arrowos.net Open in urlscan Pro
185.152.64.121 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://arrowos.net/
Effective URL:
https://arrowos.net/
Submission: On December 09 via manual (December 9th 2022, 9:26:43 am UTC) from IT — Scanned from IT

Summary HTTP 139 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 18 IPs in 5 countries across 19 domains to perform 139 HTTP transactions. The main IP is 185.152.64.121, located in Prague, Czech Republic and belongs to CDN77 ^_^, GB. The main domain is arrowos.net.
TLS certificate: Issued by R3 on October 7th 2022. Valid for: 3 months.

This is the only time arrowos.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 17	185.152.64.121 185.152.64.121	60068 (CDN77 ^_^) (CDN77 ^_^)
7	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
37	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
34	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4002:c0f::78	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
1 1	3.74.33.199 3.74.33.199	16509 (AMAZON-02) (AMAZON-02)
9	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4 4	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:d648:86cf:755a:6dbf	16509 (AMAZON-02) (AMAZON-02)
139	18

17 185.152.64.121 (Prague, Czech Republic) 1 redirects

ASN60068 (CDN77 ^_^, GB)
PTR: unn-185-152-64-121.datapacket.com

arrowos.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4002:c0f::78 (Atlanta, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.74.33.199 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-33-199.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.47.127.19 (United States) 4 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.33.19 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:d648:86cf:755a:6dbf (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 142	659 KB
28	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	249 KB
17	arrowos.net 1 redirects arrowos.net	6 MB
13	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	207 KB
7	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	6 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	281 KB
4	casalemedia.com 4 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 415	4 KB
4	pubmatic.com 4 redirects image6.pubmatic.com — Cisco Umbrella Rank: 677	2 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 308	917 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1473	486 B
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 630	927 B
2	google.it adservice.google.it — Cisco Umbrella Rank: 45897	914 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 206	8 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1505	297 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 634	759 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 837	696 B
0	Failed function sub() { [native code] }. Failed
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
139	19

	Domain	Requested by
34	tpc.googlesyndication.com	googleads.g.doubleclick.net arrowos.net tpc.googlesyndication.com pagead2.googlesyndication.com
18	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net arrowos.net
18	pagead2.googlesyndication.com	arrowos.net pagead2.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
17	arrowos.net	1 redirects arrowos.net
9	cm.g.doubleclick.net	googleads.g.doubleclick.net
7	fonts.googleapis.com	arrowos.net googleads.g.doubleclick.net
6	www.gstatic.com	googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
5	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	ssum-sec.casalemedia.com	4 redirects
4	image6.pubmatic.com	4 redirects
2	pixel.rubiconproject.com	2 redirects
2	rtb.openx.net	googleads.g.doubleclick.net
2	cms.quantserve.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.it	pagead2.googlesyndication.com
2	cdnjs.cloudflare.com	arrowos.net
1	ag.innovid.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	csi.gstatic.com	securepubads.g.doubleclick.net
1	securepubads.g.doubleclick.net	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
0	truncated Failed
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
139	25

This site contains links to these domains. Also see Links.

Domain
cookiesandyou.com
blog.arrowos.net
paypal.me
t.me
github.com
review.arrowos.net
crowdin.com
stats.arrowos.net
www.datapacket.com

Subject Issuer	Validity	Valid
arrowos.net R3	`2022-10-07` - `2023-01-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.it GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://arrowos.net/
Frame ID: 4B2FB0FEE4F1D3655BB4E773C146E620
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/zrt_lookup.html
Frame ID: 4A4994BA61BA2E0E0AA7165055BED2C9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=129&slotname=9060655737&adk=3472486471&adf=2355515269&pi=t.ma~as.9060655737&w=1098&lmt=1659432434&rafmt=11&format=1098x129&url=https%3A%2F%2Farrowos.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577996757&bpp=4&bdt=298&idt=219&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&correlator=5563639207513&frm=20&pv=2&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=251&ady=1611&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=dTyK8vzxDn&p=https%3A//arrowos.net&dtd=236
Frame ID: 40BE1A3ACF53B87FC2B6573674C7F1F3
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=200&slotname=7462336018&adk=2578502567&adf=4241325474&pi=t.ma~as.7462336018&w=1072&fwrn=4&lmt=1659432434&rafmt=11&format=1072x200&url=https%3A%2F%2Farrowos.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577996761&bpp=1&bdt=302&idt=239&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=1098x129&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=264&ady=2590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=1R8h2wDvMF&p=https%3A//arrowos.net&dtd=243
Frame ID: 1AFC93612A7A3A32169880B1F2025FA3
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&adk=1812271804&adf=3025194257&lmt=1659432434&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Farrowos.net%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577996777&bpp=2&bdt=318&idt=280&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=1098x129%2C1072x200&nras=1&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=284
Frame ID: C1A474B69AD3520B86B1A4D354FEA985
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 05E8731CED3A465871EA0CA4375FB72B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Frame ID: 2DA38BE66A601299E5B670549CC46A1B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Frame ID: A8CDA01ABCB956A203A826A375AE9188
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=280&adk=4050813494&adf=4100973709&pi=t.aa~a.2295937194~rp.2&daaos=1670566345606&w=1120&fwrn=4&fwrnh=100&lmt=1659432434&rafmt=1&to=qs&pwprc=2410593487&format=1120x280&url=https%3A%2F%2Farrowos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577998028&bpp=2&bdt=1569&idt=-M&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5806160727dac00-2245696abcd9001e%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MalG-W5XJ3boZpLALrNkjY9d-QeNQ&gpic=UID%3D00000b8fac3a6b19%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MbESNEstQY7TLt48IFCJCONOdIcig&prev_fmts=1098x129%2C1072x200%2C0x0&nras=2&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&psts=AMjMPc0MIqm8JfKwFnGOL0_iINGfLW6NaziWsk4JRBSXIsVPQOpjenMzKhL2Si5dbhb7CLKIyfjawt3xk0y9oAz3iQ%2CAMjMPc0YS00E3NJNcjmFe_sdA0vUNvgPB3XZkm5ei4-koP239kN_n3K2qmKsCeENAG4W44XeZKy0TtlwLpnpsHVTRg&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jV6M3KprE0&p=https%3A//arrowos.net&dtd=17
Frame ID: D801994389767573F0B56E8DDB28DFDA
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=280&adk=4050813494&adf=363006359&pi=t.aa~a.2944305718~rp.4&daaos=1670566345606&w=1120&fwrn=4&fwrnh=100&lmt=1659432434&rafmt=1&to=qs&pwprc=2410593487&format=1120x280&url=https%3A%2F%2Farrowos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577998028&bpp=1&bdt=1569&idt=-M&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5806160727dac00-2245696abcd9001e%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MalG-W5XJ3boZpLALrNkjY9d-QeNQ&gpic=UID%3D00000b8fac3a6b19%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MbESNEstQY7TLt48IFCJCONOdIcig&prev_fmts=1098x129%2C1072x200%2C0x0%2C1120x280&nras=3&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=3218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&psts=AMjMPc0MIqm8JfKwFnGOL0_iINGfLW6NaziWsk4JRBSXIsVPQOpjenMzKhL2Si5dbhb7CLKIyfjawt3xk0y9oAz3iQ%2CAMjMPc0YS00E3NJNcjmFe_sdA0vUNvgPB3XZkm5ei4-koP239kN_n3K2qmKsCeENAG4W44XeZKy0TtlwLpnpsHVTRg&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Lyav0OkoMp&p=https%3A//arrowos.net&dtd=22
Frame ID: 9807994B0308A771135C633F2E444AB8
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=90&adk=2459306202&adf=2692473195&pi=t.aa~a.1362671282~rp.4&daaos=1670566345606&w=1120&fwrn=4&fwrnh=100&lmt=1659432434&rafmt=1&to=qs&pwprc=2410593487&format=1120x90&url=https%3A%2F%2Farrowos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577998028&bpp=1&bdt=1569&idt=1&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5806160727dac00-2245696abcd9001e%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MalG-W5XJ3boZpLALrNkjY9d-QeNQ&gpic=UID%3D00000b8fac3a6b19%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MbESNEstQY7TLt48IFCJCONOdIcig&prev_fmts=1098x129%2C1072x200%2C0x0%2C1120x280%2C1120x280&nras=4&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=1611&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&psts=AMjMPc0MIqm8JfKwFnGOL0_iINGfLW6NaziWsk4JRBSXIsVPQOpjenMzKhL2Si5dbhb7CLKIyfjawt3xk0y9oAz3iQ%2CAMjMPc0YS00E3NJNcjmFe_sdA0vUNvgPB3XZkm5ei4-koP239kN_n3K2qmKsCeENAG4W44XeZKy0TtlwLpnpsHVTRg&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=l7uc9cOgAp&p=https%3A//arrowos.net&dtd=27
Frame ID: 4A2E042433E61467166E34B1443C1FFD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Frame ID: B886FA24299FC983B8690CB533186DE6
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 393CC542D6E5CE1FE47C60D8C9908E27
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Frame ID: 5E1249190B30B9F18CC731B086B9ED4F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E785E612FB9A830E6DFE1CAC81820824
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8503327745921077521/index.html
Frame ID: AB402438B7BC744FB89B715CAA1ED3CA
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CP0BWTv-SY5_GBenI1fAPgpCE8A69ueDkbZfUgMCDEcCNtwEQASC6_ud7YJWCgICYB6ABsbTb6wLIAQmoAwHIA0iqBMUBT9A6dz7LAhrKpsdSUDlJ9X9gaIAG-ElnqudrIq8vwySj6cNki3TYu3WdEHb-iYbzY3_TYbvJYSXC0lt2CGsnCB5bziAZ755FSfjeA-NGdPN87ws78Qg2MPEwpfeoSO3KpLbjO8iVlSnZ3-qRXrM-at1SS-1Ix_mxL6mmA3izHs_U-BaOcrUdPoOTmnv3OXvPubNruRZwNK9jl9jnImmldTWsxfSHxwkCLnHYiD7Y-FUzW_NhiEKvsFjHXq74edX7t2vQzHPABOyz-r-BBJIFBAgEGAGSBQQIBRgEoAYugAe3y6SUAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMuCDdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMK0BUBgBcBshccChoIABIUcHViLTU1Njg3NDEwMDYxNjQ4NjMYAA&sigh=BzYbTsGLkVE&uach_m=[UACH]&cid=CAQSPADq26N9-DUZMiziaDRt62xJOMY7tJmHGTF54nTf1z_rPxbBQen8FfJg_NyCgoAksdFq6JOmRycqP9GVVRgBIBM&template_id=419
Frame ID: 617C5F2169ECFED4A6C135747678A5DE
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 154528A99C833FE10C7CCDCF63D5B443
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Frame ID: 9102002B70365A55B6D8FDEAB72824BB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Frame ID: 314947F84D55C2223451864A29EB830D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 20046B5B13CC18A4A11C84FE6A5083A3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C101679165F4EDC6D216299B0E494674
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ArrowOS

Page URL History Show full URLs

http://arrowos.net/ HTTP 301
https://arrowos.net/ Page URL

Detected technologies

Materialize CSS (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href="[^"]*materialize(?:\.min)?\.css
materialize(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

139
Requests

94 %
HTTPS

67 %
IPv6

19
Domains

25
Subdomains

18
IPs

5
Countries

7621 kB
Transfer

10418 kB
Size

16
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://blog.arrowos.net/
Title: Blog

Search URL Search Domain Scan URL

URL: http://paypal.me/TeamArrowOS
Title: PayPal

Search URL Search Domain Scan URL

URL: https://t.me/arrowos
Title: TG channel

Search URL Search Domain Scan URL

URL: https://github.com/arrowos
Title: Source Code

Search URL Search Domain Scan URL

URL: https://review.arrowos.net/
Title: Code Review

Search URL Search Domain Scan URL

URL: https://crowdin.com/project/arrowos
Title: Translate

Search URL Search Domain Scan URL

URL: https://stats.arrowos.net/
Title: Stats

Search URL Search Domain Scan URL

URL: https://blog.arrowos.net/posts/apply-for-maintainership
Title: Maintain

Search URL Search Domain Scan URL

URL: https://blog.arrowos.net/posts/compilation-guide
Title: Compile

Search URL Search Domain Scan URL

URL: https://www.datapacket.com/

Search URL Search Domain Scan URL

URL: https://t.me/harshv23/
Title: HarshV23

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://arrowos.net/ HTTP 301
https://arrowos.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 78

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 119

https://d.agkn.com/pixel/2175/?google_gid=CAESEIq1uosix8OP_CCspwhJej8&google_cver=1&google_push=ASkJ3Fau3cdaYBkOs1-r_3kyg7ktWdFQ3sivWconWyXeZ6TcSEtKiyQ3nX6uqKvxyAA718azxj9Z2C9vFgMdA0w9IeWy5bFuYTFE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3Fau3cdaYBkOs1-r_3kyg7ktWdFQ3sivWconWyXeZ6TcSEtKiyQ3nX6uqKvxyAA718azxj9Z2C9vFgMdA0w9IeWy5bFuYTFE&google_hm=Q0FFU0VJcTF1b3NpeDhPUF9DQ3Nwd2hKZWo4

Request Chain 121

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDYnmPwNANvSJzCFQqsuRqw&google_cver=1&google_push=ASkJ3FapboIrXL6GZSIwk30YemEBuyBJBuvrwfhubNKa92gjqYDHIZSqoXE58g2x6goDE6AaxjMcmXjvCYoqbKGHB8InhlKTofQ6 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDYnmPwNANvSJzCFQqsuRqw&google_cver=1&google_push=ASkJ3FapboIrXL6GZSIwk30YemEBuyBJBuvrwfhubNKa92gjqYDHIZSqoXE58g2x6goDE6AaxjMcmXjvCYoqbKGHB8InhlKTofQ6&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EbZjUUoATQ2_pzKuhVIRew%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FapboIrXL6GZSIwk30YemEBuyBJBuvrwfhubNKa92gjqYDHIZSqoXE58g2x6goDE6AaxjMcmXjvCYoqbKGHB8InhlKTofQ6

Request Chain 122

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMwkQMpK8A98W3QrtSJGjYg&google_cver=1&google_push=ASkJ3FbZwZtYNiVJ1JTcCRcrwXGWfjrJSIpEs_ZS_g9lCNGAcRpYU-Uz3pCA8HHa1OlDMWFWBzCZg6-LdFENOtWTR4SVyhnX_q5o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJHQjA5UjQtQy1DSEhB&google_push=ASkJ3FbZwZtYNiVJ1JTcCRcrwXGWfjrJSIpEs_ZS_g9lCNGAcRpYU-Uz3pCA8HHa1OlDMWFWBzCZg6-LdFENOtWTR4SVyhnX_q5o

