENTINES_WOMAN_MIXED/images/ Frame 3A9E 36 KB
36 KB 55ms
54ms Image
image/jpeg 2a00:1450:400e:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6871190/1642778149093/IT_DISPLAY728X90_Q122-A_VALENTINES_WOMAN_MIXED/images/img2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6871190/1642778149093/IT_DISPLAY728X90_Q122-A_VALENTINES_WOMAN_MIXED/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:801::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36ff97534ce5499b6d4d863d679f6fbd255cadeed69f15c462d1cec8ad920d05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/6871190/1642778149093/IT_DISPLAY728X90_Q122-A_VALENTINES_WOMAN_MIXED/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 11:19:22 GMT
x-content-type-options: nosniff
age: 50513
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36376
x-xss-protection: 0
last-modified: Fri, 21 Jan 2022 15:15:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Feb 2022 11:19:22 GMT

GET
H3 200 pandora.svg
s0.2mdn.net/6871190/1642778149093/IT_DISPLAY728X90_Q122-A_VALENTINES_WOMAN_MIXED/images/ Frame 3A9E 3 KB
1 KB 61ms
60ms Image
image/svg+xml 2a00:1450:400e:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6871190/1642778149093/IT_DISPLAY728X90_Q122-A_VALENTINES_WOMAN_MIXED/images/pandora.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6871190/1642778149093/IT_DISPLAY728X90_Q122-A_VALENTINES_WOMAN_MIXED/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:801::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66cb728c1136298dc865b99aa5ca5840d1146c0e04315122cac8b27ce4605e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/6871190/1642778149093/IT_DISPLAY728X90_Q122-A_VALENTINES_WOMAN_MIXED/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 11:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50513
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1096
x-xss-protection: 0
last-modified: Fri, 21 Jan 2022 15:15:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Feb 2022 11:19:22 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F51 0
20 B 62ms
61ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZgwji1EMYoKsBsDJ7_UP0Nmy4AgAAAAAOAHgBAI&bg=!nJ-ln9vNAAbAtJCDwLQ7ACkAdvg8WuY84aRNQYf_8NF-QWlU2E9-XccRJle2PPrYolrscvx9h_ifowIAAABWUgAAAAJoAQeZAvReAM60AgkMuSjGUvA5BLNwZ7nR21uSqLvX-HREssjF6xVeoCsZis9kV80KrTnB5cagpMgx25l-m51YUvLeVR4Cr2oU-pbU_u7FW6rbqD6mbZfqR_RcS-tSfoMIpR-9puctfIEd7-rvxbNUiNI_5JgtIJK3lUqKqWNvHJsCOXblVRRbn4C__8LBnpvva_5v778Mi0yxywgqFFgQK6F78r0ZEiwxKSDxA5WJgrIoDwJHPGWPUMOVRx31eA2q2u7TTmZpQ-rperzcgCfqn25DfAc5TXOP_WMgkJ6FB8g4mmY6gIvlW8aMfvy4b4pPhJfNgKhFJDfmfoX9Ehk8ylzPQnDi6M_aKH8umX0SkCnbddPVd2xzCLSN5WzPfgDQWXqroGkiS5B1L8PORJgkebDwCySAsTnTFUHPAkUl7JTbFU7V8dFboAKvx3PdVdYVGalEdyetAEY0A92_plNRwjbyHZsJFoShba14GrcKr3-SNFevOuoM8MVDQ9r8mK-g6vjak8t8yjQY1AiII-qIIjFSiLGrBSRbpCT9yLUKJTdjzmyGlYE82r01hSvyfgctfPmcrfFT1hNMOhH41CW_I7L4haGcYeUmP1IN8mkOPWc0wlGmBlrpfKKzJxs6lK6v7LCRHXIzNjXpUf4vubJ4Vrf731Hg4Kux782a8jc4elA9vw0FwMDGZL38fohbQNfNP4Lp03Zjg9-DVnOWV2Q2zXr-VGqpEWfrAyzLp5g9ntxyhZ6GEiAZKCEsykTJimANcqxuBMQL1wPmz9hxDztmb6WxuWYiwvacaY34Kgi4jNYgTrdME4J1zXchI7tw1YZHMfXX-HUtkJKPcHHojRku8feJ7Kzrhn2a1NfCC7i45bKxepuWUg5hFR2SDsSA1JZqF4ahI1mNas38UBW_g1_Fs_QlvK2T272v4TkUYmQeljsWjZO63JFvsEEbezLUk51LYgLQJOcKV-MpK0A9Y36BbChqCkUqyzrIai9K_eCpXy3lIhUqLLSi-8U

