ttdown.org Open in urlscan Pro
51.38.158.6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ttdown.org/
Submission: On May 23 via manual (May 23rd 2023, 11:42:47 am UTC) from US — Scanned from GE

Summary HTTP 141 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 27 IPs in 7 countries across 23 domains to perform 141 HTTP transactions. The main IP is 51.38.158.6, located in France and belongs to OVH, FR. The main domain is ttdown.org.
TLS certificate: Issued by R3 on May 11th 2023. Valid for: 3 months.

This is the only time ttdown.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	51.38.158.6 51.38.158.6	16276 (OVH) (OVH)
6	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.250.186.42 142.250.186.42	15169 (GOOGLE) (GOOGLE)
22	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.16.175.10 69.16.175.10	20446 (STACKPATH...) (STACKPATH-CDN)
7	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
17	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
4	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
34	172.217.18.97 172.217.18.97	15169 (GOOGLE) (GOOGLE)
4	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3	142.250.74.195 142.250.74.195	15169 (GOOGLE) (GOOGLE)
2	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
5 12	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1 4	142.250.186.36 142.250.186.36	15169 (GOOGLE) (GOOGLE)
2	142.250.184.202 142.250.184.202	15169 (GOOGLE) (GOOGLE)
4	216.239.32.3 216.239.32.3	15169 (GOOGLE) (GOOGLE)
1	108.177.15.154 108.177.15.154	15169 (GOOGLE) (GOOGLE)
2 2	15.197.193.217 15.197.193.217	() ()
1 1	107.23.98.28 107.23.98.28	() ()
1 1	108.128.131.233 108.128.131.233	16509 (AMAZON-02) (AMAZON-02)
1 1	52.45.175.185 52.45.175.185	() ()
2 3	213.180.193.90 213.180.193.90	13238 (YANDEX) (YANDEX)
1 2	104.102.35.84 104.102.35.84	() ()
1 1	35.208.249.213 35.208.249.213	() ()
1 1	172.217.16.206 172.217.16.206	() ()
2	74.125.162.134 74.125.162.134	() ()
1	142.250.184.232 142.250.184.232	() ()
141	27

5 51.38.158.6 (France)

ASN16276 (OVH, FR)
PTR: ip6.ip-51-38-158.eu

ttdown.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 172.217.18.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.74.195 (Staten Island, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.186.162 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.90 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.36 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.239.32.3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.177.15.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (None, ) 2 redirects

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.23.98.28 (None, ) 1 redirects

ASN- ()

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.131.233 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-131-233.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.175.185 (None, ) 1 redirects

ASN- ()

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.180.193.90 (Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.35.84 (None, ) 1 redirects

ASN- ()

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (None, ) 1 redirects

ASN- ()

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.206 (None, ) 1 redirects

ASN- ()

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.162.134 (None, )

ASN- ()

r1---sn-4g5ednde.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.232 (None, )

ASN- ()

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 tpc.googlesyndication.com — Cisco Umbrella Rank: 132	596 KB
32	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 337 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 bid.g.doubleclick.net — Cisco Umbrella Rank: 764	209 KB
14	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	188 KB
8	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	3 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 imasdk.googleapis.com — Cisco Umbrella Rank: 437	135 KB
6	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 199	159 KB
5	ttdown.org ttdown.org	17 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530	3 KB
4	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 276 gcdn.2mdn.net r1---sn-4g5ednde.c.2mdn.net	107 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	213 KB
3	yandex.ru 2 redirects an.yandex.ru — Cisco Umbrella Rank: 3501	981 B
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 214	3 KB
2	teads.tv 1 redirects sync.teads.tv	607 B
2	adsrvr.org 2 redirects match.adsrvr.org	1 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2440	37 KB
1	googletagmanager.com www.googletagmanager.com	62 KB
1	mediago.io 1 redirects trace.mediago.io	451 B
1	bluevoox.com 1 redirects im.bluevoox.com	521 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 423	713 B
1	fksnk.com 1 redirects fksnk.com	612 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 902	602 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 696	30 KB
0	google-analytics.com Failed www.google-analytics.com Failed
141	23

	Domain	Requested by
34	tpc.googlesyndication.com	googleads.g.doubleclick.net ttdown.org tpc.googlesyndication.com pagead2.googlesyndication.com imasdk.googleapis.com
22	pagead2.googlesyndication.com	ttdown.org pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net ttdown.org
12	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net
7	fonts.gstatic.com	fonts.googleapis.com
6	cdnjs.cloudflare.com	ttdown.org cdnjs.cloudflare.com
5	fonts.googleapis.com	ttdown.org googleads.g.doubleclick.net
5	ttdown.org	ttdown.org
4	csi.gstatic.com	imasdk.googleapis.com
4	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com code.jquery.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net ttdown.org
4	adservice.google.com	pagead2.googlesyndication.com
3	an.yandex.ru	2 redirects
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net www.google.com
2	r1---sn-4g5ednde.c.2mdn.net
2	sync.teads.tv	1 redirects
2	match.adsrvr.org	2 redirects
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	ttdown.org
2	stackpath.bootstrapcdn.com	ttdown.org
1	www.googletagmanager.com	code.jquery.com www.googletagmanager.com
1	gcdn.2mdn.net	1 redirects
1	trace.mediago.io	1 redirects
1	im.bluevoox.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	fksnk.com	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	s0.2mdn.net	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	code.jquery.com	ttdown.org
0	www.google-analytics.com Failed	www.googletagmanager.com
141	33

This site contains links to these domains. Also see Links.

Domain
www.tiktok.com
en.wikipedia.org
www.facebook.com
twitter.com
www.linkedin.com
www.tumblr.com

Subject Issuer	Validity	Valid
ttdown.org R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-05-16` - `2023-07-25`	2 months	crt.sh

This page contains 25 frames:

Primary Page: https://ttdown.org/
Frame ID: FDCD9A56C98B657F924502A74499FBE0
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20190131/zrt_lookup.html
Frame ID: B410DC10FB18B71B1A6570146B3EA068
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&adk=2020088507&adf=637443794&lmt=1684842162&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l%7C212x540_r&format=0x0&url=https%3A%2F%2Fttdown.org%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684842161697&bpp=11&bdt=632&idt=412&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=941331751448&frm=20&pv=2&ga_vid=1357945963.1684842162&ga_sid=1684842162&ga_hid=696901624&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31074199%2C42531706%2C44785293%2C44788441%2C44790154&oid=2&pvsid=693106297050337&tmod=473273729&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=436
Frame ID: FB79F7F7E44354005313EDEE0D8009B8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=280&adk=1266370990&adf=2427394704&pi=t.aa~a.2146518072~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684842162&rafmt=1&to=qs&pwprc=4777445207&format=1200x280&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684842161708&bpp=2&bdt=644&idt=434&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=941331751448&frm=20&pv=1&ga_vid=1357945963.1684842162&ga_sid=1684842162&ga_hid=696901624&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31074199%2C42531706%2C44785293%2C44788441%2C44790154&oid=2&pvsid=693106297050337&tmod=473273729&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Fp0bnCtRi5&p=https%3A//ttdown.org&dtd=445
Frame ID: BABCA1B2C1963A72A251ABC18C05ADCF
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=280&adk=2655906738&adf=2641485162&pi=t.aa~a.827312887~i.3~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1684842163&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4777445207&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684842163300&bpp=1&bdt=2235&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3fa60bdad60b63db-226ee159e6dd00b1%3AT%3D1684842162%3ART%3D1684842162%3AS%3DALNI_MZeXBvf9qH0fQ7pBh6ND4c3Q6B5Ig&gpic=UID%3D00000c281fc731a5%3AT%3D1684842162%3ART%3D1684842162%3AS%3DALNI_Ma6Vf6QGxQZox_9CPmygr1E8WwGOA&prev_fmts=0x0%2C1200x280&nras=3&correlator=941331751448&frm=20&pv=1&ga_vid=1357945963.1684842162&ga_sid=1684842162&ga_hid=696901624&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1865&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31074199%2C42531706%2C44785293%2C44788441%2C44790154&oid=2&pvsid=693106297050337&tmod=473273729&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=6pOK5iRsrJ&p=https%3A//ttdown.org&dtd=10
Frame ID: D135A5711F35D929F30E8E79DCDCCD6B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=280&adk=2655906738&adf=2244495584&pi=t.aa~a.827312887~i.12~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1684842163&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4777445207&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684842163300&bpp=1&bdt=2236&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3fa60bdad60b63db-226ee159e6dd00b1%3AT%3D1684842162%3ART%3D1684842162%3AS%3DALNI_MZeXBvf9qH0fQ7pBh6ND4c3Q6B5Ig&gpic=UID%3D00000c281fc731a5%3AT%3D1684842162%3ART%3D1684842162%3AS%3DALNI_Ma6Vf6QGxQZox_9CPmygr1E8WwGOA&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=941331751448&frm=20&pv=1&ga_vid=1357945963.1684842162&ga_sid=1684842162&ga_hid=696901624&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2399&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31074199%2C42531706%2C44785293%2C44788441%2C44790154&oid=2&pvsid=693106297050337&tmod=473273729&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=lyySc44Uo7&p=https%3A//ttdown.org&dtd=15
Frame ID: 9BEC3C1A65C8D3F126BB8F5C66A86B9B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=280&adk=2655906738&adf=4242353128&pi=t.aa~a.827312887~i.13~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1684842163&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4777445207&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684842163300&bpp=1&bdt=2235&idt=1&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3fa60bdad60b63db-226ee159e6dd00b1%3AT%3D1684842162%3ART%3D1684842162%3AS%3DALNI_MZeXBvf9qH0fQ7pBh6ND4c3Q6B5Ig&gpic=UID%3D00000c281fc731a5%3AT%3D1684842162%3ART%3D1684842162%3AS%3DALNI_Ma6Vf6QGxQZox_9CPmygr1E8WwGOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280&nras=5&correlator=941331751448&frm=20&pv=1&ga_vid=1357945963.1684842162&ga_sid=1684842162&ga_hid=696901624&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2703&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31074199%2C42531706%2C44785293%2C44788441%2C44790154&oid=2&pvsid=693106297050337&tmod=473273729&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qHr0gopENj&p=https%3A//ttdown.org&dtd=20
Frame ID: 8350CC4B70D13D9709B2F54A6AC2EFD0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=280&adk=723392857&adf=1724911246&pi=t.aa~a.3732354746~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1684842163&rafmt=1&to=qs&pwprc=4777445207&format=1200x280&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684842163328&bpp=1&bdt=2264&idt=1&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3fa60bdad60b63db-226ee159e6dd00b1%3AT%3D1684842162%3ART%3D1684842162%3AS%3DALNI_MZeXBvf9qH0fQ7pBh6ND4c3Q6B5Ig&gpic=UID%3D00000c281fc731a5%3AT%3D1684842162%3ART%3D1684842162%3AS%3DALNI_Ma6Vf6QGxQZox_9CPmygr1E8WwGOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=941331751448&frm=20&pv=1&ga_vid=1357945963.1684842162&ga_sid=1684842162&ga_hid=696901624&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31074199%2C42531706%2C44785293%2C44788441%2C44790154&oid=2&pvsid=693106297050337&tmod=473273729&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=T0DtKqU3Pk&p=https%3A//ttdown.org&dtd=9
Frame ID: 3C45EF1169FC418076647BA93217D09C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1
Frame ID: 99B2C7AE28099B57858ACA11B39F1900
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1
Frame ID: FAC8E5F20462C9792E23597EF32AA397
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3AC773D07C1F1E3684976F14BA6C373B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/index.html
Frame ID: 48F4E59ADEE33602A38E934651F2922C
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite_fy2021.js
Frame ID: D7106B95EA53DC40BCF8DBCFC867806B
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNP9m84DEJap6NMDGL_SzekBMAE&v=APEucNWFtl4qMWr2zYl8D2PdzYo9Mk4Ska8S7oQu2RP3vNCXgzLh1qVbbWFvSUAu22NxfFqCTB1-YFSZYq0vnrHIGURFAr5R6w
Frame ID: ABB505D09274B1AAE634B11C435658CD
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite_fy2021.js
Frame ID: B05B5A41F73562A5E7FEB2C0463C5E46
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=90&adk=3101682924&adf=523434623&pi=t.aa~a.701953935~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1684842163&rafmt=1&to=qs&pwprc=4777445207&format=1200x90&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684842163331&bpp=1&bdt=2266&idt=0&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3fa60bdad60b63db-226ee159e6dd00b1%3AT%3D1684842162%3ART%3D1684842162%3AS%3DALNI_MZeXBvf9qH0fQ7pBh6ND4c3Q6B5Ig&gpic=UID%3D00000c281fc731a5%3AT%3D1684842162%3ART%3D1684842162%3AS%3DALNI_Ma6Vf6QGxQZox_9CPmygr1E8WwGOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280%2C1200x280%2C144x540%2C200x540%2C728x90&nras=10&correlator=941331751448&frm=20&pv=1&ga_vid=1357945963.1684842162&ga_sid=1684842162&ga_hid=696901624&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4662&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31074199%2C42531706%2C44785293%2C44788441%2C44790154&oid=2&pvsid=693106297050337&tmod=473273729&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=8&fsb=1&xpc=I3O8lNIBFH&p=https%3A//ttdown.org&dtd=566
Frame ID: 65124516D161F95CB899AFA75F9AC63F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=280&adk=2548588883&adf=2226326653&pi=t.aa~a.2736633399~i.1~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1684842163&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4777445207&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684842163304&bpp=1&bdt=2240&idt=1&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3fa60bdad60b63db-226ee159e6dd00b1%3AT%3D1684842162%3ART%3D1684842162%3AS%3DALNI_MZeXBvf9qH0fQ7pBh6ND4c3Q6B5Ig&gpic=UID%3D00000c281fc731a5%3AT%3D1684842162%3ART%3D1684842162%3AS%3DALNI_Ma6Vf6QGxQZox_9CPmygr1E8WwGOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280%2C1200x280%2C144x540%2C200x540%2C728x90%2C1200x90&nras=11&correlator=941331751448&frm=20&pv=1&ga_vid=1357945963.1684842162&ga_sid=1684842162&ga_hid=696901624&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4284&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31074199%2C42531706%2C44785293%2C44788441%2C44790154&oid=2&psts=ABHeCvjrU9gFRiwaJkEtnSBGPhrsMIcUTH1dDjhZ1GThUsr6QuiVoCIidn1kdTxCginlqwG_J0gAOpRMUatApHUChOKDlE7r&pvsid=693106297050337&tmod=473273729&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=9&fsb=1&xpc=BCbqGEA9Vt&p=https%3A//ttdown.org&dtd=685
Frame ID: 6BD6E39FB36CD4088D678B2678496B40
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2612B3495B1789A678B11CB4489D2868
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 852A7229F90C84A076EDEB82E10AFC85
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Frame ID: CA262AAE32F07992B3B2196F25E95BDC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Frame ID: 58ED6A7480CEE5E3337D7D105D14BB76
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C6DEF8B6E20D9B9DF9616675A1EBF797
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 6FDA461B4A1B510783B8B5177F282CF0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0603FCA72E7A660E909E6B017C5D8A12
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F46BF5A8DE490A543A0236738D271043
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

download tiktok video in mp4 & mp3 formats free at ttdown.org

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

141
Requests

90 %
HTTPS

0 %
IPv6

23
Domains

33
Subdomains

27
IPs

7
Countries

1757 kB
Transfer

4547 kB
Size

15
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.tiktok.com/
Title: click here