Request Chain 123

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEudfpn1SXl5raHu5lYpEQc&google_cver=1&google_push=ASkJ3FYEJHYFSSmMHh7U-8uB8Bp6edHpoz0dCXUaWpBa40opps36uYBgX6iieHnq7ajh3CaKM_VLZL1KBnHp2MV4Gx5x8iNkMF9l HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEudfpn1SXl5raHu5lYpEQc&google_push=ASkJ3FYEJHYFSSmMHh7U-8uB8Bp6edHpoz0dCXUaWpBa40opps36uYBgX6iieHnq7ajh3CaKM_VLZL1KBnHp2MV4Gx5x8iNkMF9l&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEudfpn1SXl5raHu5lYpEQc&google_hm=Y5L_Tk_cK07erq-fF-98IAAAAsEAAAAB&google_nid=index&google_push=ASkJ3FYEJHYFSSmMHh7U-8uB8Bp6edHpoz0dCXUaWpBa40opps36uYBgX6iieHnq7ajh3CaKM_VLZL1KBnHp2MV4Gx5x8iNkMF9l

Request Chain 131

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDYnmPwNANvSJzCFQqsuRqw&google_cver=1&google_push=ASkJ3FbG5fiCQriNVr01i008oq644-jmRE6PWw032Nw0RgFnMqMF3e1OXP8bihYZNmFeT4pZS8lY9hV3gWQTORyROpcgHY1HO90 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDYnmPwNANvSJzCFQqsuRqw&google_cver=1&google_push=ASkJ3FbG5fiCQriNVr01i008oq644-jmRE6PWw032Nw0RgFnMqMF3e1OXP8bihYZNmFeT4pZS8lY9hV3gWQTORyROpcgHY1HO90&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yTGEpTb7TG2qYYKyQZtjlg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbG5fiCQriNVr01i008oq644-jmRE6PWw032Nw0RgFnMqMF3e1OXP8bihYZNmFeT4pZS8lY9hV3gWQTORyROpcgHY1HO90

Request Chain 132

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMwkQMpK8A98W3QrtSJGjYg&google_cver=1&google_push=ASkJ3FYIArzPI7WYdOA_cRzx9KUjwmWxa0i640De-vpVfzzpjIpVCGZaVR7G4abC-tIY_ekgQ4V48WPuPhI2dCaoFxNc6ujSs5k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJHQjA5UzMtMVgtSkxMVw==&google_push=ASkJ3FYIArzPI7WYdOA_cRzx9KUjwmWxa0i640De-vpVfzzpjIpVCGZaVR7G4abC-tIY_ekgQ4V48WPuPhI2dCaoFxNc6ujSs5k

Request Chain 133

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEudfpn1SXl5raHu5lYpEQc&google_cver=1&google_push=ASkJ3FZ1Gm3liG4vLpaIZpOxNkDNSjrngNUqpoeB_X1klOj8hwTuZJ4pDi4QHbN2CJtw-P75sBDAinU-45RSzEhCezU6FskiIW0 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEudfpn1SXl5raHu5lYpEQc&google_push=ASkJ3FZ1Gm3liG4vLpaIZpOxNkDNSjrngNUqpoeB_X1klOj8hwTuZJ4pDi4QHbN2CJtw-P75sBDAinU-45RSzEhCezU6FskiIW0&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEudfpn1SXl5raHu5lYpEQc&google_hm=Y5L_Tk_cK07erq-fF-98IAAAAsEAAAAB&google_nid=index&google_push=ASkJ3FZ1Gm3liG4vLpaIZpOxNkDNSjrngNUqpoeB_X1klOj8hwTuZJ4pDi4QHbN2CJtw-P75sBDAinU-45RSzEhCezU6FskiIW0

139 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
arrowos.net/
Redirect Chain

http://arrowos.net/
https://arrowos.net/

11 KB
3 KB

117ms
35ms

Document
text/html

185.152.64.121
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://arrowos.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.121 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-121.datapacket.com
Software: Apache /
Resource Hash: caf9efe9547a6dcc6922d2628d6878d8193f953fcb4a911b55d8440bd21a7056

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 2655
Content-Type: text/html
Date: Fri, 09 Dec 2022 09:26:36 GMT
Keep-Alive: timeout=5, max=100
Last-Modified: Tue, 02 Aug 2022 09:27:14 GMT
Server: Apache
Vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Length: 228
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 09 Dec 2022 09:26:36 GMT
Keep-Alive: timeout=5, max=100
Location: https://arrowos.net/
Server: Apache

GET
H2 200 icon
fonts.googleapis.com/ 569 B
869 B 95ms
34ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: arrowos.net
URL: https://arrowos.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://arrowos.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Dec 2022 09:26:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 09:26:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Dec 2022 09:26:36 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
601 B 96ms
36ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:700

Requested by

Host: arrowos.net
URL: https://arrowos.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ba6af8bd340ffb7fb078568374df5d6c9918445b121f6cb0acf606368c5b7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://arrowos.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Dec 2022 09:26:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 08:33:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Dec 2022 09:26:36 GMT

GET
H/1.1 200
OK materialize.min.css
arrowos.net/css/ 139 KB
21 KB 43ms
40ms Stylesheet
text/css 185.152.64.121
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://arrowos.net/css/materialize.min.css
Requested by: Host: arrowos.net
URL: https://arrowos.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.121 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-121.datapacket.com
Software: Apache /
Resource Hash: cef155a7cdbab22094bb173629945d96400bccb65635bec56899bd2b5991c56d

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://arrowos.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 09:26:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Nov 2020 22:04:33 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 21549

GET
H/1.1 200
OK index_debug.css
arrowos.net/css/ 2 KB
1003 B 103ms
33ms Stylesheet
text/css 185.152.64.121
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://arrowos.net/css/index_debug.css
Requested by: Host: arrowos.net
URL: https://arrowos.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.121 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-121.datapacket.com
Software: Apache /
Resource Hash: 4f1910e10fb0f368675efdcc825dfc8cf63f1f047371d59978877dc1f5710389

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://arrowos.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 09:26:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Nov 2020 12:21:18 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 715

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 4 KB
2 KB 71ms
31ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css

Requested by

Host: arrowos.net
URL: https://arrowos.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://arrowos.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 09:26:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 656570
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 975
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-fe0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U28nTvEUoKDa2ESJLukrpRwG6kZ2LUl42xe4JPIiXtqSfGhcIrBs0bH%2BUcZUPsHrgHxc7EeKuVuMgauoV2JuaFBY2NvWpd35Qf%2BVo4F%2FTx%2BGmFP%2FATgancJIxBgzNYaW3ldTihqQM%2BvdGu5z12M9Dsiu"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 776cb33e2fbf374d-MXP
expires: Wed, 29 Nov 2023 09:26:36 GMT

GET
H/1.1 200
OK logo.png
arrowos.net/img/ 4 KB
4 KB 101ms
34ms Image
image/png 185.152.64.121
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arrowos.net/img/logo.png
Requested by: Host: arrowos.net
URL: https://arrowos.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.121 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-121.datapacket.com
Software: Apache /
Resource Hash: 584343640922191e56c922d00f4558f5d1e40a778cd6dc9bf89900abc3fc48f2

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://arrowos.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 09:26:36 GMT
Last-Modified: Fri, 06 Nov 2020 22:04:33 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3705

GET
H/1.1 200
OK screen1.png
arrowos.net/img/ 2 MB
2 MB 265ms
33ms Image
image/png 185.152.64.121
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arrowos.net/img/screen1.png
Requested by: Host: arrowos.net
URL: https://arrowos.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.121 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-121.datapacket.com
Software: Apache /
Resource Hash: 2f7aeea46fa6e2de207857da95a98b7071a4175c2af11c621022a948d92619e8

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://arrowos.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 09:26:36 GMT
Last-Modified: Tue, 02 Aug 2022 09:27:14 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 2263700

GET
H/1.1 200
OK screen2.png
arrowos.net/img/ 663 KB
663 KB 253ms
33ms Image
image/png 185.152.64.121
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arrowos.net/img/screen2.png
Requested by: Host: arrowos.net
URL: https://arrowos.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.121 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-121.datapacket.com
Software: Apache /
Resource Hash: f1521df5c00bd1c7ba76c5e08fcf7e0ab48809040f8aa4f3218de32293734518

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://arrowos.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 09:26:36 GMT
Last-Modified: Tue, 02 Aug 2022 09:27:14 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 678806

GET
H/1.1 200
OK screen3.png
arrowos.net/img/ 588 KB
588 KB 347ms
102ms Image
image/png 185.152.64.121
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arrowos.net/img/screen3.png
Requested by: Host: arrowos.net
URL: https://arrowos.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.121 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-121.datapacket.com
Software: Apache /
Resource Hash: d6f040a0debcfcb2d726de59a3c3b86f1849e5f1f04f4b8d35d36273be268035

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://arrowos.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 09:26:36 GMT
Last-Modified: Tue, 02 Aug 2022 09:27:14 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 601794

GET
H/1.1 200
OK screen4.png
arrowos.net/img/ 940 KB
940 KB 65ms
33ms Image
image/png 185.152.64.121
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arrowos.net/img/screen4.png
Requested by: Host: arrowos.net
URL: https://arrowos.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.121 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-121.datapacket.com
Software: Apache /
Resource Hash: fb3f754df421c3ca1b7899c6e17d7ad87fba41e504667b52f96401c13097837f

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://arrowos.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 09:26:36 GMT
Last-Modified: Tue, 02 Aug 2022 09:27:14 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 962171

GET
H/1.1 200
OK screen5.png
arrowos.net/img/ 399 KB
399 KB 204ms
34ms Image
image/png 185.152.64.121
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arrowos.net/img/screen5.png
Requested by: Host: arrowos.net
URL: https://arrowos.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.121 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-121.datapacket.com
Software: Apache /
Resource Hash: e751d03c99d7754354f0184936a5b7d60f44dbcec0a8699c982fd10d7e912459

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://arrowos.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 09:26:36 GMT
Last-Modified: Tue, 02 Aug 2022 09:27:14 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 408537

GET
H/1.1 200
OK screen6.png
arrowos.net/img/ 310 KB
311 KB 96ms
33ms Image
image/png 185.152.64.121
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arrowos.net/img/screen6.png
Requested by: Host: arrowos.net
URL: https://arrowos.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.121 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-121.datapacket.com
Software: Apache /
Resource Hash: e1a80e9db9989a32b472f658cb885b821374c0e421d88f4b10c40d146708426a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://arrowos.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 09:26:36 GMT
Last-Modified: Tue, 02 Aug 2022 09:27:14 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 317919

GET
H/1.1 200
OK screen7.png
arrowos.net/img/ 542 KB
543 KB 112ms
34ms Image
image/png 185.152.64.121
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arrowos.net/img/screen7.png
Requested by: Host: arrowos.net
URL: https://arrowos.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.121 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-121.datapacket.com
Software: Apache /
Resource Hash: 39a6f310aa55a5830ec69c885bead7a0dd99b97b7ad365707c38a48465126c55

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://arrowos.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 09:26:36 GMT
Last-Modified: Tue, 02 Aug 2022 09:27:14 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 555459

GET
H/1.1 200
OK screen8.png
arrowos.net/img/ 410 KB
410 KB 37ms
34ms Image
image/png 185.152.64.121
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arrowos.net/img/screen8.png
Requested by: Host: arrowos.net
URL: https://arrowos.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.121 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-121.datapacket.com
Software: Apache /
Resource Hash: d1a134de23b80742e6b293b99f43124b60aa32d56dae2daae1104ca71740f7ba

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://arrowos.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 09:26:36 GMT
Last-Modified: Tue, 02 Aug 2022 09:27:14 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 420102

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
49 KB 166ms
106ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: arrowos.net
URL: https://arrowos.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9326da44176564d6f6c2fd15999ac038fb3d7536ecc18b913fc16fc58018aff8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://arrowos.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 09:26:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49287
x-xss-protection: 0
server: cafe
etag: 11521248163938566446
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 09:26:36 GMT

GET
H/1.1 200
OK datapacket_logo.png
arrowos.net/img/ 7 KB
8 KB 120ms
34ms Image
image/png 185.152.64.121
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arrowos.net/img/datapacket_logo.png
Requested by: Host: arrowos.net
URL: https://arrowos.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.121 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-121.datapacket.com
Software: Apache /
Resource Hash: 05ba117283e0800386bfdb07fb2800ff9a8be467336ba3291e00b8190d6df9d2

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://arrowos.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 09:26:36 GMT
Last-Modified: Fri, 13 Nov 2020 12:21:18 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7529

GET
H/1.1 200
OK blockAdBlock.js Show response
arrowos.net/js/ 11 KB
6 KB 64ms
34ms Script
application/javascript 185.152.64.121
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://arrowos.net/js/blockAdBlock.js
Requested by: Host: arrowos.net
URL: https://arrowos.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.121 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-121.datapacket.com
Software: Apache /
Resource Hash: 470b9329feb0429a41da199629475d790aa07b9b8e6361e097640f45e030fe56

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://arrowos.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 09:26:36 GMT
Content-Encoding: gzip
Last-Modified: Sun, 15 Nov 2020 15:02:18 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 5707

GET
H/1.1 200
OK jquery-3.5.1.min.js Show response
arrowos.net/js/ 87 KB
30 KB 99ms
41ms Script
application/javascript 185.152.64.121
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://arrowos.net/js/jquery-3.5.1.min.js
Requested by: Host: arrowos.net
URL: https://arrowos.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.121 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-121.datapacket.com
Software: Apache /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://arrowos.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 09:26:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Nov 2020 22:04:33 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 30910

GET
H/1.1 200
OK materialize.js Show response
arrowos.net/js/ 362 KB
70 KB 114ms
50ms Script
application/javascript 185.152.64.121
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://arrowos.net/js/materialize.js
Requested by: Host: arrowos.net
URL: https://arrowos.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.121 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-121.datapacket.com
Software: Apache /
Resource Hash: b3711b7a80d676860dcc4c552f9fbaebbc0093837d8d062d6b9c242924045a7b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://arrowos.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 09:26:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Nov 2020 22:04:33 GMT
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 20 KB
6 KB 31ms
28ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js

Requested by

Host: arrowos.net
URL: https://arrowos.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://arrowos.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 09:26:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6974855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5978
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-5148"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tfffeAus3ZtkGwutO1XsIcoVEwKwRkwMXZ0zjncAAKSAGhJIopnt53VjDa4z4RI1%2F7rylXLZeArLRayL2MvfHbZRMEHoH5kxrOUbNaYr07GOGZWQdVeKIxX8wbyhbEyAjUc0WctoBC%2FMdtjT0KXEcaj3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 776cb33e3fcf374d-MXP
expires: Wed, 29 Nov 2023 09:26:36 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ 13 KB
13 KB 116ms
36ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://arrowos.net
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 16:48:08 GMT
x-content-type-options: nosniff
age: 146308
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12848
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:56:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 16:48:08 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/ 355 KB
117 KB 141ms
140ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5568741006164863&plah=arrowos.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2df342906a4d44f64d298c8e63ef14fb5c69c83e10bf1143c57f28f1d6050ec6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://arrowos.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 09:26:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119788
x-xss-protection: 0
server: cafe
etag: 341353319292683935
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 09:26:36 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/ Frame 4A49 10 KB
4 KB 28ms
27ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arrowos.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 49846
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 19:35:50 GMT
etag: 10353107486223812946
expires: Thu, 22 Dec 2022 19:35:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
696 B 98ms
36ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=arrowos.net&callback=_gfp_s_&client=ca-pub-5568741006164863&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5568741006164863&plah=arrowos.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ace459aabfafe3b1655692ae33fab3910a53f2a288fbc3a02dfdfc8d4ca5128