Requested by

Host: 483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com
URL: https://483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 01:21:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 PanTextTT-Bold.woff
s0.2mdn.net/6871190/1642778149093/IT_DISPLAY728X90_Q122-A_VALENTINES_WOMAN_MIXED/fonts/ Frame 3A9E 34 KB
34 KB 33ms
33ms Font
font/woff 2a00:1450:400e:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/6871190/1642778149093/IT_DISPLAY728X90_Q122-A_VALENTINES_WOMAN_MIXED/fonts/PanTextTT-Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6871190/1642778149093/IT_DISPLAY728X90_Q122-A_VALENTINES_WOMAN_MIXED/styles/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:801::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8164593b54914bff7b1f455f3920cedb76412a78e7a8917a68692d47a35c0139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/6871190/1642778149093/IT_DISPLAY728X90_Q122-A_VALENTINES_WOMAN_MIXED/styles/style.css
Origin: https://s0.2mdn.net
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 11:19:22 GMT
x-content-type-options: nosniff
age: 50513
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34748
x-xss-protection: 0
last-modified: Fri, 21 Jan 2022 15:15:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Feb 2022 11:19:22 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 61ms
61ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022021001&jk=2767926793659738&bg=!IyClIGTNAAbAtJCDwLQ7ACkAdvg8Whmv9bDocEQnuDeBbeGyXIqSZvCFldLOduTOKkts7yl1wzTqIwIAAAC-UgAAAANoAQeZAs1l4Mafy9kUtJsiFQuaManRuTPZDxKF3iHa-1WOpw2KQcDLMVNSdbDm2oJ1lkcBEubccnEHWFibIMAuDUiMuLCamDyQgbwpLKEdO46UImdI6NsAmc3lCyXpk83-jLpJYMIv8NM5fKjuBG7hwdt-Zy7pAp_adl6nk2Yz7MQaULnteXQwN9Gyz6SqgZkEkhiuKOpYQL2XIVRnkKNr0NXWqv0stAzVoy8OlzfVHO4pvuQjJYPYKbeDPudrBGQ7MGy-w2EUSRxZQrdEtQm5j4dPqXG4tf6CQGX4w6Ff3W82eeNGfredMqmXikIPg2c1bFMujQolp-N2A4d6WJaj5BuTpvCI57WhVxt6hhLDn1T-rPo260VgG_gMzK3TaxVTY353w8NaEq-3870vhbnQitX4JmuCOjXhsWsMXk2WrEC8V8OORBbHhSydSu3e3ZgVJqvZsq9x9LZAhz_shY1SSxol4he07sD-BqkQHTFTUEbtZ_Tv_wXWA7DIQXDM634SuJ0oTPk-Bmgeu2XpDP0bm5JdkSb1COInZbIf33wKyOyi0GdAV0MawSLV6ootFXr6TAOunudCyA3nIQjlLdyWfnipLawzT091mA_HdViHV_9R1XIbmx_w1J2c54o4ZtcfrIe7TOFhl0MVJ9sRrIoS1SnzmcBtHiUPkyi0MLg682dmLPtkMTGFYRm0Bp1PrU8-sBlXhlVfy7P8sk5kqMhd5hG8XLOW-Dlk5-LF-32SCx1jRvzM_70opfEsH66kkODNVolkTGrR3kggNA08xJrwFRbs_N7WcoBsEaY8JLEUkwE9wSYIKbwWoOyHWQVKb5wfG4fyteu3xgsmkIj4dmgh6VSDoGdZ5FQSpe8VUuDF1WSNvHwi0ZdxoTMHUx-PsUI3o7GtvV4_MVYCBpi26XDsZELfG6MjyThYoXSOBKEE58amW836_edtUFreO-AgxgBSics

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 01:21:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C638 0
23 B 74ms
39ms Ping
image/gif 216.58.214.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvQ9eLSwmRDe3zyzChAroMYmo8PUzeqyOloARTgUUXWgKBcBOlWAoTKBKhMugydMW5Z2-U0pfpWb4I2y0Qf_TsXCqUKIp3ycoI5iqcumS2SRBuOsHakTipk9AcVdDFbToxYPlieR3e28CeUpF-1BidrH8I1iv9soUacfL5UgHRk3BUDiXMcfHHLpfiKVFX58ZhBYxSgrZZX2uw9zTadNa9shAvuRbigSEQJxkCl_nR8Ews7pF9rC9YGpqwU6hcCmJr1NSAYGENGgzc1a39qqBv60lZKsDjnwqiHNt1FTwRlg6tO6sINXxgDVN9UTMnNuNRd0vq-Ww56TtOhl4YuHgRFyJlUcDURObgqUtfznunKw1luJ72Y6Lac3JCj7HFjElMvYXjzcHKoi4BttdOX1gI2Yzr3XAVRd0lsJXeFI0TEE4iE0RX_yjfM7J0zGw9BMNDQge8abgNmbEeYS1McFgtfnOOssjelNMkDr_nOfbVum42ChMi-cklNwb8CMTS0IL5Baqn4eJodkYgRFaszU4ccmlhrlkq-vh0HRwF_n-Wa20z1K0LUbbM0xxra_3Dc-xl40xLNB8Bd60pVMbBpizgXiPsMMb2so-OQpb-pRdg2eyPetWBWtpisvqFKEBlKnvQRoc-8J-i2Ztt4BCao3dXk4jf7x9SNylRctsp0xRQtZicekplRghAeS6T7ZSSTWyl9BFP3f2mRjQWvEcj2znk6vrDpoCad92Hiqth_suTJa2FnzQFtdq-IicIliNxiGduxFhc_Nj7XDZcbyzaXRYwYIE6ulx6im3K8G6m4ci_nxgsWiJMcrNO5KtgXKVk2_3zrGq1A9qYF56vfCQKkeFbi3Ns_j8Po0jdJDi0jN5U7bnP7f_EOOUbcvAUWHV_9mKifauZ-eDLxEuaPIvMRoYa-XdX2KSwtkW4CA9YZBuqd6w8oXfw-bpMfXUnEDsh1DEHlJlfSad-7_7QYQPepoaMFGQRZUJFKDxd-7gd1DlahMzORGWRtnOwLXSpcZSOOMEEhX-8XkIYymVb09SiPTd5Z0n4RpGYdm7vUc3K6wPZTgqfFjUalKbY10KdNCJBCRwyXRClZNZAKbJbfiBf2jLgzRuW8Ixqikj71O2-vlOn7GjXFJ28d3RAobo36KeCtoYskXVeC3uZfcn6XPVOfN3dQGtyaaP6NiIRZ59Q7UHxLgqQ98K-E8mUzyjf-xISyyE9vaOiQHmXC3OSwYiXdJIhb0bdMF36DGPXT-Xklc8bdZzknzV8k5C8z_TYi-7Oz5S5_RrcKrx4-V9ZwkPCXdItVCYFGGUQda3op7jkVpM-HppE4&sai=AMfl-YSPgxVmq4tw5qbK6_Wdy1EhX2joUA89pR6ck5lihaEzx-dT8sq_SFwhqlYFWrd0oHZkJZMToMt4RjZs1Z-E6bD1VIgvaU16C4tLfAvIaUINHItZDAw3rKonAHOarcy3w1EIEkO9NnECh2dSi5wSnERFIihHUL9vmJOgInY&sig=Cg0ArKJSzAd5cec77otUEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=385&vt=11&dtpt=216&dett=3&cstd=167&cisv=r20220214.14672&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: it.timurovets.com
URL: https://it.timurovets.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.214.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams17s09-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Feb 2022 01:21:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 519C 42 B
64 B 61ms
61ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsselqYzbWDcouYS4Dd5-xekGKBHN41qdF78f8kGCwTAcwHIpCXGhshzfEbjSkfBqbQhzjKMsTpRrnVNWK5nWhR9CXqxw7nC3HoZwBZbZR_QNoYnic_aJA&sai=AMfl-YS2EWhJKUoYlFCFs62K7OidurGStA9tlykUCzlEWz6K0oh-3mkkUaTDdQt0of73OVGd9wnky6zQzG1G0fowZOGw8l0qPclkYDU-MWo_79zVL5V5-UdsclNzTOkJ3kvH&sig=Cg0ArKJSzLAkQAUNQd2DEAE&id=ampim&o=315,75&d=970,300&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=236&tls=1236&g=100&h=100&tt=1236&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=2426510423