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Bookmarklet
Title: bookmarklet

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://ttdown.org

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Download+twitter+Videos+Free+Fast+Secire&url=https://ttdown.org

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://ttdown.org&title=Download+twitter+Videos&summary=you+gotta+get+on+this&source=https://ttdown.org

Search URL Search Domain Scan URL

URL: https://www.tumblr.com/share/link?url=https://ttdown.org&name=twitter+Video+Downloader&description=good+stuff

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLLE8KVrygj85Mc5GL-0yg&google_cver=1

Request Chain 79

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZGymtBqodPoSlnQZrruRqAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLLE8KVrygj85Mc5GL-0yg&google_cver=1

Request Chain 80

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENF-MwOWui2wVK3fxARh04U&google_cver=1

Request Chain 81

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMyMTM0MDkxNDM5MzQ4NzU0OA%3D%3D

Request Chain 85

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 115

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGjlZTC6W9PpzQvX1whBJ7w&google_cver=1&google_push=ATf1kGNx_zTYo_i2M1fChMo5B_apgkhGgaPC-X7nfGEgTzTg0lkAJFfSRCWnrfg3UeEn1riIf2PnZG_S3NlqQFsAyDd25riEQPvqiLg HTTP 302
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEGjlZTC6W9PpzQvX1whBJ7w&google_cver=1&google_push=ATf1kGNx_zTYo_i2M1fChMo5B_apgkhGgaPC-X7nfGEgTzTg0lkAJFfSRCWnrfg3UeEn1riIf2PnZG_S3NlqQFsAyDd25riEQPvqiLg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MGI4MDE2NGYtNGJhOS00OGE5LWFlMTctMThjZTBhYmYzOTUx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=0b80164f-4ba9-48a9-ae17-18ce0abf3951

Request Chain 116

https://fksnk.com/cs/google?google_gid=CAESEMfRhrcdkGAUuYef2n49nPs&google_cver=1&google_push=ATf1kGNwW9DYnWDkgF_O2bwWZNpTugpt0NTg_sKW0dMelqpgsMRMDG-PNYmQmHw-D0Ru7o8_D5Vpgd9Clw2u6ZX_ceGYt3GMA-58YA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QjJGQkEzMDFCMEE2NzczOA==

Request Chain 117

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEG7D47ZYjidIUTazZvYqrQ&google_cver=1&google_push=ATf1kGPfafygYb755L8I5DPjoRtpVDhKmj3EaLkRFkyKrhXew-QJr5VjX1iwBZmr0c36m88zinXhI3_2ibbK6aXuUEz7hUYOE9nQ8nc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPfafygYb755L8I5DPjoRtpVDhKmj3EaLkRFkyKrhXew-QJr5VjX1iwBZmr0c36m88zinXhI3_2ibbK6aXuUEz7hUYOE9nQ8nc&google_hm=eS1qaUR2X3N4RTJwR29iU0ZSeTB5NW9yTnUzWnp0SG1aU35B

Request Chain 118

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEDinlJMntAjvcJLanKJjIbc&google_cver=1&google_push=ATf1kGPc0oov3AcCT6YxptRbFrTAvN5W4TrkOswg8ZP0qBHpegJ1wQvduMx6SxYDEGlX5rwjYrpQ_vq0X9nE18afPUVpMlHRrCjVjylt HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGPc0oov3AcCT6YxptRbFrTAvN5W4TrkOswg8ZP0qBHpegJ1wQvduMx6SxYDEGlX5rwjYrpQ_vq0X9nE18afPUVpMlHRrCjVjylt&google_hm=QlMuNDZlZi05YTQ1LTRjODktOTJlOA==

Request Chain 119

https://an.yandex.ru/mapuid/google/CAESEGg8v0mURblFOC4qvjwQ_qg?ext-param=ATf1kGPXsoN0I9ZQUPYBeQsUlcmO4A1Dtaqzkbys10KlFf5p9blg_8UY5qdGDDsZ5C3kc1l0HtlN9CqaPQLcGu-K50XezjhDTzvQbUw&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESEGg8v0mURblFOC4qvjwQ_qg?redir-setuniq=1&ext-param=ATf1kGPXsoN0I9ZQUPYBeQsUlcmO4A1Dtaqzkbys10KlFf5p9blg_8UY5qdGDDsZ5C3kc1l0HtlN9CqaPQLcGu-K50XezjhDTzvQbUw&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEGg8v0mURblFOC4qvjwQ_qg&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 120

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEB037KGcZ73yCGHVhUmhxA8&google_cver=1&google_push=ATf1kGMbYyI0wlmjjJMRTKRpvDLSYNFWvihc0_tTvYSsKLE8SqaKslXxrj9v8dcYvmfe80AAwpyNzrmxQJ2ghhyrfmDzkPTWLyfPWq87 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=OTkzOGIyM2QtMTM1ZS00ZjBhLWIxZWMtODNmNjE0NzBmZjBm&google_push=ATf1kGMbYyI0wlmjjJMRTKRpvDLSYNFWvihc0_tTvYSsKLE8SqaKslXxrj9v8dcYvmfe80AAwpyNzrmxQJ2ghhyrfmDzkPTWLyfPWq87 HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 121

https://trace.mediago.io/cs/google?google_gid=CAESELkbLckIUhZSNRMmXL86KaI&google_cver=1&google_push=ATf1kGP_bIk6LcK8VFUY6xa3XQjSxZFJQcMA8Eo8_dnyqU5VBTCjLmh_zE9Fs8pX6m82dvZs6kezodgspgMzx53aZpfYiimA6XXNQj-R HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ATf1kGP_bIk6LcK8VFUY6xa3XQjSxZFJQcMA8Eo8_dnyqU5VBTCjLmh_zE9Fs8pX6m82dvZs6kezodgspgMzx53aZpfYiimA6XXNQj-R&google_hm=f103b30e66f541f5c573d05a0a9881e0

Request Chain 128

https://gcdn.2mdn.net/videoplayback/id/9e40dbd633b40c9a/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1716378165/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/0E0913AC2CECBD02D1A1363AE5A04F51196D6D32.72E7275E41A23B3DBB4A2146F312F1A94AB6F9E6/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-4g5ednde.c.2mdn.net/videoplayback/id/9e40dbd633b40c9a/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1716378165/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/66575978CDA5F0729B2E329DCA3061180858E907.6D22864F9A4AD2C99C0E7D4C98BC46D12C058350/key/cms1/cms_redirect/yes/mh/-n/mip/91.239.206.129/mm/42/mn/sn-4g5ednde/ms/onc/mt/1684841137/mv/u/mvi/1/pl/24/file/file.mp4

141 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ttdown.org/ 23 KB
8 KB 776ms
364ms Document
text/html 51.38.158.6
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ttdown.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.38.158.6 , France, ASN16276 (OVH, FR),
Reverse DNS: ip6.ip-51-38-158.eu
Software: nginx/1.20.1 / PHP/7.3.15
Resource Hash: e6949d53ceaf277b213f5859edda3fa099350c26009e7b6db7b866df1e135aa6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 23 May 2023 11:42:40 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx/1.20.1
vary: Accept-Encoding
x-powered-by: PHP/7.3.15

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.3.1/css/ 48 KB
9 KB 414ms
140ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.3.1/css/all.min.css

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:42:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7641473
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8608
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-be09"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ia509CkQzzfyO5%2FVqq8Eazk3RVpdPbFhzdtmWJzj0Mf0CvVpgZQG%2B2cB%2FDFYy7iiyjfPi3N1hl2uVY5HVPu33przD0j%2FZMGHdQP1h5ZpYt4zWHscjtxXbr0NivYZAHcHTrI6Dtj%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7cbd0974c9f62be4-FRA
expires: Sun, 12 May 2024 11:42:41 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
899 B 422ms
142ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&display=swap

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

3333a2035912d27f9f31d7ef4d7a59aab880a4a89fa54a729dcdf1bc8bcdb81c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 23 May 2023 11:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 23 May 2023 11:42:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 May 2023 11:42:41 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
644 B 423ms
144ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100,400&display=swap

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

687133f955bb2cc174679c6ff91a1d2f6c811dbf1d87672d06ed083614dedb3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 23 May 2023 11:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 23 May 2023 11:42:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 May 2023 11:42:41 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
47 KB 474ms
196ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

627424e174570d45b62256732dbf1faff5f3efeb10a31f437f8c270e5e838749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:42:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47491
x-xss-protection: 0
server: cafe
etag: 16322852045359196673
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 23 May 2023 11:42:41 GMT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/ 138 KB
22 KB 484ms
214ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ttdown.org/
Origin: https://ttdown.org
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:42:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 756
age: 157677
cdn-cachedat: 11/21/2022 20:38:40
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"04aca1f4cd3ec3c05a75a879f3be75a3"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: bce6959397a6c857c69143810441d7f2
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7cbd0974def79b5e-FRA
cdn-requestpullsuccess: True

GET
H2 200 ttdown-tiktok-download-logo-small.gif
ttdown.org/img/ 3 KB
3 KB 234ms
234ms Image
image/gif 51.38.158.6
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ttdown.org/img/ttdown-tiktok-download-logo-small.gif
Requested by: Host: ttdown.org
URL: https://ttdown.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.38.158.6 , France, ASN16276 (OVH, FR),
Reverse DNS: ip6.ip-51-38-158.eu
Software: nginx/1.20.1 /
Resource Hash: 21c2d6302a4d274fba11433436022a7e1e4f076af1017031c2679b6dcf5eb230

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:42:41 GMT
last-modified: Thu, 05 Mar 2020 03:30:40 GMT
server: nginx/1.20.1
accept-ranges: bytes
etag: "5e607260-d1c"
content-length: 3356
content-type: image/gif

GET
H2 200 default.css
ttdown.org/css/ 10 KB
3 KB 238ms
237ms Stylesheet
text/css 51.38.158.6
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ttdown.org/css/default.css?v00003
Requested by: Host: ttdown.org
URL: https://ttdown.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.38.158.6 , France, ASN16276 (OVH, FR),
Reverse DNS: ip6.ip-51-38-158.eu
Software: nginx/1.20.1 /
Resource Hash: 36b425707de4faa39f3d768f13f7f4c72dbc9103f0a68f6ad7e0298fd5449dba

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:42:41 GMT
content-encoding: gzip
last-modified: Thu, 05 Mar 2020 03:30:39 GMT
server: nginx/1.20.1
etag: W/"5e60725f-297e"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 379ms
126ms Script
application/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: ttdown.org
URL: https://ttdown.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer: https://ttdown.org/
Origin: https://ttdown.org
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:42:41 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1538f"
vary: Accept-Encoding
x-hw: 1684842161.dop207.ve1.t,1684842161.cds247.ve1.hn,1684842161.cds239.ve1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 50 KB
15 KB 413ms
145ms Script
application/javascript 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ttdown.org/
Origin: https://ttdown.org
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:42:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1048
age: 157677
cdn-cachedat: 11/11/2022 02:42:40
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"67176c242e1bdc20603c878dee836df3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 768ad4060708969eff0885e92c4ccf9e
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7cbd0974def99b5e-FRA
cdn-requestpullsuccess: True

GET
H2 200 jquery.easing.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.4.1/ 2 KB
1 KB 395ms
140ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.4.1/jquery.easing.min.js

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:42:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 327822
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 747
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-9e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=itKqJUihe%2FsnmV%2FObEswzbAsJVjyvcub2EZitLf%2FNDOkCRdF8Iv%2BnwHHjecsb8onMXFU%2Be1sAJEsroJJlSOSPX6CQFAQXQDkc1yAR00qW0X7rJG%2BtmU3W%2BImM6aq%2F%2FOyiS7iiFTO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7cbd0974c9f82be4-FRA
expires: Sun, 12 May 2024 11:42:41 GMT

GET
H2 200 jquery.lazy.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.10/ 5 KB
3 KB 394ms
139ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.10/jquery.lazy.min.js

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64fbc7f830625ecd6ff3293b96665aebec2a9be9336f02fd47508eb59f7ec23a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:42:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1068822
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2092
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-139f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e7NYSkfCOyU4AaofIxylIFL5%2Boh5Ap4OcSti5iP10X3tH6KbPMbx%2BZ6SIj%2F52NmJnyJNsXhsqXm74ZED%2Basau3LoPZTbu17wy6Rs3%2Fx9kB8O9dULida%2FAPofAPrLZshrky4SFRs8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7cbd0974c9fb2be4-FRA
expires: Sun, 12 May 2024 11:42:41 GMT

GET
H2 200 default.js Show response
ttdown.org/js/ 4 KB
2 KB 220ms
219ms Script
application/javascript 51.38.158.6
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ttdown.org/js/default.js?v0007
Requested by: Host: ttdown.org
URL: https://ttdown.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.38.158.6 , France, ASN16276 (OVH, FR),
Reverse DNS: ip6.ip-51-38-158.eu
Software: nginx/1.20.1 /
Resource Hash: 8b2474b764a8cfd1b5664776d16b24ba4a2a3519734ebb7d83dda5447f3c976c

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:42:41 GMT
content-encoding: gzip
last-modified: Tue, 22 Feb 2022 12:29:44 GMT
server: nginx/1.20.1
etag: W/"6214d738-11cc"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 jquery.lazy.av.min.js Show response
ttdown.org/vendor/ 1001 B
737 B 237ms
236ms Script
application/javascript 51.38.158.6
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ttdown.org/vendor/jquery.lazy.av.min.js
Requested by: Host: ttdown.org
URL: https://ttdown.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.38.158.6 , France, ASN16276 (OVH, FR),
Reverse DNS: ip6.ip-51-38-158.eu
Software: nginx/1.20.1 /
Resource Hash: 4b2ddf9caf0636f523f0ce76e534131e699e82a8b79fbf7e37ca48e9c69f1f75

