timedopovo.tk Open in urlscan Pro
31.22.4.81 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://timedopovo.tk/
Submission Tags: krdtest
Submission: On February 11 via api (February 11th 2022, 7:31:24 am UTC) from JP — Scanned from GB

Summary HTTP 168 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 26 IPs in 6 countries across 26 domains to perform 168 HTTP transactions. The main IP is 31.22.4.81, located in Newcastle upon Tyne, United Kingdom and belongs to WILDCARD-AS Wildcard UK Limited, GB. The main domain is timedopovo.tk.
TLS certificate: Issued by R3 on February 8th 2022. Valid for: 3 months.

This is the only time timedopovo.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	31.22.4.81 31.22.4.81	34119 (WILDCARD-...) (WILDCARD-AS Wildcard UK Limited)
19	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
16 16	185.93.1.242 185.93.1.242	60068 (CDN77 ^_^) (CDN77 ^_^)
1	108.157.4.7 108.157.4.7	16509 (AMAZON-02) (AMAZON-02)
1	52.210.174.128 52.210.174.128	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	31.22.4.94 31.22.4.94	34119 (WILDCARD-...) (WILDCARD-AS Wildcard UK Limited)
20	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	65.9.7.96 65.9.7.96	16509 (AMAZON-02) (AMAZON-02)
35	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3 5	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
6	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2 2	104.76.200.221 104.76.200.221	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:affb:bb24:d447:85fc	16509 (AMAZON-02) (AMAZON-02)
1 1	146.59.70.99 146.59.70.99	16276 (OVH) (OVH)
1 1	2a03:2880:f02... 2a03:2880:f02d:e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
10	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f04... 2a03:2880:f045:10:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f00... 2a03:2880:f006:21:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
168	26

27 31.22.4.81 (Newcastle upon Tyne, United Kingdom)

ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)
PTR: sv46.byethost46.org

timedopovo.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.timedopovo.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 185.93.1.242 (United States) 16 redirects

ASN60068 (CDN77 ^_^, GB)
PTR: edge-463.bunnyinfra.net

sp-ao.shortpixel.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-7.dus51.r.cloudfront.net

media.go2speed.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.174.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-174-128.eu-west-1.compute.amazonaws.com

indexanetwork.go2cloud.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.22.4.94 (Newcastle upon Tyne, United Kingdom)

ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)
PTR: sv23.byethost23.org

adds.livreuso.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.7.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-7-96.fra56.r.cloudfront.net

ad.lomadee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.76.200.221 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-221.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:affb:bb24:d447:85fc (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.70.99 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns3210071.ip-146-59-70.eu

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:e:face:b00c:0:2 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

web.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f045:10:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

scontent-ams4-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f006:21:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

scontent-amt2-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92 tpc.googlesyndication.com — Cisco Umbrella Rank: 120	634 KB
27	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 ad.doubleclick.net — Cisco Umbrella Rank: 167 cm.g.doubleclick.net — Cisco Umbrella Rank: 175	214 KB
27	timedopovo.tk timedopovo.tk www.timedopovo.tk	546 KB
16	shortpixel.ai 16 redirects sp-ao.shortpixel.ai — Cisco Umbrella Rank: 15771	11 KB
11	facebook.com 1 redirects web.facebook.com — Cisco Umbrella Rank: 257 www.facebook.com — Cisco Umbrella Rank: 97	166 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	94 KB
7	google.com www.google.com — Cisco Umbrella Rank: 2 Failed adservice.google.com — Cisco Umbrella Rank: 59	1 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	227 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	3 KB
4	livreuso.tk adds.livreuso.tk	2 KB
3	lomadee.com ad.lomadee.com	21 KB
3	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 236 www.google-analytics.com — Cisco Umbrella Rank: 31	37 KB
2	fbcdn.net scontent-ams4-1.xx.fbcdn.net — Cisco Umbrella Rank: 14037 scontent-amt2-1.xx.fbcdn.net — Cisco Umbrella Rank: 13827	7 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 582	1 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1492	1 KB
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 548	889 B
2	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5583	914 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	83 KB
1	gemius.pl 1 redirects googlecm.hit.gemius.pl — Cisco Umbrella Rank: 7252	336 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1383	296 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 288	461 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 741	645 B
1	go2cloud.org indexanetwork.go2cloud.org	523 B
1	go2speed.org media.go2speed.org — Cisco Umbrella Rank: 107750	77 KB
0	statistcdn.com Failed statistcdn.com Failed
0	google.com.br Failed www.google.com.br Failed
168	26

	Domain	Requested by
35	tpc.googlesyndication.com	googleads.g.doubleclick.net timedopovo.tk tpc.googlesyndication.com pagead2.googlesyndication.com
23	timedopovo.tk	timedopovo.tk
19	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net timedopovo.tk
19	pagead2.googlesyndication.com	timedopovo.tk pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
16	sp-ao.shortpixel.ai	16 redirects
10	www.facebook.com	connect.facebook.net www.facebook.com
6	cm.g.doubleclick.net	timedopovo.tk googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net
5	www.gstatic.com	googleads.g.doubleclick.net
5	www.google.com	timedopovo.tk googleads.g.doubleclick.net tpc.googlesyndication.com
4	fonts.googleapis.com	googleads.g.doubleclick.net
4	adds.livreuso.tk	timedopovo.tk adds.livreuso.tk
4	www.timedopovo.tk	timedopovo.tk
3	fonts.gstatic.com	fonts.googleapis.com
3	ad.lomadee.com	adds.livreuso.tk ad.lomadee.com
2	image6.pubmatic.com	2 redirects
2	e.dlx.addthis.com	2 redirects
2	id.rlcdn.com	2 redirects
2	ad.doubleclick.net	1 redirects googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.co.uk	pagead2.googlesyndication.com
2	connect.facebook.net	timedopovo.tk connect.facebook.net
2	ssl.google-analytics.com	timedopovo.tk
1	scontent-amt2-1.xx.fbcdn.net	www.facebook.com
1	scontent-ams4-1.xx.fbcdn.net	www.facebook.com
1	web.facebook.com	1 redirects
1	googlecm.hit.gemius.pl	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	www.google-analytics.com	ad.lomadee.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	indexanetwork.go2cloud.org	timedopovo.tk
1	media.go2speed.org	timedopovo.tk
0	statistcdn.com Failed	ad.lomadee.com
0	www.google.com.br Failed	timedopovo.tk
168	35

This site contains links to these domains. Also see Links.

Domain
www.timedopovo.tk
www.facebook.com
twitter.com
feeds.feedburner.com
www.youtube.com
indexanetwork.go2cloud.org

Subject Issuer	Validity	Valid
timedopovo.tk R3	`2022-02-08` - `2022-05-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
media.go2speed.org Amazon	`2021-10-06` - `2022-11-04`	a year	crt.sh
*.go2cloud.org Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-20` - `2022-02-18`	3 months	crt.sh
adds.livreuso.tk R3	`2022-01-23` - `2022-04-23`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.lomadee.com Amazon	`2021-03-31` - `2022-04-29`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh

This page contains 26 frames:

Primary Page: https://timedopovo.tk/
Frame ID: C648E3009860C24644161200C5351336
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20190131/zrt_lookup.html
Frame ID: ADEC55E96D03D1322D09DF4029DD2C7C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=60&twa=1&slotname=3804470934&adk=4040837863&adf=2203149399&pi=t.ma~as.3804470934&w=284&fwrn=4&fwrnh=100&lmt=1644564678&format=284x60&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&rh=60&rw=284&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644564678054&bpp=14&bdt=315&idt=114&shv=r20220209&mjsv=m202202030101&ptt=5&saldr=sa&abxe=1&correlator=2457399506595&frm=20&pv=2&ga_vid=2146188187.1644564678&ga_sid=1644564678&ga_hid=1164196656&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=988&ady=16&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44753658%2C31064733%2C31063221&oid=2&pvsid=2549612257913985&pem=840&tmod=241333868&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Q3gy018JbD&p=https%3A//timedopovo.tk&dtd=127
Frame ID: F16F476BE6F535669BAA7425F0E76336
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&adk=1812271804&adf=3025194257&lmt=1644564678&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftimedopovo.tk%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644564678103&bpp=1&bdt=363&idt=83&shv=r20220209&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=284x60&nras=1&correlator=2457399506595&frm=20&pv=1&ga_vid=2146188187.1644564678&ga_sid=1644564678&ga_hid=1164196656&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44753658%2C31064733%2C31063221&oid=2&pvsid=2549612257913985&pem=840&tmod=241333868&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=2&uci=a!2&fsb=1&dtd=88
Frame ID: F9302685C4582CFBB7A4A1DB4A8C83E1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3432341997211165&output=html&h=280&slotname=8825380003&adk=3290701847&adf=215310249&pi=t.ma~as.8825380003&w=1000&fwrn=4&fwrnh=100&lmt=1644564678&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644564678106&bpp=2&bdt=367&idt=97&shv=r20220209&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=284x60%2C0x0&nras=1&correlator=2457399506595&frm=20&pv=2&ga_vid=2146188187.1644564678&ga_sid=1644564678&ga_hid=1164196656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=308&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44753658%2C31064733%2C31063221&oid=2&pvsid=2549612257913985&pem=840&tmod=241333868&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&fsb=1&xpc=EhCwDd7u4C&p=https%3A//timedopovo.tk&dtd=100
Frame ID: 465C0980C84EA4FEBC1D14D97EDBB55F
Requests: 15 HTTP requests in this frame

Frame: https://adds.livreuso.tk/anuncios//show_i.php?a=529&z=29&c=1&adurl=14007&target=_blank
Frame ID: D0BA736BA244F23BC68971F185F9C194
Requests: 3 HTTP requests in this frame

Frame: https://ad.lomadee.com/banner/view?sourceId=35923256&dimension=1&width=728&height=90&method=0&advertisers=&tags=
Frame ID: EEC1F2CB1CFD6FEF34F45B0C7CA9E2FF
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=240&adk=4071009227&adf=2944978207&pi=t.aa~a.795276990~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1644564678&rafmt=1&to=qs&pwprc=3910530028&psa=0&format=300x240&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644564678770&bpp=1&bdt=1030&idt=-M&shv=r20220209&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3143a9ff7a45ae31-2275a46e3ccd005e%3AT%3D1644564678%3ART%3D1644564678%3AS%3DALNI_Mbnpe9E63v7Z0G7yPTcSsXUf-j4tg&prev_fmts=284x60%2C0x0%2C1000x280&nras=2&correlator=2457399506595&frm=20&pv=1&ga_vid=2146188187.1644564678&ga_sid=1644564678&ga_hid=1164196656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44753658%2C31064733%2C31063221&oid=2&pvsid=2549612257913985&pem=840&tmod=241333868&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=PLzN6vGsSb&p=https%3A//timedopovo.tk&dtd=11
Frame ID: B7DC52EE724A503E5265DA8F21FCB552
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=100&adk=702956917&adf=3434027193&pi=t.aa~a.1445354789~rp.1&w=540&fwrn=4&fwrnh=100&lmt=1644564678&rafmt=1&to=qs&pwprc=3910530028&psa=0&format=540x100&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644564678770&bpp=1&bdt=1030&idt=0&shv=r20220209&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3143a9ff7a45ae31-2275a46e3ccd005e%3AT%3D1644564678%3ART%3D1644564678%3AS%3DALNI_Mbnpe9E63v7Z0G7yPTcSsXUf-j4tg&prev_fmts=284x60%2C0x0%2C1000x280%2C300x240&nras=3&correlator=2457399506595&frm=20&pv=1&ga_vid=2146188187.1644564678&ga_sid=1644564678&ga_hid=1164196656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=452&ady=1420&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44753658%2C31064733%2C31063221&oid=2&pvsid=2549612257913985&pem=840&tmod=241333868&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=9d26CxYTnn&p=https%3A//timedopovo.tk&dtd=16
Frame ID: 45BE0C50EA65C3601B29B9284FABEEFC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0E7E6402EAF5A9368BDD0AC04B6CAD1F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1
Frame ID: 82D492ACA1B281AD57A58106E4BA6E38
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1
Frame ID: 65221131A891E4DE70FB88A525E990D2
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js
Frame ID: 801E1FCB5B5CE789822025B4EBEE3C65
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FD7EB6D4E7A4D1C762FB1393DFF04A27
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: D5F4259F32E2593BEC50048E5BC31FA1
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js
Frame ID: F27B0691F7B7801745965B82810C8CEB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js
Frame ID: 68603CB39C5BC9D8A640B0A7FAE278BF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16984510133100292972/468x60/index.html
Frame ID: C4CDF9391DE4E905818302C71953BB2E
Requests: 6 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B26619510.315278222;dc_pre=CIT5neyQ9_UCFQiKdwodHBUALA;dc_trk_aid=508000753;dc_trk_cid=158642748;ord=3526686822;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Frame ID: EFEB7CB63EC07E61D078239B7110AA91
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js
Frame ID: 05B9F72E80F6C9E24483F0218F62B983
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D7307627E7ACC610F6AED47712B058BC
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2E200A6A9FEED6629707533200C05349
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js
Frame ID: 7AB19C1F4635995B65553D2B148C01B1
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like_box.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfdf8d96cc58b6%26domain%3Dtimedopovo.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftimedopovo.tk%252Ff2ce85e328b4228%26relation%3Dparent.parent&color_scheme=light&container_width=300&header=true&height=300&href=https%3A%2F%2Fwww.facebook.com%2Ftimedopovonews%3Fref%3Dhl&locale=pt_BR&sdk=joey&show_border=true&show_faces=true&stream=false&width=300&_rdc=1&_rdr
Frame ID: CDB37B4C84B15970AD4096EDAD6FB8D6
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 508556E95E37DC515E37A5D66E2C0A4B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6F4675D7D8149EE836922E704DBA7205
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Time Do Povo

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Twitter Emoji (Twemoji) (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

twemoji(?:\.min)?\.js

WP-Statistics (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<!-- Analytics by WP-Statistics v([\d.]+) -

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

168
Requests

82 %
HTTPS

56 %
IPv6

26
Domains

35
Subdomains

26
IPs

6
Countries

2114 kB
Transfer

5201 kB
Size

22
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://www.timedopovo.tk/category/ultimasnoticias/
Title: Últimas notícias

Search URL Search Domain Scan URL

URL: https://www.facebook.com/timedopovonews

Search URL Search Domain Scan URL

URL: http://twitter.com/#!/time_do_povo

Search URL Search Domain Scan URL

URL: http://feeds.feedburner.com/TimeDoPovo

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/TimeDoPovoCom

Search URL Search Domain Scan URL

URL: https://indexanetwork.go2cloud.org/aff_c?offer_id=2580&aff_id=1321&file_id=46468

Search URL Search Domain Scan URL

URL: http://www.timedopovo.tk/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_64,h_64/https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/facebook.png HTTP 302
https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/facebook.png

Request Chain 9

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_64,h_64/https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/twitter.png HTTP 302
https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/twitter.png

Request Chain 10

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_64,h_64/https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/rss.png HTTP 302
https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/rss.png

Request Chain 11

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_64,h_64/https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/youtube.png HTTP 302
https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/youtube.png

Request Chain 25

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://timedopovo.tk/wp-content/themes/crystalhosting/images/sidebarup.png HTTP 302
https://timedopovo.tk/wp-content/themes/crystalhosting/images/sidebarup.png

Request Chain 26

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://timedopovo.tk/wp-content/themes/crystalhosting/images/postindex.png HTTP 302
https://timedopovo.tk/wp-content/themes/crystalhosting/images/postindex.png

Request Chain 27

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://timedopovo.tk/wp-content/themes/crystalhosting/images/postfim-2.png HTTP 302
https://timedopovo.tk/wp-content/themes/crystalhosting/images/postfim-2.png

Request Chain 28

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://timedopovo.tk/wp-content/themes/crystalhosting/images/sidebaruppp.png HTTP 302
https://timedopovo.tk/wp-content/themes/crystalhosting/images/sidebaruppp.png

Request Chain 29

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_150/https://timedopovo.tk/wp-content/uploads/2021/07/agenciacorinthians-foto-146342-1024x682-1-150x100.jpg HTTP 302
https://timedopovo.tk/wp-content/uploads/2021/07/agenciacorinthians-foto-146342-1024x682-1-150x100.jpg

Request Chain 30

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_150/https://timedopovo.tk/wp-content/uploads/2021/07/0002-150x100.jpg HTTP 302
https://timedopovo.tk/wp-content/uploads/2021/07/0002-150x100.jpg

Request Chain 31

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_150/https://timedopovo.tk/wp-content/uploads/2021/07/agenciacorinthians-foto-181530-1024x681-1-150x100.jpg HTTP 302
https://timedopovo.tk/wp-content/uploads/2021/07/agenciacorinthians-foto-181530-1024x681-1-150x100.jpg

Request Chain 32

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_160/https://timedopovo.tk/wp-content/uploads/2021/07/33e966bfc3e98wzmzawq9o40d960foeg2-635x397-1-160x100.jpg HTTP 302
https://timedopovo.tk/wp-content/uploads/2021/07/33e966bfc3e98wzmzawq9o40d960foeg2-635x397-1-160x100.jpg

Request Chain 33

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_145/https://timedopovo.tk/wp-content/uploads/2021/06/004-145x100.jpg HTTP 302
https://timedopovo.tk/wp-content/uploads/2021/06/004-145x100.jpg

Request Chain 34

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_144/https://timedopovo.tk/wp-content/uploads/2021/06/003-144x100.jpg HTTP 302
https://timedopovo.tk/wp-content/uploads/2021/06/003-144x100.jpg

Request Chain 35

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_147/https://timedopovo.tk/wp-content/uploads/2021/06/agenciacorinthians-foto-180450-1-1024x695-1-147x100.jpg HTTP 302
https://timedopovo.tk/wp-content/uploads/2021/06/agenciacorinthians-foto-180450-1-1024x695-1-147x100.jpg