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 01:21:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C638 42 B
64 B 109ms
64ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv-lhmP8a6JCAvrmn5DePY9b18ThBskL21KElVOLRo1Wa8k_bC3GJt3P3H85evV4V4iy1mV5R4VHN1URR_ikMr-6N3Ek4n_cyTVcNQ-L9JzXhE2uU1aJg&sai=AMfl-YSeh9zU0Py8EjuB5oqfnC4NzfehS7iSmCevGboN9g-2bb-Jgyxhb964aqg9lD4qS87cO7L9V7nw1flTc6Rrm7IfdC3LsBnq_BmjFcneaAbpe5BV_LGByCa4gLj2EVs&sig=Cg0ArKJSzLGmtpedcQlsEAE&cid=CAASFeRoQ-tMSWRxr8fClDIJPoJqEn-a7A&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220214&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2734754662&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644974474969&rpt=268&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 01:21:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ls Show response
stream.bantgoau.com/yt/ Frame 6D39
Redirect Chain

https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJpZHpvbmUiOm51bGwsImFkX3RhZ3MiOiIiLCJsYWJlbHMiOiI0LDUsNiw3LDgsOSwyNiw0Niw0Nyw1NCw1NSw2MSIsImF...
https://rtbbnr.com/banner/in/show/?mid=1444417390&pid=0&site=10279&sc=IT&usage_type=DCH&subid=471693972&sid=0&cid=12098&price=0&is_cpm=1&cpm=0.035&ecpm=0.035&crid=&crtid=d41d8cd98f00b204e9800998ecf...
https://tcimp.zog.link/in/banners?katds_ep=4GortcOK6Ms_uBj8KKdmBTBioF2MJJRxqxDkfank5lM2LL40tdTe4vVFYGYXcuhIHvGBxcwOE3f8_8OQsvqX_1Y3WXJRASAf1e7L5khOLT8FCrhn6oh5D8B0eZdA0_iG7Py9CGkIJQyEadM06JN7PjTwM3...
https://tb.baimgfroggd.site/in/1816/?user_id=7955c2577bda66b6b173b1f579d0fcbef659437f&bid=0.043750&katds_labels=&utm1=tcb&utm2=803629915-1&utm3=195-21720-0&utm4=0-9033275-14&ts=1644974477
https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FBuSgFuFYPCY%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%2...

8 KB
4 KB

98ms
45ms

Document
text/html

2a06:98c1:3120::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FBuSgFuFYPCY%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0200&oid=1449704&sp=0.043750&spp=1000&se=impression&vi=BuSgFuFYPCY&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644974477&utm1=tcb&utm2=803629915-1&utm3=195-21720-0&utm4=0-9033275-14
Requested by: Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.m.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d10545a193a907a987a33e8f40a35b8a989d66b80375d7c10aa51cc659d8f6a5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://it.timurovets.com/

Response headers

date: Wed, 16 Feb 2022 01:21:17 GMT
content-type: text/html; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AEtkO7eY%2Bf1DnvNvCSjD1nX1aPlPZJlGjZ%2FeHjJgRw8R6VdRHTukz%2F7ZjIJYie119If4JCv%2B3J5oxEEvku0vuTgvZg1mjDuP3OfkmuXmuV8%2FH8uZyNh0Lj2e35VXzwa5yoXdF%2FZD0WzBPNMAB0PdKF54"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6de2f554ac7d5a43-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

server: nginx/1.17.2
date: Wed, 16 Feb 2022 01:21:17 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FBuSgFuFYPCY%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0200&oid=1449704&sp=0.043750&spp=1000&se=impression&vi=BuSgFuFYPCY&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644974477&utm1=tcb&utm2=803629915-1&utm3=195-21720-0&utm4=0-9033275-14
pragma: no-cache
vary: *
cache-control: no-cache, no-store, must-revalidate

GET
H3 200 ff159683dbce452dbc41714cc48a496d4bb58468-b.js Show response
stream.bantgoau.com/files/ytls/ Frame 6D39 2 MB
654 KB 49ms
30ms Script
application/javascript 2a06:98c1:3120::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-b.js
Requested by: Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FBuSgFuFYPCY%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0200&oid=1449704&sp=0.043750&spp=1000&se=impression&vi=BuSgFuFYPCY&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644974477&utm1=tcb&utm2=803629915-1&utm3=195-21720-0&utm4=0-9033275-14
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ee453d906f72a453020fe595995032d10f537ffd711ef742ed12d1034e0812d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FBuSgFuFYPCY%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0200&oid=1449704&sp=0.043750&spp=1000&se=impression&vi=BuSgFuFYPCY&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644974477&utm1=tcb&utm2=803629915-1&utm3=195-21720-0&utm4=0-9033275-14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Feb 2022 13:23:05 GMT
server: cloudflare
age: 4393
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FQfgeSXgaE3jq%2Fh5HZfG7b2fh1kb2UX2R%2B%2FiStvJES6TbI0UXJWisXwpjKZf3xsE9eq7Cg7jN%2FGf03EuAF97q7V2fiyE7z0q0iTWvNbXIUWbhM6z7dgsWB%2FqRD9JTKjT8GM6KJjmlCrzeCoWQ%2BrrocsD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6de2f55528b90e12-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 VpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw=w1440-l80-sg-rj-c0xffffff
lh3.googleusercontent.com/ Frame 6D39 39 KB
39 KB 100ms
35ms Image
image/jpeg 2a00:1450:400e:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/VpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw=w1440-l80-sg-rj-c0xffffff