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:42:41 GMT
content-encoding: gzip
last-modified: Thu, 05 Mar 2020 03:30:44 GMT
server: nginx/1.20.1
etag: W/"5e607264-3e9"
vary: Accept-Encoding
content-type: application/javascript

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.3.1/webfonts/ 66 KB
67 KB 279ms
139ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.3.1/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.3.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90f1126b989142c6bc5d440d488b3cad4e6ef9d421c5735fc733eca246dc37b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.3.1/css/all.min.css
Origin: https://ttdown.org
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:42:41 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 56703
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67400
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-10748"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AKq6anYleGMajg7Iim3CJl5G9nDXAqGnpulY4ndfyXSNN8kfW2%2Bn0HyVo6ykBk5LcpV%2FxfT0IybnDmqimhD4XYzKWv3Bzowd0NcPheKZhMPJOFyX6o9ejsroNvvcrFPH7Q9mtjZ1"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7cbd0976fe783802-FRA
expires: Sun, 12 May 2024 11:42:41 GMT

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.3.1/webfonts/ 64 KB
64 KB 409ms
270ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.3.1/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.3.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b2f16d928f9ac95f54a28ca48aa43ef5196f4870789a5822d781caf6dd51375

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.3.1/css/all.min.css
Origin: https://ttdown.org
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:42:41 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 325807
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 65316
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-ff24"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aUNOjtYgRHNX8aLGznF1PM7TbWqZE1iIxNaE862x2omaYl%2BZwKDv1MfywCjhfuI9ncaHEUSBbtvpOiMfpk21bmwXAo50DY87LGEYn4b72IKqmg4d94Ug03kp%2BqOmIJJshjZCVjwz"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7cbd0976fe7b3802-FRA
expires: Sun, 12 May 2024 11:42:41 GMT

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.3.1/webfonts/ 15 KB
15 KB 1331ms
1192ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.3.1/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.3.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

086ef1821ec1abf73e68581524767210cbbcc879ae07def1cf46fc9fff4e9d4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.3.1/css/all.min.css
Origin: https://ttdown.org
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:42:41 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2238411
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14868
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-3a14"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OEtMJKNFAfncnIvbG0%2FPnXz7lmtcUgRAjGKJruJhnSY3Ii9akCYyMtuAq%2FRi3ALZk8RVjayjyRp%2FvcTY8O07YRBsLxfq0FlvW7oBDTKOkZUOtNVtGXd8U2vgPOMMmo%2Fm9rU5mLEx"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7cbd0976fe7c3802-FRA
expires: Sun, 12 May 2024 11:42:41 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 406ms
132ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ttdown.org
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:41:26 GMT
x-content-type-options: nosniff
age: 75
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2024 11:41:26 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 543ms
270ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ttdown.org
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 00:06:44 GMT
x-content-type-options: nosniff
age: 300957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 00:06:44 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v24/ 24 KB
24 KB 501ms
228ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ttdown.org
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 11:58:03 GMT
x-content-type-options: nosniff
age: 258278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24408
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:14:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 11:58:03 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 590ms
316ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ttdown.org
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 11:05:17 GMT
x-content-type-options: nosniff
age: 261444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 11:05:17 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/ 354 KB
120 KB 239ms
238ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

c969ae2f3cb5173ecbd0a9d9a185f7097acdf2ed67fde49c4cf9404f7144f5d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:42:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122572
x-xss-protection: 0
server: cafe
etag: 13593738735902550125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 11:42:41 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230518/r20190131/ Frame B410 10 KB
5 KB 424ms
133ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230518/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttdown.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 46089
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 May 2023 22:54:33 GMT
etag: 15057649708203361565
expires: Mon, 05 Jun 2023 22:54:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
602 B 415ms
139ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ttdown.org&callback=_gfp_s_&client=ca-pub-0916766851103338

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

bcc5c51ffd1e5e7aea3573ed95a13ba6ec7ac86bccfb7d3ddee9238b3fc3f2df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:42:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 445ms
146ms Script
application/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ttdown.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:42:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 173ms
173ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&id=mainNav&cls=navbar%20navbar-expand-lg%20bg-secondary%20fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 11:42:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FB79 413 KB
110 KB 920ms
916ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&adk=2020088507&adf=637443794&lmt=1684842162&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l%7C212x540_r&format=0x0&url=https%3A%2F%2Fttdown.org%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684842161697&bpp=11&bdt=632&idt=412&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=941331751448&frm=20&pv=2&ga_vid=1357945963.1684842162&ga_sid=1684842162&ga_hid=696901624&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31074199%2C42531706%2C44785293%2C44788441%2C44790154&oid=2&pvsid=693106297050337&tmod=473273729&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=436

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

699244fb8617e058116fae6cde6318421b79ba1b3634f652ad6bb29c9b82d3a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttdown.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 112820
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 11:42:42 GMT
expires: Tue, 23 May 2023 11:42:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BABC 106 KB
36 KB 1086ms
1085ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=280&adk=1266370990&adf=2427394704&pi=t.aa~a.2146518072~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684842162&rafmt=1&to=qs&pwprc=4777445207&format=1200x280&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684842161708&bpp=2&bdt=644&idt=434&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=941331751448&frm=20&pv=1&ga_vid=1357945963.1684842162&ga_sid=1684842162&ga_hid=696901624&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31074199%2C42531706%2C44785293%2C44788441%2C44790154&oid=2&pvsid=693106297050337&tmod=473273729&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Fp0bnCtRi5&p=https%3A//ttdown.org&dtd=445

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

75b61b9ab5d154f13add8df3576af1f38edc2a861d026169497ed6427d92040a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttdown.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36310
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 11:42:43 GMT
expires: Tue, 23 May 2023 11:42:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame BABC 9 KB
1 KB 152ms
147ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=280&adk=1266370990&adf=2427394704&pi=t.aa~a.2146518072~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684842162&rafmt=1&to=qs&pwprc=4777445207&format=1200x280&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684842161708&bpp=2&bdt=644&idt=434&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=941331751448&frm=20&pv=1&ga_vid=1357945963.1684842162&ga_sid=1684842162&ga_hid=696901624&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31074199%2C42531706%2C44785293%2C44788441%2C44790154&oid=2&pvsid=693106297050337&tmod=473273729&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Fp0bnCtRi5&p=https%3A//ttdown.org&dtd=445

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 23 May 2023 11:42:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 23 May 2023 11:26:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 May 2023 11:42:43 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/ 152 KB
51 KB 187ms
186ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

6c3d68aede97060eb3d4714f467343ed22ac3cdd453368d907c98502fe35d630

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:42:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52641
x-xss-protection: 0
server: cafe
etag: 17268270960031559151
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 11:42:43 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 146ms
145ms Script
application/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ttdown.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:42:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D135 430 B
231 B 414ms
413ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=280&adk=2655906738&adf=2641485162&pi=t.aa~a.827312887~i.3~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1684842163&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4777445207&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684842163300&bpp=1&bdt=2235&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3fa60bdad60b63db-226ee159e6dd00b1%3AT%3D1684842162%3ART%3D1684842162%3AS%3DALNI_MZeXBvf9qH0fQ7pBh6ND4c3Q6B5Ig&gpic=UID%3D00000c281fc731a5%3AT%3D1684842162%3ART%3D1684842162%3AS%3DALNI_Ma6Vf6QGxQZox_9CPmygr1E8WwGOA&prev_fmts=0x0%2C1200x280&nras=3&correlator=941331751448&frm=20&pv=1&ga_vid=1357945963.1684842162&ga_sid=1684842162&ga_hid=696901624&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1865&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31074199%2C42531706%2C44785293%2C44788441%2C44790154&oid=2&pvsid=693106297050337&tmod=473273729&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=6pOK5iRsrJ&p=https%3A//ttdown.org&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

01f396593f27f868c9078d8936f9527a2e5954e619214955a1e3f1137e3d4231

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttdown.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 11:42:43 GMT
expires: Tue, 23 May 2023 11:42:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9BEC 430 B
232 B 443ms
443ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=280&adk=2655906738&adf=2244495584&pi=t.aa~a.827312887~i.12~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1684842163&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4777445207&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684842163300&bpp=1&bdt=2236&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3fa60bdad60b63db-226ee159e6dd00b1%3AT%3D1684842162%3ART%3D1684842162%3AS%3DALNI_MZeXBvf9qH0fQ7pBh6ND4c3Q6B5Ig&gpic=UID%3D00000c281fc731a5%3AT%3D1684842162%3ART%3D1684842162%3AS%3DALNI_Ma6Vf6QGxQZox_9CPmygr1E8WwGOA&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=941331751448&frm=20&pv=1&ga_vid=1357945963.1684842162&ga_sid=1684842162&ga_hid=696901624&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2399&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31074199%2C42531706%2C44785293%2C44788441%2C44790154&oid=2&pvsid=693106297050337&tmod=473273729&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=lyySc44Uo7&p=https%3A//ttdown.org&dtd=15

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

a410ac2084cfe559780089ab607aa273003ed1beb3212e4e5d3d754e55d53de3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttdown.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 208
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 11:42:43 GMT
expires: Tue, 23 May 2023 11:42:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8350 430 B
231 B 449ms
448ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=280&adk=2655906738&adf=4242353128&pi=t.aa~a.827312887~i.13~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1684842163&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4777445207&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684842163300&bpp=1&bdt=2235&idt=1&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3fa60bdad60b63db-226ee159e6dd00b1%3AT%3D1684842162%3ART%3D1684842162%3AS%3DALNI_MZeXBvf9qH0fQ7pBh6ND4c3Q6B5Ig&gpic=UID%3D00000c281fc731a5%3AT%3D1684842162%3ART%3D1684842162%3AS%3DALNI_Ma6Vf6QGxQZox_9CPmygr1E8WwGOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280&nras=5&correlator=941331751448&frm=20&pv=1&ga_vid=1357945963.1684842162&ga_sid=1684842162&ga_hid=696901624&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2703&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31074199%2C42531706%2C44785293%2C44788441%2C44790154&oid=2&pvsid=693106297050337&tmod=473273729&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qHr0gopENj&p=https%3A//ttdown.org&dtd=20

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

3cf0bcffc1c363baf95fbcab6a0ec49f263c28ffddac249866b7e76843ae2dc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttdown.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 11:42:43 GMT
expires: Tue, 23 May 2023 11:42:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3C45 430 B
232 B 520ms
520ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=280&adk=723392857&adf=1724911246&pi=t.aa~a.3732354746~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1684842163&rafmt=1&to=qs&pwprc=4777445207&format=1200x280&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684842163328&bpp=1&bdt=2264&idt=1&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3fa60bdad60b63db-226ee159e6dd00b1%3AT%3D1684842162%3ART%3D1684842162%3AS%3DALNI_MZeXBvf9qH0fQ7pBh6ND4c3Q6B5Ig&gpic=UID%3D00000c281fc731a5%3AT%3D1684842162%3ART%3D1684842162%3AS%3DALNI_Ma6Vf6QGxQZox_9CPmygr1E8WwGOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=941331751448&frm=20&pv=1&ga_vid=1357945963.1684842162&ga_sid=1684842162&ga_hid=696901624&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31074199%2C42531706%2C44785293%2C44788441%2C44790154&oid=2&pvsid=693106297050337&tmod=473273729&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=T0DtKqU3Pk&p=https%3A//ttdown.org&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e547761634314a5393bcf43987b6305b7a4a889782d6d057ef5027d6d376d074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttdown.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 208
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 11:42:43 GMT
expires: Tue, 23 May 2023 11:42:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame BABC 2 KB
846 B 479ms
204ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 22:21:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48071
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 22:21:32 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BABC 0
0 177ms
177ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CiS8UsqZsZMSpEfSextYPy6W0wAXzofD-a4uWi83PEK3RveDkCRABII7dnwNgjfLSA6ABpLu98CjIAQmoAwHIA8sEqgTWAU_QiHrhbHiDF5Ln0ajBNigCKEuPgb1_KM3PBmFx58igS8Kidm9Jj0rcdA__WD2qLyiNFITY_WQx-Xk8f26A-ZCWSnlzZRwMQmBuk7A4PaLuzn61XTDQxc_sA5Kz_R3ASvepXnwhucx1WGkXL6nvDgAUTKsLG-J4zlhNRD3D5qq4kO9z8vEU1pFG3Y83Tj7gfUsNTpDRRBNu3jgl1A3FJAGGDAAFd7PVIfgfg4FRFF5ZJ_qQLeIZ19A1KUj08XqgfKNeI68n1kWQsQEDJ40z3Np9_uqtzcPABPCKi_CfBJIFBAgEGAGSBQQIBRgEoAYugAek843QA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPKnB9IIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB2BMK0BUBgBcBshccChoIABIUcHViLTA5MTY3NjY4NTExMDMzMzgYAA&sigh=zTas6H9ZyTc&uach_m=[UACH]&cid=CAQSGwBygQiDSYBZz4h8dYva6KlHXDyuKtgLIkL5KhgB&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=280&adk=1266370990&adf=2427394704&pi=t.aa~a.2146518072~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684842162&rafmt=1&to=qs&pwprc=4777445207&format=1200x280&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684842161708&bpp=2&bdt=644&idt=434&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=941331751448&frm=20&pv=1&ga_vid=1357945963.1684842162&ga_sid=1684842162&ga_hid=696901624&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31074199%2C42531706%2C44785293%2C44788441%2C44790154&oid=2&pvsid=693106297050337&tmod=473273729&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Fp0bnCtRi5&p=https%3A//ttdown.org&dtd=445
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 23 May 2023 11:42:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 23 May 2023 11:42:43 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/ Frame BABC 22 KB
9 KB 403ms
131ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 22:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 22:18:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame BABC 3 KB
1 KB 474ms
203ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 09:48:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6827
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 09:48:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame BABC 19 KB
8 KB 410ms
139ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 22:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 22:18:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BABC 171 KB
54 KB 439ms
154ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:42:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 11:42:43 GMT

GET
H2 200 32da0f4bcd46006ef465cafdfe68b840.js Show response
www.gstatic.com/mysidia/ Frame BABC 32 KB
14 KB 429ms
138ms Script
text/javascript 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/32da0f4bcd46006ef465cafdfe68b840.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 May 2023 20:30:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 573124
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13640
x-xss-protection: 0
last-modified: Tue, 16 May 2023 20:07:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 14 Aug 2023 20:30:39 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/13811607104787092934/ Frame BABC 53 KB
53 KB 474ms
207ms Image
image/jpeg 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13811607104787092934/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

0258afeff0367fe63afe9bb6bbec9620ddd59d0b1f88acc71cbd65895b79b135

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:05:48 GMT
x-content-type-options: nosniff
age: 81415
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54003
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 20:51:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 May 2024 13:05:48 GMT