Request Chain 36

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_147/https://timedopovo.tk/wp-content/uploads/2021/06/Se-entrar-em-campo-Ramiro-vai-completar-100-jogos-pelo-Corinthians-147x100.jpg HTTP 302
https://timedopovo.tk/wp-content/uploads/2021/06/Se-entrar-em-campo-Ramiro-vai-completar-100-jogos-pelo-Corinthians-147x100.jpg

Request Chain 80

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 107

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 111

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B26619510.315278222;dc_trk_aid=508000753;dc_trk_cid=158642748;ord=3526686822;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B26619510.315278222;dc_pre=CIT5neyQ9_UCFQiKdwodHBUALA;dc_trk_aid=508000753;dc_trk_cid=158642748;ord=3526686822;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 140

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 142

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPLOKdZyTLZPY8uaxnqatRjmiCE0FQrsHYDUrhiE5hj0gaqp0gL-c4_Mg7QuIVep0Bg3CJhpVXWdYo-un4_OtGPME5AM4luS&google_gid=CAESEBmmERJPoEhS3AImlS4WDVo&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCMehmJAGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBMT0tkWnlUTFpQWTh1YXhucWF0UmptaUNFMEZRcnNIWURVcmhpRTVoajBnYXFwMGdMLWM0X01nN1F1SVZlcDBCZzNDSmhwVlhXZFlvLXVuNF9PdEdQTUU1QU00bHVT HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwQmdyTlY2Y3NBNjlXeUpJMFZGOUFWV08zQjZyNE4xeXNGWlNuSVFQN2tfOA==&google_push

Request Chain 143

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIuNkbxQkCfyBv6pkT3x_rCinxbIIuwGdKyysB6UxYIUAmMumZj7yQhVYIao1zOc89C8nejVYAgXZMTiBtDc7vW0LhSllFG&google_gid=CAESENbdDT9ry3aQbYJ2iUu_1r4&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIuNkbxQkCfyBv6pkT3x_rCinxbIIuwGdKyysB6UxYIUAmMumZj7yQhVYIao1zOc89C8nejVYAgXZMTiBtDc7vW0LhSllFG&google_gid=CAESENbdDT9ry3aQbYJ2iUu_1r4&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAyMTEwNzMxMjAwMDAyNzQyNzMwNjAwNw%3D%3D&google_push=AYg5qPIuNkbxQkCfyBv6pkT3x_rCinxbIIuwGdKyysB6UxYIUAmMumZj7yQhVYIao1zOc89C8nejVYAgXZMTiBtDc7vW0LhSllFG

Request Chain 144

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAy0B7MCxMrSAZ3UpV2vnB0&google_cver=1&google_push=AYg5qPKqo84_xUhQqCr69W7ebdroWXjsTvZAwqesJo0INtA2eCXdwU53ycxWUlApNYuydsUDYI4ikTMbKlqQO9gj-tGUtTQHoCI7 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAy0B7MCxMrSAZ3UpV2vnB0&google_cver=1&google_push=AYg5qPKqo84_xUhQqCr69W7ebdroWXjsTvZAwqesJo0INtA2eCXdwU53ycxWUlApNYuydsUDYI4ikTMbKlqQO9gj-tGUtTQHoCI7&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Bwhl_D6nRDm3rHxMJlC4Bg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKqo84_xUhQqCr69W7ebdroWXjsTvZAwqesJo0INtA2eCXdwU53ycxWUlApNYuydsUDYI4ikTMbKlqQO9gj-tGUtTQHoCI7

Request Chain 145

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEN6NMT2DnPXcNpZ_6YDpR8k&google_cver=1&google_push=AYg5qPK6KcaPTst4Ux4gabdToNJxEf2lyq6Js4ST5J6gbpkTOHo_ZNkio32mQZBMru3QGPn5W-8qxLVVfwLm6H-CHwCtd5GqwZpx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pJM0NLOUUtMUktN0M0VQ==&google_push=AYg5qPK6KcaPTst4Ux4gabdToNJxEf2lyq6Js4ST5J6gbpkTOHo_ZNkio32mQZBMru3QGPn5W-8qxLVVfwLm6H-CHwCtd5GqwZpx

Request Chain 147

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESECvrr0XnOipzEkG_tpQhm7c&google_cver=1&google_push=AYg5qPLy48pVnVkpbIo2dMlcQQ4RkFpnfc0yNmJRc9OTO0r5ib0egaCd7cAndYLEBhB-QRNwndsMVKz6mmmLZsBREzFakmOqFuB8 HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLy48pVnVkpbIo2dMlcQQ4RkFpnfc0yNmJRc9OTO0r5ib0egaCd7cAndYLEBhB-QRNwndsMVKz6mmmLZsBREzFakmOqFuB8&google_hm=

Request Chain 151

https://web.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfdf8d96cc58b6%26domain%3Dtimedopovo.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftimedopovo.tk%252Ff2ce85e328b4228%26relation%3Dparent.parent&color_scheme=light&container_width=300&header=true&height=300&href=https%3A%2F%2Fwww.facebook.com%2Ftimedopovonews%3Fref%3Dhl&locale=pt_BR&sdk=joey&show_border=true&show_faces=true&stream=false&width=300 HTTP 302
https://www.facebook.com/plugins/like_box.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfdf8d96cc58b6%26domain%3Dtimedopovo.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftimedopovo.tk%252Ff2ce85e328b4228%26relation%3Dparent.parent&color_scheme=light&container_width=300&header=true&height=300&href=https%3A%2F%2Fwww.facebook.com%2Ftimedopovonews%3Fref%3Dhl&locale=pt_BR&sdk=joey&show_border=true&show_faces=true&stream=false&width=300&_rdc=1&_rdr

168 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
timedopovo.tk/ 47 KB
11 KB 1554ms
1488ms Document
text/html 31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL

https://timedopovo.tk/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),

Reverse DNS

sv46.byethost46.org

Software

nginx /

Resource Hash

308fafbb97005866373f59bd43ae3a6d0f97b6fc0bf6ea99e4b753bc41de550a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

server: nginx
date: Fri, 11 Feb 2022 07:31:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://timedopovo.tk/wp-json/>; rel="https://api.w.org/"
cache-control: max-age=0
expires: Fri, 11 Feb 2022 07:31:15 GMT
content-encoding: br

GET
H2 200 autoptimize_b29b1f69340b6254e65047bbb2ef974d.css
timedopovo.tk/wp-content/cache/autoptimize/css/ 17 KB
3 KB 85ms
84ms Stylesheet
text/css 31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://timedopovo.tk/wp-content/cache/autoptimize/css/autoptimize_b29b1f69340b6254e65047bbb2ef974d.css
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: f356c1330b17335df99dda5bb53bfd858ff27b903d555e9edb775b2c08d0b357

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:17 GMT
content-encoding: gzip
last-modified: Tue, 23 Mar 2021 15:58:14 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=30672000, public, immutable, public, proxy-revalidate
accept-ranges: bytes
content-length: 3012
expires: Wed, 01 Feb 2023 07:31:17 GMT

GET
H2 200 autoptimize_f4db39f018aeddfe8271b0d5d2502cab.css
timedopovo.tk/wp-content/cache/autoptimize/css/ 91 KB
16 KB 85ms
85ms Stylesheet
text/css 31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://timedopovo.tk/wp-content/cache/autoptimize/css/autoptimize_f4db39f018aeddfe8271b0d5d2502cab.css
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 87852b2933a18f87f4632a086a928e734c9e8ab17d09725d327906c5a42ee4c6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:17 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 13:29:50 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=30672000, public, immutable, public, proxy-revalidate
accept-ranges: bytes
content-length: 16009
expires: Wed, 01 Feb 2023 07:31:17 GMT

GET
H2 200 jquery.js Show response
timedopovo.tk/wp-includes/js/jquery/ 281 KB
84 KB 48ms
48ms Script
application/javascript 31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://timedopovo.tk/wp-includes/js/jquery/jquery.js?ver=3.5.1
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 86f937a29eaee70aaf9935799a414bea46c62fb136cc0465f63f9d6820cf4982

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:17 GMT
content-encoding: br
last-modified: Tue, 23 Feb 2021 22:25:34 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
expires: Sun, 13 Mar 2022 07:31:17 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
53 KB 176ms
97ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: timedopovo.tk
URL: https://timedopovo.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e766b79dd1379bd7d253af61cc08ec4b6cb358e6a85fcd292ba4836ac7fc831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53824
x-xss-protection: 0
server: cafe
etag: 5150775803198772183
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 07:31:17 GMT

GET
H2 200 logotdp.png
www.timedopovo.tk/ 31 KB
31 KB 141ms
53ms Image
image/png 31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.timedopovo.tk/logotdp.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: fc08809552becc11633f8ae84e133f62f1ee23689f6aa71d532ed5ab3ac3d821

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:17 GMT
last-modified: Fri, 06 Apr 2018 00:39:56 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 31497
expires: Sun, 13 Mar 2022 07:31:17 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 113 KB
39 KB 137ms
54ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: timedopovo.tk
URL: https://timedopovo.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d80fab5ee1d7f0b78ba152171751dddd04cf3b4bfb9b7f83a16a9c4f0e8e33c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39874
x-xss-protection: 0
server: cafe
etag: 12243760127574318247
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 07:31:17 GMT

GET
H2 200 vercompleto.png
www.timedopovo.tk/wp-content/themes/crystalhosting/images/ 9 KB
9 KB 139ms
52ms Image
image/png 31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.timedopovo.tk/wp-content/themes/crystalhosting/images/vercompleto.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 986037628ef2f713282cdf6658e45f2d778e374635e2b7b6ec0f3e2fd9281ba3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:17 GMT
last-modified: Fri, 06 Apr 2018 00:41:57 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 9074
expires: Sun, 13 Mar 2022 07:31:17 GMT

GET
H2 200 escudo.png
www.timedopovo.tk/ 46 KB
46 KB 135ms
47ms Image
image/png 31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.timedopovo.tk/escudo.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: ce2c2f487561a1e72f77b2c28bdf121fef04e9c7d3189f5affd499a3a8a77db5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:17 GMT
last-modified: Fri, 06 Apr 2018 00:46:34 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 46795
expires: Sun, 13 Mar 2022 07:31:17 GMT

GET
H2

200

facebook.png
timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_64,h_64/https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/facebook.png
https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/facebook.png

763 B
957 B

46ms
45ms

Image
image/png

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/facebook.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: b8e86c44c2f2cc0f6d192de5b6a94b23e3c60db1117bed35701ae1e7ec6cfe5a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:18 GMT
last-modified: Fri, 06 Apr 2018 00:40:17 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 763
expires: Sun, 13 Mar 2022 07:31:18 GMT

Redirect headers

date: Fri, 11 Feb 2022 07:31:18 GMT
cdn-edgestorageid: 463
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 02/08/2022 11:19:05
cdn-pullzone: 257218
cdn-tag: 0; Domain: timedopovo.tk; 302
content-length: 0
server: BunnyCDN-IL1-463
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/facebook.png
content-type: text/html; charset=utf-8
cdn-cache: STALE
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: 4e23a2ad2a3812993a3135e4a3f4e2da
cdn-requestcountrycode: GB
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

twitter.png
timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_64,h_64/https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/twitter.png
https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/twitter.png

1 KB
2 KB

60ms
58ms

Image
image/png

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/twitter.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 7961fb8e2c56c456004b8621329bcc73e2030785eb88be511bec404c80a659b7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:18 GMT
last-modified: Fri, 06 Apr 2018 00:40:17 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 1342
expires: Sun, 13 Mar 2022 07:31:18 GMT

Redirect headers

date: Fri, 11 Feb 2022 07:31:18 GMT
cdn-edgestorageid: 463
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 02/10/2022 12:49:46
cdn-pullzone: 257218
cdn-tag: 0; Domain: timedopovo.tk; 302
content-length: 0
server: BunnyCDN-IL1-463
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/twitter.png
content-type: text/html; charset=utf-8
cdn-cache: HIT
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: a0650a3a7ca860177e0abcc3b09dd711
cdn-requestcountrycode: GB
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

rss.png
timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_64,h_64/https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/rss.png
https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/rss.png

3 KB
3 KB

51ms
50ms

Image
image/png

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/rss.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 6bd760dc672e6d692fd30cca41e3629ab4c67d24fde1d13d2b3d5744fd06f351

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:18 GMT
last-modified: Fri, 06 Apr 2018 00:40:17 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 2746
expires: Sun, 13 Mar 2022 07:31:18 GMT

Redirect headers

date: Fri, 11 Feb 2022 07:31:18 GMT
cdn-edgestorageid: 463
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 02/10/2022 12:49:47
cdn-pullzone: 257218
cdn-tag: 0; Domain: timedopovo.tk; 302
content-length: 0
server: BunnyCDN-IL1-463
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/rss.png
content-type: text/html; charset=utf-8
cdn-cache: HIT
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: 45da42c2b4a5d46d710988479561ddba
cdn-requestcountrycode: GB
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

youtube.png
timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_64,h_64/https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/youtube.png
https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/youtube.png

3 KB
3 KB

48ms
48ms

Image
image/png

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/youtube.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 70026657c87a5132b6a431dff968771873d699737fb63c32af45f5790a1a38c3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:18 GMT
last-modified: Fri, 06 Apr 2018 00:40:17 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 3229
expires: Sun, 13 Mar 2022 07:31:18 GMT

Redirect headers

date: Fri, 11 Feb 2022 07:31:18 GMT
cdn-edgestorageid: 463
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 02/10/2022 08:16:05
cdn-pullzone: 257218
cdn-tag: 0; Domain: timedopovo.tk; 302
content-length: 0
server: BunnyCDN-IL1-463
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/youtube.png
content-type: text/html; charset=utf-8
cdn-cache: HIT
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: dbab016de500ec97e109470dbafbebad
cdn-requestcountrycode: GB
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2 200 300x250-REFRESH_OFERTA_300_MEGA_ALL-TYPE_26_11.png
media.go2speed.org/brand/files/indexanetwork/2580/ 77 KB
77 KB 593ms
489ms Image
image/png 108.157.4.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.go2speed.org/brand/files/indexanetwork/2580/300x250-REFRESH_OFERTA_300_MEGA_ALL-TYPE_26_11.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-7.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a08922f7698f6a95eea3c8123b08d4187f4ffd54d300c39b17e8f6315c132d9d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 11 Feb 2022 07:31:19 GMT
via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
last-modified: Wed, 19 Jan 2022 19:14:21 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
etag: "df0a70fd8e039021636730b4f835eee2"
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 78498
x-amz-cf-id: KJ8qkFOx7HMAgaCKflx8RouIYwa_eXv9vwBfRDHf23tKJwOlDT4oyw==

GET
H/1.1 200
OK aff_i
indexanetwork.go2cloud.org/ 43 B
523 B 163ms
36ms Image
image/gif 52.210.174.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indexanetwork.go2cloud.org/aff_i?offer_id=2580&file_id=46468&aff_id=1321
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.174.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-174-128.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 07:31:18 GMT
Content-Encoding: gzip
Server: nginx
Tracking_id: 102308c108f814adf08d639482977b
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Tune-SDK-Version
X-Request-Id: c85a448f12288e567224821120b51d20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 logo.gif
www.timedopovo.tk/ 259 KB
260 KB 99ms
62ms Image
image/gif 31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.timedopovo.tk/logo.gif
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 74a14c3c9efff84398be5969f5ed596e76fd40786aa034907d67e2cafbf746d6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:17 GMT
last-modified: Fri, 06 Apr 2018 00:46:39 GMT
server: nginx
content-type: image/gif
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 265726
expires: Sun, 13 Mar 2022 07:31:17 GMT

GET
H2 200 autoptimize_6ccab22e2ababbb6f9254f9d76a105cd.js Show response
timedopovo.tk/wp-content/cache/autoptimize/js/ 25 KB
8 KB 49ms
48ms Script
application/javascript 31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://timedopovo.tk/wp-content/cache/autoptimize/js/autoptimize_6ccab22e2ababbb6f9254f9d76a105cd.js
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 095141e7068ce4b679b220eb6c6ba5d4c49102c2343dbb9b71569c5e84a59079

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:17 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 13:29:50 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=30672000, public, immutable, public, proxy-revalidate, public, proxy-revalidate
accept-ranges: bytes
content-length: 8158
expires: Wed, 01 Feb 2023 07:31:17 GMT

GET
H2 200 twemoji.js Show response
timedopovo.tk/wp-includes/js/ 27 KB
8 KB 60ms
59ms Script
application/javascript 31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://timedopovo.tk/wp-includes/js/twemoji.js?ver=5.7.5
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: e98cd00e7be004c4360ad0c38471911312d74a117babcc29f239935afc80c8cb

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:17 GMT
content-encoding: br
last-modified: Tue, 23 Feb 2021 22:25:34 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
expires: Sun, 13 Mar 2022 07:31:17 GMT

GET
H2 200 wp-emoji.js Show response
timedopovo.tk/wp-includes/js/ 9 KB
4 KB 58ms
57ms Script
application/javascript 31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://timedopovo.tk/wp-includes/js/wp-emoji.js?ver=5.7.5
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: e503c59c36fc19803b2e9572b10e7c06236bda692aebd97f29e2a5a96f9aa5b6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:17 GMT
content-encoding: br
last-modified: Sun, 03 May 2020 16:41:02 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
expires: Sun, 13 Mar 2022 07:31:17 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 120ms
36ms Script
text/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: timedopovo.tk
URL: https://timedopovo.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1729
date: Fri, 11 Feb 2022 07:02:29 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 11 Feb 2022 09:02:29 GMT

GET
H2 200 all.js Show response
connect.facebook.net/pt_BR/ 3 KB
2 KB 116ms
35ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/all.js

Requested by

Host: timedopovo.tk
URL: https://timedopovo.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa21aa2159bc927338cb7dd69765ce181333573dfa87866a44f2332873efbcd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: aKOcDp3MbJZFZEhFZK7A5A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: tCtwi/sksfVaqPn1OdRx27hCcrhFg8QJCmmObpLrLsbFXmqJ0g0XIPhmT+rtpaJYByWbqcBTaSRc0gjAAe2AUQ==
x-fb-trip-id: 917726464
x-fb-content-md5: 777e2b6d37c96f50b813db41e3e8116c
x-frame-options: DENY
date: Fri, 11 Feb 2022 07:31:18 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "5122e51467e77ab1fd4f7b85cd5cc4f0"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 11 Feb 2022 07:35:04 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/ 289 KB
104 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9397577970694762&plah=timedopovo.tk