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://arrowos.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 09:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.it/adsid/ 107 B
792 B 115ms
36ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.it/adsid/integrator.js?domain=arrowos.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://arrowos.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 09:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 95ms
36ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=arrowos.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://arrowos.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 09:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 40BE 93 KB
33 KB 448ms
448ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=129&slotname=9060655737&adk=3472486471&adf=2355515269&pi=t.ma~as.9060655737&w=1098&lmt=1659432434&rafmt=11&format=1098x129&url=https%3A%2F%2Farrowos.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577996757&bpp=4&bdt=298&idt=219&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&correlator=5563639207513&frm=20&pv=2&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=251&ady=1611&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=dTyK8vzxDn&p=https%3A//arrowos.net&dtd=236

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a21ef031dc077abd40eaf533122df1ffa6679ecf493b97045a1b024d227b850

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arrowos.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 09:26:37 GMT
expires: Fri, 09 Dec 2022 09:26:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1AFC 97 KB
33 KB 501ms
501ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=200&slotname=7462336018&adk=2578502567&adf=4241325474&pi=t.ma~as.7462336018&w=1072&fwrn=4&lmt=1659432434&rafmt=11&format=1072x200&url=https%3A%2F%2Farrowos.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577996761&bpp=1&bdt=302&idt=239&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=1098x129&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=264&ady=2590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=1R8h2wDvMF&p=https%3A//arrowos.net&dtd=243

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

957176b5d7a611cf1fe04f9ec4f5f025b499646f620d3a3a6daceb671fe983c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arrowos.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33581
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 09:26:37 GMT
expires: Fri, 09 Dec 2022 09:26:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C1A4 117 KB
37 KB 881ms
881ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&adk=1812271804&adf=3025194257&lmt=1659432434&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Farrowos.net%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577996777&bpp=2&bdt=318&idt=280&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=1098x129%2C1072x200&nras=1&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=284

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce3bfdc50ebeb4d5748b03897fffd23d65c7561cc216d5caa7d862fb9d2e2726

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arrowos.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 37665
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 09:26:37 GMT
expires: Fri, 09 Dec 2022 09:26:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 40BE 7 KB
688 B 114ms
41ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,500|Roboto:400&lang=de

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=129&slotname=9060655737&adk=3472486471&adf=2355515269&pi=t.ma~as.9060655737&w=1098&lmt=1659432434&rafmt=11&format=1098x129&url=https%3A%2F%2Farrowos.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577996757&bpp=4&bdt=298&idt=219&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&correlator=5563639207513&frm=20&pv=2&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=251&ady=1611&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=dTyK8vzxDn&p=https%3A//arrowos.net&dtd=236

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ac596bddb4c66d4ca4bf3c6a1ef40d1c59b48212c579435dfc0316ba16c1cb8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Dec 2022 09:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 09:26:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Dec 2022 09:26:37 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 40BE 35 KB
14 KB 92ms
32ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

573fcadc366e8f2230cee46d844a9d93ad5e63f103c1eec28bb802e2657345a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 18:19:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54448
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14217
x-xss-protection: 0
server: cafe
etag: 13612117104345174519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 18:19:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 40BE 153 KB
47 KB 103ms
43ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 09:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 09 Dec 2022 09:26:37 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame 40BE 23 KB
10 KB 80ms
24ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 12:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76568
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 12:10:29 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 40BE 3 KB
1 KB 58ms
29ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 08:10:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Dec 2022 08:10:28 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 40BE 18 KB
7 KB 84ms
28ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 12:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76568
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 12:10:29 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1AFC 8 KB
895 B 43ms
35ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=200&slotname=7462336018&adk=2578502567&adf=4241325474&pi=t.ma~as.7462336018&w=1072&fwrn=4&lmt=1659432434&rafmt=11&format=1072x200&url=https%3A%2F%2Farrowos.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577996761&bpp=1&bdt=302&idt=239&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=1098x129&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=264&ady=2590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=1R8h2wDvMF&p=https%3A//arrowos.net&dtd=243

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Dec 2022 09:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 08:36:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Dec 2022 09:26:37 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 1AFC 2 KB
818 B 40ms
39ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 12:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76568
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 12:10:29 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1AFC 0
0 74ms
74ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjwZkTf-SY7OhAqm21fAPzqajyAXJ5q7AbaCtq821EJuByqrtMBABILr-53tglYKAgJgHoAHnp5jfAsgBCakCx73En9C9sT6oAwHIA8sEqgTGAU_QYtmSgNk3gsBn3JKkuNtnzOPPhNLk_gIx_WIEecy8XHPb08Pn5YUxevhAZuCx1K0olVhQWqYuuJQbc3cAoNLuIv1NIjXzN18dt8qiy49xJgdbL1fa20mWxnArlXgCfYin44vbH6ZGhfXGJ2qOOErQ2xRWl-apJnSfdLsa5vnIQqK-yTsRVnBewbTUXEuO-C84u9E0ijHKKzoRieL0Gy9jP-ezhZSQp27JNWKQA43NcpGRYBmZEwUhj6oTL0Evucg4B-neGcAE8Ifs2eADkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4HY56ABqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ2JkI0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItNTU2ODc0MTAwNjE2NDg2MxgA&sigh=Ie4NhGRVcbs&uach_m=[UACH]&cid=CAQSGwDq26N9rzrl3Z7-vzYnm6vM--OoRtiIph3ZohgBIBM&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=200&slotname=7462336018&adk=2578502567&adf=4241325474&pi=t.ma~as.7462336018&w=1072&fwrn=4&lmt=1659432434&rafmt=11&format=1072x200&url=https%3A%2F%2Farrowos.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577996761&bpp=1&bdt=302&idt=239&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=1098x129&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=264&ady=2590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=1R8h2wDvMF&p=https%3A//arrowos.net&dtd=243
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 09 Dec 2022 09:26:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 09 Dec 2022 09:26:37 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame 1AFC 23 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 12:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76568
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 12:10:29 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 1AFC 3 KB
1 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 08:10:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Dec 2022 08:10:28 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 1AFC 18 KB
7 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 12:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76568
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 12:10:29 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1AFC 153 KB
47 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 09:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 09 Dec 2022 09:26:37 GMT

GET
H2 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 1AFC 34 KB
14 KB 101ms
32ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 301917
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 20:45:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 05 Mar 2023 21:34:40 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/16219658952005295331/ Frame 1AFC 12 KB
12 KB 89ms
30ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16219658952005295331/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89037cd82c201b26e63a04cc26b7e430fbc159ccaf493b0347fdc3c8c59f3219

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 19:08:56 GMT
x-content-type-options: nosniff
age: 224261
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12523
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 14:53:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 06 Dec 2023 19:08:56 GMT

GET
DATA 200
OK truncated
/ Frame 1AFC 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1AFC 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1AFC 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82d7e39634268593313709178e231ca9ac42a1e7bd2b43d44e9225522d1c2b18

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 40BE 0
0 68ms
68ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ChfwpTf-SY7nQAYm71fAP2tKBEP65-u9h9rzniaUN-aqzvvkiEAEguv7ne2CVgoCAmAegAaa2-Y4CyAEGqQLHvcSf0L2xPqgDAcgDywSqBNMBT9DjsQvdYbe_qmbGnJR-CW7QhV1ooShgsvd_DynUK_PVKFkEOBcVvDMV5FYR91ryd2r7eLFBSJ2ovaIXbWKG8U4wcHXU-NvrnmfwcgI-Tik1ovaD2vsLfvy4IbQjzBfDRIzw2S-VeXgtVBGfqD5ohNXq69348R8RzoCk_ElRqPK0jz9-TU6C-zEEn36qS6G35ajurnSBfqamAV6cMInkSDu_y_vHLIdfK9Ku7Rw8NUwE_RYTHjrmimC6jHAeiQ5sUXU7jmkRKYFZunkphEdA6cWphsAEyKXL39EDkgUECAQYAZIFBAgFGASgBjeAB8LJhvEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQo-oJ0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw2IFAvQFQGAFwGyFxwKGggAEhRwdWItNTU2ODc0MTAwNjE2NDg2MxgA&sigh=6UKrKlYRShw&uach_m=[UACH]&cid=CAQSGwDq26N995DwrHV0Sk19kDPDpqKeVurzs7S8zBgBIBM&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=129&slotname=9060655737&adk=3472486471&adf=2355515269&pi=t.ma~as.9060655737&w=1098&lmt=1659432434&rafmt=11&format=1098x129&url=https%3A%2F%2Farrowos.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577996757&bpp=4&bdt=298&idt=219&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&correlator=5563639207513&frm=20&pv=2&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=251&ady=1611&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=dTyK8vzxDn&p=https%3A//arrowos.net&dtd=236
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 09 Dec 2022 09:26:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 05E8 143 B
166 B 25ms
25ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=129&slotname=9060655737&adk=3472486471&adf=2355515269&pi=t.ma~as.9060655737&w=1098&lmt=1659432434&rafmt=11&format=1098x129&url=https%3A%2F%2Farrowos.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577996757&bpp=4&bdt=298&idt=219&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&correlator=5563639207513&frm=20&pv=2&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=251&ady=1611&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=dTyK8vzxDn&p=https%3A//arrowos.net&dtd=236
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 1812
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 08:56:25 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 40BE 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42c750eec5be4893d5bd9bc95e9105721c5435f8be07c5fdd1a61eb063430a2e

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame 40BE 30 KB
30 KB 77ms
25ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500|Roboto:400&lang=de

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:41:22 GMT
x-content-type-options: nosniff
age: 27915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 01:41:22 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 40BE 15 KB
15 KB 77ms
27ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500|Roboto:400&lang=de

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 591104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 13:14:53 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 1AFC 28 KB
28 KB 30ms
30ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 09:03:51 GMT
x-content-type-options: nosniff
age: 174166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 09:03:51 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 05E8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

43ms
42ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 09:26:37 GMT
expires: Fri, 09 Dec 2022 09:26:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 09:26:37 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 2DA3 36 KB
16 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 10:47:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Dec 2023 10:47:40 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 1AFC 63 KB
24 KB 120ms
35ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d03e3b55604b205b72b9ea363a66e2045c2829b93156b57667da9a8e8f7dad8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 08:38:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2917
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23658
x-xss-protection: 0
server: cafe
etag: 18247885564830507581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 09:38:00 GMT

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame A8CD 36 KB
16 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 10:47:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Dec 2023 10:47:40 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1AFC 0
20 B 133ms
132ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=urind

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 09:26:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 1AFC 0
327 B 400ms
133ms Ping
image/gif 2607:f8b0:4002:c0f::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lbgb08xq&e=21068133&ctx=2&gqid=Tf-SY47WAYjytwfk8ZyYDg&qqid=CPP71ICc7PsCFSlbFQgdTtMIWQ&met.4=fb.e9~lb.g8~ol.kh~bdt.-f6~bpp.-6r~idt.-5~dtd.-1~dt.-6s&met.3=733.hz~742.hz~748.i9~739.il~555.ip~556.ip_2~738.ke~749.ke_3~735.km_1~113.oh_5~112.og_7&met.1=1.lbgb0899~6.0~7.0~8.0~9.0~10.0~12.1~13.dy~14.ec~15.e1~16.il~17.il~18.im~19.k6~20.k6~21.kh&met.7=CAUQCBgBMIQEOOEFaAFw9gN42YgCgAGthgKIAc-JBrABAbgBAw~CBIQBxgBIIAEKIAEMKwEOCxoiQRwqwR4jwmAAeMGiAHzQqoBFQoTR29vZ2xlIFNhbnM6NDAwLDUwMLABAbgBAw~CBwQChgBIIgEKIgEMLIEOCloiQRwsQR4jgiAAeIFiAGRDLABAbgBAw~CCEQBBgBIIoEKIoEMNUEOEtoigRw1AR4rAKwAQG4AQM~CAkQChgBIIoEKIoEMLcEOCxoiwRwsgR4j0yAAeNJiAGxuwGwAQG4AQM~CB4QChgBIIsEKIsEMLcEOCxoiwRwtwR4gAyAAdQJiAGBFbABAbgBAw~CBwQChgBIIsEKIsEMLoEOC9ojARwuAR45DyAAbg6iAGtjQGwAQG4AQM~CCoQChgBIIsEKIsEMN8EOFM~CBsQChgBIIwEKIwEMPQEOGg~CBcQAhgBIJUEKJUEMPYEOGFo0QRw7wR4l2SAAethiAHrYbABAbgBAw~CCgQChgBIOUFKOUFMO0GOIgBQOYFSOYFUOYFWLoGYIkGaLoGcN4GeJa7AYAB6rgBiAH79gOwAQG4AQM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4002:c0f::78 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 09:26:38 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/ 150 KB
51 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b252408806f41a70a449121b38d353a184eabb37589d2695fded1385afff80c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://arrowos.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 09:26:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52351
x-xss-protection: 0
server: cafe
etag: 11210980077043242930
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 09:26:38 GMT

GET
H3 200 integrator.js Show response
adservice.google.it/adsid/ 107 B
122 B 90ms
36ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.it/adsid/integrator.js?domain=arrowos.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://arrowos.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 09:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 91ms
36ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=arrowos.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://arrowos.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 09:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D801 99 KB
34 KB 527ms
527ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=280&adk=4050813494&adf=4100973709&pi=t.aa~a.2295937194~rp.2&daaos=1670566345606&w=1120&fwrn=4&fwrnh=100&lmt=1659432434&rafmt=1&to=qs&pwprc=2410593487&format=1120x280&url=https%3A%2F%2Farrowos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577998028&bpp=2&bdt=1569&idt=-M&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5806160727dac00-2245696abcd9001e%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MalG-W5XJ3boZpLALrNkjY9d-QeNQ&gpic=UID%3D00000b8fac3a6b19%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MbESNEstQY7TLt48IFCJCONOdIcig&prev_fmts=1098x129%2C1072x200%2C0x0&nras=2&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&psts=AMjMPc0MIqm8JfKwFnGOL0_iINGfLW6NaziWsk4JRBSXIsVPQOpjenMzKhL2Si5dbhb7CLKIyfjawt3xk0y9oAz3iQ%2CAMjMPc0YS00E3NJNcjmFe_sdA0vUNvgPB3XZkm5ei4-koP239kN_n3K2qmKsCeENAG4W44XeZKy0TtlwLpnpsHVTRg&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jV6M3KprE0&p=https%3A//arrowos.net&dtd=17