GET
DATA 200
OK truncated
/ Frame BABC 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame BABC 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 141ms
141ms Script
application/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ttdown.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:42:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/ Frame 99B2 10 KB
4 KB 135ms
134ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttdown.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 46264
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 May 2023 22:51:39 GMT
etag: 15057649708203361565
expires: Mon, 05 Jun 2023 22:51:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/ Frame FAC8 10 KB
4 KB 132ms
131ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttdown.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 46264
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 May 2023 22:51:39 GMT
etag: 15057649708203361565
expires: Mon, 05 Jun 2023 22:51:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/ Frame 3AC7 10 KB
4 KB 133ms
132ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttdown.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 46264
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 May 2023 22:51:39 GMT
etag: 15057649708203361565
expires: Mon, 05 Jun 2023 22:51:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/ Frame 48F4 78 KB
19 KB 147ms
143ms Document
text/html 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/index.html

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

0faedd2819c623985a1b68d34507498882d1d7c5611acfecfa507ac5ded6a798

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 323732
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 17685
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 17:47:11 GMT
expires: Sat, 18 May 2024 17:47:11 GMT
last-modified: Mon, 06 Mar 2023 21:39:23 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/ Frame D710 22 KB
9 KB 132ms
132ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite_fy2021.js

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 22:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 22:18:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame D710 3 KB
1 KB 143ms
142ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 09:48:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6827
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 09:48:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame D710 19 KB
8 KB 137ms
137ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 22:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 22:18:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D710 171 KB
53 KB 161ms
161ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:42:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 11:42:43 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FAC8 9 KB
932 B 139ms
138ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 23 May 2023 11:42:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 23 May 2023 10:20:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 May 2023 11:42:43 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame FAC8 2 KB
799 B 149ms
148ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 22:21:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48071
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 22:21:32 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/ Frame FAC8 22 KB
9 KB 146ms
146ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 22:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 22:18:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame FAC8 3 KB
1 KB 147ms
145ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 09:48:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6827
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 09:48:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame FAC8 19 KB
8 KB 147ms
145ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 22:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 22:18:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FAC8 171 KB
53 KB 228ms
227ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:42:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 11:42:43 GMT

GET
H2 200 32da0f4bcd46006ef465cafdfe68b840.js Show response
www.gstatic.com/mysidia/ Frame FAC8 32 KB
13 KB 141ms
140ms Script
text/javascript 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/32da0f4bcd46006ef465cafdfe68b840.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 May 2023 20:30:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 573124
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13640
x-xss-protection: 0
last-modified: Tue, 16 May 2023 20:07:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 14 Aug 2023 20:30:39 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame ABB5 624 B
242 B 170ms
169ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNP9m84DEJap6NMDGL_SzekBMAE&v=APEucNWFtl4qMWr2zYl8D2PdzYo9Mk4Ska8S7oQu2RP3vNCXgzLh1qVbbWFvSUAu22NxfFqCTB1-YFSZYq0vnrHIGURFAr5R6w

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 11:42:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230518/r20110914/ Frame B05B 22 KB
9 KB 139ms
138ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite_fy2021.js

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 22:12:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48643
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 22:12:00 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230518/r20110914/elements/html/ Frame B05B 7 KB
3 KB 144ms
143ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230518/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

49b6c56eb31409bd9d3761794191cce2ecb0de4de4b475ab71810de512cb926e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 22:33:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3047
x-xss-protection: 0
server: cafe
etag: 5552017188384030315
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 22:33:44 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B05B 0
0 458ms
178ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstaNVHgQ0a3Rc81o_A9CmJTGEMOnGY7CFHSXEQZAtU5mbjOUmBS0FsAjBGmO0jXwuuI6DRuvknzpoesY_k9T7z-q0JKf19tqrqXQ-XbPBXguf3TiWDZGTBdpnkRDqbSft05eWKQmr9wxcuDfFE189yGpuEkGucHLj2rkF4n53bPs6XacGy-O7295BBRfL5dgL1mnjlE-1XFxVunVUlaH3mfQRo8Y4clrf5yuVFguqTlqRotLqvtcToPAGwXyZ2ka4B_AvzBXob28l9QQZaTEzSAxn-1I1JFbRnGcyzeCCmZe5Xul1AfQwvvFW-GKA_H3Lkr8bX38fDIEBkXY-aAGi_Ylojlkbg8KpMJ-Op85a_wOIw5ldp7W8NbkrchmPPTg78hpRoA2KWa5cKqRmKc3ybjPdz94v_z6mhM0poRJ7KUXkYd6b_Q8vBSss0Sxj_TNlSRxS78CV6KrETSAuUaZ8KCgA4tnolKK2svjw4HL7TJfl72-babmJudWnCkkxG9to2dsDyaZqHI2O29TvZRI2yzrblZQ1RNSC3m2UA4FUpwk7he9S9J-3zpWmBQLmrQbzVpLSBNQIUbaFa9Ue24OYh_6fDs3Z7_LWWF6YKhe981_m1BRJqjMrtnBaKUqogzyLW3vd0jHbO-vjGgiWevLb6fpwrI3vEEwBoRQ6LjJ2DsP7NxPq6DDfRHdn3wwW0W-gm_yyVLfnxGXaM9hVCQKFfWH9Y-B5fssbJvBMXM4SWGkOTfcVVcVaXIDDMX-ZZxfO0vGQYf4CTWXNemCapG9KsCrDzpfLPOpEqaqV0gBiWnYKdLuVgBkIbSSK3bX4wtpxTT8fpzgcYPWpZZQqhlBfEW5fGg85J2ssbOJhPKd6Wvm6lbu12zO3iBIhD1EO-eyU2FjpsdI2f6bJjgp03EUwf2SNe5KPZx2PQbLUUNtqZPkKUuVcqjYoUJNhXmglcCJOcJjA93Dt8vh0QFK4UoruVxPGLjNYoUAyRivE6ddHtFxdKoqVYM-vFIk-YUYBq6th0FfDjhp6WUSaRkFPpsUGiaYohQULNW-WZxXLyEqmStAnkhH6XQtn6wBMTJRiB_ECz5n6rv5OCmDpx9NXHl6jGjgBAupsYkvxT0dUzD5Zfm9efPRthTlwinV5ask9-Jfbs&sai=AMfl-YQShRpz9wGb6dcTxzVGwFzCwzYa531I4UOz246GNkEaupswTi4gP-dOHLrAmJ9KfyLglhY2IGKivYdPtfJSb2WddbdN1QK0ef0jicTkzRZNB8BI3l2izZedDNS5jJUqhIhAjBouDYFT5W4TeJoy1JPiU4vrHKNYQ--BCJJi5bsHpzhzPVZIb7KkPgvsRHDDm6rulb3pfCmTqqEQr9y28SmdWEyI7wkq2euFIAdVC10&sig=Cg0ArKJSzKCDEHxp4zzqEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230518.80893&arae=0&ftch=1&adurl=

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 23 May 2023 11:42:44 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 23 May 2023 11:42:44 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B05B 41 KB
15 KB 132ms
131ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 May 2023 19:05:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146248
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 May 2024 19:05:15 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame B05B 3 KB
1 KB 166ms
165ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 09:48:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6827
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 09:48:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame B05B 19 KB
8 KB 162ms
161ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 22:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 22:18:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B05B 171 KB
53 KB 189ms
188ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:42:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 11:42:43 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B05B 42 B
63 B 182ms
182ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DMi7lkr25MMw4C6jErdcOxW5CAU7CnwUmCqv6yL1nEr8v-YKyGaZL6vtmTb57DiHQzLH8g0vlzhx9OE0X7rgB5a5YuYKjiEzVXhIqfJzSC0hwMlLc

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 11:42:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2466728037614656147
s0.2mdn.net/simgad/ Frame B05B 105 KB
106 KB 438ms
136ms Image
image/jpeg 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2466728037614656147

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

f688faaa5effe9b48f473d25d61dc9209bfd5f0d44fde8ba4049f0fff7c7057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:28:10 GMT
x-content-type-options: nosniff
age: 414874
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 108005
x-xss-protection: 0
last-modified: Thu, 11 May 2023 09:10:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 May 2024 16:28:10 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6512 430 B
228 B 428ms
427ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=90&adk=3101682924&adf=523434623&pi=t.aa~a.701953935~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1684842163&rafmt=1&to=qs&pwprc=4777445207&format=1200x90&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684842163331&bpp=1&bdt=2266&idt=0&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3fa60bdad60b63db-226ee159e6dd00b1%3AT%3D1684842162%3ART%3D1684842162%3AS%3DALNI_MZeXBvf9qH0fQ7pBh6ND4c3Q6B5Ig&gpic=UID%3D00000c281fc731a5%3AT%3D1684842162%3ART%3D1684842162%3AS%3DALNI_Ma6Vf6QGxQZox_9CPmygr1E8WwGOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280%2C1200x280%2C144x540%2C200x540%2C728x90&nras=10&correlator=941331751448&frm=20&pv=1&ga_vid=1357945963.1684842162&ga_sid=1684842162&ga_hid=696901624&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4662&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31074199%2C42531706%2C44785293%2C44788441%2C44790154&oid=2&pvsid=693106297050337&tmod=473273729&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=8&fsb=1&xpc=I3O8lNIBFH&p=https%3A//ttdown.org&dtd=566

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

0a6f92603171c43b1935e99492ef81cd31f6c18afc3cf117057cc59e40ceb25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttdown.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 208
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 11:42:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BABC 222 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c918b9002b83251ea78dff8197a053d65016eca8e50f28e15832b0d87be071c2

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 148ms
147ms Script
application/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ttdown.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:42:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6BD6 79 KB
25 KB 470ms
469ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=280&adk=2548588883&adf=2226326653&pi=t.aa~a.2736633399~i.1~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1684842163&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4777445207&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684842163304&bpp=1&bdt=2240&idt=1&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3fa60bdad60b63db-226ee159e6dd00b1%3AT%3D1684842162%3ART%3D1684842162%3AS%3DALNI_MZeXBvf9qH0fQ7pBh6ND4c3Q6B5Ig&gpic=UID%3D00000c281fc731a5%3AT%3D1684842162%3ART%3D1684842162%3AS%3DALNI_Ma6Vf6QGxQZox_9CPmygr1E8WwGOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280%2C1200x280%2C144x540%2C200x540%2C728x90%2C1200x90&nras=11&correlator=941331751448&frm=20&pv=1&ga_vid=1357945963.1684842162&ga_sid=1684842162&ga_hid=696901624&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4284&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31074199%2C42531706%2C44785293%2C44788441%2C44790154&oid=2&psts=ABHeCvjrU9gFRiwaJkEtnSBGPhrsMIcUTH1dDjhZ1GThUsr6QuiVoCIidn1kdTxCginlqwG_J0gAOpRMUatApHUChOKDlE7r&pvsid=693106297050337&tmod=473273729&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=9&fsb=1&xpc=BCbqGEA9Vt&p=https%3A//ttdown.org&dtd=685

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ca95d5bb0ca0ff09d3c406c67682050696d33185f3afe606a554d33ce399d6e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttdown.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 25943
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 11:42:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame BABC 29 KB
29 KB 143ms
138ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 22:26:30 GMT
x-content-type-options: nosniff
age: 220574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 22:26:30 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2612 143 B
166 B 137ms
132ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 1910
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 11:10:54 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 48F4 16 KB
6 KB 132ms
131ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:20:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1344
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 24 May 2023 11:20:20 GMT

GET
H2 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 48F4 34 KB
13 KB 135ms
134ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:15:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1627
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 24 May 2023 11:15:37 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame ABB5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLLE8KVrygj85Mc5GL-0yg&google_cver=1

43 B
766 B

162ms
133ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLLE8KVrygj85Mc5GL-0yg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNP9m84DEJap6NMDGL_SzekBMAE&v=APEucNWFtl4qMWr2zYl8D2PdzYo9Mk4Ska8S7oQu2RP3vNCXgzLh1qVbbWFvSUAu22NxfFqCTB1-YFSZYq0vnrHIGURFAr5R6w
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 May 2023 11:42:44 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 23 May 2023 11:42:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLLE8KVrygj85Mc5GL-0yg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame ABB5
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZGymtBqodPoSlnQZrruRqAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLLE8KVrygj85Mc5GL-0yg&google_cver=1

43 B
766 B

175ms
172ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLLE8KVrygj85Mc5GL-0yg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNP9m84DEJap6NMDGL_SzekBMAE&v=APEucNWFtl4qMWr2zYl8D2PdzYo9Mk4Ska8S7oQu2RP3vNCXgzLh1qVbbWFvSUAu22NxfFqCTB1-YFSZYq0vnrHIGURFAr5R6w
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 May 2023 11:42:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 23 May 2023 11:42:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLLE8KVrygj85Mc5GL-0yg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame ABB5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENF-MwOWui2wVK3fxARh04U&google_cver=1

43 B
1 KB

183ms
154ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENF-MwOWui2wVK3fxARh04U&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNP9m84DEJap6NMDGL_SzekBMAE&v=APEucNWFtl4qMWr2zYl8D2PdzYo9Mk4Ska8S7oQu2RP3vNCXgzLh1qVbbWFvSUAu22NxfFqCTB1-YFSZYq0vnrHIGURFAr5R6w

Protocol

HTTP/1.1

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 May 2023 11:42:44 GMT
AN-X-Request-Uuid: 3ead5aa9-0488-4bb1-8e9b-cb73f2a2972e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 91.239.206.129; 91.239.206.129; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 May 2023 11:42:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENF-MwOWui2wVK3fxARh04U&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame ABB5
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMyMTM0MDkxNDM5MzQ4NzU0OA%3D%3D

170 B
243 B

222ms
188ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMyMTM0MDkxNDM5MzQ4NzU0OA%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 11:42:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 23 May 2023 11:42:44 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.129; 91.239.206.129; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 3e21d137-6dc5-42f1-bd58-c3ae2517812f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMyMTM0MDkxNDM5MzQ4NzU0OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 852A 22 KB
8 KB 135ms
133ms Document
text/html 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 145876
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 19:11:28 GMT
expires: Mon, 20 May 2024 19:11:28 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B05B 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd0a76ace43ddce0644418afdf581564c4fadef1d78ee2e5529c98615dd0950d

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js Show response
pagead2.googlesyndication.com/bg/ Frame CA26 37 KB
14 KB 150ms
149ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 09:39:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14738
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 09:39:27 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2612
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

170ms
169ms

Document
text/html

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 11:42:44 GMT
expires: Tue, 23 May 2023 11:42:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 11:42:44 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js Show response
pagead2.googlesyndication.com/bg/ Frame 58ED 37 KB
14 KB 146ms
145ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 09:39:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14738
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 09:39:27 GMT

GET
H3 200 b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js Show response
pagead2.googlesyndication.com/bg/ Frame 852A 37 KB
14 KB 143ms
142ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 09:39:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14738
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 09:39:27 GMT

