alltime.pp.ua Open in urlscan Pro
2606:4700:3036::ac43:d4f2 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://alltime.pp.ua/
Submission: On March 23 via manual (March 23rd 2023, 4:06:49 pm UTC) from IT — Scanned from IT

Summary HTTP 136 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 21 domains to perform 136 HTTP transactions. The main IP is 2606:4700:3036::ac43:d4f2, located in United States and belongs to CLOUDFLARENET, US. The main domain is alltime.pp.ua.

This is the only time alltime.pp.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2606:4700:303... 2606:4700:3036::ac43:d4f2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
37	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 14	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
3 3	3.64.45.35 3.64.45.35	16509 (AMAZON-02) (AMAZON-02)
2 2	2a05:d018:d29... 2a05:d018:d29:3601:84c0:cef:b29e:4061	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
1 2	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
136	17

7 2606:4700:3036::ac43:d4f2 (United States)

ASN13335 (CLOUDFLARENET, US)

alltime.pp.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.186.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.64.45.35 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-45-35.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:84c0:cef:b29e:4061 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (Hessen, Germany) 1 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.217.42 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 135	554 KB
31	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 cm.g.doubleclick.net — Cisco Umbrella Rank: 206	216 KB
15	gstatic.com www.gstatic.com fonts.gstatic.com	192 KB
8	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	2 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	6 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	339 KB
7	pp.ua alltime.pp.ua	175 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 297	2 KB
3	google.it adservice.google.it — Cisco Umbrella Rank: 55835	818 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1227	460 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 749 s.tribalfusion.com — Cisco Umbrella Rank: 1837	1 KB
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 446	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 794 r.turn.com — Cisco Umbrella Rank: 3277	869 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 766	339 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 322	460 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1455	351 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5893	556 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1426	586 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 31935	608 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 740	716 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 886	607 B
136	21

	Domain	Requested by
37	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
20	pagead2.googlesyndication.com	alltime.pp.ua pagead2.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com www.googletagservices.com tpc.googlesyndication.com
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net alltime.pp.ua
14	cm.g.doubleclick.net	2 redirects alltime.pp.ua googleads.g.doubleclick.net
11	www.gstatic.com	googleads.g.doubleclick.net
7	fonts.googleapis.com	googleads.g.doubleclick.net
7	www.googletagservices.com	googleads.g.doubleclick.net
7	alltime.pp.ua	alltime.pp.ua
5	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
3	x.bidswitch.net	3 redirects
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.it	pagead2.googlesyndication.com
2	sync.teads.tv	1 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
1	onetag-sys.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	um.simpli.fi	1 redirects
1	r.turn.com	alltime.pp.ua
1	ad.turn.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
136	27

This site contains links to these domains. Also see Links.

Domain
ip.alltime.pp.ua
whois.alltime.pp.ua

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google.it GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh

This page contains 23 frames:

Primary Page: http://alltime.pp.ua/
Frame ID: 200CC05BA87C36540D161C419F18506F
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20190131/zrt_lookup.html
Frame ID: 109DAB245AE9578C2335BBB8B53249CB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0780848593048311&output=html&h=90&slotname=8488207415&adk=1543149296&adf=3234110510&pi=t.ma~as.8488207415&w=770&lmt=1679587604&format=770x90&url=http%3A%2F%2Falltime.pp.ua%2F&wgl=1&dt=1679587604355&bpp=5&bdt=327&idt=202&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&correlator=7694090685262&frm=20&pv=2&ga_vid=2046191457.1679587605&ga_sid=1679587605&ga_hid=205744681&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44777877%2C44759926%2C44773809%2C44785292%2C31073104%2C31073270%2C44786560&oid=2&pvsid=3906358203504572&tmod=924299241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ZKUU7wAL65&p=http%3A//alltime.pp.ua&dtd=220
Frame ID: F78CCEB328C698D310AE2C788C720A69
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0780848593048311&output=html&adk=1812271804&adf=3025194257&lmt=1679587604&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=http%3A%2F%2Falltime.pp.ua%2F&ea=0&pra=7&wgl=1&dt=1679587604375&bpp=3&bdt=347&idt=206&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=770x90&nras=1&correlator=7694090685262&frm=20&pv=1&ga_vid=2046191457.1679587605&ga_sid=1679587605&ga_hid=205744681&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44777877%2C44759926%2C44773809%2C44785292%2C31073104%2C31073270%2C44786560&oid=2&pvsid=3906358203504572&tmod=924299241&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=216
Frame ID: 90B677729966CA0C1B079627E91F4D9B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0780848593048311&output=html&h=280&adk=2924429258&adf=1675913919&pi=t.aa~a.1958068758~i.1~rp.4&w=803&fwrn=4&fwrnh=100&lmt=1679587605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2435644795&ad_type=text_image&format=803x280&url=http%3A%2F%2Falltime.pp.ua%2F&fwr=0&pra=3&rh=200&rw=802&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1679587605537&bpp=1&bdt=1508&idt=1&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D49fe1b55810ec3d6-223cc5ab68dd00fd%3AT%3D1679587604%3ART%3D1679587604%3AS%3DALNI_MY-AK11IoIZztYHu3-QSA0oTRCsnA&gpic=UID%3D00000bcb0fa99bbb%3AT%3D1679587604%3ART%3D1679587604%3AS%3DALNI_MYwAWdlcjBzruJjGjPRvZpQbD2Uhw&prev_fmts=770x90%2C0x0&nras=2&correlator=7694090685262&frm=20&pv=1&ga_vid=2046191457.1679587605&ga_sid=1679587605&ga_hid=205744681&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=214&ady=2822&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44777877%2C44759926%2C44773809%2C44785292%2C31073104%2C31073270%2C44786560&oid=2&pvsid=3906358203504572&tmod=924299241&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=r5afOHOoxE&p=http%3A//alltime.pp.ua&dtd=6
Frame ID: 0261479644E59E1C73C35A7A97AAE9BB
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0780848593048311&output=html&h=280&adk=1439814473&adf=2373233990&pi=t.aa~a.3841785186~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1679587605&rafmt=1&to=qs&pwprc=2435644795&format=350x280&url=http%3A%2F%2Falltime.pp.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1679587605562&bpp=1&bdt=1533&idt=1&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D49fe1b55810ec3d6-223cc5ab68dd00fd%3AT%3D1679587604%3ART%3D1679587604%3AS%3DALNI_MY-AK11IoIZztYHu3-QSA0oTRCsnA&gpic=UID%3D00000bcb0fa99bbb%3AT%3D1679587604%3ART%3D1679587604%3AS%3DALNI_MYwAWdlcjBzruJjGjPRvZpQbD2Uhw&prev_fmts=770x90%2C0x0%2C803x280&nras=3&correlator=7694090685262&frm=20&pv=1&ga_vid=2046191457.1679587605&ga_sid=1679587605&ga_hid=205744681&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1050&ady=2803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44777877%2C44759926%2C44773809%2C44785292%2C31073104%2C31073270%2C44786560&oid=2&pvsid=3906358203504572&tmod=924299241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=cSNaqzWqp2&p=http%3A//alltime.pp.ua&dtd=8
Frame ID: 6CB79B838ACB5B5E8BAE742B1D5CDC9A
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1
Frame ID: F79BDA901AD7883C580B94CEB129ECA5
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2DC5252613F3659568BD9ECF86DFBCC5
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1
Frame ID: 84B1BB3EA69478DAB999E254901E05B8
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1
Frame ID: 44F0FBC742B4DDD9FD599A0B476CF82D
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 59A8A4D7B11CB6636970317260287AF2
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: D78B98F59041CEC03B71A0A843C30E70
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js
Frame ID: 8137B56FB99BA1758E113DDDC8390B16
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js
Frame ID: 656EE4D36406E9CC2B05C8307CDCBE29
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js
Frame ID: 45267B1F5DCB3FB726842C5A2E3BDD24
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js
Frame ID: 16E57987E7C92BEE8D6ABE27A51B5FDF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js
Frame ID: 5763B5D67523BD10E04D28D97987A270
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D6CF4E412C69B6A546BDCF33FEA0E7BB
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js
Frame ID: 0ACEEDBFEA02047EB1FA6F850B5FBAEA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 53C5B590BC37DA0E977D9C6C971B23C2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B6FAF869D353DA2354C66BC96697B02A
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 23EB1ADB5F84ABA77C08C9A0C92819E5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B4F0B8632138D97AEE030CCCDC05E731
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Blog | Unix – Notes

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

136
Requests

85 %
HTTPS

58 %
IPv6

21
Domains

27
Subdomains

17
IPs

5
Countries

1487 kB
Transfer

4200 kB
Size

16
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://ip.alltime.pp.ua/
Title: What is your WAN IP

Search URL Search Domain Scan URL

URL: http://whois.alltime.pp.ua/
Title: Whois

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 94

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFjlsOjtU7DPRefr_uhoGSU&google_cver=1&google_push=Aer7DvIMb4a1UidhKIAMaTVHHD8d3PtkgiXM17AsrrEREXSgzEF0ZOhYa0i_2AsBs351GINpLT7t3fSmAQ_vyQDyNbWRq7dWzs1X5g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzkyNDMzMDM1ODY1NzE5MjIwMg==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHTPqaMNRN8s1lPoEPua2S0&google_cver=1

Request Chain 95

https://um.simpli.fi/gp_match?google_gid=CAESECIP6T2gI5MWZ8HskrM_dAA&google_cver=1&google_push=Aer7DvJ0gZ92M7FBL1pNW9Sir4qLhlCsdOj_GhW6qTxfyy2F223Rl7xdS8i3TJTJEoFDGmZcmV5_C6jNwlejn-a-NhPvBUNE3BD39g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=39EAB72BAE0E40E3A82FCEE52A0F35CB&google_push=Aer7DvJ0gZ92M7FBL1pNW9Sir4qLhlCsdOj_GhW6qTxfyy2F223Rl7xdS8i3TJTJEoFDGmZcmV5_C6jNwlejn-a-NhPvBUNE3BD39g

Request Chain 96

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEJF29Ebj897NgOu4CMrPJto&google_cver=1&google_push=Aer7DvKRZE68PqWQKc4h8UdB68XXCza5bZsGU4yxS6D5edhAhgziAGoX_-Z93Qy5CkHub3lipxTEdgFbyeFt_j6IF848oTy2DFKU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvKRZE68PqWQKc4h8UdB68XXCza5bZsGU4yxS6D5edhAhgziAGoX_-Z93Qy5CkHub3lipxTEdgFbyeFt_j6IF848oTy2DFKU&google_hm=gZ710xCGRoaC-hTEdGjiS9c

Request Chain 97

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAoAlgffNFsFDycdR9412w4&google_cver=1&google_push=Aer7DvLzhbyZd4Vk5diD9l-Roi64XtfVsrv7Gn88WxzS_eQw2iBipbtiZ411xF6_Maw2zGs6v9mT04dSKDSz1q-5QiozDZD7UeDGpQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxMzc3MzgzODU1Njk4NTQ5OQ%3D%3D&google_push=Aer7DvLzhbyZd4Vk5diD9l-Roi64XtfVsrv7Gn88WxzS_eQw2iBipbtiZ411xF6_Maw2zGs6v9mT04dSKDSz1q-5QiozDZD7UeDGpQ

Request Chain 98

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPO-EITqfqd1mOiDYD1F1W4&google_cver=1&google_push=Aer7DvLz-3SEz9UrNyjl3tQC3praSD4tz3nRb92TxNfixhThWqinVKR23Sr693uhZ3MHk4j1yDBe31UmCCzHLZItssPfKmPaK_XAdQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=QKLRbiKLRqWpQ6tdWjTSDw2&google_push=Aer7DvLz-3SEz9UrNyjl3tQC3praSD4tz3nRb92TxNfixhThWqinVKR23Sr693uhZ3MHk4j1yDBe31UmCCzHLZItssPfKmPaK_XAdQ

Request Chain 99

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBemH0znVeEbzwaXsSD5IJE&google_cver=1&google_push=Aer7DvL9clHT85BpdxStQXSXu5dzJmzzhMg10wXl82kPZMVwz2tAQr0Yd26BKska2yjvTFiU6wDUkJPA2w4RiBWGN0ymlqz-sm0pew HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBemH0znVeEbzwaXsSD5IJE&google_cver=1&google_push=Aer7DvL9clHT85BpdxStQXSXu5dzJmzzhMg10wXl82kPZMVwz2tAQr0Yd26BKska2yjvTFiU6wDUkJPA2w4RiBWGN0ymlqz-sm0pew HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvL9clHT85BpdxStQXSXu5dzJmzzhMg10wXl82kPZMVwz2tAQr0Yd26BKska2yjvTFiU6wDUkJPA2w4RiBWGN0ymlqz-sm0pew&google_hm=Az6CxzbXRi-hJRz_5VDF4w==