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0a4a044c0af0184e34a25b070078e4aa2a7e6a2a130f2598e542d1f60a2986b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arrowos.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 35071
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 09:26:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9807 99 KB
34 KB 493ms
493ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=280&adk=4050813494&adf=363006359&pi=t.aa~a.2944305718~rp.4&daaos=1670566345606&w=1120&fwrn=4&fwrnh=100&lmt=1659432434&rafmt=1&to=qs&pwprc=2410593487&format=1120x280&url=https%3A%2F%2Farrowos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577998028&bpp=1&bdt=1569&idt=-M&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5806160727dac00-2245696abcd9001e%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MalG-W5XJ3boZpLALrNkjY9d-QeNQ&gpic=UID%3D00000b8fac3a6b19%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MbESNEstQY7TLt48IFCJCONOdIcig&prev_fmts=1098x129%2C1072x200%2C0x0%2C1120x280&nras=3&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=3218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&psts=AMjMPc0MIqm8JfKwFnGOL0_iINGfLW6NaziWsk4JRBSXIsVPQOpjenMzKhL2Si5dbhb7CLKIyfjawt3xk0y9oAz3iQ%2CAMjMPc0YS00E3NJNcjmFe_sdA0vUNvgPB3XZkm5ei4-koP239kN_n3K2qmKsCeENAG4W44XeZKy0TtlwLpnpsHVTRg&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Lyav0OkoMp&p=https%3A//arrowos.net&dtd=22

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a858d6bcbc709e7854876c5ec894336df9c61a65e37282077e2a80cf207596d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arrowos.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 35270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 09:26:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4A2E 133 KB
44 KB 593ms
592ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=90&adk=2459306202&adf=2692473195&pi=t.aa~a.1362671282~rp.4&daaos=1670566345606&w=1120&fwrn=4&fwrnh=100&lmt=1659432434&rafmt=1&to=qs&pwprc=2410593487&format=1120x90&url=https%3A%2F%2Farrowos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577998028&bpp=1&bdt=1569&idt=1&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5806160727dac00-2245696abcd9001e%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MalG-W5XJ3boZpLALrNkjY9d-QeNQ&gpic=UID%3D00000b8fac3a6b19%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MbESNEstQY7TLt48IFCJCONOdIcig&prev_fmts=1098x129%2C1072x200%2C0x0%2C1120x280%2C1120x280&nras=4&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=1611&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&psts=AMjMPc0MIqm8JfKwFnGOL0_iINGfLW6NaziWsk4JRBSXIsVPQOpjenMzKhL2Si5dbhb7CLKIyfjawt3xk0y9oAz3iQ%2CAMjMPc0YS00E3NJNcjmFe_sdA0vUNvgPB3XZkm5ei4-koP239kN_n3K2qmKsCeENAG4W44XeZKy0TtlwLpnpsHVTRg&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=l7uc9cOgAp&p=https%3A//arrowos.net&dtd=27

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d98c46697bf99026789ee4de85c1d73abac6e883a6a556b95c36e72865c11fcb

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8503327745921077521/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8503327745921077521/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ-llYGc7PsCFWlkFQgdAggB7g&gqi=Tv-SY6XmBIf2tge26Y0Q&layout=/sadbundle/%24csp%253Der3%24/8503327745921077521/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arrowos.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 44663
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8503327745921077521/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8503327745921077521/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ-llYGc7PsCFWlkFQgdAggB7g&gqi=Tv-SY6XmBIf2tge26Y0Q&layout=/sadbundle/%24csp%253Der3%24/8503327745921077521/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 09:26:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/ Frame B886 10 KB
4 KB 25ms
25ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arrowos.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 54158
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 18:24:00 GMT
etag: 10353107486223812946
expires: Thu, 22 Dec 2022 18:24:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1eaa1e49c6d827e7897bafa951c60a71.js Show response
www.gstatic.com/mysidia/ Frame B886 9 KB
4 KB 85ms
26ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1eaa1e49c6d827e7897bafa951c60a71.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 22:26:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 298796
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4197
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 20:45:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 05 Mar 2023 22:26:42 GMT

GET
H3 200 890d6e0a5dc19f9d14ccf82aa8feec6a.js Show response
www.gstatic.com/mysidia/ Frame B886 10 KB
4 KB 87ms
28ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/890d6e0a5dc19f9d14ccf82aa8feec6a.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981792df4c11fb32fea9720db6c7c82dd96da4247fd29ff170b53903e116eecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 22:27:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 298773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4446
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 20:45:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 05 Mar 2023 22:27:05 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B886 8 KB
895 B 51ms
51ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Dec 2022 09:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 08:40:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Dec 2022 09:26:38 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame B886 2 KB
765 B 27ms
25ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 12:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 12:10:29 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame B886 23 KB
9 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 12:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 12:10:29 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame B886 3 KB
1 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 08:10:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4570
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Dec 2022 08:10:28 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame B886 18 KB
7 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 12:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 12:10:29 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B886 153 KB
47 KB 98ms
43ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 09:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 09 Dec 2022 09:26:38 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame B886 34 KB
14 KB 88ms
31ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 301918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 20:45:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 05 Mar 2023 21:34:40 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B886 0
0 71ms
71ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CstzcTf-SY4PeBffI1fAPg8Ce8AaE2sDebeWG4uTcEP2B5LbrAhABILr-53tglYKAgJgHoAHS4oSjA8gBAagDAcgDwwSqBMsBT9Dzt-VdcaCFjddKEbHiiNU2EuwxxpJt-s7Gh9fcrRna_C8biHmFYteCJXV8D_P037M3vTEGa12QQ8tVaaBQONTYDiBSG7qEqWB1b2Fi8L5JqSh7ciZX6Wn_ttYn-tGG20VvWvwUZmMt7N4HE7C0twvgkd7D4vh04yhDipPHK1EStgKi6xYc1jXH159pI7Uq6DUqzuoZWB-lvyic1a8kZHdo2EBLP__f4lUIx_R7STSeL-3VDqgLjtQ4YHj03a-kMqIuHQ2XSglPFFrABLDlyc6aBJIFBAgEGAGSBQQIBRgEoAZmgAe_y5ZlqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQjOMh0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwrQFQGAFwGyFxwKGggAEhRwdWItNTU2ODc0MTAwNjE2NDg2MxgA&sigh=ATALR-XXzRc&uach_m=[UACH]&cid=CAQSGwDq26N9s1aXAZjsopzF2hc5GkNOxQlKjTaZlRgBIBM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 09 Dec 2022 09:26:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 393C 143 B
166 B 25ms
25ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 1813
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 08:56:25 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B886 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae526251e072eb656622a5706f2944460df7159da5d09b4c47bf775cae62a3df

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 393C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

36ms
35ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 09:26:38 GMT
expires: Fri, 09 Dec 2022 09:26:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 09:26:38 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 5E12 36 KB
16 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 10:47:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Dec 2023 10:47:40 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9807 8 KB
895 B 41ms
40ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=280&adk=4050813494&adf=363006359&pi=t.aa~a.2944305718~rp.4&daaos=1670566345606&w=1120&fwrn=4&fwrnh=100&lmt=1659432434&rafmt=1&to=qs&pwprc=2410593487&format=1120x280&url=https%3A%2F%2Farrowos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577998028&bpp=1&bdt=1569&idt=-M&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5806160727dac00-2245696abcd9001e%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MalG-W5XJ3boZpLALrNkjY9d-QeNQ&gpic=UID%3D00000b8fac3a6b19%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MbESNEstQY7TLt48IFCJCONOdIcig&prev_fmts=1098x129%2C1072x200%2C0x0%2C1120x280&nras=3&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=3218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&psts=AMjMPc0MIqm8JfKwFnGOL0_iINGfLW6NaziWsk4JRBSXIsVPQOpjenMzKhL2Si5dbhb7CLKIyfjawt3xk0y9oAz3iQ%2CAMjMPc0YS00E3NJNcjmFe_sdA0vUNvgPB3XZkm5ei4-koP239kN_n3K2qmKsCeENAG4W44XeZKy0TtlwLpnpsHVTRg&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Lyav0OkoMp&p=https%3A//arrowos.net&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Dec 2022 09:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 08:35:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Dec 2022 09:26:38 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 9807 2 KB
765 B 26ms
25ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 12:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 12:10:29 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame 9807 23 KB
9 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 12:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 12:10:29 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 9807 3 KB
1 KB 39ms
34ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 08:10:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4570
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Dec 2022 08:10:28 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 9807 18 KB
7 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 12:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 12:10:29 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9807 0
0 46ms
41ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTedksU-aSpoljle8WGsl6rgXjXHcDgsbhYnxhJCmBTxvmyO9Q-UrfYmUbWsDKu-LQTVGlXzkum7o7sBjeDBdnVH5bkFw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=280&adk=4050813494&adf=363006359&pi=t.aa~a.2944305718~rp.4&daaos=1670566345606&w=1120&fwrn=4&fwrnh=100&lmt=1659432434&rafmt=1&to=qs&pwprc=2410593487&format=1120x280&url=https%3A%2F%2Farrowos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577998028&bpp=1&bdt=1569&idt=-M&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5806160727dac00-2245696abcd9001e%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MalG-W5XJ3boZpLALrNkjY9d-QeNQ&gpic=UID%3D00000b8fac3a6b19%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MbESNEstQY7TLt48IFCJCONOdIcig&prev_fmts=1098x129%2C1072x200%2C0x0%2C1120x280&nras=3&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=3218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&psts=AMjMPc0MIqm8JfKwFnGOL0_iINGfLW6NaziWsk4JRBSXIsVPQOpjenMzKhL2Si5dbhb7CLKIyfjawt3xk0y9oAz3iQ%2CAMjMPc0YS00E3NJNcjmFe_sdA0vUNvgPB3XZkm5ei4-koP239kN_n3K2qmKsCeENAG4W44XeZKy0TtlwLpnpsHVTRg&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Lyav0OkoMp&p=https%3A//arrowos.net&dtd=22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9807 153 KB
47 KB 64ms
54ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 09:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 09 Dec 2022 09:26:38 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 9807 34 KB
14 KB 41ms
36ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 301918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 20:45:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 05 Mar 2023 21:34:40 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9807 0
0 81ms
78ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COjUQTv-SY4KXBb651fAPxrq8sAzJ5q7AbaCtq821EJuByqrtMBABILr-53tglYKAgJgHoAHnp5jfAsgBCakCx73En9C9sT6oAwHIA8sEqgTGAU_QpKXSnFTxgU64awTZ2MNEs8Ipob7hGj2fl2ezfcastAPtcL1pRIavKnFsZtwf1W-c5PNF6QD4zgb5XJKbntfEhj-BjdJNbAD4_nnoxM7bc46snFh01LL6N2GqhA7RO4xj2_XIrYFCPMexyUjv4gXXezE0JijqIB_9slmw6cmIPcmWbJOFNT0JATMoJdblUNlcux97IP6S87QFFDPlXvHZ7_OuLp__1Xq4gj3uXOZnkMVGDv8PitxMfNjyAB0QObMrxHFiWcAE8Ifs2eADkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4HY56ABqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQn9AI0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItNTU2ODc0MTAwNjE2NDg2MxgA&sigh=65-uH_gaO8o&uach_m=[UACH]&cid=CAQSPADq26N96vJ9pUabdbRi8A5WrCyvCYYpO0zN3zi932XrOhJjAMaOKIHUX8HbonbsR-6R-5vTIcaF3SvRTBgBIBM&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=280&adk=4050813494&adf=363006359&pi=t.aa~a.2944305718~rp.4&daaos=1670566345606&w=1120&fwrn=4&fwrnh=100&lmt=1659432434&rafmt=1&to=qs&pwprc=2410593487&format=1120x280&url=https%3A%2F%2Farrowos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577998028&bpp=1&bdt=1569&idt=-M&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5806160727dac00-2245696abcd9001e%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MalG-W5XJ3boZpLALrNkjY9d-QeNQ&gpic=UID%3D00000b8fac3a6b19%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MbESNEstQY7TLt48IFCJCONOdIcig&prev_fmts=1098x129%2C1072x200%2C0x0%2C1120x280&nras=3&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=3218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&psts=AMjMPc0MIqm8JfKwFnGOL0_iINGfLW6NaziWsk4JRBSXIsVPQOpjenMzKhL2Si5dbhb7CLKIyfjawt3xk0y9oAz3iQ%2CAMjMPc0YS00E3NJNcjmFe_sdA0vUNvgPB3XZkm5ei4-koP239kN_n3K2qmKsCeENAG4W44XeZKy0TtlwLpnpsHVTRg&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Lyav0OkoMp&p=https%3A//arrowos.net&dtd=22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 09 Dec 2022 09:26:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 2728354180183721846
tpc.googlesyndication.com/simgad/16219658952005295331/ Frame 9807 30 KB
30 KB 35ms
35ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16219658952005295331/2728354180183721846?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29aba457c277278516480abb675c844f12e33896e08eafb34e06695ebeeef761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 14:48:15 GMT
x-content-type-options: nosniff
age: 585503
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30455
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 14:55:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Dec 2023 14:48:15 GMT