GET
H3 200 b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js Show response
pagead2.googlesyndication.com/bg/ Frame 48F4 37 KB
14 KB 177ms
177ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 09:39:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14738
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 09:39:27 GMT

GET
H3 200 pointer.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/ Frame 48F4 3 KB
3 KB 179ms
178ms Image
image/png 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/pointer.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

e4813004f9dd490d0c2a5e29573d379a14b2ece47e9df1372b9be4fc09976c3b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 20 May 2023 14:53:37 GMT
x-content-type-options: nosniff
age: 247747
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2647
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 21:39:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 14:53:37 GMT

GET
H3 200 528-160X600-H_update-min.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/ Frame 48F4 10 KB
10 KB 176ms
175ms Image
image/png 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/528-160X600-H_update-min.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

6ced0d1103081681fc1f185912ba4f48dc82c618f37a705321e88d1a1db01fdd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 20 May 2023 18:10:25 GMT
x-content-type-options: nosniff
age: 235939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10426
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 21:39:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 18:10:25 GMT

GET
H3 200 528-160X600-H_text_03-min.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/ Frame 48F4 3 KB
3 KB 177ms
175ms Image
image/png 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/528-160X600-H_text_03-min.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

51e1cbfe5af810413d8b3ca8ba04ca28a335c96655c7f257b51891be4c92a540

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 20 May 2023 18:10:25 GMT
x-content-type-options: nosniff
age: 235939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3128
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 21:39:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 18:10:25 GMT

GET
H3 200 528-160X600-H_text_02-min.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/ Frame 48F4 3 KB
3 KB 175ms
173ms Image
image/png 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/528-160X600-H_text_02-min.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

a8957dd3af4adece81523a6eeac91ca913db89fc6301187b09adea3e007c4612

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 20 May 2023 17:14:16 GMT
x-content-type-options: nosniff
age: 239308
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3119
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 21:39:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 17:14:16 GMT

GET
H3 200 528-160X600-H_highlight-min.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/ Frame 48F4 417 B
445 B 276ms
274ms Image
image/png 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/528-160X600-H_highlight-min.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

2d155b4465661994d76921f55e37218b57391e3da467144b40617a86779bf6f4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 20 May 2023 09:10:47 GMT
x-content-type-options: nosniff
age: 268317
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 417
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 21:39:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 09:10:47 GMT

GET
H3 200 528-160X600-H_overlay-min.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/ Frame 48F4 10 KB
10 KB 183ms
181ms Image
image/png 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/528-160X600-H_overlay-min.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

22fee121efaae9c42415da69cb891340db51341e73417057d0f4d3e67c4605fa

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 20 May 2023 22:02:20 GMT
x-content-type-options: nosniff
age: 222024
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10659
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 21:39:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 22:02:20 GMT

GET
H3 200 528-160X600-H_text_01-min.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/ Frame 48F4 3 KB
3 KB 273ms
272ms Image
image/png 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/528-160X600-H_text_01-min.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

87f920c1b37240da3c30c40234508360004510c3ef13cdcac2316ba712c85011

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sun, 21 May 2023 00:26:02 GMT
x-content-type-options: nosniff
age: 213402
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3414
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 21:39:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 20 May 2024 00:26:02 GMT

GET
H3 200 528-160X600-H_background-min.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/ Frame 48F4 6 KB
6 KB 213ms
211ms Image
image/jpeg 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/76807628416675132/528-160x600-h/528-160X600-H_background-min.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

12a4fb1b594b0f572b57bef778faaf835507b0c891619ad9920e6bbba4f00f6c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 20 May 2023 19:59:06 GMT
x-content-type-options: nosniff
age: 229418
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5945
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 21:39:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 19:59:06 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/ Frame 6BD6 22 KB
9 KB 149ms
136ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=280&adk=2548588883&adf=2226326653&pi=t.aa~a.2736633399~i.1~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1684842163&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4777445207&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684842163304&bpp=1&bdt=2240&idt=1&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3fa60bdad60b63db-226ee159e6dd00b1%3AT%3D1684842162%3ART%3D1684842162%3AS%3DALNI_MZeXBvf9qH0fQ7pBh6ND4c3Q6B5Ig&gpic=UID%3D00000c281fc731a5%3AT%3D1684842162%3ART%3D1684842162%3AS%3DALNI_Ma6Vf6QGxQZox_9CPmygr1E8WwGOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280%2C1200x280%2C144x540%2C200x540%2C728x90%2C1200x90&nras=11&correlator=941331751448&frm=20&pv=1&ga_vid=1357945963.1684842162&ga_sid=1684842162&ga_hid=696901624&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4284&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31074199%2C42531706%2C44785293%2C44788441%2C44790154&oid=2&psts=ABHeCvjrU9gFRiwaJkEtnSBGPhrsMIcUTH1dDjhZ1GThUsr6QuiVoCIidn1kdTxCginlqwG_J0gAOpRMUatApHUChOKDlE7r&pvsid=693106297050337&tmod=473273729&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=9&fsb=1&xpc=BCbqGEA9Vt&p=https%3A//ttdown.org&dtd=685

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 22:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48240
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 22:18:44 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6BD6 8 KB
750 B 152ms
140ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 23 May 2023 11:42:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 23 May 2023 10:55:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 May 2023 11:42:44 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame 6BD6 15 KB
3 KB 457ms
146ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

sffe /

Resource Hash

7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 05:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2883
x-xss-protection: 0
last-modified: Wed, 17 May 2023 00:43:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2024 05:06:06 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame 6BD6 371 KB
127 KB 457ms
147ms Script
text/javascript 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

sffe /

Resource Hash

464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 May 2023 12:23:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 515978
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130330
x-xss-protection: 0
last-modified: Wed, 17 May 2023 00:43:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 May 2024 12:23:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 6BD6 19 KB
8 KB 177ms
166ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 22:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48240
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 22:18:44 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6BD6 0
0 283ms
149ms Image
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRyAMM92XrmgMKEo5Efg9zp9S3Hu1pYmV_zGgP4nVtEB3tRZ7tgYKba98LVyLN3jJb1DJKqkbLbai2V2d7ZQZmHygjExA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=280&adk=2548588883&adf=2226326653&pi=t.aa~a.2736633399~i.1~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1684842163&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4777445207&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684842163304&bpp=1&bdt=2240&idt=1&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3fa60bdad60b63db-226ee159e6dd00b1%3AT%3D1684842162%3ART%3D1684842162%3AS%3DALNI_MZeXBvf9qH0fQ7pBh6ND4c3Q6B5Ig&gpic=UID%3D00000c281fc731a5%3AT%3D1684842162%3ART%3D1684842162%3AS%3DALNI_Ma6Vf6QGxQZox_9CPmygr1E8WwGOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280%2C1200x280%2C144x540%2C200x540%2C728x90%2C1200x90&nras=11&correlator=941331751448&frm=20&pv=1&ga_vid=1357945963.1684842162&ga_sid=1684842162&ga_hid=696901624&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4284&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31074199%2C42531706%2C44785293%2C44788441%2C44790154&oid=2&psts=ABHeCvjrU9gFRiwaJkEtnSBGPhrsMIcUTH1dDjhZ1GThUsr6QuiVoCIidn1kdTxCginlqwG_J0gAOpRMUatApHUChOKDlE7r&pvsid=693106297050337&tmod=473273729&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=9&fsb=1&xpc=BCbqGEA9Vt&p=https%3A//ttdown.org&dtd=685
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B05B 0
0 210ms
171ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstaNVHgQ0a3Rc81o_A9CmJTGEMOnGY7CFHSXEQZAtU5mbjOUmBS0FsAjBGmO0jXwuuI6DRuvknzpoesY_k9T7z-q0JKf19tqrqXQ-XbPBXguf3TiWDZGTBdpnkRDqbSft05eWKQmr9wxcuDfFE189yGpuEkGucHLj2rkF4n53bPs6XacGy-O7295BBRfL5dgL1mnjlE-1XFxVunVUlaH3mfQRo8Y4clrf5yuVFguqTlqRotLqvtcToPAGwXyZ2ka4B_AvzBXob28l9QQZaTEzSAxn-1I1JFbRnGcyzeCCmZe5Xul1AfQwvvFW-GKA_H3Lkr8bX38fDIEBkXY-aAGi_Ylojlkbg8KpMJ-Op85a_wOIw5ldp7W8NbkrchmPPTg78hpRoA2KWa5cKqRmKc3ybjPdz94v_z6mhM0poRJ7KUXkYd6b_Q8vBSss0Sxj_TNlSRxS78CV6KrETSAuUaZ8KCgA4tnolKK2svjw4HL7TJfl72-babmJudWnCkkxG9to2dsDyaZqHI2O29TvZRI2yzrblZQ1RNSC3m2UA4FUpwk7he9S9J-3zpWmBQLmrQbzVpLSBNQIUbaFa9Ue24OYh_6fDs3Z7_LWWF6YKhe981_m1BRJqjMrtnBaKUqogzyLW3vd0jHbO-vjGgiWevLb6fpwrI3vEEwBoRQ6LjJ2DsP7NxPq6DDfRHdn3wwW0W-gm_yyVLfnxGXaM9hVCQKFfWH9Y-B5fssbJvBMXM4SWGkOTfcVVcVaXIDDMX-ZZxfO0vGQYf4CTWXNemCapG9KsCrDzpfLPOpEqaqV0gBiWnYKdLuVgBkIbSSK3bX4wtpxTT8fpzgcYPWpZZQqhlBfEW5fGg85J2ssbOJhPKd6Wvm6lbu12zO3iBIhD1EO-eyU2FjpsdI2f6bJjgp03EUwf2SNe5KPZx2PQbLUUNtqZPkKUuVcqjYoUJNhXmglcCJOcJjA93Dt8vh0QFK4UoruVxPGLjNYoUAyRivE6ddHtFxdKoqVYM-vFIk-YUYBq6th0FfDjhp6WUSaRkFPpsUGiaYohQULNW-WZxXLyEqmStAnkhH6XQtn6wBMTJRiB_ECz5n6rv5OCmDpx9NXHl6jGjgBAupsYkvxT0dUzD5Zfm9efPRthTlwinV5ask9-Jfbs&sai=AMfl-YQShRpz9wGb6dcTxzVGwFzCwzYa531I4UOz246GNkEaupswTi4gP-dOHLrAmJ9KfyLglhY2IGKivYdPtfJSb2WddbdN1QK0ef0jicTkzRZNB8BI3l2izZedDNS5jJUqhIhAjBouDYFT5W4TeJoy1JPiU4vrHKNYQ--BCJJi5bsHpzhzPVZIb7KkPgvsRHDDm6rulb3pfCmTqqEQr9y28SmdWEyI7wkq2euFIAdVC10&sig=Cg0ArKJSzKCDEHxp4zzqEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=725&vt=11&dtpt=723&dett=2&cstd=0&cisv=r20230518.80893&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: ttdown.org
URL: https://ttdown.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:42:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 23 May 2023 11:42:44 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 852A 0
20 B 183ms
179ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Byn43sqZsZLiCEaPMxtYP5pKt4AIAAAAAOAHgBAI&bg=!n5ylnMjNAAZ8_aWmXP07ADkAdvg8WpuV1ZrWwSj4-vBmr4zzLmef-uMwVsfqtNK_lXCbpkE613F3qbyzychADJkQR6Qt7s6MqZUCAAAAyFIAAAACaAEHmQLvTwKfdS6hYjIzhbAei1mxaQ-1Po7MP8XIXZrUafz8DXWlKeP96e8Xuq5XXvun3ecGQ73_AEnH6Kd_NRItOP58Us3DXkhRKlTVZ73XMQb5ET7h-KHMgaRKGkKJJNE4CpWHlGQP7KglKwSZ40bAhJRPTTpXI34BsgF5AIFF_WWf0MRug_dbF8_tqqXd_ALvI1J2T7nh8gOaKnyyvyAipwdRA4MzfN-JF0kOAIplErcXHpB27Eh_TF61UT8q_zz4wRftIT3CBPlnqPP9xpj8bILwkA-OXka7CahDtUdO0aHS7az0k3gU3UKaMd2D7fi6tFf8nYXzpTvThP5UTQLKEiSE2KQvQ1wJivyjBXM8cMXEYHNDWNb_TplkFx3AfZYw5twoUpG3Lk2RDxf_c6CnWzOW-ZDduXsoQ0rrSTnBnGJ5rWsnes1Y92OJdhqVXMVa_by4H0vYsOtnOBrHGQTiX64ZT42qQw4Gf_tOgP3kSJaNVLFrckM2n9lfbRBCr0LaSQ6n8KFWnwSQSq74FtI0Sny5lykmfZ5MiC8mD7avzBlHhPeomY-UUKJIBnGpAxteSW39ToPtJGWuF8R-lXvcLQHVsh7ufaWkZCFXDYNyRnUgc7DPAhuqKOKvvavNkegsHK4eXo6z5OzZ-n7rYMt8dPtGQnKFmdNVgu5mITR3kjJfLZc4LBBO2xsMZU18R3S1TuScyULRZoCUKzdmMoYVw2tdDJcnq4M0l0fFPAKIgKNqXHcSGVrezvy0bqt4EOvH9bWJT3B5p0LYyo1g1qUSEay6fE696MyhUqXZgHDOXDX7HsbQyhRunEMeUlgLo9ld6jrL20wxFg08bezso5Ltpz3teNYwCGS9mOl2pG0lhdq9cLxyWzmQMe7xqbf_R9pMASMJY8wA9ZtTLgFhQ2SOCLrHv0yaRqMmY3tMtliRzEE2Ggotlwn46yuV16_1L7a65XCGylth0U-jqXQYPsrNhc4_a9spd5fXjasDwgWhJVLNOw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 11:42:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BABC 42 B
64 B 480ms
170ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv6LrZo7Ymwz9U2bAR5bEva6vIn_hotM9w9Qk4HtF-QAO-68EsHJ2naz8Aqhxz-iUDMbCbLqyPUaTE-cFbTH2CVzLWjcmJEDJmpscIo3lFnLi9kXcJOxm9WmcpTkPQ8xGCRM_4&sai=AMfl-YRggjxAcIin4HyWi-xLE1XFU-NjumNCu961yglq4lMS_Y1cYlSZLIuxCwUBPa7J6ORGYMBrB3mwHgoA&sig=Cg0ArKJSzJ-Wg00LBYzjEAE&cid=CAQSGwBygQiDSYBZz4h8dYva6KlHXDyuKtgLIkL5KhgB&id=lidar2&mcvt=1004&p=0,0,280,1200&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20230522&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1266370990&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684842162154&rpt=2095&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 11:42:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 6BD6 0
234 B 459ms
145ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~li07iuzz&c=7520858593943&slotId=3760429296971.5&qqid=CIbKx5Wui_8CFS-X0QQdegMIyQ&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 11:42:45 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6BD6 15 KB
16 KB 136ms
136ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 06:22:44 GMT
x-content-type-options: nosniff
age: 278401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 06:22:44 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6BD6 15 KB
15 KB 136ms
136ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 06:10:15 GMT
x-content-type-options: nosniff
age: 279150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 06:10:15 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6BD6 0
20 B 188ms
188ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CAFRVtKZsZIagB6-uxtYP-oagyAyf6vO9cNG_vbu3Ef2B5LbrAhABII7dnwNgjQLIAQWpAgclfThyH7I-qAMByAObBKoE-QFP0Kfb_sgFQ3h1FONxtm9V0z-jQe_EQqLeEhvNTR9cous5esuddSC_AmahhCulA6tSmLSMES_ThYXINpAfIgbGQbBNrc8jsCOcOCjwl8hvA5lzjs1Ewop8M2ZtqANMCDSjjdPPh2bLVgIJrE4SkVQPOZd7T6o5OrheJwwfBkBEv3iVgj9J_8Scu59H-4IweZFUQKskNT6DbuZgSzKT7Hvnu63cYjQvmbmF66VWolZVLPKWBNCNqVBkcNorg-TL51_cKrZ8bDm51U-kaHamUlSQHQPxgUbY51GDwieSwr0P_QxKYusWF_5FIs3jaDAnFTGz63m0gwqJKwnABMTo6a7KBOAEA5AGAaAGdoAHvNHZnwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYHzICigI6AoBASL39wTqACgHICwHgCwGADAGwE-LwqRPIE_Xp4OID2BMKiBQC2BQB0BUB-BYBgBcB6BcF&eventType=clickstring&clientTime=1684842165379&ai=CAFRVtKZsZIagB6-uxtYP-oagyAyf6vO9cNG_vbu3Ef2B5LbrAhABII7dnwNgjQLIAQWpAgclfThyH7I-qAMByAObBKoE-QFP0Kfb_sgFQ3h1FONxtm9V0z-jQe_EQqLeEhvNTR9cous5esuddSC_AmahhCulA6tSmLSMES_ThYXINpAfIgbGQbBNrc8jsCOcOCjwl8hvA5lzjs1Ewop8M2ZtqANMCDSjjdPPh2bLVgIJrE4SkVQPOZd7T6o5OrheJwwfBkBEv3iVgj9J_8Scu59H-4IweZFUQKskNT6DbuZgSzKT7Hvnu63cYjQvmbmF66VWolZVLPKWBNCNqVBkcNorg-TL51_cKrZ8bDm51U-kaHamUlSQHQPxgUbY51GDwieSwr0P_QxKYusWF_5FIs3jaDAnFTGz63m0gwqJKwnABMTo6a7KBOAEA5AGAaAGdoAHvNHZnwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYHzICigI6AoBASL39wTqACgHICwHgCwGADAGwE-LwqRPIE_Xp4OID2BMKiBQC2BQB0BUB-BYBgBcB6BcF