Request Chain 100

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFPbmBib6v32t1cB-xqm-sg&google_cver=1&google_push=Aer7DvI5fLYmceDRI5d92SAjzT6Bqpq8dc5yQ2y0jB6MnTKHwKWr8AJYowfdFoHnK6CK4R78wx_NcfotBSYalfjsXlYmz1RvqzsCRQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvI5fLYmceDRI5d92SAjzT6Bqpq8dc5yQ2y0jB6MnTKHwKWr8AJYowfdFoHnK6CK4R78wx_NcfotBSYalfjsXlYmz1RvqzsCRQ&google_hm=eS1oazNhQWpKRTJwSFFxVDVuV2d0WkhmcTRIVUtPVFdYT35B

Request Chain 119

https://a.tribalfusion.com/i.match?p=b6&u=CAESEK0smF416YF4xID3XPSosSE&google_cver=1&google_push=Aa02lx-HJVsXc5HQN5G1aMPEYQIXhdNRFXLudiCpkJHbB7515V1xW40mVOZCFexjUGRXdDtMiTME991FpHGGGnKgGVkiOFaYi8M_HA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-HJVsXc5HQN5G1aMPEYQIXhdNRFXLudiCpkJHbB7515V1xW40mVOZCFexjUGRXdDtMiTME991FpHGGGnKgGVkiOFaYi8M_HA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEK0smF416YF4xID3XPSosSE&google_cver=1&google_push=Aa02lx-HJVsXc5HQN5G1aMPEYQIXhdNRFXLudiCpkJHbB7515V1xW40mVOZCFexjUGRXdDtMiTME991FpHGGGnKgGVkiOFaYi8M_HA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-HJVsXc5HQN5G1aMPEYQIXhdNRFXLudiCpkJHbB7515V1xW40mVOZCFexjUGRXdDtMiTME991FpHGGGnKgGVkiOFaYi8M_HA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 120

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEP6k7FXdtvwBRuCBqigS_uo&google_cver=1&google_push=Aa02lx85NH12lg-Ra8dYJ4nAZ-tU2o-iMZU0j0PGGFEZQYd9_DnCAUpE_Ffkat0yDXgLiz0Xiw-tDoCudb5rz-YgF61HMZOXaJbMou8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx85NH12lg-Ra8dYJ4nAZ-tU2o-iMZU0j0PGGFEZQYd9_DnCAUpE_Ffkat0yDXgLiz0Xiw-tDoCudb5rz-YgF61HMZOXaJbMou8&google_hm=Az6CxzbXRi-hJRz_5VDF4w==

Request Chain 121

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKm3C-PcyVBxn-PsmR_ksOw&google_cver=1&google_push=Aa02lx_ZdRIf6H89wM9RzHddIv9N1EwF9Zl_sudJtKQ-XYhUGRdKAfOcz2veixJydQYPLLqSdkD8PSbpJ1br1qcP4_EAaEtOm5sVCQ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_ZdRIf6H89wM9RzHddIv9N1EwF9Zl_sudJtKQ-XYhUGRdKAfOcz2veixJydQYPLLqSdkD8PSbpJ1br1qcP4_EAaEtOm5sVCQ8&google_hm=eS1oazNhQWpKRTJwSFFxVDVuV2d0WkhmcTRIVUtPVFdYT35B

Request Chain 123

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJj3rGrnifYI2Wsrx4XAksA&google_cver=1&google_push=Aa02lx8sYuDyN3DkL327FuwTYgb077div6StgcWtq3Fp-WzPE084x0RdTn3EgOUPs-fa-zyVMuIeQ6SUoNu5XBoB0FHRaZMcYYm0he8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZMQjNGU1QtVS0zQlpK&google_push=Aa02lx8sYuDyN3DkL327FuwTYgb077div6StgcWtq3Fp-WzPE084x0RdTn3EgOUPs-fa-zyVMuIeQ6SUoNu5XBoB0FHRaZMcYYm0he8

Request Chain 124

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELHP5rcK3QBO2g8ZCnEntAU&google_cver=1&google_push=Aa02lx8xNTTzc_ejhcVoIr50FOxfs6ckm2aciSm7stYvtd7MnZGxSundowudAo9CJ-fBsyhwiUR1_OodctSrGbo0HN59Qyz_3WRx-Z8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8xNTTzc_ejhcVoIr50FOxfs6ckm2aciSm7stYvtd7MnZGxSundowudAo9CJ-fBsyhwiUR1_OodctSrGbo0HN59Qyz_3WRx-Z8

Request Chain 125

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPiIbXxC9jR6AzHtEkhwL3U&google_cver=1&google_push=Aa02lx_2bJFLuEQh5KctCVFDGtEiKqB_jcGiYYCHyqcAn-hQadEFQTWHI-D9g3yxjFYvySPTOb4cavUovkpwVqPXtcyCVEDrJvZ2xxM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx_2bJFLuEQh5KctCVFDGtEiKqB_jcGiYYCHyqcAn-hQadEFQTWHI-D9g3yxjFYvySPTOb4cavUovkpwVqPXtcyCVEDrJvZ2xxM HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 127

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

136 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
alltime.pp.ua/ 50 KB
10 KB 194ms
152ms Document
text/html 2606:4700:3036::ac43:d4f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://alltime.pp.ua/

Protocol

HTTP/1.1

Server

2606:4700:3036::ac43:d4f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.2.34

Resource Hash

9128773e037d062547425ddb48f7a25c2b3b5d8f377edb7482ab9ff027c5181c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
CF-RAY: 7ac7ec5c3c1dbab5-MXP
Cache-Control: max-age=172800
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 23 Mar 2023 16:06:44 GMT
Expires: -1 Sat, 25 Mar 2023 16:06:43 GMT
Link: <https://alltime.pp.ua/blog/wp-json/>; rel="https://api.w.org/"
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HUyYWZ0opmxFESsRdIhyXTPwAxcCN8LsdR2rQ4RYXBNhgq042WnDss1FcCtGPTI6AdwRX38N2vufbsDmHfJwLlgcN1GSKvUwpAsiYSPYNkH0wPwdduPXOAB31OqRCdHM3RITTr05369sDKA7"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Strict-Transport-Security: max-age=63072000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: master-only
X-Powered-By: PHP/7.2.34
X-XSS-Protection: 1; mode=block
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK autoptimize_76c264e17b5ab0b1b4200efe5076f6a4.css
alltime.pp.ua/blog/wp-content/cache/autoptimize/css/ 182 KB
32 KB 81ms
80ms Stylesheet
text/css 2606:4700:3036::ac43:d4f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://alltime.pp.ua/blog/wp-content/cache/autoptimize/css/autoptimize_76c264e17b5ab0b1b4200efe5076f6a4.css

Requested by

Host: alltime.pp.ua
URL: http://alltime.pp.ua/

Protocol

HTTP/1.1

Server

2606:4700:3036::ac43:d4f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c322a966257f634165faaafb19d4223f3216cc3efece5799622462a3eb2f38ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://alltime.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 16:06:44 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: master-only
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 31449
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 16 Nov 2022 02:15:21 GMT
Server: cloudflare
ETag: "2d9cf-5ed8d0b66a040-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oggNqPOvnuw%2BA2u2QV9q8CaNN2UzHVClYNdaOGa8NlGwvcmCXoBshCirdhwJpGQ4TVCMwSGKQuxzWAv21x1CbSYewzd%2BFWYNq9zpYQ8qwSGBhxj3pRunbnrGZ5Yg9TMAFiMvmgR6dXNAW4oE"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1333600
Accept-Ranges: bytes
CF-RAY: 7ac7ec5d4e23bab5-MXP
Expires: -1, Tue, 12 Mar 2024 16:06:44 GMT

GET
H/1.1 200
OK jquery.min.js Show response
alltime.pp.ua/blog/wp-includes/js/jquery/ 88 KB
31 KB 112ms
75ms Script
application/javascript 2606:4700:3036::ac43:d4f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://alltime.pp.ua/blog/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Requested by

Host: alltime.pp.ua
URL: http://alltime.pp.ua/

Protocol

HTTP/1.1

Server

2606:4700:3036::ac43:d4f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://alltime.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 16:06:44 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: master-only
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 30995
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 02 Nov 2022 01:55:55 GMT
Server: cloudflare
ETag: "15e54-5ec73241fa0c0-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20ZFKW2G78918C4qWb%2B52a9SuREV5S2YlVfoCHNE0GsYyo4HlUwVLCEGl8li3gtYrMCtndRAgglJHDkV1xRDSxJ%2F8%2FFCXdSPib7GUxpvrIbcU9Dofq9MOHhHkvzQFvxQ4vzR%2FfmCqqxgeyrq"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1333600
Accept-Ranges: bytes
CF-RAY: 7ac7ec5d8a52362d-FRA
Expires: -1, Fri, 22 Mar 2024 16:06:44 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
49 KB 184ms
124ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: alltime.pp.ua
URL: http://alltime.pp.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6dad2f0f06831747d7cdd9a84cf22b7e8ffef03dff0472f95bb17c9203c48e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://alltime.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:06:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49401
x-xss-protection: 0
server: cafe
etag: 4980059231891462204
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 16:06:44 GMT

GET
H/1.1 200
OK lazysizes.min.js Show response
alltime.pp.ua/blog/wp-content/plugins/autoptimize/classes/external/js/ 10 KB
5 KB 64ms
64ms Script
application/javascript 2606:4700:3036::ac43:d4f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://alltime.pp.ua/blog/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.1.5

Requested by

Host: alltime.pp.ua
URL: http://alltime.pp.ua/

Protocol

HTTP/1.1

Server

2606:4700:3036::ac43:d4f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://alltime.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 16:06:44 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: master-only
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 4122
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 20 Jan 2023 01:55:06 GMT
Server: cloudflare
ETag: "2655-5f2a856aa9280-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cr%2FjQmRtx214fQKdSAoYupoEQ7iRK4yBbFkLtSvUJjIcU%2BWN66nDRvSqiyOfCvHEJV4eaIxhRF8uxbPsR438YQG8ZyLBnkCaK6DQCzkW0Sr57gXWAWMAllHNySUZZ%2Bb0uH4J9gpgesdd5aOi"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1333600
Accept-Ranges: bytes
CF-RAY: 7ac7ec5e0b00362d-FRA
Expires: -1, Fri, 22 Mar 2024 16:06:44 GMT

GET
H/1.1 200
OK autoptimize_a53d5462c71d338fa31cca032c6d3c62.js Show response
alltime.pp.ua/blog/wp-content/cache/autoptimize/js/ 39 KB
15 KB 81ms
81ms Script
application/javascript 2606:4700:3036::ac43:d4f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://alltime.pp.ua/blog/wp-content/cache/autoptimize/js/autoptimize_a53d5462c71d338fa31cca032c6d3c62.js

Requested by

Host: alltime.pp.ua
URL: http://alltime.pp.ua/

Protocol

HTTP/1.1

Server

2606:4700:3036::ac43:d4f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdf79a1d6da82ff1f3c21012a941a54fe25238aed866bc7849f34266a39bef39

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://alltime.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 16:06:44 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: master-only
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 14267
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 16 Nov 2022 02:38:57 GMT
Server: cloudflare
ETag: "9df2-5ed8d5fcd1240-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0lTbIlRFd53X0JLTUD2dDIF6oyelR4bXgMdjPzMU2BgZ%2BkIPjPZhXeU%2F344s5IRuMvzDGrD5BUzN9iaiDladaihRbGwb7r6%2BaOYaS8xRbVizyCMGMDE1NXrkeYmH0Cx%2Fjg0WXfmFk9y4SFVC"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1333600
Accept-Ranges: bytes
CF-RAY: 7ac7ec5e1802bab5-MXP
Expires: -1, Tue, 12 Mar 2024 16:06:44 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
alltime.pp.ua/blog/wp-content/themes/labbook/vendor/font-awesome/fonts/ 75 KB
76 KB 119ms
103ms Font
font/woff2 2606:4700:3036::ac43:d4f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://alltime.pp.ua/blog/wp-content/themes/labbook/vendor/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: alltime.pp.ua
URL: http://alltime.pp.ua/blog/wp-content/cache/autoptimize/css/autoptimize_76c264e17b5ab0b1b4200efe5076f6a4.css