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5bf00b60bfba49cf4bbce90cbb43a26e569e034eafaaaed86199a0be12f73c03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106380
x-xss-protection: 0
server: cafe
etag: 11563787120978492434
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 07:31:18 GMT

GET query_renderer.js
www.google.com/cse/ 0
0

GET js
www.google.com/cse/api/partner-pub-3432341997211165/cse/6624308046/queries/ 0
0

GET show_afs_search.js
www.google.com/afsonline/ 0
0

GET show_ads.js
pagead2.googlesyndication.com/pagead/ 0
0

GET
H2

200

sidebarup.png
timedopovo.tk/wp-content/themes/crystalhosting/images/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://timedopovo.tk/wp-content/themes/crystalhosting/images/sidebarup.png
https://timedopovo.tk/wp-content/themes/crystalhosting/images/sidebarup.png

3 KB
3 KB

46ms
46ms

Image
image/png

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/themes/crystalhosting/images/sidebarup.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/wp-content/cache/autoptimize/css/autoptimize_f4db39f018aeddfe8271b0d5d2502cab.css
Protocol: H2
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: cbd509669e176f744af1c69d7c339e14127f4be4c59185d6c5ba6fe448fca6f9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:18 GMT
last-modified: Fri, 06 Apr 2018 00:41:57 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 3225
expires: Sun, 13 Mar 2022 07:31:18 GMT

Redirect headers

date: Fri, 11 Feb 2022 07:31:18 GMT
cdn-edgestorageid: 463
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 02/08/2022 11:19:05
cdn-pullzone: 257218
cdn-tag: 0; Domain: timedopovo.tk; 302
content-length: 0
server: BunnyCDN-IL1-463
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://timedopovo.tk/wp-content/themes/crystalhosting/images/sidebarup.png
content-type: text/html; charset=utf-8
cdn-cache: STALE
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: 3fe89aba1f44d39cb74b510c020c17bb
cdn-requestcountrycode: GB
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

postindex.png
timedopovo.tk/wp-content/themes/crystalhosting/images/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://timedopovo.tk/wp-content/themes/crystalhosting/images/postindex.png
https://timedopovo.tk/wp-content/themes/crystalhosting/images/postindex.png

8 KB
8 KB

49ms
48ms

Image
image/png

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/themes/crystalhosting/images/postindex.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/wp-content/cache/autoptimize/css/autoptimize_f4db39f018aeddfe8271b0d5d2502cab.css
Protocol: H2
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 64ad2b889e573ea0f48d0c21a22e7dbc47d08ca54dff2091e418e9b4b418be14

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:18 GMT
last-modified: Fri, 06 Apr 2018 00:41:57 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 7795
expires: Sun, 13 Mar 2022 07:31:18 GMT

Redirect headers

date: Fri, 11 Feb 2022 07:31:18 GMT
cdn-edgestorageid: 463
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 02/09/2022 16:20:58
cdn-pullzone: 257218
cdn-tag: 0; Domain: timedopovo.tk; 302
content-length: 0
server: BunnyCDN-IL1-463
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://timedopovo.tk/wp-content/themes/crystalhosting/images/postindex.png
content-type: text/html; charset=utf-8
cdn-cache: STALE
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: 53bb044773a9f179d08275c4e6669f6d
cdn-requestcountrycode: GB
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

postfim-2.png
timedopovo.tk/wp-content/themes/crystalhosting/images/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://timedopovo.tk/wp-content/themes/crystalhosting/images/postfim-2.png
https://timedopovo.tk/wp-content/themes/crystalhosting/images/postfim-2.png

3 KB
3 KB

46ms
46ms

Image
image/png

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/themes/crystalhosting/images/postfim-2.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/wp-content/cache/autoptimize/css/autoptimize_f4db39f018aeddfe8271b0d5d2502cab.css
Protocol: H2
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 5a02e2246cb69facdac93ae2789f172c7ad079808db6bf62f41af6c6c2857a95

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:18 GMT
last-modified: Fri, 06 Apr 2018 00:41:57 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 3249
expires: Sun, 13 Mar 2022 07:31:18 GMT

Redirect headers

date: Fri, 11 Feb 2022 07:31:18 GMT
cdn-edgestorageid: 463
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 02/10/2022 12:49:47
cdn-pullzone: 257218
cdn-tag: 0; Domain: timedopovo.tk; 302
content-length: 0
server: BunnyCDN-IL1-463
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://timedopovo.tk/wp-content/themes/crystalhosting/images/postfim-2.png
content-type: text/html; charset=utf-8
cdn-cache: HIT
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: acb230ae7757a47020a4d76ed4b12d6b
cdn-requestcountrycode: GB
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

sidebaruppp.png
timedopovo.tk/wp-content/themes/crystalhosting/images/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://timedopovo.tk/wp-content/themes/crystalhosting/images/sidebaruppp.png
https://timedopovo.tk/wp-content/themes/crystalhosting/images/sidebaruppp.png

3 KB
3 KB

53ms
52ms

Image
image/png

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/themes/crystalhosting/images/sidebaruppp.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/wp-content/cache/autoptimize/css/autoptimize_f4db39f018aeddfe8271b0d5d2502cab.css
Protocol: H2
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 2ef3959264092b72de9339f88c90054eed3c2c83a3e755b058df53ce75310ee7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:18 GMT
last-modified: Fri, 06 Apr 2018 00:41:57 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 3281
expires: Sun, 13 Mar 2022 07:31:18 GMT

Redirect headers

date: Fri, 11 Feb 2022 07:31:18 GMT
cdn-edgestorageid: 463
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 02/10/2022 12:49:47
cdn-pullzone: 257218
cdn-tag: 0; Domain: timedopovo.tk; 302
content-length: 0
server: BunnyCDN-IL1-463
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://timedopovo.tk/wp-content/themes/crystalhosting/images/sidebaruppp.png
content-type: text/html; charset=utf-8
cdn-cache: HIT
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: ac98a167f4ecb26d363266f1e5e39db6
cdn-requestcountrycode: GB
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

agenciacorinthians-foto-146342-1024x682-1-150x100.jpg
timedopovo.tk/wp-content/uploads/2021/07/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_150/https://timedopovo.tk/wp-content/uploads/2021/07/agenciacorinthians-foto-146342-1024x682-1-150x100.jpg
https://timedopovo.tk/wp-content/uploads/2021/07/agenciacorinthians-foto-146342-1024x682-1-150x100.jpg

5 KB
5 KB

46ms
46ms

Image
image/jpeg

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/uploads/2021/07/agenciacorinthians-foto-146342-1024x682-1-150x100.jpg
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 88f99f7451346524594c256652e87a14571331976592d46fd6a9b03c71cff121

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:18 GMT
last-modified: Wed, 07 Jul 2021 12:20:07 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 5251
expires: Sun, 13 Mar 2022 07:31:18 GMT

Redirect headers

date: Fri, 11 Feb 2022 07:31:18 GMT
cdn-edgestorageid: 463
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 02/09/2022 16:20:57
cdn-pullzone: 257218
cdn-tag: 0; Domain: timedopovo.tk; 302
content-length: 0
server: BunnyCDN-IL1-463
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://timedopovo.tk/wp-content/uploads/2021/07/agenciacorinthians-foto-146342-1024x682-1-150x100.jpg
content-type: text/html; charset=utf-8
cdn-cache: STALE
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: d5781f35db47d1579a9bb88e28020365
cdn-requestcountrycode: GB
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

0002-150x100.jpg
timedopovo.tk/wp-content/uploads/2021/07/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_150/https://timedopovo.tk/wp-content/uploads/2021/07/0002-150x100.jpg
https://timedopovo.tk/wp-content/uploads/2021/07/0002-150x100.jpg

5 KB
5 KB

52ms
52ms

Image
image/jpeg

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/uploads/2021/07/0002-150x100.jpg
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: fa4921b4a9286703010ab2a2f33064e6fca5b1430791d0876c8269ea0bb85269

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:18 GMT
last-modified: Wed, 07 Jul 2021 12:14:52 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 5168
expires: Sun, 13 Mar 2022 07:31:18 GMT

Redirect headers

date: Fri, 11 Feb 2022 07:31:18 GMT
cdn-edgestorageid: 463
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 02/09/2022 05:04:50
cdn-pullzone: 257218
cdn-tag: 0; Domain: timedopovo.tk; 302
content-length: 0
server: BunnyCDN-IL1-463
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://timedopovo.tk/wp-content/uploads/2021/07/0002-150x100.jpg
content-type: text/html; charset=utf-8
cdn-cache: STALE
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: cc12e2fbfb6d38e6babf47ccd2a0c7f8
cdn-requestcountrycode: GB
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

agenciacorinthians-foto-181530-1024x681-1-150x100.jpg
timedopovo.tk/wp-content/uploads/2021/07/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_150/https://timedopovo.tk/wp-content/uploads/2021/07/agenciacorinthians-foto-181530-1024x681-1-150x100.jpg
https://timedopovo.tk/wp-content/uploads/2021/07/agenciacorinthians-foto-181530-1024x681-1-150x100.jpg

4 KB
4 KB

47ms
47ms

Image
image/jpeg

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/uploads/2021/07/agenciacorinthians-foto-181530-1024x681-1-150x100.jpg
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 63b0d31f6c1c010ab66aac9a67e7a94c289b26088c583fa9ef41a63b6fb5f564

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:18 GMT
last-modified: Wed, 07 Jul 2021 12:09:15 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 3874
expires: Sun, 13 Mar 2022 07:31:18 GMT

Redirect headers

date: Fri, 11 Feb 2022 07:31:18 GMT
cdn-edgestorageid: 463
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 02/09/2022 16:20:58
cdn-pullzone: 257218
cdn-tag: 0; Domain: timedopovo.tk; 302
content-length: 0
server: BunnyCDN-IL1-463
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://timedopovo.tk/wp-content/uploads/2021/07/agenciacorinthians-foto-181530-1024x681-1-150x100.jpg
content-type: text/html; charset=utf-8
cdn-cache: STALE
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: 5a188c875133dfb6191a1c3e6d5b683c
cdn-requestcountrycode: GB
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

33e966bfc3e98wzmzawq9o40d960foeg2-635x397-1-160x100.jpg
timedopovo.tk/wp-content/uploads/2021/07/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_160/https://timedopovo.tk/wp-content/uploads/2021/07/33e966bfc3e98wzmzawq9o40d960foeg2-635x397-1-160x100.jpg
https://timedopovo.tk/wp-content/uploads/2021/07/33e966bfc3e98wzmzawq9o40d960foeg2-635x397-1-160x100.jpg

6 KB
6 KB

59ms
59ms

Image
image/jpeg

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/uploads/2021/07/33e966bfc3e98wzmzawq9o40d960foeg2-635x397-1-160x100.jpg
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: d21420e670e9be893b2af1fb01238a93a8269df2b7b771566ee614093ecf2d73

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:18 GMT
last-modified: Sun, 04 Jul 2021 12:47:22 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 5707
expires: Sun, 13 Mar 2022 07:31:18 GMT

Redirect headers

date: Fri, 11 Feb 2022 07:31:18 GMT
cdn-edgestorageid: 463
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 02/10/2022 12:49:48
cdn-pullzone: 257218
cdn-tag: 0; Domain: timedopovo.tk; 302
content-length: 0
server: BunnyCDN-IL1-463
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://timedopovo.tk/wp-content/uploads/2021/07/33e966bfc3e98wzmzawq9o40d960foeg2-635x397-1-160x100.jpg
content-type: text/html; charset=utf-8
cdn-cache: HIT
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: f8f91763645ddb122d0c35c43735a744
cdn-requestcountrycode: GB
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

004-145x100.jpg
timedopovo.tk/wp-content/uploads/2021/06/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_145/https://timedopovo.tk/wp-content/uploads/2021/06/004-145x100.jpg
https://timedopovo.tk/wp-content/uploads/2021/06/004-145x100.jpg

4 KB
5 KB

50ms
49ms

Image
image/jpeg

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/uploads/2021/06/004-145x100.jpg
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 23f91e8fed1b07720dbb269a526666a72ca20e4af6388c95757f7469229708dd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:18 GMT
last-modified: Wed, 09 Jun 2021 12:19:41 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 4416
expires: Sun, 13 Mar 2022 07:31:18 GMT

Redirect headers

date: Fri, 11 Feb 2022 07:31:18 GMT
cdn-edgestorageid: 463
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 02/08/2022 21:24:29
cdn-pullzone: 257218
cdn-tag: 0; Domain: timedopovo.tk; 302
content-length: 0
server: BunnyCDN-IL1-463
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://timedopovo.tk/wp-content/uploads/2021/06/004-145x100.jpg
content-type: text/html; charset=utf-8
cdn-cache: STALE
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: 1d5adbf170fe2ff9130bee187704e515
cdn-requestcountrycode: GB
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

003-144x100.jpg
timedopovo.tk/wp-content/uploads/2021/06/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_144/https://timedopovo.tk/wp-content/uploads/2021/06/003-144x100.jpg
https://timedopovo.tk/wp-content/uploads/2021/06/003-144x100.jpg

4 KB
5 KB

46ms
46ms

Image
image/jpeg

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/uploads/2021/06/003-144x100.jpg
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: b57245994e1df062a0eb10265547e7d49d7e3007df0c1f409dd34a42e78430e6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:18 GMT
last-modified: Fri, 04 Jun 2021 17:53:38 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 4476
expires: Sun, 13 Mar 2022 07:31:18 GMT

Redirect headers

date: Fri, 11 Feb 2022 07:31:18 GMT
cdn-edgestorageid: 463
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 02/09/2022 16:20:57
cdn-pullzone: 257218
cdn-tag: 0; Domain: timedopovo.tk; 302
content-length: 0
server: BunnyCDN-IL1-463
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://timedopovo.tk/wp-content/uploads/2021/06/003-144x100.jpg
content-type: text/html; charset=utf-8
cdn-cache: STALE
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: af5512a70b484a5dff4037d55bc6e1ab
cdn-requestcountrycode: GB
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

agenciacorinthians-foto-180450-1-1024x695-1-147x100.jpg
timedopovo.tk/wp-content/uploads/2021/06/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_147/https://timedopovo.tk/wp-content/uploads/2021/06/agenciacorinthians-foto-180450-1-1024x695-1-147x100.jpg
https://timedopovo.tk/wp-content/uploads/2021/06/agenciacorinthians-foto-180450-1-1024x695-1-147x100.jpg

5 KB
5 KB

52ms
51ms

Image
image/jpeg

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/uploads/2021/06/agenciacorinthians-foto-180450-1-1024x695-1-147x100.jpg
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: dcdf89c03c77ddfecca983f3193527d5ecadb6703589b8cdd0ba77ff0928ef2c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:18 GMT
last-modified: Fri, 04 Jun 2021 17:49:39 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 5414
expires: Sun, 13 Mar 2022 07:31:18 GMT

Redirect headers

date: Fri, 11 Feb 2022 07:31:18 GMT
cdn-edgestorageid: 463
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 02/08/2022 21:24:29
cdn-pullzone: 257218
cdn-tag: 0; Domain: timedopovo.tk; 302
content-length: 0
server: BunnyCDN-IL1-463
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://timedopovo.tk/wp-content/uploads/2021/06/agenciacorinthians-foto-180450-1-1024x695-1-147x100.jpg
content-type: text/html; charset=utf-8
cdn-cache: STALE
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: c7ded41e4410b199cab41b2b8c5648ad
cdn-requestcountrycode: GB
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

Se-entrar-em-campo-Ramiro-vai-completar-100-jogos-pelo-Corinthians-147x100.jpg
timedopovo.tk/wp-content/uploads/2021/06/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_147/https://timedopovo.tk/wp-content/uploads/2021/06/Se-entrar-em-campo-Ramiro-vai-completar-100-jogos-pelo-Corinthians-147x100.jpg
https://timedopovo.tk/wp-content/uploads/2021/06/Se-entrar-em-campo-Ramiro-vai-completar-100-jogos-pelo-Corinthians-147x100.jpg

5 KB
5 KB

46ms
46ms

Image
image/jpeg

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/uploads/2021/06/Se-entrar-em-campo-Ramiro-vai-completar-100-jogos-pelo-Corinthians-147x100.jpg
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: a984aa4dd8ef7b364554086f53750aadfeee7e5eb91194afa2b68eb776d7d090

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:18 GMT
last-modified: Wed, 02 Jun 2021 12:16:17 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 4680
expires: Sun, 13 Mar 2022 07:31:18 GMT

Redirect headers

date: Fri, 11 Feb 2022 07:31:18 GMT
cdn-edgestorageid: 463
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 02/10/2022 12:49:48
cdn-pullzone: 257218
cdn-tag: 0; Domain: timedopovo.tk; 302
content-length: 0
server: BunnyCDN-IL1-463
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://timedopovo.tk/wp-content/uploads/2021/06/Se-entrar-em-campo-Ramiro-vai-completar-100-jogos-pelo-Corinthians-147x100.jpg
content-type: text/html; charset=utf-8
cdn-cache: HIT
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: d851f9aff37cb8a79f20763a3ee58278
cdn-requestcountrycode: GB
cdn-status: 302
cdn-requestpullsuccess: True

GET brand
www.google.com.br/coop/cse/ 0
0

GET
H2 200 show.php Show response
adds.livreuso.tk/anuncios// 483 B
488 B 205ms
71ms Script
text/html 31.22.4.94
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://adds.livreuso.tk/anuncios//show.php?z=29&j=1&code=1644564678092
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.94 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv23.byethost23.org
Software: nginx /
Resource Hash: 0f30bd9e991d10df533fb56030e4d7135c5d45e70b4003d4340a218258d4e745