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 11:42:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 6BD6 0
54 B 437ms
146ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~li07iv0m&c=7520858593943&slotId=3760429296971.5&qqid=CIbKx5Wui_8CFS-X0QQdegMIyQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.135&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 11:42:45 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 6BD6 29 KB
16 KB 485ms
186ms XHR
text/xml 108.177.15.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BGmhASao5tEaJHGC-wL2M3tXeEopTgVKIkGm7eVv8G4znvisSOr-T1bV1TCy-HFjDyzUSMBs-RiL0kmnrnmAPlbIY2sA&cry=1&dbm_d=AKAmf-Alb8BvUoxv0qxx_s9oqDO6fqfcyY90nrUsBTOqDxbLNFdpEFFgaRblxz8N3gw5ly7GMF_aUwydpyOk_8nZ1YqeDyy36OWbRGgINR3rgmMEtaeK5YDH_E_tyUbmTD24lNKdeOGLRHNB8Psq6cJnhcOFL1u7-BsPfnfasGCs_j_oVBqMtmbZa8q4WROTStkQ5f8d-o7TYinRjcYPC1VAlc11_PQdBbrmvXoOfNZ0aeT5g6NTlwQhshWyYlUpUjpXnYsSzHRBxK8ULSWBQAQvqILzr7jc0Eu4rFrjidB3PnRQP8D2BTmXu4JhLaFPoFxvlT5zi1qsQdK54Kb_cxJaxRrduAxifT2ZSWUjW_66P8i8d5K0F3LyUo1hRCNWdrBQFpSWi6xhcXf3-hGv7Lrio1_10j23kYoMN5xjo6apU-HYcBw3L2XUXtEtawwb0nzXYQGTQ9701izqEF94blDpgGAXXMm8IqsgdHBQLE2HE7OmeOavCly-bFNs3QoZ0pfT97SHtc434EQPXsokXfj-swr3sBmlY8A5VI1QHhd7sbXK4s_vf7YiEnjdUn0AjwgMMraLLHqemcTKxPpVj-vCXsbdVOYlif1F5o1pABIys77lB6d6zV9TIOLaFJ3n1u0_kJUmbfywduE_bO6RfwI_DCXC8mqt_cCxJZihzwnhaywUVwJKwj0_sfmMea4wKhjZ-ePLFpm8xCAS73NAF_nvGG0-NTHbJXnwLcCZleAQoX7J9MsYxCTDxtZGD4rVdpM58ANnzOhNVd9hPeY0XvV2vB862OJlPQ3GSp6B-7biFh2VGkgOiortU14umtOObVsvOVlQpwp4ci9VoP7GifxBTr8O9t8coOzOashOAZcuniZDq_zg_ODhYdvpmKOtHU9G2Zr7h6Zg0QQzaVUZtN0X3Is3kIWBmTog2PI5TDoGry-yW_hJWPo5XbTttL4jnI_mkUof235quEHqGJY89ZiNpbtJ0kBYnDX_fXt00_luDRUOLw363vBtiyEtEg2Yn3JdDXOUmrB_fHrVGetfIYPrbZGbjLiDmYK1ZRol-XfkOQjkHiMTzN7BO4j5ZgLq2QIB0TXr7iYIAzyY8pV1yha6EFlYwR8yOEMqZJtdKjzDnmx4kwPF2cREQ6vnUkZQ0vT6fPnmqvf12otdoRi1DPOCZ2jYFAmldFQb0i7eKAxAF9KXiiPtAdYucf4h7FVgU720SRZn7hzgr-7WwsWWYAfhIaseGwK8EP2JFeU0i0fBYdfYAuHvKFFGmsmWfYcMZfUGqLxY26EoViR3x3SHaccNnJeeaXGuKR7Fz0MjVG05vRXvGpG6g_fdgbrw5_Lu-XvjdJoIfsAmOu80nUX2At11vBjvlebG13wFij2Kz6tAiDO-4oaZ2tl7AcTP8X5o9QZ59Zg9f7DZ1wtpSkYQZf9ztHFov9Yt6EPtGOjRCPQSiQUk_7iAofpvImGnrYBXBwKFHQkpFststEm84KS3cEbu94gn7L4OCpwGIfa5PJR5YfRAC4e6NYYOzy8QU-9xBF5hrtHrih8P-lRZu-v0u-imLJMiAqvXFHbCUqeb6U3mRklxSryBRZ-digtu9LSdx6Rp4Kq_gTaIGInUDzcmkZxlmpgelJxG0s2BoumEGDFHxBM3-7rQAi-giNJiUeM8-arfP4jStiu7zyAzGnT1o2pitsA8UFfibnDb9DeeiFclJVL9hSRLgYeorksQSbeNq0PziI8m6ZQdMaBzUhJy0yPjMxT9j7RxaqZgELXZS8USbLhafJ9ro-ymhn4eeOwVmupkfQas0TywcGsP0S0MhVrU01hKjtGIbFHsi0Nv55BSo1girAzhfGTNYKKr51IBEWMvQ6TaK4g_NhRs5J6HkeQMDtq0SsvrEHPEP8D8GjLDOiTtD_D9AJnXsGtEkTkG3kBSrE-OMoTBdS4_iSsBM4vY_pqOy9GhmQycrvRBARblnurZXx1Ca2PEaNX7_gTL8JzJuhQ4BlLsA0rnLH__ZdcnnTaM3ZcO-b9APV9rDD5gIWvs2l4Iw_vhJuNr8hYR5oOgMVuRWtkR4mBLYOl6EBa6VMIw1a153ftGDs3lqtE78Sv74Ioyq9Ja9my3acEoCgqQIpan1zjtb8MxipKO0-9pLOgHrxxPQ8DOsZPxtU6_8uy7SlCBwRVh1IBVRKLAWJA2EKWSD3uVRpInvEy2hgGHVzLfcAAKJ5Su-bndu2bpz-ys5_vlv9XKP6zXkEqlLa0dAk4yKZoh2DrCgKCL_V7SSA5p3IccUvhRffJNhdPWR9lmC8UACdx-jKPsJkCw-Or06W4OQ7aLanxK-xR7mHLZBpP1zqM0KOYRtJyhkE7NS9rVUdTlZS6TdI5lOQiHH3_gCbt6Or951Hch2VH7onzydsBV5cikxb0tO1KQP0w3QRjZvQdaSjg4Ec3fNFcjyCocazKFl6Cq6ZR-WQwJwTIsvtA67Aqn89B3kkqt86-xIKkz3zo88KCfcBZHkj3m9LY4XCIK2hFX35m-Eid4XFWVaNuWmpQilDjUzWEiK_f7r9vDZuRT7uGwREodCg9zjQkJF27gguUBoCFdpD4GDxxGBz3lMrcxzSmcH5_CYq_nBWVHG8bj9aizqw03AT_ZtNKqouG5l4km--2_8Cl39Cug-nk7kf0yqMRVF71NKyIttgcoNQa_qxS-c1hzsXVCQ0IuOtmEQ5zfAlNsDzdRj20bsDQiU6QtHODIhZkGs-6EJ8_EzmayZvztCnp6yvUH1_dmFJUasdih3grtj5HFKqFjPvKE72F3j_usXFGgxCbuDyodUkq7Zg_qcBTp9SOKhKKj2jvS0vxSFI9ZA1R586IhHs5IOkTHOWv3EZ41OQU_wpNhfMAYq5ILvb7YvUY-kqu27m5EoSjIBPFFXyWYEPWe3LcV4m96Tpp-qPkMHKlgHfoHAh_nM_H6wm5WaQ3XUH6anYXQVd0zqGa6jxbCh5ziyeiKSNVSySM29cUrT0XjStTaazmAxDIzSp2lu--f3xLTcs5dOLd-yB58bpzS7ZmeRUpI1-qR7YQKb__DDJTWl2dUT6yUZ3lqazqZ3IhsAqyvChM18fWtFKjIeG0oGnNi4qprWKg8jQAYL4LdrwFVaHubGbHvf5NWHHGTtJWWMcW3ieJCC66Vx92zUHRid6rjQLI3S1jdYSqH1ym8vEUZxO1FxjeIEZgVnFAt2jk4_oqE6gJ_zCd21obmUx51Bxw2fQuJBteDW4jY9lxvccf2IvJHqKZin42Ad9CVDA8L-evFzm0Z1m7HifbEmnQNSzEcVOew5Vm5PApD972iEvB5wmCwdJRS6fQjHQmrcZYMnINpSWjijsGCuivYtcCLfGy2siV9y5_R5-B9sbUOjaQparqevpSbHamgybcBK3wWBbQK6IAUQ73yJOCUhfkHKBZPVUy2xD_FTcJwHidQSmoC2HVHZOlAGGfG6mHakQzNEvWlP_jZ3XmFyXOcTlFkow7VSSlH2Pi1ZgJdFXK298QY1auBPBSQILjCJywvvVf4aXKa4ayXmNHWUCJ3DCmwpMRrpCWEIEVCKdLCb8FRCowhPwxxDFWuaHd0fLSOTBKmAWuYihKZIvJtlM6vLn8pysWqMwuVdZ_U-Wp-wEF0v5IUtl82bLovsrY&cid=CAQSOwBygQiDzOBh9vzLlJPx5a3AvDnNJx7sLwxeto0cUcGRyplFqXkbqM7aPm1absGga-0Ycdn5soJW4HYdGAE&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.15.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f154.1e100.net

Software

cafe /

Resource Hash

9935e0c155a61d0ad8134e94d5f81d5c458f445d283784ae0aa4e7f324b55ad5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:42:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16106
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6BD6 0
0 179ms
178ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_8gPtKZsZIagB6-uxtYP-oagyAyf6vO9cNG_vbu3Ef2B5LbrAhABII7dnwNgjQLIAQWpAgclfThyH7I-qAMBqgT2AU_Qp9v-yAVDeHUU43G2b1XTP6NB78RCot4SG81NH1yi6zl6y511IL8CZqGEK6UDq1KYtIwRL9OFhcg2kB8iBsZBsE2tzyOwI5w4KPCXyG8DmXOOzUTCinwzZm2oA0wINKON08-HZstWAgmsThKRVA85l3tPqjk6uF4nDB8GQES_eJWCP0n_xJy7n0f7gjB5kVRAqyQ1PoNu5mBLMpPse-e7rdxiNC-ZuYXrpVaiVlUs8pYE0I2pCGWCdLh5-VkF9ltqMvtWpUTg7lkb_TMu3y1rIftXT_H_ywInEjMdEiTTFJbOZmqcSeUJ4fuIrLhVtcFUBlixUsAExOjprsoE4AQDiAXJmp_zSpIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAHvNHZnwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHCRDgcBjDgbzpAdIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsBsBPi8KkTyBP16eDiA9gTCogUAtgUAdAVAYAXAbIXHAoaCAASFHB1Yi0wOTE2NzY2ODUxMTAzMzM4GADoFwU&sigh=HAkIpb4MuOo&uach_m=[UACH]&cid=CAQSOwBygQiDzOBh9vzLlJPx5a3AvDnNJx7sLwxeto0cUcGRyplFqXkbqM7aPm1absGga-0Ycdn5soJW4HYdGAE&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0916766851103338&output=html&h=280&adk=2548588883&adf=2226326653&pi=t.aa~a.2736633399~i.1~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1684842163&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4777445207&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fttdown.org%2F&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684842163304&bpp=1&bdt=2240&idt=1&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3fa60bdad60b63db-226ee159e6dd00b1%3AT%3D1684842162%3ART%3D1684842162%3AS%3DALNI_MZeXBvf9qH0fQ7pBh6ND4c3Q6B5Ig&gpic=UID%3D00000c281fc731a5%3AT%3D1684842162%3ART%3D1684842162%3AS%3DALNI_Ma6Vf6QGxQZox_9CPmygr1E8WwGOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280%2C1200x280%2C144x540%2C200x540%2C728x90%2C1200x90&nras=11&correlator=941331751448&frm=20&pv=1&ga_vid=1357945963.1684842162&ga_sid=1684842162&ga_hid=696901624&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4284&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31074199%2C42531706%2C44785293%2C44788441%2C44790154&oid=2&psts=ABHeCvjrU9gFRiwaJkEtnSBGPhrsMIcUTH1dDjhZ1GThUsr6QuiVoCIidn1kdTxCginlqwG_J0gAOpRMUatApHUChOKDlE7r&pvsid=693106297050337&tmod=473273729&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=9&fsb=1&xpc=BCbqGEA9Vt&p=https%3A//ttdown.org&dtd=685
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 23 May 2023 11:42:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C6DE 1 KB
643 B 140ms
139ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 4149
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 10:33:36 GMT
etag: 48472445140208031
expires: Wed, 24 May 2023 10:33:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6BD6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a914847d6c4d882a2894f20e3281b932a4dae0411603b5e51479b6a631411679