GET
DATA 200
OK truncated
/ Frame 9807 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9807 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 css
fonts.googleapis.com/ Frame D801 8 KB
895 B 47ms
38ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=280&adk=4050813494&adf=4100973709&pi=t.aa~a.2295937194~rp.2&daaos=1670566345606&w=1120&fwrn=4&fwrnh=100&lmt=1659432434&rafmt=1&to=qs&pwprc=2410593487&format=1120x280&url=https%3A%2F%2Farrowos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577998028&bpp=2&bdt=1569&idt=-M&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5806160727dac00-2245696abcd9001e%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MalG-W5XJ3boZpLALrNkjY9d-QeNQ&gpic=UID%3D00000b8fac3a6b19%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MbESNEstQY7TLt48IFCJCONOdIcig&prev_fmts=1098x129%2C1072x200%2C0x0&nras=2&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&psts=AMjMPc0MIqm8JfKwFnGOL0_iINGfLW6NaziWsk4JRBSXIsVPQOpjenMzKhL2Si5dbhb7CLKIyfjawt3xk0y9oAz3iQ%2CAMjMPc0YS00E3NJNcjmFe_sdA0vUNvgPB3XZkm5ei4-koP239kN_n3K2qmKsCeENAG4W44XeZKy0TtlwLpnpsHVTRg&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jV6M3KprE0&p=https%3A//arrowos.net&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Dec 2022 09:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 08:43:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Dec 2022 09:26:38 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame D801 2 KB
765 B 34ms
25ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=280&adk=4050813494&adf=4100973709&pi=t.aa~a.2295937194~rp.2&daaos=1670566345606&w=1120&fwrn=4&fwrnh=100&lmt=1659432434&rafmt=1&to=qs&pwprc=2410593487&format=1120x280&url=https%3A%2F%2Farrowos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577998028&bpp=2&bdt=1569&idt=-M&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5806160727dac00-2245696abcd9001e%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MalG-W5XJ3boZpLALrNkjY9d-QeNQ&gpic=UID%3D00000b8fac3a6b19%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MbESNEstQY7TLt48IFCJCONOdIcig&prev_fmts=1098x129%2C1072x200%2C0x0&nras=2&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&psts=AMjMPc0MIqm8JfKwFnGOL0_iINGfLW6NaziWsk4JRBSXIsVPQOpjenMzKhL2Si5dbhb7CLKIyfjawt3xk0y9oAz3iQ%2CAMjMPc0YS00E3NJNcjmFe_sdA0vUNvgPB3XZkm5ei4-koP239kN_n3K2qmKsCeENAG4W44XeZKy0TtlwLpnpsHVTRg&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jV6M3KprE0&p=https%3A//arrowos.net&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 12:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 12:10:29 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame D801 23 KB
9 KB 47ms
26ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=280&adk=4050813494&adf=4100973709&pi=t.aa~a.2295937194~rp.2&daaos=1670566345606&w=1120&fwrn=4&fwrnh=100&lmt=1659432434&rafmt=1&to=qs&pwprc=2410593487&format=1120x280&url=https%3A%2F%2Farrowos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577998028&bpp=2&bdt=1569&idt=-M&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5806160727dac00-2245696abcd9001e%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MalG-W5XJ3boZpLALrNkjY9d-QeNQ&gpic=UID%3D00000b8fac3a6b19%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MbESNEstQY7TLt48IFCJCONOdIcig&prev_fmts=1098x129%2C1072x200%2C0x0&nras=2&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&psts=AMjMPc0MIqm8JfKwFnGOL0_iINGfLW6NaziWsk4JRBSXIsVPQOpjenMzKhL2Si5dbhb7CLKIyfjawt3xk0y9oAz3iQ%2CAMjMPc0YS00E3NJNcjmFe_sdA0vUNvgPB3XZkm5ei4-koP239kN_n3K2qmKsCeENAG4W44XeZKy0TtlwLpnpsHVTRg&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jV6M3KprE0&p=https%3A//arrowos.net&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 12:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 12:10:29 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame D801 3 KB
1 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=280&adk=4050813494&adf=4100973709&pi=t.aa~a.2295937194~rp.2&daaos=1670566345606&w=1120&fwrn=4&fwrnh=100&lmt=1659432434&rafmt=1&to=qs&pwprc=2410593487&format=1120x280&url=https%3A%2F%2Farrowos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577998028&bpp=2&bdt=1569&idt=-M&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5806160727dac00-2245696abcd9001e%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MalG-W5XJ3boZpLALrNkjY9d-QeNQ&gpic=UID%3D00000b8fac3a6b19%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MbESNEstQY7TLt48IFCJCONOdIcig&prev_fmts=1098x129%2C1072x200%2C0x0&nras=2&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&psts=AMjMPc0MIqm8JfKwFnGOL0_iINGfLW6NaziWsk4JRBSXIsVPQOpjenMzKhL2Si5dbhb7CLKIyfjawt3xk0y9oAz3iQ%2CAMjMPc0YS00E3NJNcjmFe_sdA0vUNvgPB3XZkm5ei4-koP239kN_n3K2qmKsCeENAG4W44XeZKy0TtlwLpnpsHVTRg&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jV6M3KprE0&p=https%3A//arrowos.net&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 08:10:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4570
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Dec 2022 08:10:28 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame D801 18 KB
7 KB 47ms
26ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=280&adk=4050813494&adf=4100973709&pi=t.aa~a.2295937194~rp.2&daaos=1670566345606&w=1120&fwrn=4&fwrnh=100&lmt=1659432434&rafmt=1&to=qs&pwprc=2410593487&format=1120x280&url=https%3A%2F%2Farrowos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577998028&bpp=2&bdt=1569&idt=-M&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5806160727dac00-2245696abcd9001e%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MalG-W5XJ3boZpLALrNkjY9d-QeNQ&gpic=UID%3D00000b8fac3a6b19%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MbESNEstQY7TLt48IFCJCONOdIcig&prev_fmts=1098x129%2C1072x200%2C0x0&nras=2&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&psts=AMjMPc0MIqm8JfKwFnGOL0_iINGfLW6NaziWsk4JRBSXIsVPQOpjenMzKhL2Si5dbhb7CLKIyfjawt3xk0y9oAz3iQ%2CAMjMPc0YS00E3NJNcjmFe_sdA0vUNvgPB3XZkm5ei4-koP239kN_n3K2qmKsCeENAG4W44XeZKy0TtlwLpnpsHVTRg&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jV6M3KprE0&p=https%3A//arrowos.net&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 12:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 12:10:29 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D801 153 KB
47 KB 61ms
42ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=280&adk=4050813494&adf=4100973709&pi=t.aa~a.2295937194~rp.2&daaos=1670566345606&w=1120&fwrn=4&fwrnh=100&lmt=1659432434&rafmt=1&to=qs&pwprc=2410593487&format=1120x280&url=https%3A%2F%2Farrowos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577998028&bpp=2&bdt=1569&idt=-M&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5806160727dac00-2245696abcd9001e%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MalG-W5XJ3boZpLALrNkjY9d-QeNQ&gpic=UID%3D00000b8fac3a6b19%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MbESNEstQY7TLt48IFCJCONOdIcig&prev_fmts=1098x129%2C1072x200%2C0x0&nras=2&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&psts=AMjMPc0MIqm8JfKwFnGOL0_iINGfLW6NaziWsk4JRBSXIsVPQOpjenMzKhL2Si5dbhb7CLKIyfjawt3xk0y9oAz3iQ%2CAMjMPc0YS00E3NJNcjmFe_sdA0vUNvgPB3XZkm5ei4-koP239kN_n3K2qmKsCeENAG4W44XeZKy0TtlwLpnpsHVTRg&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jV6M3KprE0&p=https%3A//arrowos.net&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 09:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 09 Dec 2022 09:26:38 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame D801 34 KB
14 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=280&adk=4050813494&adf=4100973709&pi=t.aa~a.2295937194~rp.2&daaos=1670566345606&w=1120&fwrn=4&fwrnh=100&lmt=1659432434&rafmt=1&to=qs&pwprc=2410593487&format=1120x280&url=https%3A%2F%2Farrowos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577998028&bpp=2&bdt=1569&idt=-M&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5806160727dac00-2245696abcd9001e%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MalG-W5XJ3boZpLALrNkjY9d-QeNQ&gpic=UID%3D00000b8fac3a6b19%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MbESNEstQY7TLt48IFCJCONOdIcig&prev_fmts=1098x129%2C1072x200%2C0x0&nras=2&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&psts=AMjMPc0MIqm8JfKwFnGOL0_iINGfLW6NaziWsk4JRBSXIsVPQOpjenMzKhL2Si5dbhb7CLKIyfjawt3xk0y9oAz3iQ%2CAMjMPc0YS00E3NJNcjmFe_sdA0vUNvgPB3XZkm5ei4-koP239kN_n3K2qmKsCeENAG4W44XeZKy0TtlwLpnpsHVTRg&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jV6M3KprE0&p=https%3A//arrowos.net&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 301918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 20:45:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 05 Mar 2023 21:34:40 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D801 0
0 70ms
70ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_eCiTv-SY6CDBd7E1fAP5aWY0ALJ5q7AbaCtq821EJuByqrtMBABILr-53tglYKAgJgHoAHnp5jfAsgBCakCx73En9C9sT6oAwHIA8sEqgTGAU_QuXH5FPuwuloPXkbYZ2uEomOwFTJaQTXxot1nV9K5g4auCHiI1czTqWVc0tu1S40ZH8eprTGxddZ01DkPWZtJIwnt8u--kM1rFl0DNfHsiKcMszlPvKgDZOF-JJLosFRX0ugexfc-TUhko46kqXRsxpVgpdoV1-lka5n7oJ3IS87OP8JPGqBLJF3b7TeDgJfVigQxlbDxZ_dut9hD6r8yyJ3e0mJEhpJnFXZ69zYN03rw4pG1Ccksh7T2p0mS9boqKKnhS8AE8Ifs2eADkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4HY56ABqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ9bMM0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItNTU2ODc0MTAwNjE2NDg2MxgA&sigh=mzuBSqTKTlE&uach_m=[UACH]&cid=CAQSPADq26N9j0YQjeOtmUwJZ5WclQ6HP6IOrExRkG4Dxlangd2Wu5Z7eFcoAPNG-nvJWMKmRJ4bmMRqgW3F0xgBIBM&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=280&adk=4050813494&adf=4100973709&pi=t.aa~a.2295937194~rp.2&daaos=1670566345606&w=1120&fwrn=4&fwrnh=100&lmt=1659432434&rafmt=1&to=qs&pwprc=2410593487&format=1120x280&url=https%3A%2F%2Farrowos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577998028&bpp=2&bdt=1569&idt=-M&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5806160727dac00-2245696abcd9001e%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MalG-W5XJ3boZpLALrNkjY9d-QeNQ&gpic=UID%3D00000b8fac3a6b19%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MbESNEstQY7TLt48IFCJCONOdIcig&prev_fmts=1098x129%2C1072x200%2C0x0&nras=2&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&psts=AMjMPc0MIqm8JfKwFnGOL0_iINGfLW6NaziWsk4JRBSXIsVPQOpjenMzKhL2Si5dbhb7CLKIyfjawt3xk0y9oAz3iQ%2CAMjMPc0YS00E3NJNcjmFe_sdA0vUNvgPB3XZkm5ei4-koP239kN_n3K2qmKsCeENAG4W44XeZKy0TtlwLpnpsHVTRg&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jV6M3KprE0&p=https%3A//arrowos.net&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=280&adk=4050813494&adf=4100973709&pi=t.aa~a.2295937194~rp.2&daaos=1670566345606&w=1120&fwrn=4&fwrnh=100&lmt=1659432434&rafmt=1&to=qs&pwprc=2410593487&format=1120x280&url=https%3A%2F%2Farrowos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577998028&bpp=2&bdt=1569&idt=-M&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5806160727dac00-2245696abcd9001e%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MalG-W5XJ3boZpLALrNkjY9d-QeNQ&gpic=UID%3D00000b8fac3a6b19%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MbESNEstQY7TLt48IFCJCONOdIcig&prev_fmts=1098x129%2C1072x200%2C0x0&nras=2&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&psts=AMjMPc0MIqm8JfKwFnGOL0_iINGfLW6NaziWsk4JRBSXIsVPQOpjenMzKhL2Si5dbhb7CLKIyfjawt3xk0y9oAz3iQ%2CAMjMPc0YS00E3NJNcjmFe_sdA0vUNvgPB3XZkm5ei4-koP239kN_n3K2qmKsCeENAG4W44XeZKy0TtlwLpnpsHVTRg&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jV6M3KprE0&p=https%3A//arrowos.net&dtd=17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 09 Dec 2022 09:26:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 2728354180183721846
tpc.googlesyndication.com/simgad/16219658952005295331/ Frame D801 30 KB
30 KB 29ms
25ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16219658952005295331/2728354180183721846?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=280&adk=4050813494&adf=4100973709&pi=t.aa~a.2295937194~rp.2&daaos=1670566345606&w=1120&fwrn=4&fwrnh=100&lmt=1659432434&rafmt=1&to=qs&pwprc=2410593487&format=1120x280&url=https%3A%2F%2Farrowos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577998028&bpp=2&bdt=1569&idt=-M&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5806160727dac00-2245696abcd9001e%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MalG-W5XJ3boZpLALrNkjY9d-QeNQ&gpic=UID%3D00000b8fac3a6b19%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MbESNEstQY7TLt48IFCJCONOdIcig&prev_fmts=1098x129%2C1072x200%2C0x0&nras=2&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&psts=AMjMPc0MIqm8JfKwFnGOL0_iINGfLW6NaziWsk4JRBSXIsVPQOpjenMzKhL2Si5dbhb7CLKIyfjawt3xk0y9oAz3iQ%2CAMjMPc0YS00E3NJNcjmFe_sdA0vUNvgPB3XZkm5ei4-koP239kN_n3K2qmKsCeENAG4W44XeZKy0TtlwLpnpsHVTRg&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jV6M3KprE0&p=https%3A//arrowos.net&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29aba457c277278516480abb675c844f12e33896e08eafb34e06695ebeeef761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 14:48:15 GMT
x-content-type-options: nosniff
age: 585503
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30455
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 14:55:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Dec 2023 14:48:15 GMT

GET
DATA 200
OK truncated
/ Frame D801 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D801 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E785 1 KB
643 B 28ms
27ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 86179
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 09:30:19 GMT
etag: 48472445140208031
expires: Fri, 09 Dec 2022 09:30:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8503327745921077521/ Frame AB40 2 KB
872 B 26ms
26ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8503327745921077521/index.html

Requested by

Host: arrowos.net
URL: https://arrowos.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e612960f4daa25ad971fc7515440a05de27f1550309dccb0381171288d9881c6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 493112
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 842
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 16:28:06 GMT
expires: Sun, 03 Dec 2023 16:28:06 GMT
last-modified: Tue, 13 Sep 2022 16:16:52 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 617C 0
0 71ms
71ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CP0BWTv-SY5_GBenI1fAPgpCE8A69ueDkbZfUgMCDEcCNtwEQASC6_ud7YJWCgICYB6ABsbTb6wLIAQmoAwHIA0iqBMUBT9A6dz7LAhrKpsdSUDlJ9X9gaIAG-ElnqudrIq8vwySj6cNki3TYu3WdEHb-iYbzY3_TYbvJYSXC0lt2CGsnCB5bziAZ755FSfjeA-NGdPN87ws78Qg2MPEwpfeoSO3KpLbjO8iVlSnZ3-qRXrM-at1SS-1Ix_mxL6mmA3izHs_U-BaOcrUdPoOTmnv3OXvPubNruRZwNK9jl9jnImmldTWsxfSHxwkCLnHYiD7Y-FUzW_NhiEKvsFjHXq74edX7t2vQzHPABOyz-r-BBJIFBAgEGAGSBQQIBRgEoAYugAe3y6SUAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMuCDdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMK0BUBgBcBshccChoIABIUcHViLTU1Njg3NDEwMDYxNjQ4NjMYAA&sigh=BzYbTsGLkVE&uach_m=[UACH]&cid=CAQSPADq26N9-DUZMiziaDRt62xJOMY7tJmHGTF54nTf1z_rPxbBQen8FfJg_NyCgoAksdFq6JOmRycqP9GVVRgBIBM&template_id=419