Request headers

Referer: https://timedopovo.tk/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 07:31:17 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
content-type: text/html
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220209/r20190131/ Frame ADEC 10 KB
5 KB 113ms
35ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220209/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Thu, 10 Feb 2022 23:18:13 GMT
expires: Thu, 24 Feb 2022 23:18:13 GMT
cache-control: public, max-age=1209600
age: 29585
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 all.js Show response
connect.facebook.net/pt_BR/ 285 KB
80 KB 75ms
37ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/all.js?hash=25ee31775d45ad504085c9dab65e1bf2

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a3661569477d5e6bb36453958e0cbdde3d14d9901d7eec13514cf5853230f261

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://timedopovo.tk/
Origin: https://timedopovo.tk
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 7GVy+9z4nG+A8zkEFcnXcA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Sat, 11 Feb 2023 03:14:27 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82147
x-fb-rlafr: 0
x-fb-debug: LitBU1Q8Rv7i5INKNc0HDhqetyh+wNAAsnh3u+pjCKMVRCoUfP03d67yDMoXJ+qiHqHcV2QNyGfwi89ut7GBqg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: c00812afe9a85a8e81b38b9488b6a9d5
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 11 Feb 2022 07:31:18 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "8000f6fe6c9e8784c7f29a0db3cf18c3"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 217 B
645 B 125ms
49ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=timedopovo.tk&callback=_gfp_s_&client=ca-pub-3432341997211165

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9397577970694762&plah=timedopovo.tk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

2385df8c79cee7f545720703ab9d9d8d8613a6ca6ffdbfcce567f89a79ed6577

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 136ms
43ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=timedopovo.tk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 07:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 126ms
43ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=timedopovo.tk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 07:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F16F 71 KB
28 KB 477ms
465ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=60&twa=1&slotname=3804470934&adk=4040837863&adf=2203149399&pi=t.ma~as.3804470934&w=284&fwrn=4&fwrnh=100&lmt=1644564678&format=284x60&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&rh=60&rw=284&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644564678054&bpp=14&bdt=315&idt=114&shv=r20220209&mjsv=m202202030101&ptt=5&saldr=sa&abxe=1&correlator=2457399506595&frm=20&pv=2&ga_vid=2146188187.1644564678&ga_sid=1644564678&ga_hid=1164196656&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=988&ady=16&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44753658%2C31064733%2C31063221&oid=2&pvsid=2549612257913985&pem=840&tmod=241333868&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Q3gy018JbD&p=https%3A//timedopovo.tk&dtd=127

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cbf7198861cb1aef11540ae5931940688ba6317633ff48c0e744f287ebd84da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 11 Feb 2022 07:31:18 GMT
server: cafe
content-length: 28962
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 11 Feb 2022 07:31:18 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F930 240 KB
62 KB 514ms
512ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&adk=1812271804&adf=3025194257&lmt=1644564678&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftimedopovo.tk%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644564678103&bpp=1&bdt=363&idt=83&shv=r20220209&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=284x60&nras=1&correlator=2457399506595&frm=20&pv=1&ga_vid=2146188187.1644564678&ga_sid=1644564678&ga_hid=1164196656&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44753658%2C31064733%2C31063221&oid=2&pvsid=2549612257913985&pem=840&tmod=241333868&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=2&uci=a!2&fsb=1&dtd=88

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acc487f5eef68a42f6c9fab07cf9dc536566e278936090df417b11a0861110a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 11 Feb 2022 07:31:18 GMT
server: cafe
content-length: 63432
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 11 Feb 2022 07:31:18 GMT
cache-control: private

GET
H3 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
54 B 87ms
44ms Image
image/gif 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1201536218&utmhn=timedopovo.tk&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Time%20Do%20Povo&utmhid=1164196656&utmr=-&utmp=%2F&utmht=1644564678200&utmac=UA-23996175-16&utmcc=__utma%3D204431381.2146188187.1644564678.1644564678.1644564678.1%3B%2B__utmz%3D204431381.1644564678.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1561004461&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~

Requested by

Host: timedopovo.tk
URL: https://timedopovo.tk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 07:31:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 465C 95 KB
32 KB 896ms
895ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3432341997211165&output=html&h=280&slotname=8825380003&adk=3290701847&adf=215310249&pi=t.ma~as.8825380003&w=1000&fwrn=4&fwrnh=100&lmt=1644564678&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644564678106&bpp=2&bdt=367&idt=97&shv=r20220209&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=284x60%2C0x0&nras=1&correlator=2457399506595&frm=20&pv=2&ga_vid=2146188187.1644564678&ga_sid=1644564678&ga_hid=1164196656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=308&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44753658%2C31064733%2C31063221&oid=2&pvsid=2549612257913985&pem=840&tmod=241333868&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&fsb=1&xpc=EhCwDd7u4C&p=https%3A//timedopovo.tk&dtd=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98179f3daa4433078039b562c8a037b5179720f679570f1ebca4f9d09a84761a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 11 Feb 2022 07:31:19 GMT
server: cafe
content-length: 32990
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 11 Feb 2022 07:31:19 GMT
cache-control: private

GET
H2 200 show_i.php Show response
adds.livreuso.tk/anuncios// Frame D0BA 1 KB
731 B 63ms
63ms Document
text/html 31.22.4.94
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://adds.livreuso.tk/anuncios//show_i.php?a=529&z=29&c=1&adurl=14007&target=_blank
Requested by: Host: adds.livreuso.tk
URL: https://adds.livreuso.tk/anuncios//show.php?z=29&j=1&code=1644564678092
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.94 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv23.byethost23.org
Software: nginx /
Resource Hash: 9ff0a70c8f22c5318427f90801c2ca94f20d2c6a680d883922ebfdf66b394525

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/

Response headers

server: nginx
date: Fri, 11 Feb 2022 07:31:17 GMT
content-type: text/html
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-encoding: br

GET
H2 200 blank.gif
adds.livreuso.tk/anuncios//images/ 43 B
236 B 44ms
43ms Image
image/gif 31.22.4.94
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adds.livreuso.tk/anuncios//images/blank.gif
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.94 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv23.byethost23.org
Software: nginx /
Resource Hash: 204e26ceed9d428095faf4121c5049f1e106116971865681001c2298f7cc5689

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:17 GMT
last-modified: Sun, 17 Dec 2017 15:19:14 GMT
server: nginx
content-type: image/gif
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 43
expires: Sun, 13 Mar 2022 07:31:17 GMT

GET
H2 200 script.js Show response
ad.lomadee.com/banners/ Frame D0BA 430 B
589 B 140ms
36ms Script
text/html 65.9.7.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lomadee.com/banners/script.js?sourceId=35923256&dimension=1&height=90&width=728&method=0
Requested by: Host: adds.livreuso.tk
URL: https://adds.livreuso.tk/anuncios//show_i.php?a=529&z=29&c=1&adurl=14007&target=_blank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.7.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-7-96.fra56.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: cd3600e9be27f74665aba132c024322645a8e61af8dc08072c617386511268bb

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://adds.livreuso.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:36:28 GMT
via: 1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
age: 309289
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-language: en-US
content-encoding: gzip
x-amz-cf-pop: FRA56-C1
content-type: text/html;charset=UTF-8
x-amz-cf-id: 1ydlZkVHFxN3hJRkxq3ukS5lZ_n2qcLhOcrdpoWw7USf0QaEz_W_DA==

GET
H2 200 blank.gif
adds.livreuso.tk/anuncios//images/ Frame D0BA 43 B
236 B 38ms
37ms Image
image/gif 31.22.4.94
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adds.livreuso.tk/anuncios//images/blank.gif
Requested by: Host: adds.livreuso.tk
URL: https://adds.livreuso.tk/anuncios//show_i.php?a=529&z=29&c=1&adurl=14007&target=_blank
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.94 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv23.byethost23.org
Software: nginx /
Resource Hash: 204e26ceed9d428095faf4121c5049f1e106116971865681001c2298f7cc5689

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://adds.livreuso.tk/anuncios//show_i.php?a=529&z=29&c=1&adurl=14007&target=_blank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:17 GMT
last-modified: Sun, 17 Dec 2017 15:19:14 GMT
server: nginx
content-type: image/gif
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 43
expires: Sun, 13 Mar 2022 07:31:17 GMT

GET
H2 200 view Show response
ad.lomadee.com/banner/ Frame EEC1 1 KB
1 KB 530ms
529ms Document
text/html 65.9.7.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lomadee.com/banner/view?sourceId=35923256&dimension=1&width=728&height=90&method=0&advertisers=&tags=
Requested by: Host: ad.lomadee.com
URL: https://ad.lomadee.com/banners/script.js?sourceId=35923256&dimension=1&height=90&width=728&method=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.7.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-7-96.fra56.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: 2d7741b28caeafe9728c103b91733ee54e6a65349dba3510ca6c161df38dac7d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://adds.livreuso.tk/

Response headers

content-type: text/html;charset=UTF-8
content-encoding: gzip
content-language: en-US
date: Fri, 11 Feb 2022 07:31:18 GMT
server: Apache-Coyote/1.1
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: toJGDeTcVKeQd-XZPYRcEtXVSVe38uwCkv_hpW5fv4JN9IvmZXnfnA==

GET
H2 200 16692599177603214274
tpc.googlesyndication.com/simgad/ Frame F16F 11 KB
11 KB 236ms
148ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16692599177603214274?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkhNbpzgVDwTsgNZ21ILVMMfB32pw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=60&twa=1&slotname=3804470934&adk=4040837863&adf=2203149399&pi=t.ma~as.3804470934&w=284&fwrn=4&fwrnh=100&lmt=1644564678&format=284x60&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&rh=60&rw=284&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644564678054&bpp=14&bdt=315&idt=114&shv=r20220209&mjsv=m202202030101&ptt=5&saldr=sa&abxe=1&correlator=2457399506595&frm=20&pv=2&ga_vid=2146188187.1644564678&ga_sid=1644564678&ga_hid=1164196656&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=988&ady=16&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44753658%2C31064733%2C31063221&oid=2&pvsid=2549612257913985&pem=840&tmod=241333868&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Q3gy018JbD&p=https%3A//timedopovo.tk&dtd=127

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4523fb8890917f1f588b09c10b086923294c006fcd2e8b3ddaaaaaee69ee6c7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:18 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11112
x-xss-protection: 0
last-modified: Fri, 23 Jul 2021 10:49:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 11 Feb 2023 07:31:18 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/ Frame F16F 19 KB
8 KB 119ms
33ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:29:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
server: cafe
etag: 7051432691878289762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 07:29:19 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F16F 0
0 121ms
78ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNXRMxhAGYu3sDoeT7_UPsbCk2ArK0uyraL2TndiJDp7qycWLDhABIJC81htguwagAcXo3LUByAECqQIcc4sbnra2PqgDAcgDyQSqBN4BT9DutDRqkVRgLODrsBpn5PqKIlsvPMBvweNnRDGPZF4VYWJGaxnMG0siyTzdjeSeVGprA1KqS8RzxDnhH_75m4Y1EX2Q54PCyNbMPTZ07RvqL4HLnXZnXvBHKiplm72ge7siSgSPqDGmnmucg075Hko9LogpM6Wh1U-2XeLRVCzGgkcqV9XmuKPaQ56s6LjrU0YQw4Hd-75ukTQLtPNzFii_7-Lg-6M5rd_SBrUUQl_c1zVYAKBUMsov-3mrT5WPUIRUDL8_6D8yi2Uac0WpGjI9TxqxkoirckF8wP6qwATxgrO83AOSBQQIBBgBkgUECAUYBKAGAoAHo5ejygKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCprDDSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItOTM5NzU3Nzk3MDY5NDc2MhgA&sigh=ICvFsgaVvcM&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=60&twa=1&slotname=3804470934&adk=4040837863&adf=2203149399&pi=t.ma~as.3804470934&w=284&fwrn=4&fwrnh=100&lmt=1644564678&format=284x60&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&rh=60&rw=284&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644564678054&bpp=14&bdt=315&idt=114&shv=r20220209&mjsv=m202202030101&ptt=5&saldr=sa&abxe=1&correlator=2457399506595&frm=20&pv=2&ga_vid=2146188187.1644564678&ga_sid=1644564678&ga_hid=1164196656&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=988&ady=16&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44753658%2C31064733%2C31063221&oid=2&pvsid=2549612257913985&pem=840&tmod=241333868&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Q3gy018JbD&p=https%3A//timedopovo.tk&dtd=127
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 11 Feb 2022 07:31:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 11 Feb 2022 07:31:18 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame F16F 2 KB
1 KB 120ms
41ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:28:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 07:28:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F16F 124 KB
38 KB 140ms
61ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Feb 2022 07:31:18 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame F16F 15 KB
6 KB 116ms
37ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:29:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 07:29:33 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame F16F 28 KB
11 KB 121ms
42ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3b84e5e485619983c2f805dac6f3fde572d0c825c672d1a02f48af0149eea93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 05:01:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8973
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11662
x-xss-protection: 0
server: cafe
etag: 6226773659199191033
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 05:01:45 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/ 150 KB
53 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b59a3f59c0238a971ecd9855ef5e2bafe6fa28bb65a7aff3833448dfd9636d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54420
x-xss-protection: 0
server: cafe
etag: 14499302684659269810
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 07:31:18 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 87ms
45ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=timedopovo.tk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 07:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 87ms
45ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=timedopovo.tk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 07:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B7DC 85 KB
32 KB 666ms
665ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=240&adk=4071009227&adf=2944978207&pi=t.aa~a.795276990~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1644564678&rafmt=1&to=qs&pwprc=3910530028&psa=0&format=300x240&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644564678770&bpp=1&bdt=1030&idt=-M&shv=r20220209&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3143a9ff7a45ae31-2275a46e3ccd005e%3AT%3D1644564678%3ART%3D1644564678%3AS%3DALNI_Mbnpe9E63v7Z0G7yPTcSsXUf-j4tg&prev_fmts=284x60%2C0x0%2C1000x280&nras=2&correlator=2457399506595&frm=20&pv=1&ga_vid=2146188187.1644564678&ga_sid=1644564678&ga_hid=1164196656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44753658%2C31064733%2C31063221&oid=2&pvsid=2549612257913985&pem=840&tmod=241333868&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=PLzN6vGsSb&p=https%3A//timedopovo.tk&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aae3ed32244e62462fb36a4309d9e894d47b6a3bff7b308d709e9ac4d72bc624

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 11 Feb 2022 07:31:19 GMT
server: cafe
content-length: 32703
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 11 Feb 2022 07:31:19 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 45BE 130 KB
43 KB 525ms
524ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=100&adk=702956917&adf=3434027193&pi=t.aa~a.1445354789~rp.1&w=540&fwrn=4&fwrnh=100&lmt=1644564678&rafmt=1&to=qs&pwprc=3910530028&psa=0&format=540x100&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644564678770&bpp=1&bdt=1030&idt=0&shv=r20220209&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3143a9ff7a45ae31-2275a46e3ccd005e%3AT%3D1644564678%3ART%3D1644564678%3AS%3DALNI_Mbnpe9E63v7Z0G7yPTcSsXUf-j4tg&prev_fmts=284x60%2C0x0%2C1000x280%2C300x240&nras=3&correlator=2457399506595&frm=20&pv=1&ga_vid=2146188187.1644564678&ga_sid=1644564678&ga_hid=1164196656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=452&ady=1420&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44753658%2C31064733%2C31063221&oid=2&pvsid=2549612257913985&pem=840&tmod=241333868&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=9d26CxYTnn&p=https%3A//timedopovo.tk&dtd=16

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c2caa2ebfe924884ab90e6acde7bb78f661e469b62521241ae0b435713c1778

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16984510133100292972/468x60/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16984510133100292972/468x60/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIW_-OuQ9_UCFUPi7QodjpoHvw&gqi=xhAGYpeqMdek9u8P_7iOyA8&layout=/sadbundle/%24csp%253Der3%24/16984510133100292972/468x60/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16984510133100292972/468x60/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16984510133100292972/468x60/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIW_-OuQ9_UCFUPi7QodjpoHvw&gqi=xhAGYpeqMdek9u8P_7iOyA8&layout=/sadbundle/%24csp%253Der3%24/16984510133100292972/468x60/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 11 Feb 2022 07:31:19 GMT
server: cafe
content-length: 43538
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 11 Feb 2022 07:31:19 GMT
cache-control: private

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0E7E 143 B
163 B 34ms
33ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=60&twa=1&slotname=3804470934&adk=4040837863&adf=2203149399&pi=t.ma~as.3804470934&w=284&fwrn=4&fwrnh=100&lmt=1644564678&format=284x60&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&rh=60&rw=284&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644564678054&bpp=14&bdt=315&idt=114&shv=r20220209&mjsv=m202202030101&ptt=5&saldr=sa&abxe=1&correlator=2457399506595&frm=20&pv=2&ga_vid=2146188187.1644564678&ga_sid=1644564678&ga_hid=1164196656&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=988&ady=16&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44753658%2C31064733%2C31063221&oid=2&pvsid=2549612257913985&pem=840&tmod=241333868&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Q3gy018JbD&p=https%3A//timedopovo.tk&dtd=127

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Fri, 11 Feb 2022 07:04:52 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 1586
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/ Frame 82D4 10 KB
5 KB 35ms
34ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Thu, 10 Feb 2022 23:43:07 GMT
expires: Thu, 24 Feb 2022 23:43:07 GMT
cache-control: public, max-age=1209600
age: 28091
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/ Frame 6522 10 KB
5 KB 35ms
33ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Thu, 10 Feb 2022 23:43:07 GMT
expires: Thu, 24 Feb 2022 23:43:07 GMT
cache-control: public, max-age=1209600
age: 28091
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame F16F 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7fb3412d3c0bca8a46e390f3d8e6858431bab6f2cc1465708ad40402ff31246