Requested by

Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FBuSgFuFYPCY%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0200&oid=1449704&sp=0.043750&spp=1000&se=impression&vi=BuSgFuFYPCY&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644974477&utm1=tcb&utm2=803629915-1&utm3=195-21720-0&utm4=0-9033275-14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:800::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a9e43c507e2164e831bc6d4fc78f1893d6860f01d7327a85e377c7ae714173bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://stream.bantgoau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:16 GMT
x-content-type-options: nosniff
age: 1
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39552
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 14 Feb 2022 09:21:08 GMT

GET
H2 200 / Show response
vs.bantgoau.com/sts/ Frame 6D39 2 B
229 B 101ms
33ms XHR
application/json 2a02:128:7:4777::1

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.bantgoau.com/sts/?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FBuSgFuFYPCY%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0200&oid=1449704&sp=0.043750&spp=1000&se=impression&vi=BuSgFuFYPCY&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644974477&utm1=tcb&utm2=803629915-1&utm3=195-21720-0&utm4=0-9033275-14&type=impression&g_referer=https://it.timurovets.com
Requested by: Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:128:7:4777::1 -, , ASN (),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://stream.bantgoau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 16 Feb 2022 01:21:18 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server: nginx/1.20.1
content-length: 2
content-type: application/json

GET
H3 200 ff159683dbce452dbc41714cc48a496d4bb58468-v.js Show response
stream.bantgoau.com/files/ytls/ Frame 9B46 151 KB
57 KB 25ms
25ms Script
application/javascript 2a06:98c1:3120::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-v.js
Requested by: Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-b.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9978fe4778a52319f20a2dc4744a173ae6c32ef2d905af9f96cc325162e99a43

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FBuSgFuFYPCY%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0200&oid=1449704&sp=0.043750&spp=1000&se=impression&vi=BuSgFuFYPCY&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644974477&utm1=tcb&utm2=803629915-1&utm3=195-21720-0&utm4=0-9033275-14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Feb 2022 13:22:57 GMT
server: cloudflare
age: 4447
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cMkkVeElZB0kSTiF5oy7yK%2FPLbx4o4tQDh%2FabvmOZgd%2F%2FI4%2BuT9A6SJNdyPvOR4VnzpBO%2BpTXtctmjbWApCefrlocXwHZ2SPuoUx17lts2QM9M%2FXPV9LPqu96UZQjtu%2BvNNjLJonJ9%2FmI1BOSUEoZPZH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6de2f559bcbb0e12-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 url Show response
www.google.com/ Frame D831 603 B
624 B 61ms
60ms Document
text/html 2a00:1450:400e:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/url?sa=D&q=https://www.youtube.com/embed/BuSgFuFYPCY%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1

Requested by

Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-v.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:800::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3d52f8fe1f2ce0fc7f0ff2a0db19dd7358ab2558ccd919758bdfee78f21796c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://stream.bantgoau.com/

Response headers

location: https://www.youtube.com/embed/BuSgFuFYPCY?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
cache-control: private
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
bfcache-opt-in: unload
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Wed, 16 Feb 2022 01:21:19 GMT
server: gws
content-length: 603
x-xss-protection: 0
expires: Wed, 16 Feb 2022 01:21:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 BuSgFuFYPCY Show response
www.youtube.com/embed/ Frame D831 61 KB
26 KB 130ms
69ms Document
text/html 2a00:1450:4001:82a::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/BuSgFuFYPCY?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Requested by

Host: www.google.com
URL: https://www.google.com/url?sa=D&q=https://www.youtube.com/embed/BuSgFuFYPCY%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

20ccac7a89954a583bdcf282975466ad6e9e98132431b3edd430a0fddbef500b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.google.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 16 Feb 2022 01:21:19 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=it for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/41de1c08/ Frame D831 341 KB
47 KB 65ms
31ms Stylesheet
text/css 2a00:1450:4001:82a::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/41de1c08/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BuSgFuFYPCY?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5fb42ef830abc7688334b68171498b6359e3dd620565876ae377e21e55115db4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/BuSgFuFYPCY?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 00:22:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3507
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47756
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 01:15:23 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 16 Feb 2023 00:22:52 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/41de1c08/www-embed-player.vflset/ Frame D831 283 KB
85 KB 62ms
28ms Script
text/javascript 2a00:1450:4001:82a::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/41de1c08/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BuSgFuFYPCY?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

53f51baf3e6fa6958fc7c4ff9ddb2c7372660e3400ae53ff0790436abb3b90b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/BuSgFuFYPCY?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 19:09:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22283
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87203
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 01:15:23 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 15 Feb 2023 19:09:56 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/41de1c08/player_ias.vflset/it_IT/ Frame D831 2 MB
538 KB 105ms
72ms Script
text/javascript 2a00:1450:4001:82a::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/41de1c08/player_ias.vflset/it_IT/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BuSgFuFYPCY?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ddf6b574dad270a5a44ae12981d1da4e2aba5946105a48a543a961d7dd920074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/BuSgFuFYPCY?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:47:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120825
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 550667
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 01:15:23 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Feb 2023 15:47:34 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/41de1c08/fetch-polyfill.vflset/ Frame D831 10 KB
3 KB 91ms
58ms Script
text/javascript 2a00:1450:4001:82a::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/41de1c08/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BuSgFuFYPCY?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/BuSgFuFYPCY?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:44:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121000
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3338
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 01:15:23 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Feb 2023 15:44:39 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D831 15 KB
15 KB 33ms
33ms Font
font/woff2 2a00:1450:400e:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BuSgFuFYPCY?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 16:51:30 GMT
x-content-type-options: nosniff
age: 548989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 16:51:30 GMT