Requested by

Host: arrowos.net
URL: https://arrowos.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=90&adk=2459306202&adf=2692473195&pi=t.aa~a.1362671282~rp.4&daaos=1670566345606&w=1120&fwrn=4&fwrnh=100&lmt=1659432434&rafmt=1&to=qs&pwprc=2410593487&format=1120x90&url=https%3A%2F%2Farrowos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577998028&bpp=1&bdt=1569&idt=1&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5806160727dac00-2245696abcd9001e%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MalG-W5XJ3boZpLALrNkjY9d-QeNQ&gpic=UID%3D00000b8fac3a6b19%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MbESNEstQY7TLt48IFCJCONOdIcig&prev_fmts=1098x129%2C1072x200%2C0x0%2C1120x280%2C1120x280&nras=4&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=1611&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&psts=AMjMPc0MIqm8JfKwFnGOL0_iINGfLW6NaziWsk4JRBSXIsVPQOpjenMzKhL2Si5dbhb7CLKIyfjawt3xk0y9oAz3iQ%2CAMjMPc0YS00E3NJNcjmFe_sdA0vUNvgPB3XZkm5ei4-koP239kN_n3K2qmKsCeENAG4W44XeZKy0TtlwLpnpsHVTRg&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=l7uc9cOgAp&p=https%3A//arrowos.net&dtd=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 09 Dec 2022 09:26:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame 617C 23 KB
9 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=90&adk=2459306202&adf=2692473195&pi=t.aa~a.1362671282~rp.4&daaos=1670566345606&w=1120&fwrn=4&fwrnh=100&lmt=1659432434&rafmt=1&to=qs&pwprc=2410593487&format=1120x90&url=https%3A%2F%2Farrowos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577998028&bpp=1&bdt=1569&idt=1&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5806160727dac00-2245696abcd9001e%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MalG-W5XJ3boZpLALrNkjY9d-QeNQ&gpic=UID%3D00000b8fac3a6b19%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MbESNEstQY7TLt48IFCJCONOdIcig&prev_fmts=1098x129%2C1072x200%2C0x0%2C1120x280%2C1120x280&nras=4&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=1611&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&psts=AMjMPc0MIqm8JfKwFnGOL0_iINGfLW6NaziWsk4JRBSXIsVPQOpjenMzKhL2Si5dbhb7CLKIyfjawt3xk0y9oAz3iQ%2CAMjMPc0YS00E3NJNcjmFe_sdA0vUNvgPB3XZkm5ei4-koP239kN_n3K2qmKsCeENAG4W44XeZKy0TtlwLpnpsHVTRg&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=l7uc9cOgAp&p=https%3A//arrowos.net&dtd=27

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 12:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 12:10:29 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 617C 3 KB
1 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 08:10:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4570
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Dec 2022 08:10:28 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 617C 18 KB
7 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 12:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 12:10:29 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 617C 0
0 33ms
32ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS7_WAgwlnC49hnsLy9Q8lTKgxz11cbO04_hnw9qdQqkOFXHzAuFiPGzarLBhN_z9qcW7giWhrNU8tugBr0wGwlZaHXyg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=90&adk=2459306202&adf=2692473195&pi=t.aa~a.1362671282~rp.4&daaos=1670566345606&w=1120&fwrn=4&fwrnh=100&lmt=1659432434&rafmt=1&to=qs&pwprc=2410593487&format=1120x90&url=https%3A%2F%2Farrowos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577998028&bpp=1&bdt=1569&idt=1&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5806160727dac00-2245696abcd9001e%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MalG-W5XJ3boZpLALrNkjY9d-QeNQ&gpic=UID%3D00000b8fac3a6b19%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MbESNEstQY7TLt48IFCJCONOdIcig&prev_fmts=1098x129%2C1072x200%2C0x0%2C1120x280%2C1120x280&nras=4&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=1611&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&psts=AMjMPc0MIqm8JfKwFnGOL0_iINGfLW6NaziWsk4JRBSXIsVPQOpjenMzKhL2Si5dbhb7CLKIyfjawt3xk0y9oAz3iQ%2CAMjMPc0YS00E3NJNcjmFe_sdA0vUNvgPB3XZkm5ei4-koP239kN_n3K2qmKsCeENAG4W44XeZKy0TtlwLpnpsHVTRg&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=l7uc9cOgAp&p=https%3A//arrowos.net&dtd=27
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 617C 153 KB
47 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 09:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 09 Dec 2022 09:26:38 GMT

GET
DATA 200
OK truncated
/ Frame 9807 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2410558c899c306a60774dac18f089b0056918dd81dbb912330d575f2cbbcde

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 9807 28 KB
28 KB 28ms
28ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 09:03:51 GMT
x-content-type-options: nosniff
age: 174167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 09:03:51 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1545 1 KB
643 B 27ms
26ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=280&adk=4050813494&adf=4100973709&pi=t.aa~a.2295937194~rp.2&daaos=1670566345606&w=1120&fwrn=4&fwrnh=100&lmt=1659432434&rafmt=1&to=qs&pwprc=2410593487&format=1120x280&url=https%3A%2F%2Farrowos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577998028&bpp=2&bdt=1569&idt=-M&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5806160727dac00-2245696abcd9001e%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MalG-W5XJ3boZpLALrNkjY9d-QeNQ&gpic=UID%3D00000b8fac3a6b19%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MbESNEstQY7TLt48IFCJCONOdIcig&prev_fmts=1098x129%2C1072x200%2C0x0&nras=2&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&psts=AMjMPc0MIqm8JfKwFnGOL0_iINGfLW6NaziWsk4JRBSXIsVPQOpjenMzKhL2Si5dbhb7CLKIyfjawt3xk0y9oAz3iQ%2CAMjMPc0YS00E3NJNcjmFe_sdA0vUNvgPB3XZkm5ei4-koP239kN_n3K2qmKsCeENAG4W44XeZKy0TtlwLpnpsHVTRg&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jV6M3KprE0&p=https%3A//arrowos.net&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 86179
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 09:30:19 GMT
etag: 48472445140208031
expires: Fri, 09 Dec 2022 09:30:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame AB40 6 KB
3 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8503327745921077521/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 13:12:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72858
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2655
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 09 Dec 2022 13:12:20 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame AB40 34 KB
13 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8503327745921077521/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 19:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48812
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 09 Dec 2022 19:53:06 GMT

GET
H3 200 lottie.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8503327745921077521/ Frame AB40 271 KB
68 KB 29ms
28ms Script
application/x-javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8503327745921077521/lottie.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8503327745921077521/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0436434f23f1dce5317fc1b3f8cce48dc8efa9bcb1783ca9e4fe4a38fb1be6bf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 08 Dec 2022 17:13:11 GMT
age: 58407
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69850
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 16:16:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 08 Dec 2023 17:13:11 GMT

GET
DATA 200
OK truncated
/ Frame D801 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23cfde0ae313ebcc76a93ecf6082bf82343688b66f74964c6ef36c12340ab114

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame E785 35 B
464 B 94ms
32ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGhN-4r_mRF7UHesC_FV55k&google_cver=1&google_push=ASkJ3FY_9U1FKiSXBZ1hgR5SSQQdA-IZPG5XJFe-8dHl7Ty0AsbpuM4Lv47NS_37ic5cGn4TkmCQozN-XNNRVVhga75zAuv-7I_Q

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 09:26:38 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E785
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEIq1uosix8OP_CCspwhJej8&google_cver=1&google_push=ASkJ3Fau3cdaYBkOs1-r_3kyg7ktWdFQ3sivWconWyXeZ6TcSEtKiyQ3nX6uqKvxyAA718azxj9Z2C9vFgMdA0w9IeWy5bFuYTFE
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3Fau3cdaYBkOs1-r_3kyg7ktWdFQ3sivWconWyXeZ6TcSEtKiyQ3nX6uqKvxyAA718azxj9Z2C9vFgMdA0w9IeWy5bFuYTFE&google_hm=Q0FFU0VJcTF1b3NpeDhPU...

170 B
188 B

131ms
54ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3Fau3cdaYBkOs1-r_3kyg7ktWdFQ3sivWconWyXeZ6TcSEtKiyQ3nX6uqKvxyAA718azxj9Z2C9vFgMdA0w9IeWy5bFuYTFE&google_hm=Q0FFU0VJcTF1b3NpeDhPUF9DQ3Nwd2hKZWo4

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 09:26:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 09:26:38 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3Fau3cdaYBkOs1-r_3kyg7ktWdFQ3sivWconWyXeZ6TcSEtKiyQ3nX6uqKvxyAA718azxj9Z2C9vFgMdA0w9IeWy5bFuYTFE&google_hm=Q0FFU0VJcTF1b3NpeDhPUF9DQ3Nwd2hKZWo4
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame E785 43 B
135 B 92ms
38ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEA6-vOzXP-ehUMvAtNmzAeQ&google_cver=1&google_push=ASkJ3FYUfcuk-Xc0ghEZFJBzxkcvI7xMyC8MxsGfSkh1RPKQf_koDNX7QiEBttJc797tIeVJVP1SAvXE3T9ac8SQY8Ulk2h6xhM7
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=280&adk=4050813494&adf=363006359&pi=t.aa~a.2944305718~rp.4&daaos=1670566345606&w=1120&fwrn=4&fwrnh=100&lmt=1659432434&rafmt=1&to=qs&pwprc=2410593487&format=1120x280&url=https%3A%2F%2Farrowos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577998028&bpp=1&bdt=1569&idt=-M&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5806160727dac00-2245696abcd9001e%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MalG-W5XJ3boZpLALrNkjY9d-QeNQ&gpic=UID%3D00000b8fac3a6b19%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MbESNEstQY7TLt48IFCJCONOdIcig&prev_fmts=1098x129%2C1072x200%2C0x0%2C1120x280&nras=3&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=3218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&psts=AMjMPc0MIqm8JfKwFnGOL0_iINGfLW6NaziWsk4JRBSXIsVPQOpjenMzKhL2Si5dbhb7CLKIyfjawt3xk0y9oAz3iQ%2CAMjMPc0YS00E3NJNcjmFe_sdA0vUNvgPB3XZkm5ei4-koP239kN_n3K2qmKsCeENAG4W44XeZKy0TtlwLpnpsHVTRg&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Lyav0OkoMp&p=https%3A//arrowos.net&dtd=22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 09:26:38 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: hedv0999d3porqnbs92qb4utujs9mfc6

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E785
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EbZjUUoATQ2_pzKuhVIRew%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

133ms
56ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EbZjUUoATQ2_pzKuhVIRew%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FapboIrXL6GZSIwk30YemEBuyBJBuvrwfhubNKa92gjqYDHIZSqoXE58g2x6goDE6AaxjMcmXjvCYoqbKGHB8InhlKTofQ6

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 09:26:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EbZjUUoATQ2_pzKuhVIRew%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FapboIrXL6GZSIwk30YemEBuyBJBuvrwfhubNKa92gjqYDHIZSqoXE58g2x6goDE6AaxjMcmXjvCYoqbKGHB8InhlKTofQ6
date: Fri, 09 Dec 2022 09:26:38 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E785
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMwkQMpK8A98W3QrtSJGjYg&google_cver=1&google_push=ASkJ3FbZwZtYNiVJ1JTcCRcrwXGWfjrJSIpEs_ZS_g9lCNGAcRpYU-Uz3pCA8HHa1OlDMWFWBzC...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJHQjA5UjQtQy1DSEhB&google_push=ASkJ3FbZwZtYNiVJ1JTcCRcrwXGWfjrJSIpEs_ZS_g9lCNGAcRpYU-Uz3pCA8HHa1OlDMWFWBzCZg6-LdFENOtWTR4SVyhnX_q5o

170 B
188 B

130ms
48ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJHQjA5UjQtQy1DSEhB&google_push=ASkJ3FbZwZtYNiVJ1JTcCRcrwXGWfjrJSIpEs_ZS_g9lCNGAcRpYU-Uz3pCA8HHa1OlDMWFWBzCZg6-LdFENOtWTR4SVyhnX_q5o

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 09:26:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJHQjA5UjQtQy1DSEhB&google_push=ASkJ3FbZwZtYNiVJ1JTcCRcrwXGWfjrJSIpEs_ZS_g9lCNGAcRpYU-Uz3pCA8HHa1OlDMWFWBzCZg6-LdFENOtWTR4SVyhnX_q5o
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E785
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEudfpn1SXl5raHu5lYpEQc&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEudfpn1SXl5raHu5lYpEQc&google_push=AS...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEudfpn1SXl5raHu5lYpEQc&google_hm=Y5L_Tk_cK07erq-fF-98IAAAAsEAAAAB&google_nid=index&google_push=ASkJ3FYEJHYFSSmMHh7U-8uB8Bp6edHpoz0dC...

170 B
188 B

49ms
49ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEudfpn1SXl5raHu5lYpEQc&google_hm=Y5L_Tk_cK07erq-fF-98IAAAAsEAAAAB&google_nid=index&google_push=ASkJ3FYEJHYFSSmMHh7U-8uB8Bp6edHpoz0dCXUaWpBa40opps36uYBgX6iieHnq7ajh3CaKM_VLZL1KBnHp2MV4Gx5x8iNkMF9l

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 09:26:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 09 Dec 2022 09:26:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6d6vlFfdrLJVP6pXxhCCzUnzY7nyw2jmPn12%2FY6g0QapWVtRR2c7qwWaiWXdeC2%2Fnr9sWIn5mSEplSaL2x3wrZkIp6oVAb5eojJFahANubLBOYhnjElKO7FMOmBLMm%2BfmQiJ5E5fQYSmnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEudfpn1SXl5raHu5lYpEQc&google_hm=Y5L_Tk_cK07erq-fF-98IAAAAsEAAAAB&google_nid=index&google_push=ASkJ3FYEJHYFSSmMHh7U-8uB8Bp6edHpoz0dCXUaWpBa40opps36uYBgX6iieHnq7ajh3CaKM_VLZL1KBnHp2MV4Gx5x8iNkMF9l
cache-control: no-cache
cf-ray: 776cb34e2cec3755-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame E785 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame E785 0
40 B 158ms
45ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LLeOtLv7iMrMYAjet1_rXTAJAp1_-1qrZpU_eTWuwTbR1wQXnTBZbnbeK3wuMa55xiyDalqQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 09:26:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame D801 28 KB
28 KB 29ms
29ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 09:03:51 GMT
x-content-type-options: nosniff
age: 174167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 09:03:51 GMT