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css2
fonts.googleapis.com/ Frame 82D4 4 KB
1 KB 122ms
43ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 05:36:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 11 Feb 2022 07:31:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Feb 2022 07:31:19 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 82D4 205 B
742 B 112ms
33ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:24:42 GMT
x-content-type-options: nosniff
age: 3997
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 11 Feb 2023 06:24:42 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 82D4 604 B
695 B 113ms
34ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 20:07:13 GMT
x-content-type-options: nosniff
age: 41046
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 10 Feb 2023 20:07:13 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/elements/html/ Frame 82D4 19 KB
8 KB 114ms
70ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a7b5f2e7e3fd51102d05b2706291210864e7890361d932311a18048073374ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8079
x-xss-protection: 0
server: cafe
etag: 5902764951541284931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 07:29:34 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6522 0
0 53ms
52ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZSacxhAGYpv2DsOQ7_UPsMewSMHtvKdonN_w54YP2tkeEAEgkLzWG2C7BqABoPKivwHIAQKpAkZDGyGZHLM-qAMByAPJBKoE0AFP0DSWLs60f4PCkJ4D6V23E620GtRv-i4WcWLEiYCRVv1PXLLtdpHdKWJdCn_DGxKTKhOZEOEpSb8IxyOb7Af5IGArFxUE7OsVEOkBifgLNnqMoZq8tSp7Z6XSq0IbiYjWnbWVwwpiW5m92fBjonwBMaI8LWB2i72hd05gp03YjondN0KnqaCZloorkZR1axqbRk77mAsf9b0qZUynBOAo93D31tDhtOvC9tuXPHna_1qgBCZTESxAJUQMysyKy5cFUH5490DTL6yPD3g5YeoFwASV7vnk1gOSBQQIBBgBkgUECAUYBKAGAoAHyI3dwAKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBRDWxr8B0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTkzOTc1Nzc5NzA2OTQ3NjIYAA&sigh=SmWFwbLsukY&uach_m=[UACH]

Requested by

Host: timedopovo.tk
URL: https://timedopovo.tk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 11 Feb 2022 07:31:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/ Frame 6522 19 KB
8 KB 74ms
40ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
server: cafe
etag: 7051432691878289762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 07:28:25 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame 6522 2 KB
1 KB 113ms
79ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:28:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 07:28:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6522 124 KB
38 KB 105ms
62ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Feb 2022 07:31:19 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame 6522 15 KB
6 KB 67ms
35ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:29:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 07:29:33 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame 6522 28 KB
11 KB 66ms
34ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3b84e5e485619983c2f805dac6f3fde572d0c825c672d1a02f48af0149eea93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 05:01:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8974
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11662
x-xss-protection: 0
server: cafe
etag: 6226773659199191033
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 05:01:45 GMT

GET
H3 200 16705063814122056486
tpc.googlesyndication.com/simgad/ Frame 6522 32 KB
32 KB 77ms
45ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16705063814122056486?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qn3mSr9KSwskdFEUe2ZTGu2idSz4g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d352335adbe3acb3b3ac39b2594d5dc1ee80c7a8ef0c0f3873ad725bbb233bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 19:09:07 GMT
x-content-type-options: nosniff
age: 217332
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32561
x-xss-protection: 0
last-modified: Wed, 06 Oct 2021 14:22:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 08 Feb 2023 19:09:07 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0E7E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

104ms
103ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 11 Feb 2022 07:31:19 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 11 Feb 2022 07:31:19 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 11 Feb 2022 07:31:19 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js Show response
pagead2.googlesyndication.com/bg/ Frame 801E 35 KB
13 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b4cdcac0b1cdecd92288f13bb3e6e98c268619508efd3cd46b8b919e6617de8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 01:09:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13545
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 01:09:42 GMT

GET
H2 200 c19fd8b849b0a136004ad9e065774f19
ad.lomadee.com/banners/8092/ Frame EEC1 19 KB
20 KB 38ms
38ms Image
image/jpeg 65.9.7.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.lomadee.com/banners/8092/c19fd8b849b0a136004ad9e065774f19
Requested by: Host: ad.lomadee.com
URL: https://ad.lomadee.com/banner/view?sourceId=35923256&dimension=1&width=728&height=90&method=0&advertisers=&tags=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.7.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-7-96.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e7c99e88d275b71c391636dddd6e462cf617317695f19ab52a31ed269ffebf4

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.lomadee.com/banner/view?sourceId=35923256&dimension=1&width=728&height=90&method=0&advertisers=&tags=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 29 Jan 2022 18:37:46 GMT
via: 1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
last-modified: Tue, 30 Nov 2021 17:36:22 GMT
server: AmazonS3
age: 1083214
etag: "a1a5446aeee65fed8a4227450e621225"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 19874
x-amz-cf-id: y8biISOvB8LWUN1q4l5OPol9wBNgksba-v1NEyHwgO5qrRmXc40b6w==

GET analyze.js
statistcdn.com/ Frame EEC1 0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame EEC1 49 KB
20 KB 119ms
33ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ad.lomadee.com
URL: https://ad.lomadee.com/banner/view?sourceId=35923256&dimension=1&width=728&height=90&method=0&advertisers=&tags=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.lomadee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5187
date: Fri, 11 Feb 2022 06:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 11 Feb 2022 08:04:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 465C 8 KB
888 B 92ms
43ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3432341997211165&output=html&h=280&slotname=8825380003&adk=3290701847&adf=215310249&pi=t.ma~as.8825380003&w=1000&fwrn=4&fwrnh=100&lmt=1644564678&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644564678106&bpp=2&bdt=367&idt=97&shv=r20220209&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=284x60%2C0x0&nras=1&correlator=2457399506595&frm=20&pv=2&ga_vid=2146188187.1644564678&ga_sid=1644564678&ga_hid=1164196656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=308&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44753658%2C31064733%2C31063221&oid=2&pvsid=2549612257913985&pem=840&tmod=241333868&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&fsb=1&xpc=EhCwDd7u4C&p=https%3A//timedopovo.tk&dtd=100

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 05:31:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 11 Feb 2022 07:31:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Feb 2022 07:31:19 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FD7E 143 B
163 B 35ms
35ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Fri, 11 Feb 2022 07:04:52 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 1587
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame 465C 1 KB
875 B 34ms
34ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:28:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 07:28:48 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/ Frame 465C 19 KB
8 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
server: cafe
etag: 7051432691878289762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 07:28:25 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame 465C 2 KB
1 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:28:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 07:28:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 465C 124 KB
38 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Feb 2022 07:31:19 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame 465C 15 KB
6 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:29:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 07:29:33 GMT

GET
H3 200 ff20f166b0acb5bbc58563e896201b58.js Show response
www.gstatic.com/mysidia/ Frame 465C 27 KB
11 KB 75ms
34ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ff20f166b0acb5bbc58563e896201b58.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60b6fb70c39877b90333526914dbc0d47052cd8c4c298c421aaee2f9d6b48bcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11452
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 06:53:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 11 May 2022 14:21:09 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D5F4 8 KB
888 B 71ms
43ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 05:40:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 11 Feb 2022 07:31:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Feb 2022 07:31:19 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame D5F4 1 KB
875 B 34ms
34ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:28:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 07:28:48 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/ Frame D5F4 19 KB
8 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
server: cafe
etag: 7051432691878289762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 07:28:25 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame D5F4 2 KB
1 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:28:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 07:28:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D5F4 124 KB
38 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Feb 2022 07:31:19 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame D5F4 15 KB
6 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:29:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 07:29:33 GMT

GET
H3 200 ff20f166b0acb5bbc58563e896201b58.js Show response
www.gstatic.com/mysidia/ Frame D5F4 27 KB
11 KB 60ms
36ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ff20f166b0acb5bbc58563e896201b58.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60b6fb70c39877b90333526914dbc0d47052cd8c4c298c421aaee2f9d6b48bcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11452
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 06:53:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 11 May 2022 14:21:09 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14724609992019507988/ Frame 465C 29 KB
29 KB 38ms
38ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14724609992019507988/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

310a2eb7e8f9d87d39ee9c63324a3ff2c4cb7579bf34706ff4094a181eb65adf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 20:36:07 GMT
x-content-type-options: nosniff
age: 384912
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29290
x-xss-protection: 0
last-modified: Sun, 16 Jan 2022 14:04:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 06 Feb 2023 20:36:07 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 465C 0
0 82ms
77ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CF80dxhAGYr7OD4OG7_UPoq6emA_arvu6Ypr_gLzlDYiU-IezAhABIJGhvxNguwagAY3s5NkCyAEJqQKW7LsEnFiqPqgDAcgDywSqBNABT9DjaGGbe-Wz0saA_jHCjEbHIciW7pZBKUo33Yn3UtD5aNdVQzQmiP0iVPCs_BscVBqOSD13X2xIO1dYb-17NS2UDFKC-kaY_gW955N1flc3T9zDf0nMkdMn06SVI61ABW6CQx8atKCNVC7xwOuCTtbDvR2WkEKZbbtLN_aWvvKuV_UodsNsZSwjESM6JFOdoIQGv0-2sgpK-80T2fTJogyD_E7QT1gX3zG_04OUURZ37PxzwsRTr7OVZwQcwYwEOULw7SnvFJHspG5YvgqZg8AElJXynuQDkgUECAQYAZIFBAgFGASgBi6AB9uTm6YBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwUQ8KDgDtIICQiA4YAQEAEYH4AKAcgLAbgTiCfYEw2IFATQFQGAFwGyFxwKGggAEhRwdWItMzQzMjM0MTk5NzIxMTE2NRgA&sigh=0sQAjFlmDQs&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3432341997211165&output=html&h=280&slotname=8825380003&adk=3290701847&adf=215310249&pi=t.ma~as.8825380003&w=1000&fwrn=4&fwrnh=100&lmt=1644564678&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644564678106&bpp=2&bdt=367&idt=97&shv=r20220209&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=284x60%2C0x0&nras=1&correlator=2457399506595&frm=20&pv=2&ga_vid=2146188187.1644564678&ga_sid=1644564678&ga_hid=1164196656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=308&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44753658%2C31064733%2C31063221&oid=2&pvsid=2549612257913985&pem=840&tmod=241333868&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&fsb=1&xpc=EhCwDd7u4C&p=https%3A//timedopovo.tk&dtd=100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 11 Feb 2022 07:31:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6522 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d108ce346075f8a89d54014d5a4efe0d4abf9a9a7013075425af7af0565c0f10

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 465C 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 465C 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 465C 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88814c4a71142d9d2c39cf00b166361bf6bea281f70e5caca5563a73e334e647

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame 465C 28 KB
28 KB 115ms
33ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 00:52:22 GMT
x-content-type-options: nosniff
age: 23937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28196
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 17:53:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 11 Feb 2023 00:52:22 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FD7E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

94ms
94ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 11 Feb 2022 07:31:19 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 11 Feb 2022 07:31:19 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 11 Feb 2022 07:31:19 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js Show response
pagead2.googlesyndication.com/bg/ Frame F27B 35 KB
13 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b4cdcac0b1cdecd92288f13bb3e6e98c268619508efd3cd46b8b919e6617de8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 01:09:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13545
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 01:09:42 GMT

GET
H3 200 O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js Show response
pagead2.googlesyndication.com/bg/ Frame 6860 35 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js

Requested by

Host: timedopovo.tk
URL: https://timedopovo.tk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b4cdcac0b1cdecd92288f13bb3e6e98c268619508efd3cd46b8b919e6617de8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 01:09:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13545
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 01:09:42 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16984510133100292972/468x60/ Frame C4CD 2 KB
909 B 35ms
34ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16984510133100292972/468x60/index.html

Requested by

Host: timedopovo.tk
URL: https://timedopovo.tk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b1e7774eb229e39819b73fe09c359a6e558d5672bac0cb0ff557decdfc1e970

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
content-length: 879
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Thu, 10 Feb 2022 09:55:30 GMT
expires: Fri, 10 Feb 2023 09:55:30 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 27 Jul 2021 10:33:12 GMT
content-type: text/html
age: 77749
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

B26619510.315278222;dc_pre=CIT5neyQ9_UCFQiKdwodHBUALA;dc_trk_aid=508000753;dc_trk_cid=158642748;ord=3526686822;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/ Frame EFEB
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B26619510.315278222;dc_trk_aid=508000753;dc_trk_cid=158642748;ord=3526686822;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B26619510.315278222;dc_pre=CIT5neyQ9_UCFQiKdwodHBUALA;dc_trk_aid=508000753;dc_trk_cid=158642748;ord=3526686822;dc_lat=;dc_rdid=;tag...

42 B
63 B

96ms
53ms

Fetch
image/gif

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B26619510.315278222;dc_pre=CIT5neyQ9_UCFQiKdwodHBUALA;dc_trk_aid=508000753;dc_trk_cid=158642748;ord=3526686822;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=100&adk=702956917&adf=3434027193&pi=t.aa~a.1445354789~rp.1&w=540&fwrn=4&fwrnh=100&lmt=1644564678&rafmt=1&to=qs&pwprc=3910530028&psa=0&format=540x100&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644564678770&bpp=1&bdt=1030&idt=0&shv=r20220209&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3143a9ff7a45ae31-2275a46e3ccd005e%3AT%3D1644564678%3ART%3D1644564678%3AS%3DALNI_Mbnpe9E63v7Z0G7yPTcSsXUf-j4tg&prev_fmts=284x60%2C0x0%2C1000x280%2C300x240&nras=3&correlator=2457399506595&frm=20&pv=1&ga_vid=2146188187.1644564678&ga_sid=1644564678&ga_hid=1164196656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=452&ady=1420&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44753658%2C31064733%2C31063221&oid=2&pvsid=2549612257913985&pem=840&tmod=241333868&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=9d26CxYTnn&p=https%3A//timedopovo.tk&dtd=16

Protocol

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 07:31:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 11 Feb 2022 07:31:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B26619510.315278222;dc_pre=CIT5neyQ9_UCFQiKdwodHBUALA;dc_trk_aid=508000753;dc_trk_cid=158642748;ord=3526686822;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EFEB 0
0 76ms
76ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CponfxhAGYoXEM8PEtweOtZ74C6H4n5tnlJ2jtKIOv-EeEAEgkLzWG2C7BqAB9Li_xQPIAQmoAwHIA0iqBMwBT9Bsmt6RNepM6BnzZWNHqFaGsXUTeSGWz21w0Hi4XlLexNe62OcHR4al_Mk-D5OiWKUQVD1hkU4DNnrZzk0sDQAK3iDaH6FYWOK2Vitw41V2nJ5SBcirNSZZuXjqr1_Xb8p5-oJDfYAGFwHvnBSmG4QWyY7SJKI4lUclirVal357gktDag3WZEPOggj1a__P7jVzZgXoxnG7yneHqiXT6NGzuFzvjqZUac1p38SLojs_rVyczNNzB8JHTRkOTfF4OZ8c_0XB_Px4oaUGwASFr5LEjwOSBQQIBBgBkgUECAUYBKAGLoAHmeqRowGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCJqxzSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItOTM5NzU3Nzk3MDY5NDc2MhgA&sigh=1VPVJZUosSQ&uach_m=[UACH]&template_id=419

Requested by

Host: timedopovo.tk
URL: https://timedopovo.tk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=100&adk=702956917&adf=3434027193&pi=t.aa~a.1445354789~rp.1&w=540&fwrn=4&fwrnh=100&lmt=1644564678&rafmt=1&to=qs&pwprc=3910530028&psa=0&format=540x100&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644564678770&bpp=1&bdt=1030&idt=0&shv=r20220209&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3143a9ff7a45ae31-2275a46e3ccd005e%3AT%3D1644564678%3ART%3D1644564678%3AS%3DALNI_Mbnpe9E63v7Z0G7yPTcSsXUf-j4tg&prev_fmts=284x60%2C0x0%2C1000x280%2C300x240&nras=3&correlator=2457399506595&frm=20&pv=1&ga_vid=2146188187.1644564678&ga_sid=1644564678&ga_hid=1164196656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=452&ady=1420&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44753658%2C31064733%2C31063221&oid=2&pvsid=2549612257913985&pem=840&tmod=241333868&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=9d26CxYTnn&p=https%3A//timedopovo.tk&dtd=16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 11 Feb 2022 07:31:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/ Frame EFEB 19 KB
8 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
server: cafe
etag: 7051432691878289762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 07:28:25 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame EFEB 2 KB
1 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:28:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 07:28:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EFEB 124 KB
38 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Feb 2022 07:31:19 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame EFEB 15 KB
6 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:29:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 07:29:33 GMT

GET
H3 200 O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js Show response
pagead2.googlesyndication.com/bg/ Frame 05B9 35 KB
13 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b4cdcac0b1cdecd92288f13bb3e6e98c268619508efd3cd46b8b919e6617de8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 01:09:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13545
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 01:09:42 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D730 143 B
163 B 37ms
36ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=100&adk=702956917&adf=3434027193&pi=t.aa~a.1445354789~rp.1&w=540&fwrn=4&fwrnh=100&lmt=1644564678&rafmt=1&to=qs&pwprc=3910530028&psa=0&format=540x100&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644564678770&bpp=1&bdt=1030&idt=0&shv=r20220209&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3143a9ff7a45ae31-2275a46e3ccd005e%3AT%3D1644564678%3ART%3D1644564678%3AS%3DALNI_Mbnpe9E63v7Z0G7yPTcSsXUf-j4tg&prev_fmts=284x60%2C0x0%2C1000x280%2C300x240&nras=3&correlator=2457399506595&frm=20&pv=1&ga_vid=2146188187.1644564678&ga_sid=1644564678&ga_hid=1164196656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=452&ady=1420&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44753658%2C31064733%2C31063221&oid=2&pvsid=2549612257913985&pem=840&tmod=241333868&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=9d26CxYTnn&p=https%3A//timedopovo.tk&dtd=16

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Fri, 11 Feb 2022 07:04:52 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 1587
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame EFEB 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e91e5d8d14a6317de53f4288e035d823649e8d47697dee64a7bfd89548c0b684

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame C4CD 9 KB
3 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16984510133100292972/468x60/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 09:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78905
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 11 Feb 2022 09:36:14 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C4CD 26 KB
10 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16984510133100292972/468x60/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 16:13:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55060
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 11 Feb 2022 16:13:39 GMT

GET
H3 200 lottie_light.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16984510133100292972/468x60/ Frame C4CD 143 KB
40 KB 36ms
36ms Script
application/x-javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16984510133100292972/468x60/lottie_light.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16984510133100292972/468x60/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf904fd2211866586cb256a696153a1f72e1f020f782486feff507727c9b92e7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 77749
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40854
x-xss-protection: 0
last-modified: Tue, 27 Jul 2021 10:33:12 GMT
server: sffe
date: Thu, 10 Feb 2022 09:55:30 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 10 Feb 2023 09:55:30 GMT