Protocol

HTTP/1.1

Server

2606:4700:3036::ac43:d4f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://alltime.pp.ua/blog/wp-content/cache/autoptimize/css/autoptimize_76c264e17b5ab0b1b4200efe5076f6a4.css
Origin: http://alltime.pp.ua
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 16:06:44 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Permitted-Cross-Domain-Policies: master-only
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 77160
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Server: cloudflare
ETag: "12d68-591d2081f9340"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2B2DnYT1IxtXt%2F9y0YRlzGwLBV%2BrjT2ejnRN3IGE1Vbx8Y6tiNuB8v6TAnZb%2FpggYrCNE54MRXa5yMLWsrwXDwEmdlp%2Fz65sWkUH%2FQGGxxtW%2FD7tvkbKExVkP7tI55nFjAN2GbzNJPRijGrI"}],"group":"cf-nel","max_age":604800}
Cache-Control: max-age=172800
Accept-Ranges: bytes
CF-RAY: 7ac7ec5e385d3752-MXP
Expires: -1, Sat, 25 Mar 2023 16:06:44 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
alltime.pp.ua/blog/wp-includes/js/ 18 KB
6 KB 61ms
61ms Script
application/javascript 2606:4700:3036::ac43:d4f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://alltime.pp.ua/blog/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

Requested by

Host: alltime.pp.ua
URL: http://alltime.pp.ua/blog/wp-content/cache/autoptimize/js/autoptimize_a53d5462c71d338fa31cca032c6d3c62.js

Protocol

HTTP/1.1

Server

2606:4700:3036::ac43:d4f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://alltime.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 16:06:44 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: master-only
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 5009
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 25 May 2022 00:55:26 GMT
Server: cloudflare
ETag: "48b9-5dfcb875e1b80-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RBLebfAW7K%2BUiHMMPfFj1hOqk28MyiXzDHicDCctLjs0UEs0nyBWKjmV9EWRPWTrRNvHkW3vTMxdyFYDMirLEvQa7HJApCYY18%2BZc0Y7XHkQpS2bAgLV8d2EjAgwTFIyE87%2FGher3H3ct8bs"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1333600
Accept-Ranges: bytes
CF-RAY: 7ac7ec5ea93dbab5-MXP
Expires: -1, Fri, 22 Mar 2024 16:06:44 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303160101/ 349 KB
117 KB 105ms
104ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0780848593048311&plah=alltime.pp.ua&bust=31073270

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b664cb34970d8d5325a3b663e07a967a2388466d6e7ec4ef6861de4e79d40ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://alltime.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:06:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119427
x-xss-protection: 0
server: cafe
etag: 59085668399892912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 16:06:44 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230321/r20190131/ Frame 109D 10 KB
5 KB 94ms
24ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230321/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://alltime.pp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 36824
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 05:53:00 GMT
etag: 2378337311435320485
expires: Thu, 06 Apr 2023 05:53:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
607 B 93ms
34ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=alltime.pp.ua&callback=_gfp_s_&client=ca-pub-0780848593048311

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0780848593048311&plah=alltime.pp.ua&bust=31073270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74c81a4d77d1e0bddd6c8f03dea58d8151d3b07151217925f614899b9a314eba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://alltime.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.it/adsid/ 107 B
531 B 131ms
33ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.it/adsid/integrator.js?domain=alltime.pp.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://alltime.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 92ms
35ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=alltime.pp.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://alltime.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F78C 74 KB
30 KB 986ms
986ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0780848593048311&output=html&h=90&slotname=8488207415&adk=1543149296&adf=3234110510&pi=t.ma~as.8488207415&w=770&lmt=1679587604&format=770x90&url=http%3A%2F%2Falltime.pp.ua%2F&wgl=1&dt=1679587604355&bpp=5&bdt=327&idt=202&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&correlator=7694090685262&frm=20&pv=2&ga_vid=2046191457.1679587605&ga_sid=1679587605&ga_hid=205744681&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44777877%2C44759926%2C44773809%2C44785292%2C31073104%2C31073270%2C44786560&oid=2&pvsid=3906358203504572&tmod=924299241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ZKUU7wAL65&p=http%3A//alltime.pp.ua&dtd=220

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2984e691091115e29f6929381fc8e467a14086a7a9b8671027996161372b3c85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://alltime.pp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 30199
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 16:06:45 GMT
expires: Thu, 23 Mar 2023 16:06:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 90B6 560 KB
102 KB 839ms
839ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0780848593048311&output=html&adk=1812271804&adf=3025194257&lmt=1679587604&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=http%3A%2F%2Falltime.pp.ua%2F&ea=0&pra=7&wgl=1&dt=1679587604375&bpp=3&bdt=347&idt=206&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=770x90&nras=1&correlator=7694090685262&frm=20&pv=1&ga_vid=2046191457.1679587605&ga_sid=1679587605&ga_hid=205744681&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44777877%2C44759926%2C44773809%2C44785292%2C31073104%2C31073270%2C44786560&oid=2&pvsid=3906358203504572&tmod=924299241&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=216

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15fe20172db35b21d979eb3c24523b3549503997194f70df86c6332c2939e70f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://alltime.pp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 104653
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 16:06:45 GMT
expires: Thu, 23 Mar 2023 16:06:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303160101/ 149 KB
51 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303160101/reactive_library_fy2021.js?bust=31073270

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fbc74afe426f4f7c07a334789a26a2cfc215d8fca15878be8b7a4a3a0aac52b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://alltime.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:06:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52115
x-xss-protection: 0
server: cafe
etag: 9851210851865705459
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 16:06:45 GMT

GET
H2 200 integrator.js Show response
adservice.google.it/adsid/ 107 B
165 B 35ms
33ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.it/adsid/integrator.js?domain=alltime.pp.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://alltime.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 35ms
34ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=alltime.pp.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://alltime.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0261 91 KB
33 KB 461ms
461ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0780848593048311&output=html&h=280&adk=2924429258&adf=1675913919&pi=t.aa~a.1958068758~i.1~rp.4&w=803&fwrn=4&fwrnh=100&lmt=1679587605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2435644795&ad_type=text_image&format=803x280&url=http%3A%2F%2Falltime.pp.ua%2F&fwr=0&pra=3&rh=200&rw=802&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1679587605537&bpp=1&bdt=1508&idt=1&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D49fe1b55810ec3d6-223cc5ab68dd00fd%3AT%3D1679587604%3ART%3D1679587604%3AS%3DALNI_MY-AK11IoIZztYHu3-QSA0oTRCsnA&gpic=UID%3D00000bcb0fa99bbb%3AT%3D1679587604%3ART%3D1679587604%3AS%3DALNI_MYwAWdlcjBzruJjGjPRvZpQbD2Uhw&prev_fmts=770x90%2C0x0&nras=2&correlator=7694090685262&frm=20&pv=1&ga_vid=2046191457.1679587605&ga_sid=1679587605&ga_hid=205744681&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=214&ady=2822&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44777877%2C44759926%2C44773809%2C44785292%2C31073104%2C31073270%2C44786560&oid=2&pvsid=3906358203504572&tmod=924299241&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=r5afOHOoxE&p=http%3A//alltime.pp.ua&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24f0d5eb98ee8336543d62a5314a0d010a989a46d177aeaec323bd2a03b633c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://alltime.pp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33628
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 16:06:45 GMT
expires: Thu, 23 Mar 2023 16:06:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6CB7 77 KB
25 KB 1033ms
1033ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0780848593048311&output=html&h=280&adk=1439814473&adf=2373233990&pi=t.aa~a.3841785186~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1679587605&rafmt=1&to=qs&pwprc=2435644795&format=350x280&url=http%3A%2F%2Falltime.pp.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1679587605562&bpp=1&bdt=1533&idt=1&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D49fe1b55810ec3d6-223cc5ab68dd00fd%3AT%3D1679587604%3ART%3D1679587604%3AS%3DALNI_MY-AK11IoIZztYHu3-QSA0oTRCsnA&gpic=UID%3D00000bcb0fa99bbb%3AT%3D1679587604%3ART%3D1679587604%3AS%3DALNI_MYwAWdlcjBzruJjGjPRvZpQbD2Uhw&prev_fmts=770x90%2C0x0%2C803x280&nras=3&correlator=7694090685262&frm=20&pv=1&ga_vid=2046191457.1679587605&ga_sid=1679587605&ga_hid=205744681&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1050&ady=2803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44777877%2C44759926%2C44773809%2C44785292%2C31073104%2C31073270%2C44786560&oid=2&pvsid=3906358203504572&tmod=924299241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=cSNaqzWqp2&p=http%3A//alltime.pp.ua&dtd=8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9113ff074a823d878d3311989bbfcec13e756981420e7fbedb24174e23a4013a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://alltime.pp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 25751
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 16:06:46 GMT
expires: Thu, 23 Mar 2023 16:06:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 15731612617880052017
tpc.googlesyndication.com/simgad/ Frame F78C 11 KB
11 KB 93ms
34ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15731612617880052017?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkhJkrk4ZmFqeyyp-nQk9erpziZ1g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0780848593048311&output=html&h=90&slotname=8488207415&adk=1543149296&adf=3234110510&pi=t.ma~as.8488207415&w=770&lmt=1679587604&format=770x90&url=http%3A%2F%2Falltime.pp.ua%2F&wgl=1&dt=1679587604355&bpp=5&bdt=327&idt=202&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&correlator=7694090685262&frm=20&pv=2&ga_vid=2046191457.1679587605&ga_sid=1679587605&ga_hid=205744681&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44777877%2C44759926%2C44773809%2C44785292%2C31073104%2C31073270%2C44786560&oid=2&pvsid=3906358203504572&tmod=924299241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ZKUU7wAL65&p=http%3A//alltime.pp.ua&dtd=220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c581fb09f1f87a1b6d5d5da7570afcd6d0b621ee6a8550c46203fec0cbb2a3dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 20:54:45 GMT
x-content-type-options: nosniff
age: 155520
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11282
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 18:28:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 20 Mar 2024 20:54:45 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/ Frame F78C 22 KB
9 KB 84ms
25ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9109
x-xss-protection: 0
server: cafe
etag: 16040247357158217350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:02 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame F78C 3 KB
1 KB 88ms
33ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame F78C 20 KB
9 KB 83ms
29ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:02 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F78C 158 KB
49 KB 36ms
34ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679312138029146"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Mar 2023 16:06:45 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame F78C 34 KB
14 KB 106ms
52ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

302deaf4fa154ebeaef0722951adad97a1e1727ca955959030e2f43257afb3f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:32:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2034
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13898
x-xss-protection: 0
server: cafe
etag: 4705717387851525028
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:32:51 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F78C 0
0 68ms
68ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COdA7FHkcZLGXKdSZ2OMPgrinqAfy1cLibobu2cHdEKTn8u2VAhABIIzExhtg_YKRhOgRoAGg_ZfaA8gBAqgDAcgDyQSqBOEBT9DBgF2JjP37kjaZ4roQIs6uKnaXivslG830V1AIabIlBJfAb5sfKpmMH-PE5mJ9Pqehhmqim6aFjaTSeqcfSsA32lbSxkFzKxBTmPFACeNF9Ps3nsx7M8cs8OJnu_YBVwTtQLYBY5UCHkpRPV__Js1fTehohRuZ5jJqjFUoPsHqMFQWoiz7TCPW6B0E-xtYxUTpyAklMHqG_3YzcWy4KuYhgronnLfzkvJCJPQwBMckR886jCL5OzWHmeMM50KCNabLTpPAl3y8fvpBtr-aNpc8Btpx7vy9ea986TSiIHLFwATRqamCkASSBQQIBBgBkgUECAUYBKAGAoAHy_H5gAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDZkjnSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi0wNzgwODQ4NTkzMDQ4MzExGAA&sigh=5bWDOP0FecI&uach_m=[UACH]&cid=CAQSGwDUE5ymp-tHJs7VRDDBl5LughRSXUrSaSB3hxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0780848593048311&output=html&h=90&slotname=8488207415&adk=1543149296&adf=3234110510&pi=t.ma~as.8488207415&w=770&lmt=1679587604&format=770x90&url=http%3A%2F%2Falltime.pp.ua%2F&wgl=1&dt=1679587604355&bpp=5&bdt=327&idt=202&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&correlator=7694090685262&frm=20&pv=2&ga_vid=2046191457.1679587605&ga_sid=1679587605&ga_hid=205744681&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44777877%2C44759926%2C44773809%2C44785292%2C31073104%2C31073270%2C44786560&oid=2&pvsid=3906358203504572&tmod=924299241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ZKUU7wAL65&p=http%3A//alltime.pp.ua&dtd=220
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Mar 2023 16:06:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 23 Mar 2023 16:06:45 GMT