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame D831 113 B
159 B 40ms
39ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c184e8e65189377b43cf095cd134661a384f2e9a130570241a6dc40ca55d2705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame D831 29 B
587 B 107ms
38ms Script
text/javascript 2a00:1450:400e:802::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:802::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:09:19 GMT
x-content-type-options: nosniff
age: 720
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Feb 2022 01:24:19 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 124ms
40ms Preflight
text/html 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Origin: https://www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://www.youtube.com
vary: origin referer x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 16 Feb 2022 01:21:19 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D831 45 KB
22 KB 91ms
52ms XHR
application/json+protobuf 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d89b82457f940880c3e1744d6bbb35a9eafe6d9d0a92dbc609f582c5f06f14f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 16 Feb 2022 01:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 22203
x-xss-protection: 0

GET
H3 200 AK-wjM5fFWkW--b9hYESLM5nC4w5_J8gYPCaluQQslU.js Show response
www.google.com/js/th/ Frame D831 35 KB
13 KB 36ms
36ms Script
text/javascript 2a00:1450:400e:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/AK-wjM5fFWkW--b9hYESLM5nC4w5_J8gYPCaluQQslU.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:800::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00afb08cce5f156916fbe6fd8581122cce670b8c39fc9f2060f09a96e410b255

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 16:12:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 119324
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13514
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Feb 2023 16:12:35 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/41de1c08/player_ias.vflset/it_IT/ Frame D831 26 KB
8 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:82a::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/41de1c08/player_ias.vflset/it_IT/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5a72f639c1113d3f885d4262e5aca628df8b2cf335ec6f5d45d27f611eabaf9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/BuSgFuFYPCY?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:47:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120824
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7682
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 01:15:23 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Feb 2023 15:47:35 GMT

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame D831 44 KB
19 KB 351ms
350ms XHR
application/json 2a00:1450:4001:82a::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e -, , ASN (),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

1e9094b66ab4d699daf083203acc5a1513dccb72da75a329990224724063880c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/BuSgFuFYPCY?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20220213.00.00
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
X-Goog-Visitor-Id: CgtqWkZ4VHozTXFLcyiPo7GQBg%3D%3D
Content-Type: application/json

Response headers

date: Wed, 16 Feb 2022 01:21:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19044
x-xss-protection: 0
expires: Wed, 16 Feb 2022 01:21:20 GMT

GET
DATA 200
OK truncated
/ Frame D831 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 OWAlO3gDhnBosHaSruV0hJ79EsQh3R2IXU3uxc8qFjeA8RUsKONsuACUMsi95jS3O4Avwbi-=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame D831 2 KB
3 KB 109ms
43ms Image
image/jpeg 2a00:1450:400e:80c::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/OWAlO3gDhnBosHaSruV0hJ79EsQh3R2IXU3uxc8qFjeA8RUsKONsuACUMsi95jS3O4Avwbi-=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BuSgFuFYPCY?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80c::2001 -, , ASN (),

Reverse DNS

Software

fife /

Resource Hash

86bc3c1f7b81af925747c6288bea8c201d7799244686cf0a7258ca3c44a39525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 00:29:22 GMT
x-content-type-options: nosniff
age: 3117
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2161
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 17 Feb 2022 00:29:22 GMT

GET
DATA 200
OK truncated
/ Frame D831 181 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0308b66cb2b979ed7a606b4523d62a3a56342906cd69bbaa17490b69cfdd738

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
www.youtube.com/ Frame D831 0
9 B 30ms
29ms Image
text/plain 2a00:1450:4001:82a::200e

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?DJwEbg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/BuSgFuFYPCY?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/BuSgFuFYPCY?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D831 98 B
142 B 52ms
52ms XHR
application/json+protobuf 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99bf2c891d657ae00b1d50a7778b44945b280d3e83cbdc18a914e98e6b846f55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 16 Feb 2022 01:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 41ms
41ms Preflight
text/html 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Origin: https://www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://www.youtube.com
vary: origin referer x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 16 Feb 2022 01:21:20 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 204 qoe
www.youtube.com/api/stats/ Frame D831 0
19 B 36ms
36ms Ping
text/html 2a00:1450:4001:82a::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=133&afmt=140&cpn=NTsv14-k1B2dErmA&el=embedded&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24080738%2C24082662%2C24094880%2C24135310%2C24161342%2C24166123%2C24167177%2C24170003&cl=428383211&live=live&seq=1&docid=BuSgFuFYPCY&ei=j1EMYs2cMdeY1gKl1ZSgDg&event=streamingstats&plid=AAXYGHeJqz9-ZNjN&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FBuSgFuFYPCY%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1&cbr=Chrome&cbrver=98.0.4758.80&c=WEB_EMBEDDED_PLAYER&cver=1.20220213.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.006:B,0.403:S,0.410:S,0.410:S&cmt=0.006:0.000,0.403:0.000,0.410:0.000&afs=0.410:140::i&vfs=0.410:133:134::r&view=0.410:1:1&bwe=0.410:130000&bat=0.410:1:1&vis=0.410:0&bh=0.410:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e -, , ASN (),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/BuSgFuFYPCY?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 01:21:20 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/41de1c08/player_ias.vflset/it_IT/ Frame D831 97 KB
30 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:82a::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/41de1c08/player_ias.vflset/it_IT/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a711832e11a442deb4f51c2c16256f2ad3bd303d8230aa75d925784bd0a63bbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/BuSgFuFYPCY?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:57:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120248
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30778
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 01:15:23 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Feb 2023 15:57:12 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/41de1c08/player_ias.vflset/it_IT/ Frame D831 26 KB
7 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:82a::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/41de1c08/player_ias.vflset/it_IT/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

61a80aca28dc587d0ea85963434e39911656972d451fe918a1d032a5793b8687

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/BuSgFuFYPCY?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:57:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120248
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7249
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 01:15:23 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Feb 2023 15:57:12 GMT