POST
H3 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame EFEB 0
20 B 114ms
70ms Other
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIW_-OuQ9_UCFUPi7QodjpoHvw&gqi=xhAGYpeqMdek9u8P_7iOyA8&layout=/sadbundle/%24csp%253Der3%24/16984510133100292972/468x60/index.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 07:31:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B7DC 6 KB
670 B 43ms
43ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=240&adk=4071009227&adf=2944978207&pi=t.aa~a.795276990~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1644564678&rafmt=1&to=qs&pwprc=3910530028&psa=0&format=300x240&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644564678770&bpp=1&bdt=1030&idt=-M&shv=r20220209&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3143a9ff7a45ae31-2275a46e3ccd005e%3AT%3D1644564678%3ART%3D1644564678%3AS%3DALNI_Mbnpe9E63v7Z0G7yPTcSsXUf-j4tg&prev_fmts=284x60%2C0x0%2C1000x280&nras=2&correlator=2457399506595&frm=20&pv=1&ga_vid=2146188187.1644564678&ga_sid=1644564678&ga_hid=1164196656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44753658%2C31064733%2C31063221&oid=2&pvsid=2549612257913985&pem=840&tmod=241333868&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=PLzN6vGsSb&p=https%3A//timedopovo.tk&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 05:39:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 11 Feb 2022 07:31:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Feb 2022 07:31:19 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame B7DC 1 KB
875 B 34ms
34ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:28:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 07:28:48 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/ Frame B7DC 19 KB
8 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
server: cafe
etag: 7051432691878289762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 07:28:25 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame B7DC 2 KB
1 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:28:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 07:28:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B7DC 124 KB
38 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Feb 2022 07:31:19 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame B7DC 15 KB
6 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:29:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 07:29:33 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B7DC 0
0 44ms
44ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSr9V3GMZND_jKisqf3EybMZY5ekoMCjUDOBmCEUMSmOPcRiikrEHthonxisKLiQF41lRNfqGhaRCO0zHdKQCw10EEA-w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=240&adk=4071009227&adf=2944978207&pi=t.aa~a.795276990~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1644564678&rafmt=1&to=qs&pwprc=3910530028&psa=0&format=300x240&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644564678770&bpp=1&bdt=1030&idt=-M&shv=r20220209&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3143a9ff7a45ae31-2275a46e3ccd005e%3AT%3D1644564678%3ART%3D1644564678%3AS%3DALNI_Mbnpe9E63v7Z0G7yPTcSsXUf-j4tg&prev_fmts=284x60%2C0x0%2C1000x280&nras=2&correlator=2457399506595&frm=20&pv=1&ga_vid=2146188187.1644564678&ga_sid=1644564678&ga_hid=1164196656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44753658%2C31064733%2C31063221&oid=2&pvsid=2549612257913985&pem=840&tmod=241333868&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=PLzN6vGsSb&p=https%3A//timedopovo.tk&dtd=11
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 ff20f166b0acb5bbc58563e896201b58.js Show response
www.gstatic.com/mysidia/ Frame B7DC 27 KB
11 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ff20f166b0acb5bbc58563e896201b58.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60b6fb70c39877b90333526914dbc0d47052cd8c4c298c421aaee2f9d6b48bcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11452
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 06:53:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 11 May 2022 14:21:09 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14040675239232681162/ Frame B7DC 5 KB
5 KB 36ms
36ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14040675239232681162/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5247cb13751d04dacc3f7e934b83d78bee995281da0a001ef6aae98b1ba31e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 01:00:18 GMT
x-content-type-options: nosniff
age: 282661
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5244
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 16:18:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 08 Feb 2023 01:00:18 GMT

GET
DATA 200
OK truncated
/ Frame B7DC 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B7DC 0
0 54ms
54ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFmIixhAGYuSFM8_1twfWmYf4Dtqd64Vo2NONu_0Ov-EeEAEgkLzWG2C7BqABlcyjzQLIAQmpAlVGqJkPIbM-qAMByAPLBKoEyQFP0M9Q4MiAoWjCHlJs04g6h6ZEYe0Lode5eMqw8T9baziRkzCr4EhzNyTc52o9VgMeWZJs5k0_2c5QYzuRY8L4dVDCJp68h2TjToMEQcVdGkhdU5FWmoJ-KCzXgg9LMNIrwH5VrCwKgNb9MMr7NjwK3TFhE0cudncZPgGCyGkDwZfzbIHkIBhFiYD9dLoEukz8dvSFsKJRsRlXJokqC7snTvYpxDVWYTaYprIWw_-oYh79mpTjxMSnB1DvtMBO49xISWZHhefT61vABOazpu7mA5IFBAgEGAGSBQQIBRgEoAYugAfTs9yyAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEENbMZdIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi05Mzk3NTc3OTcwNjk0NzYyGAA&sigh=T30aYvnVV5c&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=240&adk=4071009227&adf=2944978207&pi=t.aa~a.795276990~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1644564678&rafmt=1&to=qs&pwprc=3910530028&psa=0&format=300x240&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644564678770&bpp=1&bdt=1030&idt=-M&shv=r20220209&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3143a9ff7a45ae31-2275a46e3ccd005e%3AT%3D1644564678%3ART%3D1644564678%3AS%3DALNI_Mbnpe9E63v7Z0G7yPTcSsXUf-j4tg&prev_fmts=284x60%2C0x0%2C1000x280&nras=2&correlator=2457399506595&frm=20&pv=1&ga_vid=2146188187.1644564678&ga_sid=1644564678&ga_hid=1164196656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44753658%2C31064733%2C31063221&oid=2&pvsid=2549612257913985&pem=840&tmod=241333868&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=PLzN6vGsSb&p=https%3A//timedopovo.tk&dtd=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 11 Feb 2022 07:31:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 data.json Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16984510133100292972/468x60/ Frame C4CD 130 KB
15 KB 82ms
40ms XHR
application/json 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16984510133100292972/468x60/data.json

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16984510133100292972/468x60/lottie_light.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7daf8c3f2ab4f187d27170114598c581d00e834527d6bdb8c21716b1f1cc6f0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 77749
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15008
x-xss-protection: 0
last-modified: Tue, 27 Jul 2021 10:33:12 GMT
server: sffe
date: Thu, 10 Feb 2022 09:55:30 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 10 Feb 2023 09:55:30 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2E20 1 KB
749 B 35ms
34ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Fri, 11 Feb 2022 05:53:44 GMT
expires: Sat, 12 Feb 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 5855
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame B7DC 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3bf7343b421536e5abe699a349d6834ed734bfb0c000bba6c3abd34c9a18c3c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame B7DC 15 KB
15 KB 77ms
34ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 213804
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 20:07:55 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame B7DC 15 KB
15 KB 77ms
37ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 11:22:37 GMT
x-content-type-options: nosniff
age: 158922
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 11:22:37 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D730
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

88ms
87ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 11 Feb 2022 07:31:19 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 11 Feb 2022 07:31:19 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 11 Feb 2022 07:31:19 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js Show response
pagead2.googlesyndication.com/bg/ Frame C4CD 35 KB
13 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b4cdcac0b1cdecd92288f13bb3e6e98c268619508efd3cd46b8b919e6617de8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 01:09:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13545
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 01:09:42 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2E20
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPLOKdZyTLZPY8uaxnqatRjmiCE0FQrsHYDUrhiE5hj0gaqp0gL-c4_Mg7QuIVep0Bg3CJhpVXWdYo-un4_OtGPME5AM4luS&google_gid=CAESEBmmERJPoEhS3AImlS4WDVo&goo...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCMehmJAGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBMT0tkWnlUTFpQWTh1YXhucWF0UmptaUNFMEZRcnNIWURVcmhpRTVoajBnYXFwMGdMLWM0X01nN1F1SVZlcDBCZzNDSmhwVlhXZFlvLXVuNF...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwQmdyTlY2Y3NBNjlXeUpJMFZGOUFWV08zQjZyNE4xeXNGWlNuSVFQN2tfOA==&google_push

170 B
188 B

102ms
61ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwQmdyTlY2Y3NBNjlXeUpJMFZGOUFWV08zQjZyNE4xeXNGWlNuSVFQN2tfOA==&google_push

Requested by

Host: timedopovo.tk
URL: https://timedopovo.tk/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 07:31:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 11 Feb 2022 07:31:19 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwQmdyTlY2Y3NBNjlXeUpJMFZGOUFWV08zQjZyNE4xeXNGWlNuSVFQN2tfOA==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2E20
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIuNkbx...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIuNkbx...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAyMTEwNzMxMjAwMDAyNzQyNzMwNjAwNw%3D%3D&google_push=AYg5qPIuNkbxQkCfyBv6pkT3x_rCinxbIIuwGdKyysB6UxYIUAmMumZj7yQhVYIao1zOc8...

170 B
188 B

62ms
61ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAyMTEwNzMxMjAwMDAyNzQyNzMwNjAwNw%3D%3D&google_push=AYg5qPIuNkbxQkCfyBv6pkT3x_rCinxbIIuwGdKyysB6UxYIUAmMumZj7yQhVYIao1zOc89C8nejVYAgXZMTiBtDc7vW0LhSllFG

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 07:31:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAyMTEwNzMxMjAwMDAyNzQyNzMwNjAwNw%3D%3D&google_push=AYg5qPIuNkbxQkCfyBv6pkT3x_rCinxbIIuwGdKyysB6UxYIUAmMumZj7yQhVYIao1zOc89C8nejVYAgXZMTiBtDc7vW0LhSllFG
pragma: no-cache
date: Fri, 11 Feb 2022 07:31:20 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Fri, 11 Feb 2022 07:31:20 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2E20
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Bwhl_D6nRDm3rHxMJlC4Bg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

67ms
67ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Bwhl_D6nRDm3rHxMJlC4Bg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKqo84_xUhQqCr69W7ebdroWXjsTvZAwqesJo0INtA2eCXdwU53ycxWUlApNYuydsUDYI4ikTMbKlqQO9gj-tGUtTQHoCI7

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 07:31:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Bwhl_D6nRDm3rHxMJlC4Bg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKqo84_xUhQqCr69W7ebdroWXjsTvZAwqesJo0INtA2eCXdwU53ycxWUlApNYuydsUDYI4ikTMbKlqQO9gj-tGUtTQHoCI7
date: Fri, 11 Feb 2022 07:31:19 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2E20
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEN6NMT2DnPXcNpZ_6YDpR8k&google_cver=1&google_push=AYg5qPK6KcaPTst4Ux4gabdToNJxEf2lyq6Js4ST5J6gbpkTOHo_ZNkio32mQZBMru3QGPn5W-8...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pJM0NLOUUtMUktN0M0VQ==&google_push=AYg5qPK6KcaPTst4Ux4gabdToNJxEf2lyq6Js4ST5J6gbpkTOHo_ZNkio32mQZBMru3QGPn5W-8qxLVVfwLm6H-CHwCtd5GqwZpx

170 B
188 B

107ms
62ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pJM0NLOUUtMUktN0M0VQ==&google_push=AYg5qPK6KcaPTst4Ux4gabdToNJxEf2lyq6Js4ST5J6gbpkTOHo_ZNkio32mQZBMru3QGPn5W-8qxLVVfwLm6H-CHwCtd5GqwZpx

Requested by

Host: timedopovo.tk
URL: https://timedopovo.tk/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 07:31:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pJM0NLOUUtMUktN0M0VQ==&google_push=AYg5qPK6KcaPTst4Ux4gabdToNJxEf2lyq6Js4ST5J6gbpkTOHo_ZNkio32mQZBMru3QGPn5W-8qxLVVfwLm6H-CHwCtd5GqwZpx
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 2E20 43 B
296 B 160ms
23ms Image
image/gif 2a05:d01c:1d8:8102:affb:bb24:d447:85fc
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEGFWqhExaAERaisutZpQ7Xg&google_cver=1&google_push=AYg5qPLuRxNdJwFo9fP9ALqzyANabM35V9Li7pNE0E1j8gLM7r7hIKOMuzPUu2UeUvfJ2lp6JFk713AaQ8DRDTvVtMBWwaQtgiE1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=240&adk=4071009227&adf=2944978207&pi=t.aa~a.795276990~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1644564678&rafmt=1&to=qs&pwprc=3910530028&psa=0&format=300x240&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644564678770&bpp=1&bdt=1030&idt=-M&shv=r20220209&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3143a9ff7a45ae31-2275a46e3ccd005e%3AT%3D1644564678%3ART%3D1644564678%3AS%3DALNI_Mbnpe9E63v7Z0G7yPTcSsXUf-j4tg&prev_fmts=284x60%2C0x0%2C1000x280&nras=2&correlator=2457399506595&frm=20&pv=1&ga_vid=2146188187.1644564678&ga_sid=1644564678&ga_hid=1164196656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44753658%2C31064733%2C31063221&oid=2&pvsid=2549612257913985&pem=840&tmod=241333868&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=PLzN6vGsSb&p=https%3A//timedopovo.tk&dtd=11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:affb:bb24:d447:85fc London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 07:31:19 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2E20
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESECvrr0XnOipzEkG_tpQhm7c&google_cver=1&google_push=AYg5qPLy48pVnVkpbIo2dMlc...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLy48pVnVkpbIo2dMlcQQ4RkFpnfc0yNmJRc9OTO0r5ib0egaCd7cAndYLEBhB-QRNwndsMVKz6mmmLZsBREzFakmOqFuB8&google_hm=

170 B
188 B

66ms
66ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLy48pVnVkpbIo2dMlcQQ4RkFpnfc0yNmJRc9OTO0r5ib0egaCd7cAndYLEBhB-QRNwndsMVKz6mmmLZsBREzFakmOqFuB8&google_hm=

Requested by

Host: timedopovo.tk
URL: https://timedopovo.tk/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 07:31:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 11 Feb 2022 07:31:19 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLy48pVnVkpbIo2dMlcQQ4RkFpnfc0yNmJRc9OTO0r5ib0egaCd7cAndYLEBhB-QRNwndsMVKz6mmmLZsBREzFakmOqFuB8&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Thu, 10 Feb 2022 07:31:19 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2E20 0
223 B 125ms
45ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Is7-Ew-qLjoo_T2ZM5HUQVQ2zYWkO0yFGdIuk6s7sb91BdiNc-dypppf74loamAf4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:19 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js Show response
pagead2.googlesyndication.com/bg/ Frame 7AB1 35 KB
13 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b4cdcac0b1cdecd92288f13bb3e6e98c268619508efd3cd46b8b919e6617de8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 01:09:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13545
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 01:09:42 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 56ms
56ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220209&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54cf14454c3a385610bbb19e36415c8262c5ecacf3dd54c2db8d1877022181df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 07:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9870
x-xss-protection: 0

GET
H2

200

like_box.php Show response
www.facebook.com/plugins/ Frame CDB3
Redirect Chain

https://web.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfdf8d96cc58b6%26domain%3Dtimedopovo.tk%26is_can...
https://www.facebook.com/plugins/like_box.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfdf8d96cc58b6%26domain%3Dtimedopovo.tk%26is_canv...

46 KB
17 KB

290ms
196ms

Document
text/html

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like_box.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfdf8d96cc58b6%26domain%3Dtimedopovo.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftimedopovo.tk%252Ff2ce85e328b4228%26relation%3Dparent.parent&color_scheme=light&container_width=300&header=true&height=300&href=https%3A%2F%2Fwww.facebook.com%2Ftimedopovonews%3Fref%3Dhl&locale=pt_BR&sdk=joey&show_border=true&show_faces=true&stream=false&width=300&_rdc=1&_rdr

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/all.js?hash=25ee31775d45ad504085c9dab65e1bf2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d158220bbc2149436617826017137687c88e352feba06f711bbbbd7d09a5d002

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: nerFgy1TH+SSYubRLGe6X04ShFghj7bdd2DU2oBN2UCXypZpX9jSgpsv+xG9MD8Ye7swI3Y/qCQuEVlWG3Rq+Q==
date: Fri, 11 Feb 2022 07:31:20 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

Redirect headers

location: https://www.facebook.com/plugins/like_box.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfdf8d96cc58b6%26domain%3Dtimedopovo.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftimedopovo.tk%252Ff2ce85e328b4228%26relation%3Dparent.parent&color_scheme=light&container_width=300&header=true&height=300&href=https%3A%2F%2Fwww.facebook.com%2Ftimedopovonews%3Fref%3Dhl&locale=pt_BR&sdk=joey&show_border=true&show_faces=true&stream=false&width=300&_rdc=1&_rdr
x-fb-zr-redirect: 02|1644651080|
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: uGkDBoENN3GF2/S+SorMd8eikzHrZX/RNKBvwDv7GV6cxoK3RqJt/6QenQEUzawGdQKg32hSaMShoCNKjcFw0g==
content-length: 0
date: Fri, 11 Feb 2022 07:31:20 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F16F 42 B
64 B 70ms
69ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjCPXPsHVifNghnsYAmEzQRm2fcQaj0FkSSSdYVsobm74eCN_r9AbDnQoy47ZbGHOo-y2FxnYGxeIr1T5bX8eH--JkBBrOVKXfpnLvgSq3bdKfW0DV0g&sai=AMfl-YSPLeVodulw1lny04szZF97HQn0ncHLt4qzRoWCYK-IOHh_jHNgHGJ5YBKID8e7pMgN2lufkIPVV10L&sig=Cg0ArKJSzAnwnPMOOAHFEAE&id=lidar2&mcvt=1001&p=0,0,44,284&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220209&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=4040837863&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644564678183&rpt=782&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 07:31:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Feb 2022 07:31:20 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5085 13 KB
5 KB 41ms
40ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Feb 2022 15:05:51 GMT
expires: Fri, 10 Feb 2023 15:05:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 59129
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6F46 783 B
535 B 64ms
64ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9a1504732d1419da77127b509ef400002fa2a7fb8a4a6b1a1c9b432f93410e00