GET
H3 200 integrator.js Show response
adservice.google.it/adsid/ 107 B
122 B 35ms
35ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.it/adsid/integrator.js?domain=alltime.pp.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://alltime.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 34ms
34ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=alltime.pp.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://alltime.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/ Frame F79B 10 KB
4 KB 25ms
24ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://alltime.pp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 74733
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Mar 2023 19:21:12 GMT
etag: 2378337311435320485
expires: Wed, 05 Apr 2023 19:21:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/ Frame 2DC5 10 KB
4 KB 25ms
25ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://alltime.pp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 74733
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Mar 2023 19:21:12 GMT
etag: 2378337311435320485
expires: Wed, 05 Apr 2023 19:21:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/ Frame 84B1 10 KB
4 KB 25ms
24ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://alltime.pp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 74733
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Mar 2023 19:21:12 GMT
etag: 2378337311435320485
expires: Wed, 05 Apr 2023 19:21:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/ Frame 44F0 10 KB
4 KB 25ms
25ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://alltime.pp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 74733
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Mar 2023 19:21:12 GMT
etag: 2378337311435320485
expires: Wed, 05 Apr 2023 19:21:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame F79B 4 KB
1 KB 96ms
34ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Mar 2023 16:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Mar 2023 15:02:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Mar 2023 16:06:45 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F79B 205 B
650 B 86ms
24ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:57:48 GMT
x-content-type-options: nosniff
age: 537
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 22 Mar 2024 15:57:48 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F79B 604 B
695 B 87ms
25ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 12:56:30 GMT
x-content-type-options: nosniff
age: 11415
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 22 Mar 2024 12:56:30 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/elements/html/ Frame F79B 13 KB
6 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2d4370ace7154a6d5bd3e067cf6d360eaf9cd5d7c1921097d0227adc6fd163a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 19:03:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75812
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6055
x-xss-protection: 0
server: cafe
etag: 9020047559607913051
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Apr 2023 19:03:13 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/elements/html/ Frame F79B 20 KB
8 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0102fdfbd0b06f4718e32f6586659557a6234c0111940c1fa3d697c42b067c1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:51:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8563
x-xss-protection: 0
server: cafe
etag: 3720302941478166528
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:51:44 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2DC5 8 KB
968 B 90ms
35ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Mar 2023 16:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Mar 2023 15:09:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Mar 2023 16:06:45 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame 2DC5 2 KB
845 B 25ms
25ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3099
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:06 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/ Frame 2DC5 22 KB
9 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9109
x-xss-protection: 0
server: cafe
etag: 16040247357158217350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:02 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame 2DC5 3 KB
1 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame 2DC5 20 KB
8 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:02 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2DC5 158 KB
48 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679312138029146"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Mar 2023 16:06:45 GMT

GET
H2 200 23cf7cdae9f50ee7270380e7f4964b21.js Show response
www.gstatic.com/mysidia/ Frame 2DC5 34 KB
14 KB 73ms
26ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/23cf7cdae9f50ee7270380e7f4964b21.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfb251ab625fc65ba9da3b27cc16fc25459480c929e6e8ff1efb2fa87fd72659

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 11:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14432
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 21:58:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 20 Jun 2023 11:58:31 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 84B1 8 KB
968 B 77ms
34ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Mar 2023 16:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Mar 2023 14:14:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Mar 2023 16:06:45 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame 84B1 2 KB
799 B 25ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3099
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:06 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/ Frame 84B1 22 KB
9 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9109
x-xss-protection: 0
server: cafe
etag: 16040247357158217350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:02 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame 84B1 3 KB
1 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame 84B1 20 KB
8 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:02 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 84B1 158 KB
48 KB 50ms
48ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679312138029146"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Mar 2023 16:06:45 GMT

GET
H2 200 23cf7cdae9f50ee7270380e7f4964b21.js Show response
www.gstatic.com/mysidia/ Frame 84B1 34 KB
14 KB 80ms
45ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/23cf7cdae9f50ee7270380e7f4964b21.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfb251ab625fc65ba9da3b27cc16fc25459480c929e6e8ff1efb2fa87fd72659

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 11:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14432
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 21:58:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 20 Jun 2023 11:58:31 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 44F0 8 KB
968 B 64ms
36ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Mar 2023 16:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Mar 2023 15:09:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Mar 2023 16:06:45 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame 44F0 2 KB
799 B 25ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3099
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:06 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 44F0 0
0 69ms
69ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9g3eFHkcZJObKq3pn88Ph4Oy-Aftz4HPb9yN04PuENTD2tOQORABIIzExhtg_YKRhOgRoAGvq6PQA8gBCakCyWCAv-1Jsj6oAwHIA8sEqgTeAU_QyD0alEtHUfIvPR8DTAeo__WxnTh0u64abPvTf0n8AjcmF0QpiGo4td3zqh2bp42f2yayuVNgi5qlHfCEM1P48z14CrcSozb8NJJv7PWRyEanqDz_-eHU1V45DDXzcLbeC0ePr2TPHw_iGPnZAnEGUhzRY9KcfQAcd-X-6pnlcKdkGYPaHyJlqPdD95C-rCkpFNqKeJLUFzO9IDhMxqNfwJEjOw1qVQGR0Yp7QRbOf70__lffrpUm8PLufVOSrBE5_aK0KcjYC1UTc2CYftkZv2zs_nHLmKlhj_cfuMAEmc6B9qsEkgUECAQYAZIFBAgFGASgBi6AB7nU3C-oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCb_hzSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDogUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0wNzgwODQ4NTkzMDQ4MzExGAA&sigh=MwZkweJmISE&uach_m=[UACH]&cid=CAQSGwDUE5ymQjhVlg9JZ5KjOcI4922oDDPFtBwlxhgB&template_id=5000

Requested by

Host: alltime.pp.ua
URL: http://alltime.pp.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Mar 2023 16:06:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/ Frame 44F0 22 KB
9 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9109
x-xss-protection: 0
server: cafe
etag: 16040247357158217350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:02 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame 44F0 3 KB
1 KB 27ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame 44F0 20 KB
8 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:02 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 44F0 158 KB
48 KB 58ms
56ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679312138029146"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Mar 2023 16:06:45 GMT

GET
H2 200 23cf7cdae9f50ee7270380e7f4964b21.js Show response
www.gstatic.com/mysidia/ Frame 44F0 34 KB
14 KB 75ms
52ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/23cf7cdae9f50ee7270380e7f4964b21.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfb251ab625fc65ba9da3b27cc16fc25459480c929e6e8ff1efb2fa87fd72659

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 11:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14432
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 21:58:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 20 Jun 2023 11:58:31 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/15282371384543449399/ Frame 44F0 23 KB
23 KB 26ms
25ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15282371384543449399/14763004658117789537?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ba5f5ceb86994e32e1233e984d5236c6bf3230d845ea0eb41bc4ce668fa3d45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 12:49:02 GMT
x-content-type-options: nosniff
age: 530263
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23067
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 16:08:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Mar 2024 12:49:02 GMT

GET
DATA 200
OK truncated
/ Frame 44F0 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 44F0 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 59A8 143 B
166 B 28ms
26ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0780848593048311&output=html&h=90&slotname=8488207415&adk=1543149296&adf=3234110510&pi=t.ma~as.8488207415&w=770&lmt=1679587604&format=770x90&url=http%3A%2F%2Falltime.pp.ua%2F&wgl=1&dt=1679587604355&bpp=5&bdt=327&idt=202&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&correlator=7694090685262&frm=20&pv=2&ga_vid=2046191457.1679587605&ga_sid=1679587605&ga_hid=205744681&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44777877%2C44759926%2C44773809%2C44785292%2C31073104%2C31073270%2C44786560&oid=2&pvsid=3906358203504572&tmod=924299241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ZKUU7wAL65&p=http%3A//alltime.pp.ua&dtd=220
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 603
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 15:56:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F78C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57bc4004da7cc337fc3ad27989eab9c0254b7bb80716215eddc8e2d3f33f1ddd

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 44F0 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a79cc4d016868c2097bc49ba00c0a98bfce9533e0cf4eff70f49f882f4bdab9a

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame D78B 8 KB
968 B 34ms
34ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Mar 2023 16:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Mar 2023 14:07:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Mar 2023 16:06:45 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame D78B 2 KB
765 B 25ms
25ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3099
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:06 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/ Frame D78B 22 KB
9 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9109
x-xss-protection: 0
server: cafe
etag: 16040247357158217350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:02 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame D78B 3 KB
1 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame D78B 20 KB
8 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:02 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D78B 158 KB
48 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679312138029146"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Mar 2023 16:06:45 GMT

GET
H2 200 23cf7cdae9f50ee7270380e7f4964b21.js Show response
www.gstatic.com/mysidia/ Frame D78B 34 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/23cf7cdae9f50ee7270380e7f4964b21.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfb251ab625fc65ba9da3b27cc16fc25459480c929e6e8ff1efb2fa87fd72659

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 11:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14432
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 21:58:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 20 Jun 2023 11:58:31 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 59A8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

45ms
42ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 16:06:46 GMT
expires: Thu, 23 Mar 2023 16:06:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 16:06:46 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js Show response
pagead2.googlesyndication.com/bg/ Frame 8137 36 KB
14 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e592e8401ff3d3643307f847aad9397d506bf2329b6b67939cc2b7b226b5783f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:35:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1857
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14308
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Mar 2024 15:35:48 GMT

GET
H3 200 5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js Show response
pagead2.googlesyndication.com/bg/ Frame 656E 36 KB
14 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js

Requested by

Host: alltime.pp.ua
URL: http://alltime.pp.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e592e8401ff3d3643307f847aad9397d506bf2329b6b67939cc2b7b226b5783f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:35:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14308
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Mar 2024 15:35:48 GMT

GET
H3 200 5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js Show response
pagead2.googlesyndication.com/bg/ Frame 4526 36 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js

Requested by

Host: alltime.pp.ua
URL: http://alltime.pp.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e592e8401ff3d3643307f847aad9397d506bf2329b6b67939cc2b7b226b5783f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:35:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14308
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Mar 2024 15:35:48 GMT

GET
H3 200 5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js Show response
pagead2.googlesyndication.com/bg/ Frame 16E5 36 KB
14 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js

Requested by

Host: alltime.pp.ua
URL: http://alltime.pp.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e592e8401ff3d3643307f847aad9397d506bf2329b6b67939cc2b7b226b5783f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:35:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14308
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Mar 2024 15:35:48 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0261 6 KB
672 B 35ms
35ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0780848593048311&output=html&h=280&adk=2924429258&adf=1675913919&pi=t.aa~a.1958068758~i.1~rp.4&w=803&fwrn=4&fwrnh=100&lmt=1679587605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2435644795&ad_type=text_image&format=803x280&url=http%3A%2F%2Falltime.pp.ua%2F&fwr=0&pra=3&rh=200&rw=802&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1679587605537&bpp=1&bdt=1508&idt=1&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D49fe1b55810ec3d6-223cc5ab68dd00fd%3AT%3D1679587604%3ART%3D1679587604%3AS%3DALNI_MY-AK11IoIZztYHu3-QSA0oTRCsnA&gpic=UID%3D00000bcb0fa99bbb%3AT%3D1679587604%3ART%3D1679587604%3AS%3DALNI_MYwAWdlcjBzruJjGjPRvZpQbD2Uhw&prev_fmts=770x90%2C0x0&nras=2&correlator=7694090685262&frm=20&pv=1&ga_vid=2046191457.1679587605&ga_sid=1679587605&ga_hid=205744681&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=214&ady=2822&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44777877%2C44759926%2C44773809%2C44785292%2C31073104%2C31073270%2C44786560&oid=2&pvsid=3906358203504572&tmod=924299241&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=r5afOHOoxE&p=http%3A//alltime.pp.ua&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Mar 2023 16:06:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Mar 2023 15:00:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Mar 2023 16:06:46 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame 0261 2 KB
765 B 25ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:06 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/ Frame 0261 22 KB
9 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9109
x-xss-protection: 0
server: cafe
etag: 16040247357158217350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:02 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame 0261 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame 0261 20 KB
8 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:02 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0261 0
0 34ms
32ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQw3E86WZpOPz8UD0ts7letQCuPlxgAVT6Wf6tErJ3CUVWUeyeLLjmXb0KZPqzQ4TVlc_DBr4ftaFa0itD5NNrSB82QuQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0780848593048311&output=html&h=280&adk=2924429258&adf=1675913919&pi=t.aa~a.1958068758~i.1~rp.4&w=803&fwrn=4&fwrnh=100&lmt=1679587605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2435644795&ad_type=text_image&format=803x280&url=http%3A%2F%2Falltime.pp.ua%2F&fwr=0&pra=3&rh=200&rw=802&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1679587605537&bpp=1&bdt=1508&idt=1&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D49fe1b55810ec3d6-223cc5ab68dd00fd%3AT%3D1679587604%3ART%3D1679587604%3AS%3DALNI_MY-AK11IoIZztYHu3-QSA0oTRCsnA&gpic=UID%3D00000bcb0fa99bbb%3AT%3D1679587604%3ART%3D1679587604%3AS%3DALNI_MYwAWdlcjBzruJjGjPRvZpQbD2Uhw&prev_fmts=770x90%2C0x0&nras=2&correlator=7694090685262&frm=20&pv=1&ga_vid=2046191457.1679587605&ga_sid=1679587605&ga_hid=205744681&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=214&ady=2822&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44777877%2C44759926%2C44773809%2C44785292%2C31073104%2C31073270%2C44786560&oid=2&pvsid=3906358203504572&tmod=924299241&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=r5afOHOoxE&p=http%3A//alltime.pp.ua&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0261 158 KB
48 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:06:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679312138029146"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Mar 2023 16:06:46 GMT