GET
H3 200 heartbeat.js Show response
www.youtube.com/s/player/41de1c08/player_ias.vflset/it_IT/ Frame D831 27 KB
9 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:82a::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/41de1c08/player_ias.vflset/it_IT/heartbeat.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

edca9ba6779f87625022c47dac67afe162ba7e5d4e0949763f949ba33405068f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/BuSgFuFYPCY?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 16:04:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 119835
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9299
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 01:15:23 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Feb 2023 16:04:05 GMT

POST next
www.youtube.com/youtubei/v1/ Frame D831 0
0

GET videoplayback
rr1---sn-5hne6nsy.googlevideo.com/ Frame D831 0
0

GET
H2 200 cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame D831 4 KB
3 KB 103ms
35ms Script
text/javascript 2a00:1450:400e:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/player_ias.vflset/it_IT/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Feb 2022 01:21:20 GMT

GET cast_sender.js
www.gstatic.com/eureka/clank/98/ Frame D831 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.youtube.com
URL: https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Domain: rr1---sn-5hne6nsy.googlevideo.com
URL: https://rr1---sn-5hne6nsy.googlevideo.com/videoplayback?expire=1644996079&ei=j1EMYs2cMdeY1gKl1ZSgDg&ip=2001%3Aac8%3A24%3A44%3A%3A11&id=BuSgFuFYPCY.1&itag=133&aitags=133%2C134%2C135%2C136%2C160%2C298%2C299&source=yt_live_broadcast&requiressl=yes&mh=7N&mm=44%2C26&mn=sn-5hne6nsy%2Csn-4g5edns6&ms=lva%2Conr&mv=m&mvi=1&pl=49&initcwndbps=456250&spc=4ocVC2O1JWGTLn1QYOPeEQSptSBK&vprv=1&live=1&hang=1&noclen=1&mime=video%2Fmp4&ns=jc-qucL1Fy1AIiLi1zePWecG&gir=yes&mt=1644974189&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=FvWHEhU3D_C1AA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRAIgE4l_Tvlh_9OC-Ie7F_WzVUkbKE3NxDBatsFFfpF4OVgCIHh2U6uo_IRXmcFpxqkG1Z56Sm6lpvIQf8zFwS6pIynn&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgf2g6eRfU8BfXrCkvX3fqImS3TM-bP_ZtXhVO_2Samq0CIQDPUno3udRDrdifRHVASJvL-jkUKA2ZHb2NZ71PA00wMw%3D%3D&alr=yes&cpn=NTsv14-k1B2dErmA&cver=1.20220213.00.00&headm=3&rn=1&rbuf=0&pot=GpsBCm5-tHHXIrfR6kDxD-QHPqQlXMEtCvDCQnTgrTpBi7FLOSP4iuG2x-Wo5PPXeYqcKZ4ht86uXypjq-_8IcSRC_yxJnJc0zZYF3ybqAgORqIbpcxpzYIJBFcwGeSyUIEhjmCRMauKZ6Mg_HyHMWaLsRIpATwYQQ7n88FbOQMiLhNeOsFf-1ao0SXIQg3q1XM7WS640T_jmj4fN-s=

Domain: rr1---sn-5hne6nsy.googlevideo.com
URL: https://rr1---sn-5hne6nsy.googlevideo.com/videoplayback?expire=1644996079&ei=j1EMYs2cMdeY1gKl1ZSgDg&ip=2001%3Aac8%3A24%3A44%3A%3A11&id=BuSgFuFYPCY.1&itag=140&source=yt_live_broadcast&requiressl=yes&mh=7N&mm=44%2C26&mn=sn-5hne6nsy%2Csn-4g5edns6&ms=lva%2Conr&mv=m&mvi=1&pl=49&initcwndbps=456250&spc=4ocVC2O1JWGTLn1QYOPeEQSptSBK&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=jc-qucL1Fy1AIiLi1zePWecG&gir=yes&mt=1644974189&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=FvWHEhU3D_C1AA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRAIgbWbVbAO2BqQH0qnEqKzMWmUO3-Dwef9HJpI0TQPbQqMCICnrAJymJE1udWf4VR4QyNOLHYo2ZGFnvG4sC4m944CV&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgf2g6eRfU8BfXrCkvX3fqImS3TM-bP_ZtXhVO_2Samq0CIQDPUno3udRDrdifRHVASJvL-jkUKA2ZHb2NZ71PA00wMw%3D%3D&alr=yes&cpn=NTsv14-k1B2dErmA&cver=1.20220213.00.00&headm=3&rn=2&rbuf=0&pot=GpsBCm5-tHHXIrfR6kDxD-QHPqQlXMEtCvDCQnTgrTpBi7FLOSP4iuG2x-Wo5PPXeYqcKZ4ht86uXypjq-_8IcSRC_yxJnJc0zZYF3ybqAgORqIbpcxpzYIJBFcwGeSyUIEhjmCRMauKZ6Mg_HyHMWaLsRIpATwYQQ7n88FbOQMiLhNeOsFf-1ao0SXIQg3q1XM7WS640T_jmj4fN-s=

Domain: www.gstatic.com
URL: https://www.gstatic.com/eureka/clank/98/cast_sender.js