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5QTJLH2yH2u8U1eKkyqilg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 11 Feb 2022 07:31:20 GMT
date: Fri, 11 Feb 2022 07:31:20 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-5QTJLH2yH2u8U1eKkyqilg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js Show response
pagead2.googlesyndication.com/bg/ Frame 5085 35 KB
13 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b4cdcac0b1cdecd92288f13bb3e6e98c268619508efd3cd46b8b919e6617de8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 01:09:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13545
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 01:09:42 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6F46 0
0 99ms
98ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220209&jk=2549612257913985&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET generate_204
tpc.googlesyndication.com/ Frame 5085 0
0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 73ms
72ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220209&jk=2549612257913985&bg=!1dal1pLNAAbAtJCDwLQ7ACkAdvg8WpDR3GIlwTHscbXyl6f_0OMV5wdNtxlSZxkbBOVz3M-SI_vJBwIAAABiUgAAAANoAQcKABLw0Lb0j9Z4xB8I6ttEqV9hw7uZAsf-TKIFCM-mqjE3Kxt49_3W-DKz_nWaS5mOJji4WNW0b1r9yp086jD_uZ6PumDEwDOyH1BtIbTg2NCWXBdCYDLgQc_K_a49Nat8amkujt8Pc25joEF56P_Vk6cNskfxH3zyVrfcvExebYrkZsCCqCMN4WlUGbzmj2Fv9fqZCMz440QJWa5CvrPmHg_4YV17CLQxu23qYe59rMViZdONAyPj9w3yo1qd9WEqI4mAlroc8DQMOnEPz8I-K9FE3LpQZzyQBrs-wBIJ3m8vum-gXjKnroDT2sxml4dM9y0nB3gopRlU1zj35IKO8zfbYttLJzNO5LuOUnddcaJW0rAyEweCbTwTqdwQ1EOz6rWAFgoGlZW0Wi2ub9IUO7SUdpvKEaPdws4XJgrYwcc2ZgdPAfTlDaYtFj3CeclgTYrThlWtR4s-Mv8OZFJo0GZuu1kpuaiGt-5PkDWOYuciL1_X6L8Gom8dS5XDsJCW3LGNbgfUqVHFxhH8vIu3FULm9wKwaAuYocsDuQebvzaUmwXJ0H1-nVrCTQ8XPOsO9nlKAg3DXmjU-wAuBddT3pNmeHc82Wj9RdW-fEQ1wlFqGAvQnBQfPHplZGtIx6xVyarehY_YS1xpWsU9Qy8uHbtViNnzk948vJfpOcInmUq4t_ZJ5IYYCu-EoYlb_f4EnALEn1q5SqPbyQY1jqTvxUNgoBaKsBKMKp5AminSN_3tyt9xaan8wyXExf0haj47ou_nNN99PEeuSDwas9NXIXuAjfykVdiXHpoRBXf6-chA-g0c8-GlT0hqxjUNIz0ky1qis-So5tRlpjdqHJvtyq-xEG7UpxHyfda6LSNq7tmN5dL8u5Y_qYkwm_sVb5sw39OsJw1p3futVNwGUehR_uAU3-LJ_8pyR4-Ca5YeQHTiDZCbL44wN99KWIDpA7PgYTNmsvol1grPUj3mzX0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 07:31:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6522 42 B
64 B 71ms
71ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuLkzaPhdn7jmMYe4xJMJ4-sEMnILv19tayOjsr3YclMNP8TX6SmOSVn9xyw3Iy7ZDXOEcR5sa2WsEevTjSYhZuX8g7MUyeTjsRdRrYHMf6siRsVwAvuw&sai=AMfl-YQllCNJJPkIs2UfQsY7z5Cj8Y-Cx5ZD91eahSktOeU_dyGN3AYdYT8czDYaWENnilqGCtzPlMuuRQ5J&sig=Cg0ArKJSzB06xKDAETPtEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=108,736,1000,1079,1079&tos=108,628,264,79,0&v=20220209&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644564678863&rpt=336&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 07:31:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 mFOZAZQcoqi.css
www.facebook.com/rsrc.php/v3/ym/l/0,cross/ Frame CDB3 19 KB
5 KB 250ms
208ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/ym/l/0,cross/mFOZAZQcoqi.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfdf8d96cc58b6%26domain%3Dtimedopovo.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftimedopovo.tk%252Ff2ce85e328b4228%26relation%3Dparent.parent&color_scheme=light&container_width=300&header=true&height=300&href=https%3A%2F%2Fwww.facebook.com%2Ftimedopovonews%3Fref%3Dhl&locale=pt_BR&sdk=joey&show_border=true&show_faces=true&stream=false&width=300&_rdc=1&_rdr

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ca8efa8af81d38ad527160b48ec24b8cefc2b12f72e1159162deecf974c3dd60

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like_box.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfdf8d96cc58b6%26domain%3Dtimedopovo.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftimedopovo.tk%252Ff2ce85e328b4228%26relation%3Dparent.parent&color_scheme=light&container_width=300&header=true&height=300&href=https%3A%2F%2Fwww.facebook.com%2Ftimedopovonews%3Fref%3Dhl&locale=pt_BR&sdk=joey&show_border=true&show_faces=true&stream=false&width=300&_rdc=1&_rdr
Origin: https://www.facebook.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:13:04 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: bdxSYxsz/LrvUZAFTkLf6A==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 4928
x-fb-rlafr: 0
x-fb-debug: Gxrik0r4W2rY58EkSQL8QC6p0oPjkp1QULNUCtMlgnF1dVyWn4zpR/CVkNZbmZgj1oNLjwBjIz+PzUxBksVUOA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 10 Feb 2023 15:13:04 GMT

GET
H3 200 FPdNN1TK3wJ.css
www.facebook.com/rsrc.php/v3/yF/l/0,cross/ Frame CDB3 2 KB
869 B 248ms
208ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yF/l/0,cross/FPdNN1TK3wJ.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a33a18d3ade364ae94fdc88f786c869ff8b45cae9bf98f2e2a16dd1459d98cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like_box.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfdf8d96cc58b6%26domain%3Dtimedopovo.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftimedopovo.tk%252Ff2ce85e328b4228%26relation%3Dparent.parent&color_scheme=light&container_width=300&header=true&height=300&href=https%3A%2F%2Fwww.facebook.com%2Ftimedopovonews%3Fref%3Dhl&locale=pt_BR&sdk=joey&show_border=true&show_faces=true&stream=false&width=300&_rdc=1&_rdr
Origin: https://www.facebook.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 22:08:49 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qki4Wy05mlz5CwH9oqDKag==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 815
x-fb-rlafr: 0
x-fb-debug: Y1plivpEDKqrp6842ExxSgHjJxbi9VGkyGotZLYWySzlbFkxBV66QXO4ltsODql9y2RKvc0n604Ro8niEZ21GA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 02 Feb 2023 22:08:49 GMT

GET
H3 200 mKJTiHBQduW.js Show response
www.facebook.com/rsrc.php/v3/yf/r/ Frame CDB3 307 KB
82 KB 193ms
152ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yf/r/mKJTiHBQduW.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8cec5a85f5192ba77b4182d2202148e870ce6623bc972921796e56b5b03dfdae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like_box.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfdf8d96cc58b6%26domain%3Dtimedopovo.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftimedopovo.tk%252Ff2ce85e328b4228%26relation%3Dparent.parent&color_scheme=light&container_width=300&header=true&height=300&href=https%3A%2F%2Fwww.facebook.com%2Ftimedopovonews%3Fref%3Dhl&locale=pt_BR&sdk=joey&show_border=true&show_faces=true&stream=false&width=300&_rdc=1&_rdr
Origin: https://www.facebook.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 01:49:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uMLVCLppfmRFecrjoMVgfQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 84346
x-fb-rlafr: 0
x-fb-debug: Sid+h+ws4a9iFhoj0EAbkTw7BTwQG6A3FvkRI912mFnyvR6h9oOdxFgDLPbg4TKGSWCx9SwmXhTItShMis6wmg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 09 Feb 2023 01:49:42 GMT

GET
H3 200 x37gBm-Nr3Y.js Show response
www.facebook.com/rsrc.php/v3/yE/r/ Frame CDB3 6 KB
2 KB 192ms
152ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yE/r/x37gBm-Nr3Y.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

13100c8070455dafb3006e38bbdb3a0ad46669ff2656470a35fcaac0431d4393

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like_box.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfdf8d96cc58b6%26domain%3Dtimedopovo.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftimedopovo.tk%252Ff2ce85e328b4228%26relation%3Dparent.parent&color_scheme=light&container_width=300&header=true&height=300&href=https%3A%2F%2Fwww.facebook.com%2Ftimedopovonews%3Fref%3Dhl&locale=pt_BR&sdk=joey&show_border=true&show_faces=true&stream=false&width=300&_rdc=1&_rdr
Origin: https://www.facebook.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:13:04 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: sW3a84Xu6E4R0LvxUX7bUA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 1964
x-fb-rlafr: 0
x-fb-debug: biyMGe8sX1nlAWsfCjJllyHdATY97GhY07f/flN0mQ5P3cJ6RWqmPBLKSZXzDD396RLfJ09MnznvZXrUhspwjw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Fri, 10 Feb 2023 15:13:04 GMT

GET
H3 200 VSW8dUTDzHM.js Show response
www.facebook.com/rsrc.php/v3/yW/r/ Frame CDB3 42 KB
13 KB 92ms
53ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yW/r/VSW8dUTDzHM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b6c87e34a8918cb44cdba9606325887a96848b71f27e710a1cdc75ba7fa34cb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like_box.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfdf8d96cc58b6%26domain%3Dtimedopovo.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftimedopovo.tk%252Ff2ce85e328b4228%26relation%3Dparent.parent&color_scheme=light&container_width=300&header=true&height=300&href=https%3A%2F%2Fwww.facebook.com%2Ftimedopovonews%3Fref%3Dhl&locale=pt_BR&sdk=joey&show_border=true&show_faces=true&stream=false&width=300&_rdc=1&_rdr
Origin: https://www.facebook.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 22:33:08 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ukQOwxilElpixKXcZMuJVA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 13584
x-fb-rlafr: 0
x-fb-debug: UiA4y2/70pDTi9fUaTqz8zNEsI5y3DTn7kCKjc6jOlGWEk/IZvWj2lEH5Vd62ySoyR+48x/vqbYxKqj71wlWAA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Wed, 08 Feb 2023 22:33:08 GMT

GET
H3 200 RgGJRJuMmby.js Show response
www.facebook.com/rsrc.php/v3/yQ/r/ Frame CDB3 47 KB
15 KB 95ms
55ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yQ/r/RgGJRJuMmby.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ecc7887421979537eaa490f95d6303435576bcb7ea059834798086f50702248f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like_box.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfdf8d96cc58b6%26domain%3Dtimedopovo.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftimedopovo.tk%252Ff2ce85e328b4228%26relation%3Dparent.parent&color_scheme=light&container_width=300&header=true&height=300&href=https%3A%2F%2Fwww.facebook.com%2Ftimedopovonews%3Fref%3Dhl&locale=pt_BR&sdk=joey&show_border=true&show_faces=true&stream=false&width=300&_rdc=1&_rdr
Origin: https://www.facebook.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 00:07:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: njBs/eHV6l/pDoQFtGTmlw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 14940
x-fb-rlafr: 0
x-fb-debug: yvKxTRwHnq/Pl0BihVStvQx07F0Jwdh/BCvyXoifYCTHKlZ72blfEKJ9DsEALJJT7CUecpE4y62iLuimO8M6vA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Sat, 11 Feb 2023 00:07:03 GMT

GET
H3 200 x9ZrO_yAkJs.js Show response
www.facebook.com/rsrc.php/v3iM-F4/yr/l/pt_BR/ Frame CDB3 82 KB
22 KB 156ms
117ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iM-F4/yr/l/pt_BR/x9ZrO_yAkJs.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fe46dda386757ac75fe68f7b274d2294a7780e9df2f4ca3b280dd43df7152cd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like_box.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfdf8d96cc58b6%26domain%3Dtimedopovo.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftimedopovo.tk%252Ff2ce85e328b4228%26relation%3Dparent.parent&color_scheme=light&container_width=300&header=true&height=300&href=https%3A%2F%2Fwww.facebook.com%2Ftimedopovonews%3Fref%3Dhl&locale=pt_BR&sdk=joey&show_border=true&show_faces=true&stream=false&width=300&_rdc=1&_rdr
Origin: https://www.facebook.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:48:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: JO+S22acG4SYBlkaynnUEA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 22968
x-fb-rlafr: 0
x-fb-debug: mZvr73Tk+5nV/TlR6TfcXNX+2qy4XCD511rkeUqAGJqE0UCnoj3wupgHedpBJWYt+oluVGK3dPdTxkv/ydJjIw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Fri, 03 Feb 2023 22:48:44 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 465C 42 B
64 B 87ms
87ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstRJNCNmg562_jQqmkFaWxBs5C1C_S4tHchnJKvIG11yN47MkXA5jVoJ7FrzjD57hqHFeVD9ZjuI4gfWYXxJ_1mmr4g-YVZwM2Tv58wb2SSAet-CdLVGg&sai=AMfl-YRaveuNj0aLwZPZ3uJVzYMfTCHYaSd5i1tck4maNSSndVtMtAa6Pl331K1av4sXrPlYDOsbSmpEG-Vs&sig=Cg0ArKJSzKDc9-oNYXYwEAE&id=lidar2&mcvt=1001&p=0,0,280,1000&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220209&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3290701847&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644564678207&rpt=1240&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 07:31:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 162126389_377230966935912_1257415983679306562_n.jpg
scontent-ams4-1.xx.fbcdn.net/v/t1.6435-9/p173x172/ Frame CDB3 5 KB
5 KB 383ms
316ms Image
image/jpeg 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-ams4-1.xx.fbcdn.net/v/t1.6435-9/p173x172/162126389_377230966935912_1257415983679306562_n.jpg?_nc_cat=104&ccb=1-5&_nc_sid=dd9801&_nc_ohc=xe1pCaybucgAX8xS006&_nc_ht=scontent-ams4-1.xx&edm=ANSO7JkEAAAA&oh=00_AT_abRMmtH0skWteDU6uGQYZpI0_wdDUfa49N7U-rH780w&oe=622C66FA
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfdf8d96cc58b6%26domain%3Dtimedopovo.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftimedopovo.tk%252Ff2ce85e328b4228%26relation%3Dparent.parent&color_scheme=light&container_width=300&header=true&height=300&href=https%3A%2F%2Fwww.facebook.com%2Ftimedopovonews%3Fref%3Dhl&locale=pt_BR&sdk=joey&show_border=true&show_faces=true&stream=false&width=300&_rdc=1&_rdr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: d8579af2c54f11352abb915b550533c1044a3a829dab28308a9b2ecd930ef7c0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-haystack-needlechecksum: 1547564174
date: Fri, 11 Feb 2022 07:31:21 GMT
x-fb-trip-id: 2074150462
last-modified: Fri, 19 Mar 2021 05:15:20 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2076410692
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: sKFJwp_8j7H6YTYK7kzzmrmB9Kb6HWyQz6_HAGca74rFOAH5fYzpVk7lBt5LvYUKMTEhzfC6JAqRileMkRtCbQ
cross-origin-resource-policy: cross-origin
x-needle-checksum: 305900824
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 5082

GET
H2 200 162390066_377230960269246_6419053152677816258_n.jpg
scontent-amt2-1.xx.fbcdn.net/v/t1.6435-1/cp0/p50x50/ Frame CDB3 2 KB
2 KB 112ms
42ms Image
image/jpeg 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-amt2-1.xx.fbcdn.net/v/t1.6435-1/cp0/p50x50/162390066_377230960269246_6419053152677816258_n.jpg?_nc_cat=105&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=Jqz_CFRbpwYAX8Grtyw&_nc_ht=scontent-amt2-1.xx&edm=ANSO7JkEAAAA&oh=00_AT_9nW--WBcglEORee1CiX3w8AT_ydQmIAEZKedZF97JUg&oe=622C07C0
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfdf8d96cc58b6%26domain%3Dtimedopovo.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftimedopovo.tk%252Ff2ce85e328b4228%26relation%3Dparent.parent&color_scheme=light&container_width=300&header=true&height=300&href=https%3A%2F%2Fwww.facebook.com%2Ftimedopovonews%3Fref%3Dhl&locale=pt_BR&sdk=joey&show_border=true&show_faces=true&stream=false&width=300&_rdc=1&_rdr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f006:21:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 7036fa2f8a7ef682e0080e3ea8dc0ead49e3c803a76d73a70a927eefb3174ad6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-haystack-needlechecksum: 3854558068
date: Fri, 11 Feb 2022 07:31:20 GMT
x-fb-trip-id: 1709462857
last-modified: Fri, 19 Mar 2021 05:15:20 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=269961139
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2642312792
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1692

GET
H3 200 SQZZiMWhOLh.png
www.facebook.com/rsrc.php/v3/yH/r/ Frame CDB3 767 B
819 B 36ms
35ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/yH/r/SQZZiMWhOLh.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/ym/l/0,cross/mFOZAZQcoqi.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

818ce38e548c8222a2d3d31e6739658683964f9233ae770d41a918ead12001bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.facebook.com/rsrc.php/v3/ym/l/0,cross/mFOZAZQcoqi.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 16:36:23 GMT
x-content-type-options: nosniff
content-md5: 7Ob9foDk+QbAEt4lrnDs0w==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 767
x-fb-rlafr: 0
x-fb-debug: 498zNt+tkkrbD4hYQD5kRx8EGGDeOj5FK4PYLhDEFoJNRVPIuNj6kgY5UYFIX7xd5EijHiXKd8ARJ303jK67UA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 07 Feb 2023 16:36:23 GMT