GET
H3 200 23cf7cdae9f50ee7270380e7f4964b21.js Show response
www.gstatic.com/mysidia/ Frame 0261 34 KB
14 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/23cf7cdae9f50ee7270380e7f4964b21.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfb251ab625fc65ba9da3b27cc16fc25459480c929e6e8ff1efb2fa87fd72659

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 11:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14432
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 21:58:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 20 Jun 2023 11:58:31 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0261 0
0 70ms
70ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnoA4FXkcZPvZI9WHwuIP68e04ATigpfAb4vvif-dEZ7PxZzQJBABIIzExhtguwagAZKZq_wCyAEJqAMByAPLBKoE5QFP0NIcCc2S7pRZHolyFtNSjcEV-ETMATKVuo7R9QT0Tghbq8PjpV-0pv7myzSG8Z-8mEUuRRHSYx-zXSsmQbld_L2zW4NITK_kbRXaiJxKDxADM8rfyXA0pGbpl-jaYe8-Tg3LDq7rEHVIajIPUMLP6fRtBLFMCo5xoNhuZ9ExqvNyaxHoDIry8PR0_mi7TNE5hGC6Rwib_ZfdvN_AjxcAEz8wRSFyDC0lnkicF0xB2ML7BakMr0nhJV3y3Oyq1E5McHPsSSI6PW5-fD65w4rd8go-IsqCdf8mso8DIcFSVMCAkXKKwATA0s2U2wOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH1ubUgwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBRC_gYEC0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMN0BUBmBYBgBcBshccChoIABIUcHViLTA3ODA4NDg1OTMwNDgzMTEYAA&sigh=o4GGfLrFqD4&uach_m=[UACH]&cid=CAQSOwDUE5ymDAhXONqyzfhx1vz-oH12N1Ga-kFVBElWCDNkh8pA1TxP2UJUqVJToXYUMw4-JNRTYCrV5LqZGAE&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0780848593048311&output=html&h=280&adk=2924429258&adf=1675913919&pi=t.aa~a.1958068758~i.1~rp.4&w=803&fwrn=4&fwrnh=100&lmt=1679587605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2435644795&ad_type=text_image&format=803x280&url=http%3A%2F%2Falltime.pp.ua%2F&fwr=0&pra=3&rh=200&rw=802&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1679587605537&bpp=1&bdt=1508&idt=1&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D49fe1b55810ec3d6-223cc5ab68dd00fd%3AT%3D1679587604%3ART%3D1679587604%3AS%3DALNI_MY-AK11IoIZztYHu3-QSA0oTRCsnA&gpic=UID%3D00000bcb0fa99bbb%3AT%3D1679587604%3ART%3D1679587604%3AS%3DALNI_MYwAWdlcjBzruJjGjPRvZpQbD2Uhw&prev_fmts=770x90%2C0x0&nras=2&correlator=7694090685262&frm=20&pv=1&ga_vid=2046191457.1679587605&ga_sid=1679587605&ga_hid=205744681&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=214&ady=2822&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44777877%2C44759926%2C44773809%2C44785292%2C31073104%2C31073270%2C44786560&oid=2&pvsid=3906358203504572&tmod=924299241&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=r5afOHOoxE&p=http%3A//alltime.pp.ua&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Mar 2023 16:06:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/8339584642496335128/ Frame 0261 18 KB
18 KB 26ms
25ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8339584642496335128/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d42100dd61c80ae67d8235a61a9c91d25a0b7882cda5a6d9e60675717554c9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 03:06:19 GMT
x-content-type-options: nosniff
age: 392427
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18072
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 21:33:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 18 Mar 2024 03:06:19 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/14917255203208823081/ Frame 0261 806 B
833 B 33ms
32ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14917255203208823081/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d859dbe400f5b7d3715a167a523406d1a40b8999f2beacc93d6462222b331f94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 18:12:47 GMT
x-content-type-options: nosniff
age: 78839
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 806
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 14:50:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Mar 2024 18:12:47 GMT

GET
H3 200 5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js Show response
pagead2.googlesyndication.com/bg/ Frame 5763 36 KB
14 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js

Requested by

Host: alltime.pp.ua
URL: http://alltime.pp.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e592e8401ff3d3643307f847aad9397d506bf2329b6b67939cc2b7b226b5783f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:35:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14308
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Mar 2024 15:35:48 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D6CF 1 KB
643 B 29ms
28ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 80409
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Mar 2023 17:46:37 GMT
etag: 48472445140208031
expires: Thu, 23 Mar 2023 17:46:37 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0261 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9016a5953c8458717938fc9ae6b83645e148ae72e8e193f1db4dea3214326098

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0261 15 KB
16 KB 89ms
29ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:40 GMT
x-content-type-options: nosniff
age: 199746
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:40 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0261 15 KB
16 KB 93ms
35ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:39 GMT
x-content-type-options: nosniff
age: 199747
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:39 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0261 15 KB
15 KB 111ms
56ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:38 GMT
x-content-type-options: nosniff
age: 199748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:38 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame D6CF
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFjlsOjtU7DPRefr_uhoGSU&google_cver=1&google_push=Aer7DvIMb4a1UidhKIAMaTVHHD8d3PtkgiXM17AsrrEREXSgzEF0ZOhYa0i_2AsBs351GINpLT7t3fSmAQ_vyQDyNbWRq7dWzs1X5g
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzkyNDMzMDM1ODY1NzE5MjIwMg==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHTPqaMNRN8s1lPoEPua2S0&google_cver=1

43 B
398 B

72ms
40ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHTPqaMNRN8s1lPoEPua2S0&google_cver=1
Requested by: Host: alltime.pp.ua
URL: http://alltime.pp.ua/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 23 Mar 2023 16:06:46 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 23 Mar 2023 16:06:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHTPqaMNRN8s1lPoEPua2S0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D6CF
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESECIP6T2gI5MWZ8HskrM_dAA&google_cver=1&google_push=Aer7DvJ0gZ92M7FBL1pNW9Sir4qLhlCsdOj_GhW6qTxfyy2F223Rl7xdS8i3TJTJEoFDGmZcmV5_C6jNwlejn-a-NhPvBUNE3BD39g
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=39EAB72BAE0E40E3A82FCEE52A0F35CB&google_push=Aer7DvJ0gZ92M7FBL1pNW9Sir4qLhlCsdOj_GhW6qTxfyy2F223Rl7xdS8i3TJTJEoFDGmZcmV5_C6jNwlejn-a...

170 B
232 B

43ms
42ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=39EAB72BAE0E40E3A82FCEE52A0F35CB&google_push=Aer7DvJ0gZ92M7FBL1pNW9Sir4qLhlCsdOj_GhW6qTxfyy2F223Rl7xdS8i3TJTJEoFDGmZcmV5_C6jNwlejn-a-NhPvBUNE3BD39g

Requested by

Host: alltime.pp.ua
URL: http://alltime.pp.ua/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 16:06:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 23 Mar 2023 16:06:46 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=39EAB72BAE0E40E3A82FCEE52A0F35CB&google_push=Aer7DvJ0gZ92M7FBL1pNW9Sir4qLhlCsdOj_GhW6qTxfyy2F223Rl7xdS8i3TJTJEoFDGmZcmV5_C6jNwlejn-a-NhPvBUNE3BD39g
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 22 Mar 2023 16:06:46 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D6CF
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEJF29Ebj897NgOu4CMrPJto&google_cver=1&google_push=Aer7DvKRZE68PqWQKc4h8UdB68XXCza5bZsGU4yxS6D5edhAhgziAGoX_-Z93Qy5CkHub3lipxTEdgFbyeF...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvKRZE68PqWQKc4h8UdB68XXCza5bZsGU4yxS6D5edhAhgziAGoX_-Z93Qy5CkHub3lipxTEdgFbyeFt_j6IF848oTy2DFKU&google_hm=gZ710xCGRoaC-hTEdGjiS9c

170 B
232 B

46ms
45ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvKRZE68PqWQKc4h8UdB68XXCza5bZsGU4yxS6D5edhAhgziAGoX_-Z93Qy5CkHub3lipxTEdgFbyeFt_j6IF848oTy2DFKU&google_hm=gZ710xCGRoaC-hTEdGjiS9c

Requested by

Host: alltime.pp.ua
URL: http://alltime.pp.ua/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 16:06:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Mar 2023 16:06:46 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvKRZE68PqWQKc4h8UdB68XXCza5bZsGU4yxS6D5edhAhgziAGoX_-Z93Qy5CkHub3lipxTEdgFbyeFt_j6IF848oTy2DFKU&google_hm=gZ710xCGRoaC-hTEdGjiS9c
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D6CF
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAoAlgffNFsFDycdR9412w4&google_cver=1&google_push=Aer7DvLzhbyZd4Vk5diD9l-Roi64XtfVsrv7Gn88WxzS_eQw2iBipbtiZ411xF6_Maw2zGs6v9mT04dSKDSz1q...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxMzc3MzgzODU1Njk4NTQ5OQ%3D%3D&google_push=Aer7DvLzhbyZd4Vk5diD9l-Roi64XtfVsrv7Gn88WxzS_eQw2iBipbtiZ411xF6_Maw2zGs6v9mT04dSKDSz1q-5Qi...

170 B
232 B

45ms
44ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxMzc3MzgzODU1Njk4NTQ5OQ%3D%3D&google_push=Aer7DvLzhbyZd4Vk5diD9l-Roi64XtfVsrv7Gn88WxzS_eQw2iBipbtiZ411xF6_Maw2zGs6v9mT04dSKDSz1q-5QiozDZD7UeDGpQ

Requested by

Host: alltime.pp.ua
URL: http://alltime.pp.ua/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 16:06:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxMzc3MzgzODU1Njk4NTQ5OQ%3D%3D&google_push=Aer7DvLzhbyZd4Vk5diD9l-Roi64XtfVsrv7Gn88WxzS_eQw2iBipbtiZ411xF6_Maw2zGs6v9mT04dSKDSz1q-5QiozDZD7UeDGpQ
Date: Thu, 23 Mar 2023 16:06:46 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D6CF
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPO-EITqfqd1mOiDYD1F1W4&google_cver=1&google_push=Aer7DvLz-3SEz9UrNyjl3tQC3praSD4tz3nRb92TxNfixhThWqinVKR23Sr693uhZ3MHk4j1yDBe31UmCCzHLZIt...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=QKLRbiKLRqWpQ6tdWjTSDw2&google_push=Aer7DvLz-3SEz9UrNyjl3tQC3praSD4tz3nRb92TxNfixhThWqinVKR23Sr693uhZ3MHk4j1yDBe31UmCCzHLZItssPfKmPaK_XAdQ

170 B
329 B

45ms
44ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=QKLRbiKLRqWpQ6tdWjTSDw2&google_push=Aer7DvLz-3SEz9UrNyjl3tQC3praSD4tz3nRb92TxNfixhThWqinVKR23Sr693uhZ3MHk4j1yDBe31UmCCzHLZItssPfKmPaK_XAdQ

Requested by

Host: alltime.pp.ua
URL: http://alltime.pp.ua/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 16:06:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 23 Mar 2023 16:06:46 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=QKLRbiKLRqWpQ6tdWjTSDw2&google_push=Aer7DvLz-3SEz9UrNyjl3tQC3praSD4tz3nRb92TxNfixhThWqinVKR23Sr693uhZ3MHk4j1yDBe31UmCCzHLZItssPfKmPaK_XAdQ
x-host: tde-deliveryengine-production-86c874c4d8-gzk6h
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D6CF
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBemH0znVeEbzwaXsSD5IJE&google_cver=1&google_push=Aer7DvL9clHT85BpdxStQXSXu5dzJmzzhMg10wXl82kPZMVwz2tAQr0Yd26BKska2yjvTFiU6wDUkJPA2w4RiBWGN0ym...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBemH0znVeEbzwaXsSD5IJE&google_cver=1&google_push=Aer7DvL9clHT85BpdxStQXSXu5dzJmzzhMg10wXl82kPZMVwz2tAQr0Yd26BKska2yjvTFiU6wDUkJPA2w4RiB...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvL9clHT85BpdxStQXSXu5dzJmzzhMg10wXl82kPZMVwz2tAQr0Yd26BKska2yjvTFiU6wDUkJPA2w4RiBWGN0ymlqz-sm0pew&google_hm=Az6CxzbXRi-hJRz_5VDF4w==

170 B
232 B

42ms
42ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvL9clHT85BpdxStQXSXu5dzJmzzhMg10wXl82kPZMVwz2tAQr0Yd26BKska2yjvTFiU6wDUkJPA2w4RiBWGN0ymlqz-sm0pew&google_hm=Az6CxzbXRi-hJRz_5VDF4w==

Requested by

Host: alltime.pp.ua
URL: http://alltime.pp.ua/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 16:06:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvL9clHT85BpdxStQXSXu5dzJmzzhMg10wXl82kPZMVwz2tAQr0Yd26BKska2yjvTFiU6wDUkJPA2w4RiBWGN0ymlqz-sm0pew&google_hm=Az6CxzbXRi-hJRz_5VDF4w==
date: Thu, 23 Mar 2023 16:06:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D6CF
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFPbmBib6v32t1cB-xqm-sg&google_cver=1&google_push=Aer7DvI5fLYmceDRI5d92SAjzT6Bqpq8dc5yQ2y0jB6MnTKHwKWr8AJYowfdFoHnK6CK4R78wx_NcfotBSYalfjsXlYmz1R...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvI5fLYmceDRI5d92SAjzT6Bqpq8dc5yQ2y0jB6MnTKHwKWr8AJYowfdFoHnK6CK4R78wx_NcfotBSYalfjsXlYmz1RvqzsCRQ&google_hm=eS1oazNhQWpKRTJwSFFx...