POST
H3 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 617C 0
20 B 202ms
138ms Other
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ-llYGc7PsCFWlkFQgdAggB7g&gqi=Tv-SY6XmBIf2tge26Y0Q&layout=/sadbundle/%24csp%253Der3%24/8503327745921077521/index.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 09:26:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 9102 36 KB
16 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 10:47:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Dec 2023 10:47:40 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 1545 35 B
463 B 54ms
33ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGhN-4r_mRF7UHesC_FV55k&google_cver=1&google_push=ASkJ3Fa2yRajQa2siLTApF6b5nhWtQ93TpPyutwIHr3R5i4lFbY_waPTugg4vHLw0dXkhGeHGopzPe3RqJONclCujYhwOjDEfw4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=280&adk=4050813494&adf=4100973709&pi=t.aa~a.2295937194~rp.2&daaos=1670566345606&w=1120&fwrn=4&fwrnh=100&lmt=1659432434&rafmt=1&to=qs&pwprc=2410593487&format=1120x280&url=https%3A%2F%2Farrowos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577998028&bpp=2&bdt=1569&idt=-M&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5806160727dac00-2245696abcd9001e%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MalG-W5XJ3boZpLALrNkjY9d-QeNQ&gpic=UID%3D00000b8fac3a6b19%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MbESNEstQY7TLt48IFCJCONOdIcig&prev_fmts=1098x129%2C1072x200%2C0x0&nras=2&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&psts=AMjMPc0MIqm8JfKwFnGOL0_iINGfLW6NaziWsk4JRBSXIsVPQOpjenMzKhL2Si5dbhb7CLKIyfjawt3xk0y9oAz3iQ%2CAMjMPc0YS00E3NJNcjmFe_sdA0vUNvgPB3XZkm5ei4-koP239kN_n3K2qmKsCeENAG4W44XeZKy0TtlwLpnpsHVTRg&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jV6M3KprE0&p=https%3A//arrowos.net&dtd=17

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 09:26:38 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 1545 43 B
351 B 51ms
37ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEA6-vOzXP-ehUMvAtNmzAeQ&google_cver=1&google_push=ASkJ3FYLPb4GwoyOfN7B_qvoQ_R0khVuqtXSsTFijMQAYWPgqKkRGMv3btN5tCrw22MX95oRecdmHfvbSWJ921N0IvfwY5CferY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=280&adk=4050813494&adf=4100973709&pi=t.aa~a.2295937194~rp.2&daaos=1670566345606&w=1120&fwrn=4&fwrnh=100&lmt=1659432434&rafmt=1&to=qs&pwprc=2410593487&format=1120x280&url=https%3A%2F%2Farrowos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577998028&bpp=2&bdt=1569&idt=-M&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5806160727dac00-2245696abcd9001e%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MalG-W5XJ3boZpLALrNkjY9d-QeNQ&gpic=UID%3D00000b8fac3a6b19%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MbESNEstQY7TLt48IFCJCONOdIcig&prev_fmts=1098x129%2C1072x200%2C0x0&nras=2&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&psts=AMjMPc0MIqm8JfKwFnGOL0_iINGfLW6NaziWsk4JRBSXIsVPQOpjenMzKhL2Si5dbhb7CLKIyfjawt3xk0y9oAz3iQ%2CAMjMPc0YS00E3NJNcjmFe_sdA0vUNvgPB3XZkm5ei4-koP239kN_n3K2qmKsCeENAG4W44XeZKy0TtlwLpnpsHVTRg&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jV6M3KprE0&p=https%3A//arrowos.net&dtd=17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 09:26:38 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 6tr0pirqnl9hqb2n9c7k11nd5grfe4ps

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1545
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yTGEpTb7TG2qYYKyQZtjlg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

135ms
59ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yTGEpTb7TG2qYYKyQZtjlg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbG5fiCQriNVr01i008oq644-jmRE6PWw032Nw0RgFnMqMF3e1OXP8bihYZNmFeT4pZS8lY9hV3gWQTORyROpcgHY1HO90

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 09:26:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yTGEpTb7TG2qYYKyQZtjlg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbG5fiCQriNVr01i008oq644-jmRE6PWw032Nw0RgFnMqMF3e1OXP8bihYZNmFeT4pZS8lY9hV3gWQTORyROpcgHY1HO90
date: Fri, 09 Dec 2022 09:26:37 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1545
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMwkQMpK8A98W3QrtSJGjYg&google_cver=1&google_push=ASkJ3FYIArzPI7WYdOA_cRzx9KUjwmWxa0i640De-vpVfzzpjIpVCGZaVR7G4abC-tIY_ekgQ4V...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJHQjA5UzMtMVgtSkxMVw==&google_push=ASkJ3FYIArzPI7WYdOA_cRzx9KUjwmWxa0i640De-vpVfzzpjIpVCGZaVR7G4abC-tIY_ekgQ4V48WPuPhI2dCaoFxNc6ujSs5k

170 B
188 B

133ms
57ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJHQjA5UzMtMVgtSkxMVw==&google_push=ASkJ3FYIArzPI7WYdOA_cRzx9KUjwmWxa0i640De-vpVfzzpjIpVCGZaVR7G4abC-tIY_ekgQ4V48WPuPhI2dCaoFxNc6ujSs5k

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 09:26:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJHQjA5UzMtMVgtSkxMVw==&google_push=ASkJ3FYIArzPI7WYdOA_cRzx9KUjwmWxa0i640De-vpVfzzpjIpVCGZaVR7G4abC-tIY_ekgQ4V48WPuPhI2dCaoFxNc6ujSs5k
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1545
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEudfpn1SXl5raHu5lYpEQc&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEudfpn1SXl5raHu5lYpEQc&google_push=AS...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEudfpn1SXl5raHu5lYpEQc&google_hm=Y5L_Tk_cK07erq-fF-98IAAAAsEAAAAB&google_nid=index&google_push=ASkJ3FZ1Gm3liG4vLpaIZpOxNkDNSjrngNUqp...

170 B
188 B

58ms
57ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEudfpn1SXl5raHu5lYpEQc&google_hm=Y5L_Tk_cK07erq-fF-98IAAAAsEAAAAB&google_nid=index&google_push=ASkJ3FZ1Gm3liG4vLpaIZpOxNkDNSjrngNUqpoeB_X1klOj8hwTuZJ4pDi4QHbN2CJtw-P75sBDAinU-45RSzEhCezU6FskiIW0

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 09:26:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 09 Dec 2022 09:26:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1aLgRkhGXkZWQM6ixvTjRq%2ByjDVHO9i4uDjhzWWchaiZ%2B8HAeKlJlysljrpPI32fHTcjLglxU6Ei4jrn%2FZZYq%2BQ0sRqtXzcc%2B6crO8dnQ%2B496se4WCPJpho0wuUfk%2BNQLuS7dPQN11zPuA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEudfpn1SXl5raHu5lYpEQc&google_hm=Y5L_Tk_cK07erq-fF-98IAAAAsEAAAAB&google_nid=index&google_push=ASkJ3FZ1Gm3liG4vLpaIZpOxNkDNSjrngNUqpoeB_X1klOj8hwTuZJ4pDi4QHbN2CJtw-P75sBDAinU-45RSzEhCezU6FskiIW0
cache-control: no-cache
cf-ray: 776cb34dbba73755-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 1545 43 B
297 B 263ms
52ms Image
image/gif 2a05:d01c:1d8:8101:d648:86cf:755a:6dbf
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEGpK7dab_WXrTNYDtfwLF-g&google_cver=1&google_push=ASkJ3FYLctpb4du4M6WjeAJq21nxE9q6X_It2qzSSEgvsYFTUaSW9_V7fkpMwNqiA1Xe0q3sKQ_VrZQErDJNFiHpZFiq-qCWTg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=280&adk=4050813494&adf=4100973709&pi=t.aa~a.2295937194~rp.2&daaos=1670566345606&w=1120&fwrn=4&fwrnh=100&lmt=1659432434&rafmt=1&to=qs&pwprc=2410593487&format=1120x280&url=https%3A%2F%2Farrowos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577998028&bpp=2&bdt=1569&idt=-M&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5806160727dac00-2245696abcd9001e%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MalG-W5XJ3boZpLALrNkjY9d-QeNQ&gpic=UID%3D00000b8fac3a6b19%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MbESNEstQY7TLt48IFCJCONOdIcig&prev_fmts=1098x129%2C1072x200%2C0x0&nras=2&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&psts=AMjMPc0MIqm8JfKwFnGOL0_iINGfLW6NaziWsk4JRBSXIsVPQOpjenMzKhL2Si5dbhb7CLKIyfjawt3xk0y9oAz3iQ%2CAMjMPc0YS00E3NJNcjmFe_sdA0vUNvgPB3XZkm5ei4-koP239kN_n3K2qmKsCeENAG4W44XeZKy0TtlwLpnpsHVTRg&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jV6M3KprE0&p=https%3A//arrowos.net&dtd=17
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:d648:86cf:755a:6dbf London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 09 Dec 2022 09:26:39 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame 1545 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 1545 0
223 B 116ms
44ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IOgEHLEe9TF8ngO93nebteUROgBCH3ilyw8zGb-pxIaXCftU-4BJu45oDYewkvucOB1uEwsg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=280&adk=4050813494&adf=4100973709&pi=t.aa~a.2295937194~rp.2&daaos=1670566345606&w=1120&fwrn=4&fwrnh=100&lmt=1659432434&rafmt=1&to=qs&pwprc=2410593487&format=1120x280&url=https%3A%2F%2Farrowos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577998028&bpp=2&bdt=1569&idt=-M&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5806160727dac00-2245696abcd9001e%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MalG-W5XJ3boZpLALrNkjY9d-QeNQ&gpic=UID%3D00000b8fac3a6b19%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MbESNEstQY7TLt48IFCJCONOdIcig&prev_fmts=1098x129%2C1072x200%2C0x0&nras=2&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&psts=AMjMPc0MIqm8JfKwFnGOL0_iINGfLW6NaziWsk4JRBSXIsVPQOpjenMzKhL2Si5dbhb7CLKIyfjawt3xk0y9oAz3iQ%2CAMjMPc0YS00E3NJNcjmFe_sdA0vUNvgPB3XZkm5ei4-koP239kN_n3K2qmKsCeENAG4W44XeZKy0TtlwLpnpsHVTRg&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jV6M3KprE0&p=https%3A//arrowos.net&dtd=17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 09:26:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 617C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1b2271402ba1dd56fd28cb98e6ab3c6ab00b0c45f0ad1799882744d9f9545e7

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pwa-728x90.json Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8503327745921077521/ Frame AB40 71 KB
29 KB 82ms
27ms XHR
application/json 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8503327745921077521/pwa-728x90.json

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8503327745921077521/lottie.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2db64bf4f05a0ed9e13ee11bf651c61e718600d904e85aa06dfeb53382e657a4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 03 Dec 2022 19:39:38 GMT
age: 481620
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29676
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 16:16:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 03 Dec 2023 19:39:38 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 80ms
79ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221206&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14d96d5b1e2f7978c8be5e74d813cb49e78bf1e1a89877a41deb74f5e7785ce0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://arrowos.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 09:26:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11091
x-xss-protection: 0

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 3149 36 KB
16 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=280&adk=4050813494&adf=4100973709&pi=t.aa~a.2295937194~rp.2&daaos=1670566345606&w=1120&fwrn=4&fwrnh=100&lmt=1659432434&rafmt=1&to=qs&pwprc=2410593487&format=1120x280&url=https%3A%2F%2Farrowos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577998028&bpp=2&bdt=1569&idt=-M&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5806160727dac00-2245696abcd9001e%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MalG-W5XJ3boZpLALrNkjY9d-QeNQ&gpic=UID%3D00000b8fac3a6b19%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MbESNEstQY7TLt48IFCJCONOdIcig&prev_fmts=1098x129%2C1072x200%2C0x0&nras=2&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&psts=AMjMPc0MIqm8JfKwFnGOL0_iINGfLW6NaziWsk4JRBSXIsVPQOpjenMzKhL2Si5dbhb7CLKIyfjawt3xk0y9oAz3iQ%2CAMjMPc0YS00E3NJNcjmFe_sdA0vUNvgPB3XZkm5ei4-koP239kN_n3K2qmKsCeENAG4W44XeZKy0TtlwLpnpsHVTRg&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jV6M3KprE0&p=https%3A//arrowos.net&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 10:47:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Dec 2023 10:47:40 GMT

GET truncated
/ Frame AB40 0
0

GET
DATA 200
OK truncated
/ Frame AB40 20 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2be4f707b822c283b5094cee6af73792036a41f4cbc27737355dd9add99ebfc

Request headers

Referer
Origin: null
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 236ms
235ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://arrowos.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 09:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 09 Dec 2022 09:26:39 GMT

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame AB40 36 KB
16 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 10:47:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Dec 2023 10:47:40 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2004 13 KB
5 KB 29ms
26ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arrowos.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
age: 4572
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 08:10:27 GMT
expires: Sat, 09 Dec 2023 08:10:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C101 783 B
533 B 38ms
36ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f1d794a7f5e7fc38cf2fb7010fd790f2986be37dbe89b2723253717bf7d7943e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ddXodBLb_Th2JEXNVdSIig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://arrowos.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-ddXodBLb_Th2JEXNVdSIig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 09:26:39 GMT
expires: Fri, 09 Dec 2022 09:26:39 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C101 0
0 130ms
128ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221206&jk=436377116939556&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 2004 36 KB
16 KB 30ms
27ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 10:47:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Dec 2023 10:47:40 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B886 42 B
64 B 137ms
136ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstNrpGIvQVS5gsH0iUa43b5uy7DvG54dkwdiyMijJjazU8CQZKA9--hvdYM2NONHF9TF4WBWHOmVFuV68-4GmiQ79XQGz3MIhJs4MTfl83DO1UqW-TzbKK80wsx4KnZ4WfwW5EQmA&sai=AMfl-YT0jo1uvd6sy9RbeS-FtzFBgxNf94KbHwI1NwGhhJKxDUGM4TDqMoYfybCeXI7K2HoETh7SyhRYRrAao-A&sig=Cg0ArKJSzOw3Xu3kvXxyEAE&cid=CAQSGwDq26N9s1aXAZjsopzF2hc5GkNOxQlKjTaZlRgBIBM&id=lidar2&mcvt=1003&p=0,0,124,1005&mtos=83,708,1003,1065,1159&tos=83,625,295,62,94&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670577998089&rpt=221&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 09:26:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2004 0
11 B 28ms
26ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?0YKKBA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 09:26:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 137ms
133ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221206&jk=436377116939556&bg=!sbKlsvbNAAYgquz3AKo7ACkAdvg8WmRt3iSP5xeY5YVs5ZlYQdpYMrCUwFp6t2c49dP7lX_ABADc7gIAAAB-UgAAAARoAQcKANolTPcr0XYPaoSh134a5eTdIGbR5_V0LfA8jSVjC5ABgkxJn-4Jh0CHGHondUeCXx-Mb_U9xEuiCUvwvdNol3C62_HzryIvZZMFQVBy384cywLCRKcp-phLhTuGCFKjuEOu4_FF7vAKBDo8b_06vhTNHgA6r2ybiuo7Z3w7ZDmHi0beHd_6671kJK-3ZaixPwKV9Do7-jwZZF2yXN2mARWJxRq2oV5JG0Qs09Z0C8Irr8l5yWya3jnKrIXiqUGEn5znsZPLBxkSJO7O_QEx3iKs4IYP7wKE8YUM1pkCku8308o9UMIVJgL-6Kokn7i9di1F0i7uk-XifJrMZnoP9eOmjLVzfAt3ikvgiZ6Hr8TuVi_Yh2yiAUHPa2GRVHt31gyyxrr8NV3IEkESNlKcl25QsKk69X9d1kqRfWMS_NTWnAyuHFe8VrVGDWCjoItK2pKnTKhCTFia6sTLELz1sOoecrN8Uj6mbxzvedIDesssK0gHHZkh_FgyUZejFD4atSmpl2hqa7nZiAbLX5X2KOpBe_Q46ollpm-MYXEWlE2YaS3nBUbLCgPBMn2g6Q1Dbnj-eL9VRgV_z2vsLwM9jO2pMJuQSKLxknaHgeHMV4v2bqU8Kfbrlz0VvMxGI6Xcx_9BVuV6ZuIHSs7yj-85XWtMsZFWk8DWIelGbPvPKK9mIaVi5PpD95I3Ks7-ZkPTcaVix7f4hCvGISAp-8hUsFdHJV3FAQHNry2s0w4l0DbknbDEeSSyyrYcKzDXJYPgzTY1qwxUfpy2wk2oAsN0pnAnmEh9o9A0mCLJQStwJ473FHo8ECQg5zvAYkZA4F5N9zcr-BeFgpOKqMHRzSEFSZQ-6y2aJl5ZZzXFIsM6-DCm5_eDieafxKwc06vHwiOsjX8klLG6Lz-Sqim7y4mHrZSzipe25mJO1KEPZ5tZTsq2BT7w36aeKUsWfWoLk-tTMgiywjXawmE33-bp0xKNc7vmsghDc5Ksp3DGNT7zIBwdwndrDVw1GowQr0QFluKJcI9reG_sQUZn_fwX0Mt5gKMN22KNKcZne1TVsR-2Svio40N4mJx3sbEKrA_Stu_j7LeGykchSnrR3myKi8nYTza5Jynham2r8b7j4q0xRgP0QCiQotrNDo7tiwuzs0Xst01zZaHxvQ6uGJjfCtzuuYU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://arrowos.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPGmuQ4JgescDadd6QOG3Zw&google_cver=1&google_push=ASkJ3FZwQnl7_nUNFdFj1Aufa-jwGFD4D-aWyIUlJe5aDtxrgL43-2gvnkgkoLYC8IjJkUYPcz7u180ExUn8hIQqdF8RlA67yJz4zQ