GET
H3 200 RHKJlxaGsHb.js Show response
www.facebook.com/rsrc.php/v3/yV/r/ Frame CDB3 22 KB
7 KB 35ms
35ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yV/r/RHKJlxaGsHb.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yf/r/mKJTiHBQduW.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dc661afb221b1ae218aaa434df4f88bbed344ad25d9fd957d7ec777b065fd3c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like_box.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfdf8d96cc58b6%26domain%3Dtimedopovo.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftimedopovo.tk%252Ff2ce85e328b4228%26relation%3Dparent.parent&color_scheme=light&container_width=300&header=true&height=300&href=https%3A%2F%2Fwww.facebook.com%2Ftimedopovonews%3Fref%3Dhl&locale=pt_BR&sdk=joey&show_border=true&show_faces=true&stream=false&width=300&_rdc=1&_rdr
Origin: https://www.facebook.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 23:10:26 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: FmPm6VCKw7i/aIOayuZ4lw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 7135
x-fb-rlafr: 0
x-fb-debug: RPXc4A2iTzKFTuHplC7DpIoEEFQKwmWGJ1OtXip8X1h+ooLr9VWx8BnM/0iFkPSHxgMqFzIW6yFPHok49EF2Gg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Wed, 01 Feb 2023 23:10:26 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.com
URL: http://www.google.com/cse/query_renderer.js

Domain: www.google.com
URL: http://www.google.com/cse/api/partner-pub-3432341997211165/cse/6624308046/queries/js?oe=ISO-8859-1&callback=(new+PopularQueryRenderer(document.getElementById(%22queries%22))).render

Domain: www.google.com
URL: http://www.google.com/afsonline/show_afs_search.js

Domain: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Domain: www.google.com.br
URL: http://www.google.com.br/coop/cse/brand?form=cse-search-box&lang=pt

Domain: statistcdn.com
URL: https://statistcdn.com/analyze.js?typeId=f

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/generate_204?jvu0Ow

Verdicts & Comments Add Verdict or Comment

188 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.timedopovo.tk/	1969-12-31 23:59:59	Name: __utmc Value: 204431381
.timedopovo.tk/	1970-01-20 05:12:12	Name: __utmz Value: 204431381.1644564678.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.timedopovo.tk/	1970-01-20 00:49:25	Name: __utmt Value: 1
.timedopovo.tk/	1970-01-20 18:20:36	Name: __utma Value: 204431381.2146188187.1644564678.1644564678.1644564678.1
.timedopovo.tk/	1970-01-20 00:49:26	Name: __utmb Value: 204431381.1.10.1644564678
.timedopovo.tk/	1970-01-20 10:11:00	Name: __gads Value: ID=3143a9ff7a45ae31-2275a46e3ccd005e:T=1644564678:RT=1644564678:S=ALNI_Mbnpe9E63v7Z0G7yPTcSsXUf-j4tg
.doubleclick.net/	1970-01-20 00:49:28	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 10:11:00	Name: IDE Value: AHWqTUn7TjQz6LiyMay5kH5QTxsZ45CDZqehwBnbdOXdtAj09Rrnr-6sWHu8nYdRaSM
.rlcdn.com/	1970-01-20 09:35:00	Name: rlas3 Value: ERaQ2OLDB5OkgkauN5Iv/zIQ6w7S1bQg72fISOKg7kY=
.rlcdn.com/	1970-01-20 02:15:48	Name: pxrc Value: CMehmJAGEgUI6AcQABIGCOndKhAA
.innovid.com/	1970-01-20 02:59:00	Name: uuid Value: 2db6b7a6-12a8-4036-b56a-b6f317474a13-20220211 02:31:19
.pubmatic.com/	1970-01-20 00:50:51	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 02:59:00	Name: KADUSERCOOKIE Value: 070865FC-3EA7-4439-B7AC-7C4C2650B806
.e.dlx.addthis.com/	1970-01-20 10:19:39	Name: na_tc Value: Y
.addthis.com/	1970-01-20 10:19:39	Name: na_id Value: 2022021107312000027427306007
.addthis.com/	1970-01-20 10:19:39	Name: na_tc Value: Y
.addthis.com/	1970-01-20 10:19:39	Name: uid Value: 620610c8926ee033
.addthis.com/	1970-01-20 10:19:39	Name: ouid Value: 620610c80001df34092fe79db5d3b5d055ecc9cfa48ebcc06ee8
.dlx.addthis.com/	1970-01-20 01:32:36	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 01:32:36	Name: na_sr Value: 20220211
.dlx.addthis.com/	1970-01-20 00:49:24	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 01:32:36	Name: na_sc_e Value: 0

32 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/logotdp.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/wp-content/themes/crystalhosting/images/vercompleto.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/wp-content/themes/crystalhosting/images/vercompleto.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/wp-content/themes/crystalhosting/images/vercompleto.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/wp-content/themes/crystalhosting/images/vercompleto.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/wp-content/themes/crystalhosting/images/vercompleto.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/wp-content/themes/crystalhosting/images/vercompleto.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/wp-content/themes/crystalhosting/images/vercompleto.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/wp-content/themes/crystalhosting/images/vercompleto.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/escudo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/(Line 367) Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/logotdp.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure script 'http://www.google.com/cse/query_renderer.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure script 'http://www.google.com/cse/api/partner-pub-3432341997211165/cse/6624308046/queries/js?oe=ISO-8859-1&callback=(new+PopularQueryRenderer(document.getElementById(%22queries%22))).render'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure script 'http://www.google.com/afsonline/show_afs_search.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure script 'http://pagead2.googlesyndication.com/pagead/show_ads.js'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/wp-content/themes/crystalhosting/images/vercompleto.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/wp-content/themes/crystalhosting/images/vercompleto.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/wp-content/themes/crystalhosting/images/vercompleto.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/wp-content/themes/crystalhosting/images/vercompleto.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/wp-content/themes/crystalhosting/images/vercompleto.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/wp-content/themes/crystalhosting/images/vercompleto.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/wp-content/themes/crystalhosting/images/vercompleto.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/wp-content/themes/crystalhosting/images/vercompleto.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/escudo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure script 'http://www.google.com.br/coop/cse/brand?form=cse-search-box&lang=pt'. This request has been blocked; the content must be served over HTTPS.
javascript	warning	URL: https://timedopovo.tk/(Line 811) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://adds.livreuso.tk/anuncios//show.php?z=29&j=1&code=1644564678092, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://timedopovo.tk/(Line 811) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://adds.livreuso.tk/anuncios//show.php?z=29&j=1&code=1644564678092, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	warning	URL: https://timedopovo.tk/(Line 847) Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=100&adk=702956917&adf=3434027193&pi=t.aa~a.1445354789~rp.1&w=540&fwrn=4&fwrnh=100&lmt=1644564678&rafmt=1&to=qs&pwprc=3910530028&psa=0&format=540x100&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644564678770&bpp=1&bdt=1030&idt=0&shv=r20220209&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3143a9ff7a45ae31-2275a46e3ccd005e%3AT%3D1644564678%3ART%3D1644564678%3AS%3DALNI_Mbnpe9E63v7Z0G7yPTcSsXUf-j4tg&prev_fmts=284x60%2C0x0%2C1000x280%2C300x240&nras=3&correlator=2457399506595&frm=20&pv=1&ga_vid=2146188187.1644564678&ga_sid=1644564678&ga_hid=1164196656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=452&ady=1420&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44753658%2C31064733%2C31063221&oid=2&pvsid=2549612257913985&pem=840&tmod=241333868&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=9d26CxYTnn&p=https%3A//timedopovo.tk&dtd=16 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/16984510133100292972/468x60/index.html".
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=100&adk=702956917&adf=3434027193&pi=t.aa~a.1445354789~rp.1&w=540&fwrn=4&fwrnh=100&lmt=1644564678&rafmt=1&to=qs&pwprc=3910530028&psa=0&format=540x100&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644564678770&bpp=1&bdt=1030&idt=0&shv=r20220209&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3143a9ff7a45ae31-2275a46e3ccd005e%3AT%3D1644564678%3ART%3D1644564678%3AS%3DALNI_Mbnpe9E63v7Z0G7yPTcSsXUf-j4tg&prev_fmts=284x60%2C0x0%2C1000x280%2C300x240&nras=3&correlator=2457399506595&frm=20&pv=1&ga_vid=2146188187.1644564678&ga_sid=1644564678&ga_hid=1164196656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=452&ady=1420&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44753658%2C31064733%2C31063221&oid=2&pvsid=2549612257913985&pem=840&tmod=241333868&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=9d26CxYTnn&p=https%3A//timedopovo.tk&dtd=16 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/16984510133100292972/468x60/index.html".
network	error	URL: https://statistcdn.com/analyze.js?typeId=f Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad.lomadee.com
adds.livreuso.tk
adservice.google.co.uk
adservice.google.com
ag.innovid.com
cm.g.doubleclick.net
connect.facebook.net
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
image6.pubmatic.com
indexanetwork.go2cloud.org
media.go2speed.org
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
scontent-ams4-1.xx.fbcdn.net
scontent-amt2-1.xx.fbcdn.net
sp-ao.shortpixel.ai
ssl.google-analytics.com
statistcdn.com
timedopovo.tk
tpc.googlesyndication.com
web.facebook.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.br
www.googletagservices.com
www.gstatic.com
www.timedopovo.tk
pagead2.googlesyndication.com
statistcdn.com
tpc.googlesyndication.com
www.google.com
www.google.com.br
104.76.200.221
108.157.4.7
142.250.181.226
142.250.185.134
142.250.185.226
146.59.70.99
185.64.190.78
185.93.1.242
2a00:1450:4001:801::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2001
2a00:1450:4001:810::2003
2a00:1450:4001:829::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2008
2a03:2880:f006:21:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:e:face:b00c:0:2
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d01c:1d8:8102:affb:bb24:d447:85fc
31.22.4.81
31.22.4.94
35.244.174.68
52.210.174.128
65.9.7.96
69.173.144.139
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
095141e7068ce4b679b220eb6c6ba5d4c49102c2343dbb9b71569c5e84a59079
096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f30bd9e991d10df533fb56030e4d7135c5d45e70b4003d4340a218258d4e745
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13100c8070455dafb3006e38bbdb3a0ad46669ff2656470a35fcaac0431d4393
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
204e26ceed9d428095faf4121c5049f1e106116971865681001c2298f7cc5689
2385df8c79cee7f545720703ab9d9d8d8613a6ca6ffdbfcce567f89a79ed6577
23f91e8fed1b07720dbb269a526666a72ca20e4af6388c95757f7469229708dd
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2d7741b28caeafe9728c103b91733ee54e6a65349dba3510ca6c161df38dac7d
2ef3959264092b72de9339f88c90054eed3c2c83a3e755b058df53ce75310ee7
308fafbb97005866373f59bd43ae3a6d0f97b6fc0bf6ea99e4b753bc41de550a
310a2eb7e8f9d87d39ee9c63324a3ff2c4cb7579bf34706ff4094a181eb65adf
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826
3a7b5f2e7e3fd51102d05b2706291210864e7890361d932311a18048073374ae
3b4cdcac0b1cdecd92288f13bb3e6e98c268619508efd3cd46b8b919e6617de8
3d352335adbe3acb3b3ac39b2594d5dc1ee80c7a8ef0c0f3873ad725bbb233bc
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4523fb8890917f1f588b09c10b086923294c006fcd2e8b3ddaaaaaee69ee6c7a
4cbf7198861cb1aef11540ae5931940688ba6317633ff48c0e744f287ebd84da
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5247cb13751d04dacc3f7e934b83d78bee995281da0a001ef6aae98b1ba31e61
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54cf14454c3a385610bbb19e36415c8262c5ecacf3dd54c2db8d1877022181df
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a02e2246cb69facdac93ae2789f172c7ad079808db6bf62f41af6c6c2857a95
5bf00b60bfba49cf4bbce90cbb43a26e569e034eafaaaed86199a0be12f73c03
5c2caa2ebfe924884ab90e6acde7bb78f661e469b62521241ae0b435713c1778
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
60b6fb70c39877b90333526914dbc0d47052cd8c4c298c421aaee2f9d6b48bcc
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63b0d31f6c1c010ab66aac9a67e7a94c289b26088c583fa9ef41a63b6fb5f564
64ad2b889e573ea0f48d0c21a22e7dbc47d08ca54dff2091e418e9b4b418be14
6bd760dc672e6d692fd30cca41e3629ab4c67d24fde1d13d2b3d5744fd06f351
70026657c87a5132b6a431dff968771873d699737fb63c32af45f5790a1a38c3
7036fa2f8a7ef682e0080e3ea8dc0ead49e3c803a76d73a70a927eefb3174ad6
74a14c3c9efff84398be5969f5ed596e76fd40786aa034907d67e2cafbf746d6
7961fb8e2c56c456004b8621329bcc73e2030785eb88be511bec404c80a659b7
7b59a3f59c0238a971ecd9855ef5e2bafe6fa28bb65a7aff3833448dfd9636d9
7e766b79dd1379bd7d253af61cc08ec4b6cb358e6a85fcd292ba4836ac7fc831
818ce38e548c8222a2d3d31e6739658683964f9233ae770d41a918ead12001bd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86f937a29eaee70aaf9935799a414bea46c62fb136cc0465f63f9d6820cf4982
87852b2933a18f87f4632a086a928e734c9e8ab17d09725d327906c5a42ee4c6
88814c4a71142d9d2c39cf00b166361bf6bea281f70e5caca5563a73e334e647
88f99f7451346524594c256652e87a14571331976592d46fd6a9b03c71cff121
8b1e7774eb229e39819b73fe09c359a6e558d5672bac0cb0ff557decdfc1e970
8cec5a85f5192ba77b4182d2202148e870ce6623bc972921796e56b5b03dfdae
98179f3daa4433078039b562c8a037b5179720f679570f1ebca4f9d09a84761a
986037628ef2f713282cdf6658e45f2d778e374635e2b7b6ec0f3e2fd9281ba3
9a1504732d1419da77127b509ef400002fa2a7fb8a4a6b1a1c9b432f93410e00
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e7c99e88d275b71c391636dddd6e462cf617317695f19ab52a31ed269ffebf4
9ff0a70c8f22c5318427f90801c2ca94f20d2c6a680d883922ebfdf66b394525
a08922f7698f6a95eea3c8123b08d4187f4ffd54d300c39b17e8f6315c132d9d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a33a18d3ade364ae94fdc88f786c869ff8b45cae9bf98f2e2a16dd1459d98cdc
a3661569477d5e6bb36453958e0cbdde3d14d9901d7eec13514cf5853230f261
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a984aa4dd8ef7b364554086f53750aadfeee7e5eb91194afa2b68eb776d7d090
aa21aa2159bc927338cb7dd69765ce181333573dfa87866a44f2332873efbcd1
aae3ed32244e62462fb36a4309d9e894d47b6a3bff7b308d709e9ac4d72bc624
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c
acc487f5eef68a42f6c9fab07cf9dc536566e278936090df417b11a0861110a1
b3b84e5e485619983c2f805dac6f3fde572d0c825c672d1a02f48af0149eea93
b57245994e1df062a0eb10265547e7d49d7e3007df0c1f409dd34a42e78430e6
b6c87e34a8918cb44cdba9606325887a96848b71f27e710a1cdc75ba7fa34cb8
b8e86c44c2f2cc0f6d192de5b6a94b23e3c60db1117bed35701ae1e7ec6cfe5a
ca8efa8af81d38ad527160b48ec24b8cefc2b12f72e1159162deecf974c3dd60
cbd509669e176f744af1c69d7c339e14127f4be4c59185d6c5ba6fe448fca6f9
cd3600e9be27f74665aba132c024322645a8e61af8dc08072c617386511268bb
ce2c2f487561a1e72f77b2c28bdf121fef04e9c7d3189f5affd499a3a8a77db5
cf904fd2211866586cb256a696153a1f72e1f020f782486feff507727c9b92e7
d108ce346075f8a89d54014d5a4efe0d4abf9a9a7013075425af7af0565c0f10
d158220bbc2149436617826017137687c88e352feba06f711bbbbd7d09a5d002
d21420e670e9be893b2af1fb01238a93a8269df2b7b771566ee614093ecf2d73
d3bf7343b421536e5abe699a349d6834ed734bfb0c000bba6c3abd34c9a18c3c
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7fb3412d3c0bca8a46e390f3d8e6858431bab6f2cc1465708ad40402ff31246
d80fab5ee1d7f0b78ba152171751dddd04cf3b4bfb9b7f83a16a9c4f0e8e33c8
d8579af2c54f11352abb915b550533c1044a3a829dab28308a9b2ecd930ef7c0
dc661afb221b1ae218aaa434df4f88bbed344ad25d9fd957d7ec777b065fd3c1
dcdf89c03c77ddfecca983f3193527d5ecadb6703589b8cdd0ba77ff0928ef2c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e503c59c36fc19803b2e9572b10e7c06236bda692aebd97f29e2a5a96f9aa5b6
e7daf8c3f2ab4f187d27170114598c581d00e834527d6bdb8c21716b1f1cc6f0
e91e5d8d14a6317de53f4288e035d823649e8d47697dee64a7bfd89548c0b684
e98cd00e7be004c4360ad0c38471911312d74a117babcc29f239935afc80c8cb
ecc7887421979537eaa490f95d6303435576bcb7ea059834798086f50702248f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f356c1330b17335df99dda5bb53bfd858ff27b903d555e9edb775b2c08d0b357
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
fa4921b4a9286703010ab2a2f33064e6fca5b1430791d0876c8269ea0bb85269
fc08809552becc11633f8ae84e133f62f1ee23689f6aa71d532ed5ab3ac3d821
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
fe46dda386757ac75fe68f7b274d2294a7780e9df2f4ca3b280dd43df7152cd5

timedopovo.tk Open in urlscan Pro 31.22.4.81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

168 Requests

82 %HTTPS

56 %IPv6

26 Domains

35 Subdomains

26 IPs

6 Countries

2114 kBTransfer

5201 kBSize

22 Cookies

7 Outgoing links

Redirected requests

168 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

timedopovo.tk Open in urlscan Pro
31.22.4.81 Public Scan

Screenshot
Live screenshot

Full Image

168
Requests

82 %
HTTPS

56 %
IPv6

26
Domains

35
Subdomains

26
IPs

6
Countries

2114 kB
Transfer

5201 kB
Size

22
Cookies

168 HTTP transactions
6 data transactions