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lodder7.biz/	1970-01-20 01:39:26	Name: uuid Value: ff217dfe-c86f-4cf8-ae67-df88ad26799c
.yadro.ru/	1970-01-20 09:41:34	Name: FTID Value: 1Y35690FtJOG1Y3569000Qzz
.yadro.ru/	1970-01-20 09:41:34	Name: VID Value: 3yNULA23DYeG1Y35690005D4
.doubleclick.net/	1970-01-20 10:17:50	Name: IDE Value: AHWqTUmGQFU6tNjpWS7imSunVpVVCDaqpyta4E6L3-FuA6wVWqes4X2jHDpYaxpoQsE
.doubleclick.net/	1970-01-20 00:56:18	Name: DSID Value: NO_DATA
.timurovets.com/	1970-01-20 10:17:50	Name: __gads Value: ID=7f40f0f28dde1455-22add2e742cd0093:T=1644974474:S=ALNI_MamngV4ikbhk7MboQUb8trCyvfzVg
.casalemedia.com/	1970-01-20 03:05:50	Name: CMPS Value: 233
.adnxs.com/	1970-01-20 03:05:50	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C''kZ<Y7!]tbPl1M>e)ZlrFUfJ+tGXxpGCeOR%XsTu`<smxn=?0c<GPGo[ao9$PRB)vnbpRzqF1`b_Cc%KZy
.adnxs.com/	1970-01-20 03:05:50	Name: uuid2 Value: 4731202412193682641
.casalemedia.com/	1970-01-20 00:57:40	Name: CMST Value: YgxRi2IMUYsA
.casalemedia.com/	1970-01-20 09:41:50	Name: CMID Value: YgxRi7PBX9gH5hz7UZ9dNQAA
.casalemedia.com/	1970-01-20 03:05:50	Name: CMPRO Value: 1831
.casalemedia.com/	1970-01-20 09:41:50	Name: CMRUM3 Value: 2d620c518b2760CAESEKmv5_2M_VjoIhH6521liZ4
tcimp.zog.link/	1970-01-20 00:57:40	Name: 750.0 Value: 1
tb.baimgfroggd.site/	1970-01-20 00:57:40	Name: 1816.1449704 Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