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPGmuQ4JgescDadd6QOG3Zw&google_cver=1&google_push=ASkJ3FZJ61y3rEif-eNhu5LDOD26kbeiI7Potfg1OqYVp4eT1Xr3U73yS-TMFjOoWolk1g-i5Y-iMnmiXt9n11Zc_2YcqP8Dtaur

Domain: truncated
URL: data:truncated

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.arrowos.net/	1970-01-20 17:24:33	Name: __gads Value: ID=d5806160727dac00-2245696abcd9001e:T=1670577997:RT=1670577997:S=ALNI_MalG-W5XJ3boZpLALrNkjY9d-QeNQ
.arrowos.net/	1970-01-20 17:24:33	Name: __gpi Value: UID=00000b8fac3a6b19:T=1670577997:RT=1670577997:S=ALNI_MbESNEstQY7TLt48IFCJCONOdIcig
.doubleclick.net/	1970-01-20 17:24:33	Name: IDE Value: AHWqTUne5AtkN08ZwNT3HUVcTrOo74ihiRspd0lNge32D1b7oMjHxHI-DfQj_lQOFVc
.doubleclick.net/	1970-01-20 08:03:01	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 08:02:58	Name: test_cookie Value: CheckForPermission
.quantserve.com/	1970-01-20 10:12:33	Name: d Value: EF0BCQHiJ4EA
.quantserve.com/	1970-01-20 17:33:12	Name: mc Value: 6392ff4e-ddf40-cd719-b350a
.pubmatic.com/	1970-01-20 08:04:24	Name: KTPCACOOKIE Value: YES
.casalemedia.com/	1970-01-20 16:48:33	Name: CMID Value: Y5L-Tk-cK07erq.fF.98IAAA
.casalemedia.com/	1970-01-20 10:12:33	Name: CMPS Value: 705
.casalemedia.com/	1970-01-20 10:12:33	Name: CMPRO Value: 705
.agkn.com/	1970-01-20 16:48:33	Name: ab Value: 0001%3AfZjFrv1MvCR2MUPOQb8Lfu0z8fAwFbAD
.agkn.com/	1970-01-20 16:48:33	Name: u Value: C\|0CEArJbvOKyW7zgAAAAAAAQ13AQCAAQpAAAAAAA
.pubmatic.com/	1970-01-20 16:48:33	Name: KADUSERCOOKIE Value: C93184A5-36FB-4C6D-AA61-82B2419B6396
.innovid.com/	1970-01-20 10:12:33	Name: uuid Value: 043944af-02b8-4608-a9c5-a0d3323b65cf-20221209 04:26:39
.casalemedia.com/	1970-01-20 10:12:33	Name: CMTS Value: 4524

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=90&adk=2459306202&adf=2692473195&pi=t.aa~a.1362671282~rp.4&daaos=1670566345606&w=1120&fwrn=4&fwrnh=100&lmt=1659432434&rafmt=1&to=qs&pwprc=2410593487&format=1120x90&url=https%3A%2F%2Farrowos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577998028&bpp=1&bdt=1569&idt=1&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5806160727dac00-2245696abcd9001e%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MalG-W5XJ3boZpLALrNkjY9d-QeNQ&gpic=UID%3D00000b8fac3a6b19%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MbESNEstQY7TLt48IFCJCONOdIcig&prev_fmts=1098x129%2C1072x200%2C0x0%2C1120x280%2C1120x280&nras=4&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=1611&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&psts=AMjMPc0MIqm8JfKwFnGOL0_iINGfLW6NaziWsk4JRBSXIsVPQOpjenMzKhL2Si5dbhb7CLKIyfjawt3xk0y9oAz3iQ%2CAMjMPc0YS00E3NJNcjmFe_sdA0vUNvgPB3XZkm5ei4-koP239kN_n3K2qmKsCeENAG4W44XeZKy0TtlwLpnpsHVTRg&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=l7uc9cOgAp&p=https%3A//arrowos.net&dtd=27 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/8503327745921077521/index.html".
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5568741006164863&output=html&h=90&adk=2459306202&adf=2692473195&pi=t.aa~a.1362671282~rp.4&daaos=1670566345606&w=1120&fwrn=4&fwrnh=100&lmt=1659432434&rafmt=1&to=qs&pwprc=2410593487&format=1120x90&url=https%3A%2F%2Farrowos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670577998028&bpp=1&bdt=1569&idt=1&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5806160727dac00-2245696abcd9001e%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MalG-W5XJ3boZpLALrNkjY9d-QeNQ&gpic=UID%3D00000b8fac3a6b19%3AT%3D1670577997%3ART%3D1670577997%3AS%3DALNI_MbESNEstQY7TLt48IFCJCONOdIcig&prev_fmts=1098x129%2C1072x200%2C0x0%2C1120x280%2C1120x280&nras=4&correlator=5563639207513&frm=20&pv=1&ga_vid=238390789.1670577997&ga_sid=1670577997&ga_hid=1553723137&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=1611&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774649%2C42531847%2C44774653%2C44779794&oid=2&psts=AMjMPc0MIqm8JfKwFnGOL0_iINGfLW6NaziWsk4JRBSXIsVPQOpjenMzKhL2Si5dbhb7CLKIyfjawt3xk0y9oAz3iQ%2CAMjMPc0YS00E3NJNcjmFe_sdA0vUNvgPB3XZkm5ei4-koP239kN_n3K2qmKsCeENAG4W44XeZKy0TtlwLpnpsHVTRg&pvsid=436377116939556&tmod=1374102564&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=l7uc9cOgAp&p=https%3A//arrowos.net&dtd=27 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/8503327745921077521/index.html".
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPGmuQ4JgescDadd6QOG3Zw&google_cver=1&google_push=ASkJ3FZwQnl7_nUNFdFj1Aufa-jwGFD4D-aWyIUlJe5aDtxrgL43-2gvnkgkoLYC8IjJkUYPcz7u180ExUn8hIQqdF8RlA67yJz4zQ Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPGmuQ4JgescDadd6QOG3Zw&google_cver=1&google_push=ASkJ3FZJ61y3rEif-eNhu5LDOD26kbeiI7Potfg1OqYVp4eT1Xr3U73yS-TMFjOoWolk1g-i5Y-iMnmiXt9n11Zc_2YcqP8Dtaur Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: data:image/png;base64,undefined Message: Failed to load resource: net::ERR_INVALID_URL
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-5568741006164863&fa=1&ifi=7&uci=a!7&btvi=6&xpc=CsYpSSz7Rs&p=https%3A//arrowos.net Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.it
ag.innovid.com
arrowos.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
d.agkn.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
image6.pubmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
rtb.openx.net
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
tpc.googlesyndication.com
truncated
www.google.com
www.googletagservices.com
www.gstatic.com
googlecm.hit.gemius.pl
truncated
104.18.33.19
142.250.185.130
185.152.64.121
198.47.127.19
2606:4700::6811:180e
2607:f8b0:4002:c0f::78
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:808::2002
2a00:1450:4001:809::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2001
2a00:1450:4001:811::200a
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a05:d01c:1d8:8101:d648:86cf:755a:6dbf
3.74.33.199
35.227.252.103
69.173.144.165
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
0436434f23f1dce5317fc1b3f8cce48dc8efa9bcb1783ca9e4fe4a38fb1be6bf
05ba117283e0800386bfdb07fb2800ff9a8be467336ba3291e00b8190d6df9d2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
14d96d5b1e2f7978c8be5e74d813cb49e78bf1e1a89877a41deb74f5e7785ce0
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
23cfde0ae313ebcc76a93ecf6082bf82343688b66f74964c6ef36c12340ab114
29aba457c277278516480abb675c844f12e33896e08eafb34e06695ebeeef761
2db64bf4f05a0ed9e13ee11bf651c61e718600d904e85aa06dfeb53382e657a4
2df342906a4d44f64d298c8e63ef14fb5c69c83e10bf1143c57f28f1d6050ec6
2f7aeea46fa6e2de207857da95a98b7071a4175c2af11c621022a948d92619e8
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
39a6f310aa55a5830ec69c885bead7a0dd99b97b7ad365707c38a48465126c55
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
42c750eec5be4893d5bd9bc95e9105721c5435f8be07c5fdd1a61eb063430a2e
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
470b9329feb0429a41da199629475d790aa07b9b8e6361e097640f45e030fe56
4a21ef031dc077abd40eaf533122df1ffa6679ecf493b97045a1b024d227b850
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f1910e10fb0f368675efdcc825dfc8cf63f1f047371d59978877dc1f5710389
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
573fcadc366e8f2230cee46d844a9d93ad5e63f103c1eec28bb802e2657345a6
584343640922191e56c922d00f4558f5d1e40a778cd6dc9bf89900abc3fc48f2
5a858d6bcbc709e7854876c5ec894336df9c61a65e37282077e2a80cf207596d
5ba6af8bd340ffb7fb078568374df5d6c9918445b121f6cb0acf606368c5b7d4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
82d7e39634268593313709178e231ca9ac42a1e7bd2b43d44e9225522d1c2b18
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
89037cd82c201b26e63a04cc26b7e430fbc159ccaf493b0347fdc3c8c59f3219
9326da44176564d6f6c2fd15999ac038fb3d7536ecc18b913fc16fc58018aff8
957176b5d7a611cf1fe04f9ec4f5f025b499646f620d3a3a6daceb671fe983c2
981792df4c11fb32fea9720db6c7c82dd96da4247fd29ff170b53903e116eecc
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ace459aabfafe3b1655692ae33fab3910a53f2a288fbc3a02dfdfc8d4ca5128
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b
ac596bddb4c66d4ca4bf3c6a1ef40d1c59b48212c579435dfc0316ba16c1cb8b
ae526251e072eb656622a5706f2944460df7159da5d09b4c47bf775cae62a3df
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b252408806f41a70a449121b38d353a184eabb37589d2695fded1385afff80c0
b2be4f707b822c283b5094cee6af73792036a41f4cbc27737355dd9add99ebfc
b3711b7a80d676860dcc4c552f9fbaebbc0093837d8d062d6b9c242924045a7b
caf9efe9547a6dcc6922d2628d6878d8193f953fcb4a911b55d8440bd21a7056
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
ce3bfdc50ebeb4d5748b03897fffd23d65c7561cc216d5caa7d862fb9d2e2726
cef155a7cdbab22094bb173629945d96400bccb65635bec56899bd2b5991c56d
d03e3b55604b205b72b9ea363a66e2045c2829b93156b57667da9a8e8f7dad8b
d1a134de23b80742e6b293b99f43124b60aa32d56dae2daae1104ca71740f7ba
d6f040a0debcfcb2d726de59a3c3b86f1849e5f1f04f4b8d35d36273be268035
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d98c46697bf99026789ee4de85c1d73abac6e883a6a556b95c36e72865c11fcb
e0a4a044c0af0184e34a25b070078e4aa2a7e6a2a130f2598e542d1f60a2986b
e1a80e9db9989a32b472f658cb885b821374c0e421d88f4b10c40d146708426a
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e612960f4daa25ad971fc7515440a05de27f1550309dccb0381171288d9881c6
e751d03c99d7754354f0184936a5b7d60f44dbcec0a8699c982fd10d7e912459
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1521df5c00bd1c7ba76c5e08fcf7e0ab48809040f8aa4f3218de32293734518
f1b2271402ba1dd56fd28cb98e6ab3c6ab00b0c45f0ad1799882744d9f9545e7
f1d794a7f5e7fc38cf2fb7010fd790f2986be37dbe89b2723253717bf7d7943e
f2410558c899c306a60774dac18f089b0056918dd81dbb912330d575f2cbbcde
f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb3f754df421c3ca1b7899c6e17d7ad87fba41e504667b52f96401c13097837f
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

arrowos.net Open in urlscan Pro 185.152.64.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

139 Requests

94 %HTTPS

67 %IPv6

19 Domains

25 Subdomains

18 IPs

5 Countries

7621 kBTransfer

10418 kBSize

16 Cookies

12 Outgoing links

Page URL History

Redirected requests

139 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

arrowos.net Open in urlscan Pro
185.152.64.121 Public Scan

Screenshot
Live screenshot

Full Image

139
Requests

94 %
HTTPS

67 %
IPv6

19
Domains

25
Subdomains

18
IPs

5
Countries

7621 kB
Transfer

10418 kB
Size

16
Cookies

139 HTTP transactions
14 data transactions