170 B
188 B

40ms
39ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvI5fLYmceDRI5d92SAjzT6Bqpq8dc5yQ2y0jB6MnTKHwKWr8AJYowfdFoHnK6CK4R78wx_NcfotBSYalfjsXlYmz1RvqzsCRQ&google_hm=eS1oazNhQWpKRTJwSFFxVDVuV2d0WkhmcTRIVUtPVFdYT35B

Requested by

Host: alltime.pp.ua
URL: http://alltime.pp.ua/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 16:06:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 23 Mar 2023 16:06:46 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvI5fLYmceDRI5d92SAjzT6Bqpq8dc5yQ2y0jB6MnTKHwKWr8AJYowfdFoHnK6CK4R78wx_NcfotBSYalfjsXlYmz1RvqzsCRQ&google_hm=eS1oazNhQWpKRTJwSFFxVDVuV2d0WkhmcTRIVUtPVFdYT35B
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D6CF 0
139 B 132ms
40ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I5l3kwU-YfAi-PcsKooMDyv-Yh8oTF8dgqZkfu1bVeE7ru4QY4ehUN9yI3HQnWLArzHkS9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:06:46 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js Show response
pagead2.googlesyndication.com/bg/ Frame 0ACE 36 KB
14 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e592e8401ff3d3643307f847aad9397d506bf2329b6b67939cc2b7b226b5783f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:35:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14308
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Mar 2024 15:35:48 GMT

GET
H3 200 914be99cd47eba54dcad56263af893ff.js Show response
www.gstatic.com/mysidia/ Frame 6CB7 10 KB
4 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/914be99cd47eba54dcad56263af893ff.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0780848593048311&output=html&h=280&adk=1439814473&adf=2373233990&pi=t.aa~a.3841785186~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1679587605&rafmt=1&to=qs&pwprc=2435644795&format=350x280&url=http%3A%2F%2Falltime.pp.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1679587605562&bpp=1&bdt=1533&idt=1&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D49fe1b55810ec3d6-223cc5ab68dd00fd%3AT%3D1679587604%3ART%3D1679587604%3AS%3DALNI_MY-AK11IoIZztYHu3-QSA0oTRCsnA&gpic=UID%3D00000bcb0fa99bbb%3AT%3D1679587604%3ART%3D1679587604%3AS%3DALNI_MYwAWdlcjBzruJjGjPRvZpQbD2Uhw&prev_fmts=770x90%2C0x0%2C803x280&nras=3&correlator=7694090685262&frm=20&pv=1&ga_vid=2046191457.1679587605&ga_sid=1679587605&ga_hid=205744681&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1050&ady=2803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44777877%2C44759926%2C44773809%2C44785292%2C31073104%2C31073270%2C44786560&oid=2&pvsid=3906358203504572&tmod=924299241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=cSNaqzWqp2&p=http%3A//alltime.pp.ua&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1665e53681ca0c9d196425fb71f94996ef4a495a489c7dda67bead9799615d98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 11:58:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4426
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 21:58:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 20 Jun 2023 11:58:32 GMT

GET
H3 200 ac0c6a231e88d9464440510a6151318d.js Show response
www.gstatic.com/mysidia/ Frame 6CB7 19 KB
8 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac0c6a231e88d9464440510a6151318d.js?tag=pingback

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5105ebe3e7f2a7d345edfa9306ec534f53e10e78bd75b0d17c1933438a2b97e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 05:05:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7824
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 21:56:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 20 Jun 2023 05:05:16 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6CB7 8 KB
712 B 35ms
34ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a695d75ed5265fb2f07d7f73e41ffe4acea9b5c5f6573294038d5ef560a0086

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Mar 2023 16:06:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Mar 2023 15:08:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Mar 2023 16:06:46 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame 6CB7 2 KB
765 B 25ms
25ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:06 GMT

GET
H3 200 e9aff91b4641aa9f021dfc8c8beac945.js Show response
www.gstatic.com/mysidia/ Frame 6CB7 6 KB
2 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e9aff91b4641aa9f021dfc8c8beac945.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

446b75df3aa450dc67047c4ae08d0ba75cd173ee74cf644281c31ecd61c92b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 17:30:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2362
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 21:56:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 18 Jun 2023 17:30:17 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/ Frame 6CB7 22 KB
9 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9109
x-xss-protection: 0
server: cafe
etag: 16040247357158217350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:02 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame 6CB7 3 KB
1 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame 6CB7 20 KB
8 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:02 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6CB7 0
0 35ms
35ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQgXPiQqaRi_jo_z6vzyK8ivqQHOZcCARHGW0sru0g_DGTiw6na8a6PjUngrr0ukqHT7o1PVCFRIIBvRTxCm_3yuSYgkA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0780848593048311&output=html&h=280&adk=1439814473&adf=2373233990&pi=t.aa~a.3841785186~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1679587605&rafmt=1&to=qs&pwprc=2435644795&format=350x280&url=http%3A%2F%2Falltime.pp.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1679587605562&bpp=1&bdt=1533&idt=1&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D49fe1b55810ec3d6-223cc5ab68dd00fd%3AT%3D1679587604%3ART%3D1679587604%3AS%3DALNI_MY-AK11IoIZztYHu3-QSA0oTRCsnA&gpic=UID%3D00000bcb0fa99bbb%3AT%3D1679587604%3ART%3D1679587604%3AS%3DALNI_MYwAWdlcjBzruJjGjPRvZpQbD2Uhw&prev_fmts=770x90%2C0x0%2C803x280&nras=3&correlator=7694090685262&frm=20&pv=1&ga_vid=2046191457.1679587605&ga_sid=1679587605&ga_hid=205744681&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1050&ady=2803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44777877%2C44759926%2C44773809%2C44785292%2C31073104%2C31073270%2C44786560&oid=2&pvsid=3906358203504572&tmod=924299241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=cSNaqzWqp2&p=http%3A//alltime.pp.ua&dtd=8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6CB7 158 KB
48 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:06:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679312138029146"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Mar 2023 16:06:46 GMT

GET
H3 200 23cf7cdae9f50ee7270380e7f4964b21.js Show response
www.gstatic.com/mysidia/ Frame 6CB7 34 KB
14 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/23cf7cdae9f50ee7270380e7f4964b21.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfb251ab625fc65ba9da3b27cc16fc25459480c929e6e8ff1efb2fa87fd72659

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 11:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14432
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 21:58:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 20 Jun 2023 11:58:31 GMT

GET
DATA 200
OK truncated
/ Frame 6CB7 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6CB7 0
0 68ms
68ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYMCqFXkcZISAKcb5n88P54enyAT6lsWkb7n66YSsEdzZHhABIIzExhtg_YKRhOgRoAGngdzZAsgBAakCmEiUPDw_sj6oAwGqBOIBT9AIhC-UnTjzgM3emFS72KQSZvF1FUchsxwkaY1LPVYT-9infBkfvaGQbsO--0eKgPu6FXjcVOUyRpDNUs_dL1XnAbz2FqM2_B30mxQty2kDyI6aEaqsFKaBRNqaX_rPpyXn3RrNu6xwYaT4tTX9aO-50pyIcwEWo4wpRifqRgxMNtmlH3bCeT95SnmlkBDuex23rB-Anmu09HSCAFQrlMMUHjZOsrBQ_Ulpe4GQo69hdjgrY4FLnItAmwRC2pV6xD6iuKw5-QhEVyJrf6Q-gkZ5u4183jY0ZQQ_VfHRmgPQsMAE_-GZ16sEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB6-npaYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQsYwH0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw2IFAHQFQGAFwGyFxwKGggAEhRwdWItMDc4MDg0ODU5MzA0ODMxMRgA&sigh=d063wLdplE0&uach_m=[UACH]&cid=CAQSOwDUE5ym50chtIWyKpab-nWZzWoRSA2MLhd2LeuetKEINGigLUkTDjIJAzvFUDP2UVu06eOHl4N_2_CWGAE&template_id=5028

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0780848593048311&output=html&h=280&adk=1439814473&adf=2373233990&pi=t.aa~a.3841785186~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1679587605&rafmt=1&to=qs&pwprc=2435644795&format=350x280&url=http%3A%2F%2Falltime.pp.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1679587605562&bpp=1&bdt=1533&idt=1&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D49fe1b55810ec3d6-223cc5ab68dd00fd%3AT%3D1679587604%3ART%3D1679587604%3AS%3DALNI_MY-AK11IoIZztYHu3-QSA0oTRCsnA&gpic=UID%3D00000bcb0fa99bbb%3AT%3D1679587604%3ART%3D1679587604%3AS%3DALNI_MYwAWdlcjBzruJjGjPRvZpQbD2Uhw&prev_fmts=770x90%2C0x0%2C803x280&nras=3&correlator=7694090685262&frm=20&pv=1&ga_vid=2046191457.1679587605&ga_sid=1679587605&ga_hid=205744681&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1050&ady=2803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44777877%2C44759926%2C44773809%2C44785292%2C31073104%2C31073270%2C44786560&oid=2&pvsid=3906358203504572&tmod=924299241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=cSNaqzWqp2&p=http%3A//alltime.pp.ua&dtd=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Mar 2023 16:06:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 53C5 143 B
166 B 25ms
24ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0780848593048311&output=html&h=280&adk=1439814473&adf=2373233990&pi=t.aa~a.3841785186~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1679587605&rafmt=1&to=qs&pwprc=2435644795&format=350x280&url=http%3A%2F%2Falltime.pp.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1679587605562&bpp=1&bdt=1533&idt=1&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D49fe1b55810ec3d6-223cc5ab68dd00fd%3AT%3D1679587604%3ART%3D1679587604%3AS%3DALNI_MY-AK11IoIZztYHu3-QSA0oTRCsnA&gpic=UID%3D00000bcb0fa99bbb%3AT%3D1679587604%3ART%3D1679587604%3AS%3DALNI_MYwAWdlcjBzruJjGjPRvZpQbD2Uhw&prev_fmts=770x90%2C0x0%2C803x280&nras=3&correlator=7694090685262&frm=20&pv=1&ga_vid=2046191457.1679587605&ga_sid=1679587605&ga_hid=205744681&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1050&ady=2803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44777877%2C44759926%2C44773809%2C44785292%2C31073104%2C31073270%2C44786560&oid=2&pvsid=3906358203504572&tmod=924299241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=cSNaqzWqp2&p=http%3A//alltime.pp.ua&dtd=8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 604
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 15:56:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B6FA 1 KB
643 B 25ms
25ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 80409
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Mar 2023 17:46:37 GMT
etag: 48472445140208031
expires: Thu, 23 Mar 2023 17:46:37 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6CB7 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eaceea65a9f370ad24514ec8357a57070043d2ca01075220efc2dfbb83d77050

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame B6FA
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEK0smF416YF4xID3XPSosSE&google_cver=1&google_push=Aa02lx-HJVsXc5HQN5G1aMPEYQIXhdNRFXLudiCpkJHbB7515V1xW40mVOZCFexjUGRXdDtMiTME991FpHGGGnKgGVkiOFaYi8M_H...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEK0smF416YF4xID3XPSosSE&google_cver=1&google_push=Aa02lx-HJVsXc5HQN5G1aMPEYQIXhdNRFXLudiCpkJHbB7515V1xW40mVOZCFexjUGRXdDtMiTME991FpHGGGnKgGVkiOFaYi8M...