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C6DE
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGjlZTC6W9PpzQvX1whBJ7w&google_cver=1&google_push=ATf1kGNx_zTYo_i2M1fChMo5B_apgkhGgaPC-X7nfGEgTzTg0lkAJFfSRCWnrfg3UeEn1riIf2PnZG_S3NlqQFsAyD...
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEGjlZTC6W9PpzQvX1whBJ7w&google_cver=1&google_push=ATf1kGNx_zTYo_i2M1fChMo5B_apgkhGgaPC-X7nfGEgTzTg0lkAJFfSRCWnrfg3UeEn1riIf2PnZG_S3NlqQFsAyD...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MGI4MDE2NGYtNGJhOS00OGE5LWFlMTctMThjZTBhYmYzOTUx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=0b80164f-4ba9-48a9-ae17-18ce0abf3951

170 B
188 B

145ms
145ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MGI4MDE2NGYtNGJhOS00OGE5LWFlMTctMThjZTBhYmYzOTUx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=0b80164f-4ba9-48a9-ae17-18ce0abf3951

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 11:42:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 May 2023 11:42:46 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MGI4MDE2NGYtNGJhOS00OGE5LWFlMTctMThjZTBhYmYzOTUx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=0b80164f-4ba9-48a9-ae17-18ce0abf3951
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 423

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C6DE
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEMfRhrcdkGAUuYef2n49nPs&google_cver=1&google_push=ATf1kGNwW9DYnWDkgF_O2bwWZNpTugpt0NTg_sKW0dMelqpgsMRMDG-PNYmQmHw-D0Ru7o8_D5Vpgd9Clw2u6ZX_ceGYt3GMA-58YA
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QjJGQkEzMDFCMEE2NzczOA==

170 B
188 B

146ms
146ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QjJGQkEzMDFCMEE2NzczOA==

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 11:42:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QjJGQkEzMDFCMEE2NzczOA==
date: Tue, 23 May 2023 11:42:46 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C6DE
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEG7D47ZYjidIUTazZvYqrQ&google_cver=1&google_push=ATf1kGPfafygYb755L8I5DPjoRtpVDhKmj3EaLkRFkyKrhXew-QJr5VjX1iwBZmr0c36m88zinXhI3_2ibbK6aXuUEz7hUY...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPfafygYb755L8I5DPjoRtpVDhKmj3EaLkRFkyKrhXew-QJr5VjX1iwBZmr0c36m88zinXhI3_2ibbK6aXuUEz7hUYOE9nQ8nc&google_hm=eS1qaUR2X3N4RTJwR29...

170 B
188 B

147ms
146ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPfafygYb755L8I5DPjoRtpVDhKmj3EaLkRFkyKrhXew-QJr5VjX1iwBZmr0c36m88zinXhI3_2ibbK6aXuUEz7hUYOE9nQ8nc&google_hm=eS1qaUR2X3N4RTJwR29iU0ZSeTB5NW9yTnUzWnp0SG1aU35B

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 11:42:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 23 May 2023 11:42:45 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPfafygYb755L8I5DPjoRtpVDhKmj3EaLkRFkyKrhXew-QJr5VjX1iwBZmr0c36m88zinXhI3_2ibbK6aXuUEz7hUYOE9nQ8nc&google_hm=eS1qaUR2X3N4RTJwR29iU0ZSeTB5NW9yTnUzWnp0SG1aU35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C6DE
Redirect Chain

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEDinlJMntAjvcJLanKJjIbc&google_cver=1&google_push=ATf1kGPc0oov3AcCT6YxptRbFrTAvN5W4TrkOswg8ZP0qBHpegJ1wQvdu...
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGPc0oov3AcCT6YxptRbFrTAvN5W4TrkOswg8ZP0qBHpegJ1wQvduMx6SxYDEGlX5rwjYrpQ_vq0X9nE18afPUVpMlHRrCjVjylt&google_hm=QlMuNDZlZi05YT...

170 B
188 B

145ms
145ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGPc0oov3AcCT6YxptRbFrTAvN5W4TrkOswg8ZP0qBHpegJ1wQvduMx6SxYDEGlX5rwjYrpQ_vq0X9nE18afPUVpMlHRrCjVjylt&google_hm=QlMuNDZlZi05YTQ1LTRjODktOTJlOA==

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 11:42:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGPc0oov3AcCT6YxptRbFrTAvN5W4TrkOswg8ZP0qBHpegJ1wQvduMx6SxYDEGlX5rwjYrpQ_vq0X9nE18afPUVpMlHRrCjVjylt&google_hm=QlMuNDZlZi05YTQ1LTRjODktOTJlOA==
Date: Tue, 23 May 2023 11:42:46 GMT
Server: openresty
Connection: close
Content-Length: 142
Content-Type: text/html

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame C6DE
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEGg8v0mURblFOC4qvjwQ_qg?ext-param=ATf1kGPXsoN0I9ZQUPYBeQsUlcmO4A1Dtaqzkbys10KlFf5p9blg_8UY5qdGDDsZ5C3kc1l0HtlN9CqaPQLcGu-K50XezjhDTzvQbUw&partner-tag=yandex_a...
https://an.yandex.ru/mapuid/google/CAESEGg8v0mURblFOC4qvjwQ_qg?redir-setuniq=1&ext-param=ATf1kGPXsoN0I9ZQUPYBeQsUlcmO4A1Dtaqzkbys10KlFf5p9blg_8UY5qdGDDsZ5C3kc1l0HtlN9CqaPQLcGu-K50XezjhDTzvQbUw&part...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEGg8v0mURblFOC4qvjwQ_qg&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
168 B

147ms
139ms

Image
image/gif

213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:42:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 07 May 2024 11:42:46 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 May 2023 11:42:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame C6DE
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEB037KGcZ73yCGHVhUmhxA8&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=OTkzOGIyM2QtMTM1ZS00ZjBhLWIxZWMtODNmNjE0NzBmZjBm&google_push=ATf1kGMbYyI0wlmjjJMRTKRpvDLSYNFWvihc0_tTvYSsKLE8SqaKslXxrj9v8dcYvmfe8...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

330ms
328ms

Image
image/gif

104.102.35.84

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 104.102.35.84 -, , ASN (),
Reverse DNS
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Tue, 23 May 2023 11:42:46 GMT
pragma: no-cache
date: Tue, 23 May 2023 11:42:46 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 23 May 2023 11:42:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C6DE
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESELkbLckIUhZSNRMmXL86KaI&google_cver=1&google_push=ATf1kGP_bIk6LcK8VFUY6xa3XQjSxZFJQcMA8Eo8_dnyqU5VBTCjLmh_zE9Fs8pX6m82dvZs6kezodgspgMzx53aZpfYiimA6...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ATf1kGP_bIk6LcK8VFUY6xa3XQjSxZFJQcMA8Eo8_dnyqU5VBTCjLmh_zE9Fs8pX6m82dvZs6kezodgspgMzx53aZpfYiimA6XXNQj-R&google_hm=f103b30e66...

170 B
188 B

147ms
146ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ATf1kGP_bIk6LcK8VFUY6xa3XQjSxZFJQcMA8Eo8_dnyqU5VBTCjLmh_zE9Fs8pX6m82dvZs6kezodgspgMzx53aZpfYiimA6XXNQj-R&google_hm=f103b30e66f541f5c573d05a0a9881e0

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 11:42:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ATf1kGP_bIk6LcK8VFUY6xa3XQjSxZFJQcMA8Eo8_dnyqU5VBTCjLmh_zE9Fs8pX6m82dvZs6kezodgspgMzx53aZpfYiimA6XXNQj-R&google_hm=f103b30e66f541f5c573d05a0a9881e0
date: Tue, 23 May 2023 11:42:46 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
content-type: text/html; charset=utf-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C6DE 0
12 B 170ms
144ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JXkrSqn8YMpGlCr37zeo054VQzznytOTFxRWyziICB5ZD2rwKArATWTVox6wnJjY-FAdK_ZVne9A

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:42:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 252ms
242ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230518&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

21f14c961feb2b64502e332de34d376f8640e6a9ebc60e0a22e09c60ca360ae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:42:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11228
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 177ms
177ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 23 May 2023 11:42:45 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 6BD6 0
54 B 145ms
144ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~li07iv1b&c=7520858593943&slotId=3760429296971.5&qqid=CIbKx5Wui_8CFS-X0QQdegMIyQ&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 11:42:45 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 6BD6 41 KB
15 KB 139ms
138ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 361847
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 May 2024 07:11:58 GMT

HEAD
H/1.1

200
OK

file.mp4
r1---sn-4g5ednde.c.2mdn.net/videoplayback/id/9e40dbd633b40c9a/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1716378165/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 6BD6
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/9e40dbd633b40c9a/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1716378165/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
https://r1---sn-4g5ednde.c.2mdn.net/videoplayback/id/9e40dbd633b40c9a/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1716378165/sparams/acao,ctier,expire,id,ip,ipbits,itag...

0
0

444ms
123ms

Fetch
video/mp4

74.125.162.134

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5ednde.c.2mdn.net/videoplayback/id/9e40dbd633b40c9a/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1716378165/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/66575978CDA5F0729B2E329DCA3061180858E907.6D22864F9A4AD2C99C0E7D4C98BC46D12C058350/key/cms1/cms_redirect/yes/mh/-n/mip/91.239.206.129/mm/42/mn/sn-4g5ednde/ms/onc/mt/1684841137/mv/u/mvi/1/pl/24/file/file.mp4

Protocol

HTTP/1.1

Server

74.125.162.134 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 May 2023 11:42:46 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 698098
Last-Modified: Wed, 10 May 2023 12:49:52 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Tue, 23 May 2023 11:42:46 GMT

Redirect headers

date: Tue, 23 May 2023 11:42:46 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 643
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r1---sn-4g5ednde.c.2mdn.net/videoplayback/id/9e40dbd633b40c9a/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1716378165/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/66575978CDA5F0729B2E329DCA3061180858E907.6D22864F9A4AD2C99C0E7D4C98BC46D12C058350/key/cms1/cms_redirect/yes/mh/-n/mip/91.239.206.129/mm/42/mn/sn-4g5ednde/ms/onc/mt/1684841137/mv/u/mvi/1/pl/24/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 6FDA 23 KB
9 KB 135ms
134ms Document
text/html 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 11715
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 08:27:31 GMT
expires: Wed, 22 May 2024 08:27:31 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0603 13 KB
5 KB 140ms
140ms Document
text/html 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttdown.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 2670
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 10:58:16 GMT
expires: Wed, 22 May 2024 10:58:16 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F46B 783 B
967 B 144ms
141ms Document
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f4.1e100.net

Software

GSE /

Resource Hash

76a3728f93287a917d1e388f7e306cf167ce3b3fcd5329e9de5aa7db32ef7643

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kOnKripZYHh1Z8sTKiDvoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ttdown.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-kOnKripZYHh1Z8sTKiDvoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 11:42:46 GMT
expires: Tue, 23 May 2023 11:42:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js Show response
pagead2.googlesyndication.com/bg/ Frame 6FDA 37 KB
14 KB 140ms
138ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 09:39:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14738
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 09:39:27 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F46B 0
0 175ms
173ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230518&jk=693106297050337&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js Show response
pagead2.googlesyndication.com/bg/ Frame 0603 37 KB
14 KB 138ms
138ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 09:39:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14738
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 09:39:27 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B05B 42 B
64 B 173ms
172ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvmP3Jk-gBsl5B22TmF4KDhCgIwW0Us485_cUJzeobh0WRmJXliodWHrzT4G3cTDXd30JuZ9z6ts027n2iBkSQtcu8Y7e7S_CgffuAtcorSOcGGzB-exq3JUu5DsVkziGd_gv0&sai=AMfl-YTFs518XKPWfKZ98ZRZJQr2YclZ2NB1iCz6N8DxmTY5eS1VjLyVRh60bcvpJffPP2TobUGmCdWy_TqC&sig=Cg0ArKJSzAdky483EhKWEAE&cid=CAQSGwBygQiDkM24E0YkA3Bmjo5zjYC9ishu8Tz2NhgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230522&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2020088501&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684842163871&rpt=1423&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 11:42:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0603 0
11 B 144ms
134ms Image
text/plain 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?oXh4jQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s42-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:42:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 csi
csi.gstatic.com/ Frame 6BD6 0
17 B 143ms
142ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~li07ivfn&c=7520858593943&slotId=3760429296971.5&qqid=CIbKx5Wui_8CFS-X0QQdegMIyQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=728&mt=video%2Fmp4&vs=854x480&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=59&vsrc=web_video_ads&met.4=arp_a_e.1hs&ape=1&ple=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 11:42:46 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 884 B
608 B 152ms
151ms Script
text/javascript 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lem16sZAAAAALBFSPRbts6QawPUTh7pZgaoXXQn&_=1684842161610

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f4.1e100.net

Software

GSE /

Resource Hash

a932d457ee38dac0ab2173f423a524a4f707df4c25adaa0672b0d6fb1b763601

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:42:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 587
x-xss-protection: 1; mode=block
expires: Tue, 23 May 2023 11:42:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 170 KB
62 KB 430ms
147ms Script
application/javascript 142.250.184.232

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-137035942-1&_=1684842161611

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.232 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