483b321654fd23aa1af1298162ff0dcf.safeframe.googlesyndication.com
7ccbc65df5.a615d4c326.com
adservice.google.com
adservice.google.it
cdn.ampproject.org
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
counter.yadro.ru
cst.cstwpush.com
cst.wpu.sh
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
get.optad360.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
it.timurovets.com
jnn-pa.googleapis.com
js.cabnnr.com
js.wpadmngr.com
lh3.googleusercontent.com
lodder7.biz
na.nawpush.com
pagead2.googlesyndication.com
rr1---sn-5hne6nsy.googlevideo.com
rtbbnr.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.doubleclick.net
stream.bantgoau.com
tb.baimgfroggd.site
tcimp.zog.link
timurovets.com
tpc.googlesyndication.com
vs.bantgoau.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
rr1---sn-5hne6nsy.googlevideo.com
www.gstatic.com
www.youtube.com
142.250.181.226
2.21.43.236
216.58.214.2
2600:9000:224a:1e00:11:a4de:2580:93a1
2606:4700:3037::ac43:b989
2606:4700::6810:135e
2606:4700::6810:5514
2a00:1450:4001:801::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:400e:800::2001
2a00:1450:400e:800::2004
2a00:1450:400e:801::2006
2a00:1450:400e:802::2006
2a00:1450:400e:803::2001
2a00:1450:400e:803::2003
2a00:1450:400e:80c::2001
2a00:1450:400e:80f::200a
2a00:1450:400e:810::2001
2a01:4f8:c0:33d8::1
2a02:128:7:4777::1
2a02:128:7:5241::2
2a02:128:7:5917::2
2a06:98c1:3120::f
2a06:98c1:3121::f
37.252.172.249
45.133.44.24
45.133.44.25
46.4.91.20
88.212.201.210
000965f60d36b24f9ceacbbb1cdd9932ff8f8ca2777beb1030d2da91cc84519a
00afb08cce5f156916fbe6fd8581122cce670b8c39fc9f2060f09a96e410b255
03a14c267f360ca5380578f1809838af2634dc24e33faefcae6e4da1542aa541
03fe10c919d45a962b1db68585594ec1a4db299627643374ac05aecae620e85e
0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a
05c31269d7b68151bfc0b1cc6270c1143caf6b6c200255e90cbc422d1fe40595
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
085c342f63f472d1de1dc503459e16402dcd6b19cd210c224419281e4799123f
09a546e7358e4dad9ce3f48afd5e59695a724f04becd6451980c7186fad3f0cf
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0de179f6d69df7c706178ae602fcfa2fca8c88a1bd830bd9503bc48d8fc6d929
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
115c4e7dec8f340b0a47357787d56e8d5f3b58a470e8e70d42a8d76c00df7be9
116acfd417281d510f99003579b1945234de4405b5cfcd826a733f23c36a18b4
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
188a7a7757cdca11b85b682a7c6f8c85f3fa3df3055f0137819e499e3dd28b0b
1956925d5647d9e3cef3c7fdef302fab09b15e7a27531b07a480926d96b2d039
1e9094b66ab4d699daf083203acc5a1513dccb72da75a329990224724063880c
1ee453d906f72a453020fe595995032d10f537ffd711ef742ed12d1034e0812d
1f9618131ed580faeb43b8d1cda0605ecff55842bc598b53a0ec98b23d0c76e2
20ccac7a89954a583bdcf282975466ad6e9e98132431b3edd430a0fddbef500b
245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87
2595a096294b525d335287a112ce0dc209175ac80a179245814868d2190b53f1
25b9874d3479f9fec7a8a2d0d04d17723f662ceb723ec05b18852d53a3fc2c38
28f176de13fa7689afd86fa3a978d52cfa55f00af3baefbc7beb293a14855711
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2a3363c6bff57757bbd398bf06b6065e3f85ac1a9b11f9e177459bd971bdb72f
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720
332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
35342b4b91a124276dfd941237dd920f69bcd5cf6728ddd7ef557bf8fee7612a
36ff97534ce5499b6d4d863d679f6fbd255cadeed69f15c462d1cec8ad920d05
372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd
38ed1a7a8a6fc6427a2a86150bee22783ecf9b7fca641d35cff18e1918788519
3975966229b1c0ceebf499c9785110a8142f42b5bddb0122e3eca5666707ae45
3bba2b4daf9de388462059a4883bc6c3dd318b438f56ef219270e6b2562e17d3
3c65e83d0255d08e8d941592e78fef18288fb932b808ff0b0fdc47295c3fe72c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48555f28f5acba039499fc452d3154569b927820337696c444fa346fe966c9a2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51143c3e882d9231f8ceeb41f038545a045748a58ef9f8be9c23303348ad8de3
53f51baf3e6fa6958fc7c4ff9ddb2c7372660e3400ae53ff0790436abb3b90b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56918b2319848631e9062ebeb3d1f1af2d478dffa24e130761f1b45f376a3822
5a72f639c1113d3f885d4262e5aca628df8b2cf335ec6f5d45d27f611eabaf9f
5fa978c984916c2d5d30cd73847917393efc880e2ad8c7f08aedfcb417043249
5fb42ef830abc7688334b68171498b6359e3dd620565876ae377e21e55115db4
61a80aca28dc587d0ea85963434e39911656972d451fe918a1d032a5793b8687
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66739c36c32d27366b19478b3248a62cbe51ae1de229ee7aa9b98dfe37890b1f
66cb728c1136298dc865b99aa5ca5840d1146c0e04315122cac8b27ce4605e09
6710c7ab63c2c8c12d9fc80667d6f90450ddc74f3b627d7345a1079267d53f92
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6df0e79bf174f517cea1f243496e6a4e577650894430e419f398d393cda9db9f
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453
7126ae3381709f10abee774d28d802728603de621a5ebdb838d0b11272dc1260
7826f4c92170ce87378ef0f8a4944a6b967cc87c7386db6b1336b97bf3f1d556
78eeba614bbfed81b21a9d0ced27ec9975f6994ab1ca98b66998901667a60e9b
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
7b151c4e5fcb8f0c9d627ae90eee08ccb54786c8b80a9624ce4a58d385f4a4ae
7f22a3685fc091e5fed431a86349252baff4850f2a203f201f9ced9e186452fd
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
814d74960985c84f698fc0855e07a556f85a1dc223b66e1988aef9b48705b1c3
8164593b54914bff7b1f455f3920cedb76412a78e7a8917a68692d47a35c0139
8365ad50a44341d8858863fec236793a9b4074461b61cae8aaa25343b47d7ce3
83e058c0db231e1c6f89f25a7f0d4b8ccb0fb569a4eafe73440643d2553f716c
86bc3c1f7b81af925747c6288bea8c201d7799244686cf0a7258ca3c44a39525
8d89b82457f940880c3e1744d6bbb35a9eafe6d9d0a92dbc609f582c5f06f14f
93078cd0210da3e59b16e1f8c38c20bdb8c879b6bc9bb8754cb8b539ba2d9cf3
93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d
98bc248a2d8ace6d503926548d3d0940070e9357bc7cfb03c90e5e9a847270c2
9978fe4778a52319f20a2dc4744a173ae6c32ef2d905af9f96cc325162e99a43
99bf2c891d657ae00b1d50a7778b44945b280d3e83cbdc18a914e98e6b846f55
9db9e41512d61e7a9db77af1d1ef52440fd78f5ef0bc2736ecdfa5e1a9c11a53
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5477e2b5079109112bb44e3ffbf51d3b68f76b58f558d2ab00f6439d960ccec
a711832e11a442deb4f51c2c16256f2ad3bd303d8230aa75d925784bd0a63bbb
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a73bc65b330ea8ce417f94462b8b423b46aab7868fe32f37b53724dfb62c9a17
a9e43c507e2164e831bc6d4fc78f1893d6860f01d7327a85e377c7ae714173bb
ade4c59d8de0584485af43b8dae03cae6f72a06f433fc6dbc74a6e3e190f07da
af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe
af99c510e1e5e37ce9a5cce3021ce16f23f43be1e8860765deedfed8a0a8c377
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b28609baf08817ae3ee0bc8d4e180b8ed548cdc82363b4ef925e6c009f41842e
b2dc715f4abfbca20204b3377a0718a465c1917b961a369f616025e56d0f65b9
bbe47bda23a4405be354007402d0f63a8da91a26c1b67bba271e571c632b3232
c184e8e65189377b43cf095cd134661a384f2e9a130570241a6dc40ca55d2705
c350f4cd789435efd055a5c73d7662e0b6aa7a358a70698acb7067beb72d0b8e
c7c5866bd803a7e09f3290be34496f42fe89547cf203367f25a1a5e8cf633ed2
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce8e76c8a101da29a3604e6590f09eb1f13ef39aaa3c37a190f767e0b517b1b5
d10545a193a907a987a33e8f40a35b8a989d66b80375d7c10aa51cc659d8f6a5
d1cd8817b146a722e59ab5f874f2a19b0185e2ebb33f49828b40a0658cd8b5fb
d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb
d850c7224746463d90bc439fb65fd2e3ac47cb19a76b548dba6bd58ed260a217
ddf6b574dad270a5a44ae12981d1da4e2aba5946105a48a543a961d7dd920074
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d52f8fe1f2ce0fc7f0ff2a0db19dd7358ab2558ccd919758bdfee78f21796c
ed98d015aca964f44ff6d72b2b1d74958c17f2d2a574892e5656edc42d61d04c
edca9ba6779f87625022c47dac67afe162ba7e5d4e0949763f949ba33405068f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0308b66cb2b979ed7a606b4523d62a3a56342906cd69bbaa17490b69cfdd738
f09a58023080dff07a3c06435a8d3dbbc6e71283b897cbc330e146e479d35a68
f3b1e2bf487d2385d629e0b12ff80df3c780dc8fbe060d044409a80a7777350b
f8a5a772a8e31b35307e413d233ee42ab986414c9ab31ee640c6bbdd3e2d7e23
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
fe18964d04dc600f9b521bdfbadb085cf0fb3012fa6d84baea8d13c03dc775fe

it.timurovets.com Open in urlscan Pro 2606:4700:3037::ac43:b989 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

149 Requests

93 %HTTPS

76 %IPv6

31 Domains

42 Subdomains

31 IPs

6 Countries

5135 kBTransfer

10602 kBSize

15 Cookies

2 Outgoing links

Redirected requests

149 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

it.timurovets.com Open in urlscan Pro
2606:4700:3037::ac43:b989 Public Scan

Screenshot
Live screenshot

Full Image

149
Requests

93 %
HTTPS

76 %
IPv6

31
Domains

42
Subdomains

31
IPs

6
Countries

5135 kB
Transfer

10602 kB
Size

15
Cookies

149 HTTP transactions
5 data transactions