43 B
453 B

221ms
198ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEK0smF416YF4xID3XPSosSE&google_cver=1&google_push=Aa02lx-HJVsXc5HQN5G1aMPEYQIXhdNRFXLudiCpkJHbB7515V1xW40mVOZCFexjUGRXdDtMiTME991FpHGGGnKgGVkiOFaYi8M_HA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-HJVsXc5HQN5G1aMPEYQIXhdNRFXLudiCpkJHbB7515V1xW40mVOZCFexjUGRXdDtMiTME991FpHGGGnKgGVkiOFaYi8M_HA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 16:06:47 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7ac7ec6fd921baff-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Mar 2023 16:06:46 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 47
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEK0smF416YF4xID3XPSosSE&google_cver=1&google_push=Aa02lx-HJVsXc5HQN5G1aMPEYQIXhdNRFXLudiCpkJHbB7515V1xW40mVOZCFexjUGRXdDtMiTME991FpHGGGnKgGVkiOFaYi8M_HA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-HJVsXc5HQN5G1aMPEYQIXhdNRFXLudiCpkJHbB7515V1xW40mVOZCFexjUGRXdDtMiTME991FpHGGGnKgGVkiOFaYi8M_HA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7ac7ec6e8e6abaff-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B6FA
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEP6k7FXdtvwBRuCBqigS_uo&google_cver=1&google_push=Aa02lx85NH12lg-Ra8dYJ4nAZ-tU2o-iMZU0j0PGGFEZQYd9_DnCAUpE_Ffkat0yDXgLiz0Xiw-tDoCudb5rz-YgF61H...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx85NH12lg-Ra8dYJ4nAZ-tU2o-iMZU0j0PGGFEZQYd9_DnCAUpE_Ffkat0yDXgLiz0Xiw-tDoCudb5rz-YgF61HMZOXaJbMou8&google_hm=Az6CxzbXRi-hJRz_5VDF...

170 B
188 B

46ms
42ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx85NH12lg-Ra8dYJ4nAZ-tU2o-iMZU0j0PGGFEZQYd9_DnCAUpE_Ffkat0yDXgLiz0Xiw-tDoCudb5rz-YgF61HMZOXaJbMou8&google_hm=Az6CxzbXRi-hJRz_5VDF4w==

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 16:06:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx85NH12lg-Ra8dYJ4nAZ-tU2o-iMZU0j0PGGFEZQYd9_DnCAUpE_Ffkat0yDXgLiz0Xiw-tDoCudb5rz-YgF61HMZOXaJbMou8&google_hm=Az6CxzbXRi-hJRz_5VDF4w==
date: Thu, 23 Mar 2023 16:06:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B6FA
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKm3C-PcyVBxn-PsmR_ksOw&google_cver=1&google_push=Aa02lx_ZdRIf6H89wM9RzHddIv9N1EwF9Zl_sudJtKQ-XYhUGRdKAfOcz2veixJydQYPLLqSdkD8PSbpJ1br1qcP4_EAaEt...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_ZdRIf6H89wM9RzHddIv9N1EwF9Zl_sudJtKQ-XYhUGRdKAfOcz2veixJydQYPLLqSdkD8PSbpJ1br1qcP4_EAaEtOm5sVCQ8&google_hm=eS1oazNhQWpKRTJwSFF...

170 B
188 B

37ms
37ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_ZdRIf6H89wM9RzHddIv9N1EwF9Zl_sudJtKQ-XYhUGRdKAfOcz2veixJydQYPLLqSdkD8PSbpJ1br1qcP4_EAaEtOm5sVCQ8&google_hm=eS1oazNhQWpKRTJwSFFxVDVuV2d0WkhmcTRIVUtPVFdYT35B

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 16:06:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 23 Mar 2023 16:06:46 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_ZdRIf6H89wM9RzHddIv9N1EwF9Zl_sudJtKQ-XYhUGRdKAfOcz2veixJydQYPLLqSdkD8PSbpJ1br1qcP4_EAaEtOm5sVCQ8&google_hm=eS1oazNhQWpKRTJwSFFxVDVuV2d0WkhmcTRIVUtPVFdYT35B
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame B6FA 43 B
351 B 77ms
35ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEIQCnDZYAGTOr7Oh9x0i_5o&google_cver=1&google_push=Aa02lx98IwMEdo6zA7Yloqubp-Tnv7GCstE7x84rG34p5DNJo3DcS39dyuvtHAlXQ3LegWFN_oJJwRynRViVtVUTabbCq_W2451tP1Y
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0780848593048311&output=html&h=280&adk=1439814473&adf=2373233990&pi=t.aa~a.3841785186~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1679587605&rafmt=1&to=qs&pwprc=2435644795&format=350x280&url=http%3A%2F%2Falltime.pp.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1679587605562&bpp=1&bdt=1533&idt=1&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D49fe1b55810ec3d6-223cc5ab68dd00fd%3AT%3D1679587604%3ART%3D1679587604%3AS%3DALNI_MY-AK11IoIZztYHu3-QSA0oTRCsnA&gpic=UID%3D00000bcb0fa99bbb%3AT%3D1679587604%3ART%3D1679587604%3AS%3DALNI_MYwAWdlcjBzruJjGjPRvZpQbD2Uhw&prev_fmts=770x90%2C0x0%2C803x280&nras=3&correlator=7694090685262&frm=20&pv=1&ga_vid=2046191457.1679587605&ga_sid=1679587605&ga_hid=205744681&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1050&ady=2803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44777877%2C44759926%2C44773809%2C44785292%2C31073104%2C31073270%2C44786560&oid=2&pvsid=3906358203504572&tmod=924299241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=cSNaqzWqp2&p=http%3A//alltime.pp.ua&dtd=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 16:06:46 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: vhd735eqfq0sv2kavv2tb709b9q35bg2

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B6FA
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJj3rGrnifYI2Wsrx4XAksA&google_cver=1&google_push=Aa02lx8sYuDyN3DkL327FuwTYgb077div6StgcWtq3Fp-WzPE084x0RdTn3EgOUPs-fa-zyVMuI...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZMQjNGU1QtVS0zQlpK&google_push=Aa02lx8sYuDyN3DkL327FuwTYgb077div6StgcWtq3Fp-WzPE084x0RdTn3EgOUPs-fa-zyVMuIeQ6SUoNu5XBoB0FHRaZMcYYm0he8

170 B
188 B

39ms
39ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZMQjNGU1QtVS0zQlpK&google_push=Aa02lx8sYuDyN3DkL327FuwTYgb077div6StgcWtq3Fp-WzPE084x0RdTn3EgOUPs-fa-zyVMuIeQ6SUoNu5XBoB0FHRaZMcYYm0he8

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 16:06:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZMQjNGU1QtVS0zQlpK&google_push=Aa02lx8sYuDyN3DkL327FuwTYgb077div6StgcWtq3Fp-WzPE084x0RdTn3EgOUPs-fa-zyVMuIeQ6SUoNu5XBoB0FHRaZMcYYm0he8
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B6FA
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELHP5rcK3QBO2g8ZCnEntAU&google_cver=1&google_push=Aa02lx8xNTTzc_ejhcVoIr50FOxfs6ckm2aciSm7stYvtd7MnZGxSundowudAo9CJ-fBsyhwiUR1_OodctSr...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8xNTTzc_ejhcVoIr50FOxfs6ckm2aciSm7stYvtd7MnZGxSundowudAo9CJ-fBsyhwiUR1_OodctSrGbo0HN59Qyz_3WRx-Z8

170 B
188 B

39ms
39ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8xNTTzc_ejhcVoIr50FOxfs6ckm2aciSm7stYvtd7MnZGxSundowudAo9CJ-fBsyhwiUR1_OodctSrGbo0HN59Qyz_3WRx-Z8

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 16:06:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8xNTTzc_ejhcVoIr50FOxfs6ckm2aciSm7stYvtd7MnZGxSundowudAo9CJ-fBsyhwiUR1_OodctSrGbo0HN59Qyz_3WRx-Z8
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame B6FA
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPiIbXxC9jR6AzHtEkhwL3U&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx_2bJFLuEQh5KctCVFDGtEiKqB_jcGiYYCHyqcAn-hQadEFQTWHI-D9g3yxjFYvySPTOb4cavUovkpwVqPXtcyCVEDrJvZ2xxM
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

60ms
59ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires: Thu, 23 Mar 2023 16:06:46 GMT
pragma: no-cache
date: Thu, 23 Mar 2023 16:06:46 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 23 Mar 2023 16:06:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B6FA 0
12 B 39ms
38ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KbXBVWT9dPQ7HG51_rBMOtgDgPu_YUmOLckpNc5kffZ-ZvIBh7XHfJ2k-yt69i_uBM5Tqgkg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:06:46 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 53C5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

38ms
38ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 16:06:46 GMT
expires: Thu, 23 Mar 2023 16:06:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 16:06:46 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 6CB7 44 KB
44 KB 26ms
25ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:39 GMT
x-content-type-options: nosniff
age: 199747
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:39 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6CB7 0
20 B 60ms
59ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoICAEqBG5vaXIKCggCKgZzZXJ2ZXIKGggEKhZteXNpZGlhX2FuYWx5dGljc19leHAyCg0QKyEAAAAAAAAQQDAECg0QAyEAAAAAAEqRQDAECg0QCiEAAABgZmYUQDAECg0QDSEAAAAAAAAAADAECg0QHioHMzUweDI4MDAECg0QGSoHMzUweDI4MDAECg0QDiEAAAAAAAAAADAECg0QBCEAAAAAAGKRQDAECg0QDyEAAAAAAAAAADAECg0QKyEAAAAAAAAmQDAECg0QBSEAAMDMzGKRQDAECg0QECEAAAAAwHDZQDAECg0QESEAAAAA4EXxQDAECg0QEiEAAAAAAAAgQDAECg0QEyEAAAAAAAAIQDAECg0QFyEAAGBmZniSQDAEEhpDTVRlNjdTMzh2MENGY2I4NXdNZDU4TUpTUSIJdGV4dC9ub2lyKBU=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/ac0c6a231e88d9464440510a6151318d.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 16:06:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F78C 42 B
64 B 115ms
61ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1GGvjDIR-qrNLAaWqG1OR3eizvgxZnrVsKwYpFMvUQKheCtzMGcbNDjIMH7LFozV8PZveCRWDzthU1UidzSkkLVkqd8CqZTOrJzSz6rz-HnUURrAgEy6ZCZSM43G3het30dFrVw&sai=AMfl-YRAp4k3TZdatTjtLtdSWsTp9Tci3vceHBXtiYfOJJIoNxBH7TnzOmdOHciVOuDqAC_A-UynvGrwAufR&sig=Cg0ArKJSzM2S8D-hzcUzEAE&cid=CAQSGwDUE5ymp-tHJs7VRDDBl5LughRSXUrSaSB3hxgB&id=lidar2&mcvt=1002&p=0,21,90,749&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230320&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1543149296&rs=2&la=0&cr=0&vs=4&r=v&rst=1679587604576&rpt=1235&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 16:06:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 114ms
73ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230321&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