33e13adbe90bc905a4e9af55901989ce009a9b749dc2baecd729c3fdd917983e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:42:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63554
x-xss-protection: 0
last-modified: Tue, 23 May 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 23 May 2023 11:42:47 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6FDA 0
20 B 175ms
175ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BzQjftaZsZOXDMKPBmwfan5z4BAAAAAA4AeAEAg&bg=!t7SltODNAAZ8_aWmXP07ADkAdvg8Wt_V4wbQqXkNn3dmmEX1fUjQ8M611VPf5zoLp50fz11OW4ZqZ-UmpdKylENI3qnPgmnPNRUCAAABClIAAAAFaAEHmQLDMGwseazHdXiU1i581VCMVVN3JfWfyH1_cruxtXrRpIOH__2vXmTeEpYyuDVtlx5csMvwJaBXk65vCodyysoqP658sqcZ24im-vEuJEYeJ7hu4uAyXCZQlaqQQ_AiUNMzMr-lIcYVpXJIPjkBqeWAon91sIPGnidZMTI2Jk23e0KL8mBnynMp5MKU-QznRGrXMbpiEdrVLZLRWdHZz35FxikSwkbq45gM741OXLOBbstn_Sk1jbXRx3xTr1MXukQ1ksDonZf8Ez6DUbIqGvO_s6jR0VcCDus5ybGZA6qUocHt0ez8Gx83wfTvBLvn1dzuyUjC2H3rf5O5n19FCWDAyyAemy1vEqQ9bJxbfYXnbUqZCbEsm554kcPzUsCtlvV83QdpgD77c1mGxKVhBahu760IgzFGsPIA1Oc8cEs5S2MgcyLbjorMauk6S_n9ym0BiaubmO4_RnZpPonAEc0XkYjE4ZzcgFZY7xRYda_2gxY5uio9VGIMf1HqW5VStWkVsYCa4-GHNGf7l53e3dj0armTLEiWX_qwRwfagXMPEb91EIBkllGmAe0xzSm1PJGboXgfec7Q7E-6nLlSF7Y4fyfUt2jMJNZ4sdBkgMkBL9Rc7RXX6njszqLsWYcFNfcv2R2TJRdglvNbp_8_rMEaMfebtUBYKrD2EZMvSh50X_18Lzexy0L9LS4JaPR9v16CPgV4AGbARLzj9veYZqpwKJov_I7E6p49J0boPsVSFtSMuCVxA1wWNGORGHe0PcHgxvlYk3J-IAb-DlF_5MlQvawJh3u9HfpEqnHIiXfqgiBUhcwHKPLc3wyvcr_xsZVrcHofHWtfLhupjVmJ9EbIzcplHzJP_lBlXO3KFQsRag2CKDs_wvLI9oNkiU2oDIrakuZMu_LajBpondAqG3dd2nGlVXRHvpLVaCS04uzHd1tQLRA

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 11:42:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 file.mp4
r1---sn-4g5ednde.c.2mdn.net/videoplayback/id/9e40dbd633b40c9a/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1716378165/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 6BD6 145 KB
0 276ms
136ms Media
video/mp4 74.125.162.134

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.162.134 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

expires: Tue, 23 May 2023 11:42:47 GMT
date: Tue, 23 May 2023 11:42:47 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-698097/698098
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 698098
last-modified: Wed, 10 May 2023 12:49:52 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 recaptcha__ka.js
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/ 130 KB
0 394ms
131ms Script
text/javascript 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__ka.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lem16sZAAAAALBFSPRbts6QawPUTh7pZgaoXXQn&_=1684842161610

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttdown.org/
Origin: https://ttdown.org
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 May 2023 15:36:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 504348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170954
x-xss-protection: 0
last-modified: Mon, 15 May 2023 04:00:52 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 May 2024 15:36:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 176ms
175ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230518&jk=693106297050337&bg=!ubqluu7NAAZ8_aWmXP07ADkAdvg8Wp1xHXznplq6SieN4YiUaAL27yHy-R8RN1zUBpF1sQIFji_Lsf9VLkBO9d30eu6EHjD4b88CAAAA3FIAAAACaAEHmQKdIVZn7BmwCIxb8-UdJJjq4Q4VEygPa_w0OtNMDSgK6EnoIWKj1ZjiZirNur8xNfK01gCEO7dJ_D5lK6RXHdCvSSBjtuuqVweE38tcqfXwepBXOYN3YYUhNSrDI0kY90D1Chkqq2Bx4aQpe1cOZtwOyqXA_C_MAVY1C72nanHSDDBN_YtS2RruDJLyZOF9h3CuSAK67UtGRXN0qpavjItv8FSSn5z3dN4gETM7h9o3mOeTftsu9nCSmh9iQ6Cki1b4iF4Aggj0rmPvMWxIqxqYrfV5G7dJkaaXt6k9pMMcAkRgQFNUReXiwL2vbn05jEpuwfhibfWeksVhmjcFMTbiEePDaxgE_KMklRzFVT281XsZvbiLoxPd6EywV2jV2sVqjVbocS0QzLykd1Wb5tUPv37TUxQpCFj1qgrD7NjCjeLevngRePV0OXWflZ4Wg_Y9MyYJQog-omw9LSx6vBfeAhI1JNaM0sRwuUcoCi6IO5Dw-vTVuZAO_6MmnjqgRsGJKjXclhgVyajbQTy69n0KQkdECRjovkCeQzPHBV6b834SHYtKo1eqxAOmAoNmf-_736YancRI6m00Z3LcMKNMUCqqOo3VlDcDmMscrXHTVGL1BdhpMadluD96JLSqcSQqJeG0ZAN4OrlU0M05mh1SfShJByUw0C11VgpR_1CWV4w2LlPu7ht6PvhsHsTKpNw_bu88rBiBgFeRtIDsvF_ceMNUsTtC2BXEWdBWpCa6Qzcn6UNSWLbDI3gCj6VtDV7IgqRDSRrDG1NovXTmmCTi3xmDv3M9884iUOkKruKb4MMZw8gGOAVOZwVTyL9Arwo9RSiVT5boVCQcKnjqgRrS9yUCi4L3KMbqCdEzDKQ81I0BNJYwheI4gGPDyA34
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ttdown.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET js
www.googletagmanager.com/gtag/ 0
0

GET analytics.js
www.google-analytics.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K1K043XM9Q&l=dataLayer&cx=c

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ttdown.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: u71kupbfdcq61i1o3qeerl3pvs
.ttdown.org/	1970-01-20 21:22:18	Name: __gads Value: ID=3fa60bdad60b63db-226ee159e6dd00b1:T=1684842162:RT=1684842162:S=ALNI_MZeXBvf9qH0fQ7pBh6ND4c3Q6B5Ig
.ttdown.org/	1970-01-20 21:22:18	Name: __gpi Value: UID=00000c281fc731a5:T=1684842162:RT=1684842162:S=ALNI_Ma6Vf6QGxQZox_9CPmygr1E8WwGOA
.doubleclick.net/	1970-01-20 21:36:42	Name: IDE Value: AHWqTUmmgLvzPH_Uv0EYNFX_WMr2YwkerNjJ8t9_KTyTZoflNr0xwYYWfUuGSkw1lBQ
.casalemedia.com/	1970-01-20 20:46:18	Name: CMID Value: ZGymtBqodPoSlnQZrruRqAAA
.casalemedia.com/	1970-01-20 14:10:18	Name: CMPS Value: 3396
.casalemedia.com/	1970-01-20 14:10:18	Name: CMPRO Value: 3396
.adnxs.com/	1970-01-20 14:10:18	Name: uuid2 Value: 7321340914393487548
.adnxs.com/	1970-01-20 14:10:18	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Il_k%j.p!]tbPl1M>e)ZlrFUfJ+tGXxp6W%%aCMxBa+?3jT@IIa).>poRr[8.d-VmnB'3If)y3KL9D3I?+T8Wiw6
.doubleclick.net/	1970-01-20 12:00:45	Name: DSID Value: NO_DATA
.yandex.ru/	1970-01-20 21:36:42	Name: yuidss Value: 4664517881684842165
.yandex.ru/	1970-01-20 21:36:42	Name: yandexuid Value: 4664517881684842165
.yahoo.com/	1970-01-20 20:46:39	Name: A3 Value: d=AQABBLWmbGQCEKaJmvocnz36dsBazXAVaxsFEgEBAQH4bWR2ZAAAAAAA_eMAAA&S=AQAAAiJlV8-sUsl8Akl9GHpDLXI
.adsrvr.org/	1970-01-20 20:47:44	Name: TDID Value: 0b80164f-4ba9-48a9-ae17-18ce0abf3951
.adsrvr.org/	1970-01-20 20:47:44	Name: TDCPM Value: CAEYBSgCMgsI1Nj07bHj7TsQBTgB

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
an.yandex.ru
bid.g.doubleclick.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
csi.gstatic.com
dsum-sec.casalemedia.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
im.bluevoox.com
imasdk.googleapis.com
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
pr-bh.ybp.yahoo.com
r1---sn-4g5ednde.c.2mdn.net
s0.2mdn.net
stackpath.bootstrapcdn.com
sync.teads.tv
tpc.googlesyndication.com
trace.mediago.io
ttdown.org
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.google-analytics.com
www.googletagmanager.com
104.102.35.84
104.17.25.14
104.18.11.207
107.23.98.28
108.128.131.233
108.177.15.154
142.250.184.202
142.250.184.227
142.250.184.232
142.250.185.130
142.250.185.198
142.250.185.98
142.250.186.130
142.250.186.162
142.250.186.36
142.250.186.42
142.250.186.66
142.250.74.195
15.197.193.217
172.217.16.130
172.217.16.206
172.217.18.2
172.217.18.97
185.80.39.216
185.89.210.90
213.180.193.90
216.239.32.3
35.208.249.213
51.38.158.6
52.45.175.185
69.16.175.10
74.125.162.134
01f396593f27f868c9078d8936f9527a2e5954e619214955a1e3f1137e3d4231
0258afeff0367fe63afe9bb6bbec9620ddd59d0b1f88acc71cbd65895b79b135
086ef1821ec1abf73e68581524767210cbbcc879ae07def1cf46fc9fff4e9d4c
0a6f92603171c43b1935e99492ef81cd31f6c18afc3cf117057cc59e40ceb25b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0faedd2819c623985a1b68d34507498882d1d7c5611acfecfa507ac5ded6a798
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12a4fb1b594b0f572b57bef778faaf835507b0c891619ad9920e6bbba4f00f6c
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349
21c2d6302a4d274fba11433436022a7e1e4f076af1017031c2679b6dcf5eb230
21f14c961feb2b64502e332de34d376f8640e6a9ebc60e0a22e09c60ca360ae8
22fee121efaae9c42415da69cb891340db51341e73417057d0f4d3e67c4605fa
2d155b4465661994d76921f55e37218b57391e3da467144b40617a86779bf6f4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3333a2035912d27f9f31d7ef4d7a59aab880a4a89fa54a729dcdf1bc8bcdb81c
33e13adbe90bc905a4e9af55901989ce009a9b749dc2baecd729c3fdd917983e
36b425707de4faa39f3d768f13f7f4c72dbc9103f0a68f6ad7e0298fd5449dba
3cf0bcffc1c363baf95fbcab6a0ec49f263c28ffddac249866b7e76843ae2dc1
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be
49b6c56eb31409bd9d3761794191cce2ecb0de4de4b475ab71810de512cb926e
4b2ddf9caf0636f523f0ce76e534131e699e82a8b79fbf7e37ca48e9c69f1f75
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51e1cbfe5af810413d8b3ca8ba04ca28a335c96655c7f257b51891be4c92a540
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
627424e174570d45b62256732dbf1faff5f3efeb10a31f437f8c270e5e838749
64fbc7f830625ecd6ff3293b96665aebec2a9be9336f02fd47508eb59f7ec23a
687133f955bb2cc174679c6ff91a1d2f6c811dbf1d87672d06ed083614dedb3f
699244fb8617e058116fae6cde6318421b79ba1b3634f652ad6bb29c9b82d3a5
6b2f16d928f9ac95f54a28ca48aa43ef5196f4870789a5822d781caf6dd51375
6c3d68aede97060eb3d4714f467343ed22ac3cdd453368d907c98502fe35d630
6ced0d1103081681fc1f185912ba4f48dc82c618f37a705321e88d1a1db01fdd
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
75b61b9ab5d154f13add8df3576af1f38edc2a861d026169497ed6427d92040a
76a3728f93287a917d1e388f7e306cf167ce3b3fcd5329e9de5aa7db32ef7643
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6
87f920c1b37240da3c30c40234508360004510c3ef13cdcac2316ba712c85011
8b2474b764a8cfd1b5664776d16b24ba4a2a3519734ebb7d83dda5447f3c976c
8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de
90f1126b989142c6bc5d440d488b3cad4e6ef9d421c5735fc733eca246dc37b9
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9935e0c155a61d0ad8134e94d5f81d5c458f445d283784ae0aa4e7f324b55ad5
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a410ac2084cfe559780089ab607aa273003ed1beb3212e4e5d3d754e55d53de3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a8957dd3af4adece81523a6eeac91ca913db89fc6301187b09adea3e007c4612
a914847d6c4d882a2894f20e3281b932a4dae0411603b5e51479b6a631411679
a932d457ee38dac0ab2173f423a524a4f707df4c25adaa0672b0d6fb1b763601
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
bcc5c51ffd1e5e7aea3573ed95a13ba6ec7ac86bccfb7d3ddee9238b3fc3f2df
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c918b9002b83251ea78dff8197a053d65016eca8e50f28e15832b0d87be071c2
c969ae2f3cb5173ecbd0a9d9a185f7097acdf2ed67fde49c4cf9404f7144f5d1
ca95d5bb0ca0ff09d3c406c67682050696d33185f3afe606a554d33ce399d6e2
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dd0a76ace43ddce0644418afdf581564c4fadef1d78ee2e5529c98615dd0950d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4813004f9dd490d0c2a5e29573d379a14b2ece47e9df1372b9be4fc09976c3b
e547761634314a5393bcf43987b6305b7a4a889782d6d057ef5027d6d376d074
e6949d53ceaf277b213f5859edda3fa099350c26009e7b6db7b866df1e135aa6
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f688faaa5effe9b48f473d25d61dc9209bfd5f0d44fde8ba4049f0fff7c7057a
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

ttdown.org Open in urlscan Pro 51.38.158.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

141 Requests

90 %HTTPS

0 %IPv6

23 Domains

33 Subdomains

27 IPs

7 Countries

1757 kBTransfer

4547 kBSize

15 Cookies

6 Outgoing links

Redirected requests

141 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ttdown.org Open in urlscan Pro
51.38.158.6 Public Scan

Screenshot
Live screenshot

Full Image

141
Requests

90 %
HTTPS

0 %
IPv6

23
Domains

33
Subdomains

27
IPs

7
Countries

1757 kB
Transfer

4547 kB
Size

15
Cookies

141 HTTP transactions
6 data transactions