580a6808fd4dad3b43849a45ca024726f760b836979fd2045586e0b9a48fbd36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://alltime.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:06:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11298
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6CB7 0
20 B 61ms
60ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoICAEqBG5vaXIKCggCKgZzZXJ2ZXIKGggEKhZteXNpZGlhX2FuYWx5dGljc19leHAyCg0QFCEAAAAAUOvxQDAECg0QFSEAAAAAAAAsQDAECg0QFiEAAAAAAAAUQDAECg0QGCEAAAAAANqTQDAECg0QMiEAAAAAmJnJPzAECg0QMyEAAAAAmJnJPzAECg0QNCEAAAAAmJnJPzAECg0QNSEAAAAAmJnJPzAECg0QNiEAAAAAmJnJPzAECg0QNyEAAAAAmJnJPzAECg0QOCEAAACAzMz0PzAECg0QOSEAAICZmSeQQDAECg0QOiEAAAAAADKQQDAECg0QOyEAAICZmXOSQDAECg0QPCEAAICZmXOSQDAECg0QPSEAAGBmZniSQDAECg0QPiEAAGBmZtiTQDAECg0QPyEAAGBmZtiTQDAECg0QQCEAAAAAAOSTQDAEEhpDTVRlNjdTMzh2MENGY2I4NXdNZDU4TUpTUSIJdGV4dC9ub2lyKBU=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/ac0c6a231e88d9464440510a6151318d.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 16:06:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://alltime.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:06:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 23 Mar 2023 16:06:46 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 23EB 13 KB
5 KB 25ms
25ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://alltime.pp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
age: 1859
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 15:35:48 GMT
expires: Fri, 22 Mar 2024 15:35:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B4F0 783 B
535 B 39ms
38ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3560a7cfda347d1421d8887e82caf35334ad3b74e02970f4e57e9fd5d9b9180c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VT5_Tj-jl9JKl9-RNwcy1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://alltime.pp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-VT5_Tj-jl9JKl9-RNwcy1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 16:06:47 GMT
expires: Thu, 23 Mar 2023 16:06:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js Show response
pagead2.googlesyndication.com/bg/ Frame 23EB 36 KB
14 KB 37ms
34ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e592e8401ff3d3643307f847aad9397d506bf2329b6b67939cc2b7b226b5783f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:35:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1859
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14308
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Mar 2024 15:35:48 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 44F0 42 B
64 B 85ms
84ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2f4qSSTM2xAny21zc3Bs1dSekwyAKfIS-oj1NdnfK7F2t6PekGouPUhIRxRdIXzRFeizP3-vwrdNe1W5onz9B0F23Kw8wGye_qgXag0r_wPu-azn10GUMuZWR4JbZme4-snZZwQ&sai=AMfl-YQFaVTO91w7k18Qu9Eb8ERmQpQbSD9X4vq23hPKjxjywH_WcHWVxZqumDOFYGTpkuSEgOzg4-AvMWjh&sig=Cg0ArKJSzDyEbUR-YLGIEAE&cid=CAQSGwDUE5ymQjhVlg9JZ5KjOcI4922oDDPFtBwlxhgB&id=lidar2&mcvt=1004&p=0,0,124,1005&mtos=144,753,1004,1065,1065&tos=144,609,251,61,0&v=20230320&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1679587605643&rpt=360&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 16:06:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B4F0 0
0 63ms
63ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230321&jk=3906358203504572&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 23EB 0
10 B 26ms
25ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?fR7-sg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:06:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 62ms
62ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230321&jk=3906358203504572&bg=!7-yl7LjNAAbO2UOH7tk7ADkAdvg8WvbNETJgK1D6sGgqtP5gy1g1Acj2JRfn6noFG_1Tpi-P_6ciV5dOABejnu-XnpKQdnzF49YCAAAAnFIAAAAEaAEHCgAVqCjUKhckY63dgW04ehvdCWdWgiR1mQKeY9Y8N57AQTnJ9Hgq2U_kY5lxNWiSZ1sEzTYFzywpGXSHC-lcpo8sQ5wtr6i22__NBTWs404hPJWGbqnD7Ch-EdUr7Hdtq2V16ps5Nwy6u-QKeSzVH1OGgeyQQT6WGoCJCkEpk0_tnzRApZc8vOYHTUocfauIZIt_IB4detaCJDWXCqWLPygGZdjIPVvdvi_rcbXxAzvnMVN2RYSqynoNFlG7OcXsEZgqgEaw4uMlG0DF_7BPq_2GbYs7dlM6DGRKf8alwhd-94QNIpogh6JNA5tGJJeFYHcwSQ_7MU51Z5qClYuFZU759XDvDwEVreCN7W3rEocLAa_T-24saekanmS2jNney4ELFmIqh-sw-8WoRbaefMsYolJmYEmJDuTitGIaCr5F1RLJGDWGB-whReBb4va728hTjTTfoeRz7nXp3J4hdkxHcn29Ua5IxomSZoGxSX8Tyypj3JYjsKKtf-_-PWsaMghuNWUdickBi7KH6GRBOPEbeOGhJSV5tNXCk3UAFm5MTt7kIVPqZWIytStsMab07ppPTjMXh2WuV_rKvxZq5AqQCWzVMxOCjjTNv7SCL1oWhurSyLd_vStYaZyJaAflF-tr7iXLoS6FqcXUOofLJEEQk0zxie9z3vi1bxH0EpxpH8aiZkpsHS7BlTgXWJyLcRELDb49kIhEybVgTwquOxpdkUX-4j_GzHf6r9yrzALs0UR4moZztsahAB7aG409LS2eawXPhjjQub-NdXAT8gqJvBYI4uVAtb6j6ShILV_A3gTPckbr-9I1D1wHAHFyPcLHu_PqhB1SUvpaoSkJoJ5cZSOJhjHmqhOUxFOHPhclvJFJfI3bGC3eup8cy0Luz17wHHUmR4sgc-IirYsTgxdWHK_NHmul1Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://alltime.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 60ms
59ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-0780848593048311&su=alltime.pp.ua&eid=44759875%2C44759842%2C44777877%2C44759926%2C44773809%2C44785292%2C31073104%2C31073270%2C44786560&doc=complete&pg_h=5236&pg_w=1600&pg_hs=5236&c=1&aa_c=2&av_h=191.667&av_w=640.938&av_a=111445.833&all_s=33.594&b=4767.906&all_b=2134.063&d=0.003&all_d=0.110&ard=0.001&all_ard=0.040&dt=d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://alltime.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 16:06:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.alltime.pp.ua/	1970-01-20 19:54:43	Name: __gads Value: ID=49fe1b55810ec3d6-223cc5ab68dd00fd:T=1679587604:RT=1679587604:S=ALNI_MY-AK11IoIZztYHu3-QSA0oTRCsnA
.alltime.pp.ua/	1970-01-20 19:54:43	Name: __gpi Value: UID=00000bcb0fa99bbb:T=1679587604:RT=1679587604:S=ALNI_MYwAWdlcjBzruJjGjPRvZpQbD2Uhw
.doubleclick.net/	1970-01-20 10:33:11	Name: DSID Value: NO_DATA
.ctnsnet.com/	1970-01-20 19:18:43	Name: cid_819ef5d31086468682fa14c47468e24b Value: 1
.ctnsnet.com/	1970-01-20 19:18:43	Name: gid_CAESEJF29Ebj897NgOu4CMrPJto Value: 1
.travelaudience.com/	1970-01-20 20:04:48	Name: _tracker Value: %7B%22UUID%22%3A%2240A2D16E-228B-46A5-A943-AB5D5A34D20F%22%7D
.adfarm1.adition.com/	1970-01-20 12:42:43	Name: UserID1 Value: 7213773838556985499
.bidswitch.net/	1970-01-20 19:18:43	Name: tuuid Value: 033e82c7-36d7-462f-a125-1cffe550c5e3
.bidswitch.net/	1970-01-20 19:18:43	Name: c Value: 1679587606
.bidswitch.net/	1970-01-20 19:18:43	Name: tuuid_lu Value: 1679587606
.doubleclick.net/	1970-01-20 19:54:43	Name: IDE Value: AHWqTUkywoADStncnCXhKa5MIDvtPK9x9U6vp0mR-PNfpMtpMc4AKV2tVe-FmPCSVbo
.simpli.fi/	1970-01-20 19:20:10	Name: suid Value: 39EAB72BAE0E40E3A82FCEE52A0F35CB
.turn.com/	1970-01-20 14:52:19	Name: uid Value: 7924330358657192202
.yahoo.com/	1970-01-20 19:19:05	Name: A3 Value: d=AQABBBZ5HGQCENNfZptxKC4MoN9kyAKFaO8FEgEBAQHKHWQmZAAAAAAA_eMAAA&S=AQAAAt2dSXHwbVCKxZY1cGZlfkk
.bidswitch.net/	1970-01-20 10:33:07	Name: google_push Value: Aa02lx85NH12lg-Ra8dYJ4nAZ-tU2o-iMZU0j0PGGFEZQYd9_DnCAUpE_Ffkat0yDXgLiz0Xiw-tDoCudb5rz-YgF61HMZOXaJbMou8
.tribalfusion.com/	1970-01-20 12:42:43	Name: ANON_ID Value: aGnsIHoNIvapmVrCJZaO56JZaoYZcYZc3OXiWfLSq849081aUtQAv2PPOvW4tZc9mauASKtNnGZaxU7YnZbbZcgEYcDZcLeO3

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-0780848593048311&fa=3&ifi=6&uci=a!6&btvi=3&xpc=CJF5Z2mAw0&p=http%3A//alltime.pp.ua Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271804&client=ca-pub-0780848593048311&fa=4&ifi=7&uci=a!7&btvi=4&xpc=fJ0pgeX42U&p=http%3A//alltime.pp.ua Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
ads.travelaudience.com
adservice.google.com
adservice.google.it
alltime.pp.ua
cm.g.doubleclick.net
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
r.turn.com
rtb.openx.net
s.tribalfusion.com
sync.teads.tv
tpc.googlesyndication.com
um.simpli.fi
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
104.111.217.42
142.250.186.162
2001:678:cb4:bbbb::11
2606:4700:3036::ac43:d4f2
2606:4700::6812:19ad
2a00:1450:4001:802::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:812::2003
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::200a
2a00:1450:4001:829::2004
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a05:d018:d29:3601:84c0:cef:b29e:4061
3.64.45.35
35.186.193.173
35.186.253.211
35.190.0.66
35.204.74.118
51.38.120.206
69.173.144.139
85.114.159.93
0102fdfbd0b06f4718e32f6586659557a6234c0111940c1fa3d697c42b067c1c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d42100dd61c80ae67d8235a61a9c91d25a0b7882cda5a6d9e60675717554c9b
0fbc74afe426f4f7c07a334789a26a2cfc215d8fca15878be8b7a4a3a0aac52b
15fe20172db35b21d979eb3c24523b3549503997194f70df86c6332c2939e70f
1665e53681ca0c9d196425fb71f94996ef4a495a489c7dda67bead9799615d98
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
24f0d5eb98ee8336543d62a5314a0d010a989a46d177aeaec323bd2a03b633c0
2984e691091115e29f6929381fc8e467a14086a7a9b8671027996161372b3c85
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
302deaf4fa154ebeaef0722951adad97a1e1727ca955959030e2f43257afb3f4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3560a7cfda347d1421d8887e82caf35334ad3b74e02970f4e57e9fd5d9b9180c
446b75df3aa450dc67047c4ae08d0ba75cd173ee74cf644281c31ecd61c92b7c
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5105ebe3e7f2a7d345edfa9306ec534f53e10e78bd75b0d17c1933438a2b97e0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57bc4004da7cc337fc3ad27989eab9c0254b7bb80716215eddc8e2d3f33f1ddd
580a6808fd4dad3b43849a45ca024726f760b836979fd2045586e0b9a48fbd36
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6ba5f5ceb86994e32e1233e984d5236c6bf3230d845ea0eb41bc4ce668fa3d45
6dad2f0f06831747d7cdd9a84cf22b7e8ffef03dff0472f95bb17c9203c48e0c
74c81a4d77d1e0bddd6c8f03dea58d8151d3b07151217925f614899b9a314eba
78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186
7a695d75ed5265fb2f07d7f73e41ffe4acea9b5c5f6573294038d5ef560a0086
83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
9016a5953c8458717938fc9ae6b83645e148ae72e8e193f1db4dea3214326098
9113ff074a823d878d3311989bbfcec13e756981420e7fbedb24174e23a4013a
9128773e037d062547425ddb48f7a25c2b3b5d8f377edb7482ab9ff027c5181c
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a79cc4d016868c2097bc49ba00c0a98bfce9533e0cf4eff70f49f882f4bdab9a
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750
b664cb34970d8d5325a3b663e07a967a2388466d6e7ec4ef6861de4e79d40ba0
bdf79a1d6da82ff1f3c21012a941a54fe25238aed866bc7849f34266a39bef39
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c322a966257f634165faaafb19d4223f3216cc3efece5799622462a3eb2f38ac
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
c581fb09f1f87a1b6d5d5da7570afcd6d0b621ee6a8550c46203fec0cbb2a3dc
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d859dbe400f5b7d3715a167a523406d1a40b8999f2beacc93d6462222b331f94
dfb251ab625fc65ba9da3b27cc16fc25459480c929e6e8ff1efb2fa87fd72659
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e592e8401ff3d3643307f847aad9397d506bf2329b6b67939cc2b7b226b5783f
eaceea65a9f370ad24514ec8357a57070043d2ca01075220efc2dfbb83d77050
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2d4370ace7154a6d5bd3e067cf6d360eaf9cd5d7c1921097d0227adc6fd163a
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2

alltime.pp.ua Open in urlscan Pro 2606:4700:3036::ac43:d4f2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

136 Requests

85 %HTTPS

58 %IPv6

21 Domains

27 Subdomains

17 IPs

5 Countries

1487 kBTransfer

4200 kBSize

16 Cookies

2 Outgoing links

Redirected requests

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

alltime.pp.ua Open in urlscan Pro
2606:4700:3036::ac43:d4f2 Public Scan

Screenshot
Live screenshot

Full Image

136
Requests

85 %
HTTPS

58 %
IPv6

21
Domains

27
Subdomains

17
IPs

5
Countries

1487 kB
Transfer

4200 kB
Size

16
Cookies

136 HTTP transactions
7 data transactions