timedopovo.tk Open in urlscan Pro
31.22.4.81 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.timedopovo.tk/
Effective URL:
https://timedopovo.tk/
Submission Tags: krdtest
Submission: On February 10 via api (February 10th 2022, 3:38:17 pm UTC) from JP — Scanned from GB

Summary HTTP 161 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 24 IPs in 6 countries across 29 domains to perform 161 HTTP transactions. The main IP is 31.22.4.81, located in Newcastle upon Tyne, United Kingdom and belongs to WILDCARD-AS Wildcard UK Limited, GB. The main domain is timedopovo.tk.
TLS certificate: Issued by R3 on February 8th 2022. Valid for: 3 months.

This is the only time timedopovo.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 28	31.22.4.81 31.22.4.81	34119 (WILDCARD-...) (WILDCARD-AS Wildcard UK Limited)
19	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
16 16	89.187.169.47 89.187.169.47	60068 (CDN77 ^_^) (CDN77 ^_^)
1	108.157.4.7 108.157.4.7	16509 (AMAZON-02) (AMAZON-02)
2	18.202.12.61 18.202.12.61	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
18	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
4	31.22.4.94 31.22.4.94	34119 (WILDCARD-...) (WILDCARD-AS Wildcard UK Limited)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	18.66.248.81 18.66.248.81	16509 (AMAZON-02) (AMAZON-02)
29	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
3 4	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:ee05:6a01:4b41:8c89	16509 (AMAZON-02) (AMAZON-02)
1 1	3.122.111.84 3.122.111.84	16509 (AMAZON-02) (AMAZON-02)
10	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
4 4	104.36.113.23 104.36.113.23	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2	13.115.149.166 13.115.149.166	16509 (AMAZON-02) (AMAZON-02)
1 1	146.59.70.99 146.59.70.99	16276 (OVH) (OVH)
1 1	20.85.9.11 20.85.9.11	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	104.90.192.27 104.90.192.27	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
10	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
161	24

28 31.22.4.81 (Newcastle upon Tyne, United Kingdom) 1 redirects

ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)
PTR: sv46.byethost46.org

www.timedopovo.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
timedopovo.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 89.187.169.47 (Frankfurt am Main, Germany) 16 redirects

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com

sp-ao.shortpixel.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-7.dus51.r.cloudfront.net

media.go2speed.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.202.12.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-12-61.eu-west-1.compute.amazonaws.com

indexanetwork.go2cloud.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.22.4.94 (Newcastle upon Tyne, United Kingdom)

ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)
PTR: sv23.byethost23.org

adds.livreuso.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.248.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-81.dus51.r.cloudfront.net

ad.lomadee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:ee05:6a01:4b41:8c89 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.111.84 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-111-84.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.36.113.23 (United States) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.115.149.166 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-149-166.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.70.99 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns3210071.ip-146-59-70.eu

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.85.9.11 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

beacon.walmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.90.192.27 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-192-27.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92 tpc.googlesyndication.com — Cisco Umbrella Rank: 120	532 KB
28	timedopovo.tk 1 redirects www.timedopovo.tk timedopovo.tk	546 KB
27	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 cm.g.doubleclick.net — Cisco Umbrella Rank: 175	174 KB
16	shortpixel.ai 16 redirects sp-ao.shortpixel.ai — Cisco Umbrella Rank: 15771	11 KB
10	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	165 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	71 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2 Failed adservice.google.com — Cisco Umbrella Rank: 59	1 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	189 KB
4	pubmatic.com 4 redirects image6.pubmatic.com — Cisco Umbrella Rank: 582	2 KB
4	livreuso.tk adds.livreuso.tk	2 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	3 KB
3	lomadee.com ad.lomadee.com	47 KB
3	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 236 www.google-analytics.com — Cisco Umbrella Rank: 31	37 KB
2	fbcdn.net scontent.xx.fbcdn.net — Cisco Umbrella Rank: 391	7 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1492	1 KB
2	adingo.jp cc.adingo.jp — Cisco Umbrella Rank: 2866	87 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 288	915 B
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 927	926 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 9027	914 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	83 KB
2	go2cloud.org indexanetwork.go2cloud.org	1 KB
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 776	324 B
1	walmart.com 1 redirects beacon.walmart.com — Cisco Umbrella Rank: 1987	579 B
1	gemius.pl 1 redirects googlecm.hit.gemius.pl — Cisco Umbrella Rank: 7252	335 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 487	757 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 741	644 B
1	go2speed.org media.go2speed.org — Cisco Umbrella Rank: 107750	77 KB
0	statistcdn.com Failed statistcdn.com Failed
0	google.com.br Failed www.google.com.br Failed
161	29

	Domain	Requested by
29	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
23	timedopovo.tk	timedopovo.tk
18	pagead2.googlesyndication.com	timedopovo.tk pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
16	sp-ao.shortpixel.ai	16 redirects
10	www.facebook.com	connect.facebook.net www.facebook.com
10	cm.g.doubleclick.net	timedopovo.tk googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
5	www.timedopovo.tk	1 redirects timedopovo.tk
4	image6.pubmatic.com	4 redirects
4	www.gstatic.com	googleads.g.doubleclick.net
4	adds.livreuso.tk	timedopovo.tk adds.livreuso.tk
4	www.google.com	timedopovo.tk tpc.googlesyndication.com
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	ad.lomadee.com	adds.livreuso.tk ad.lomadee.com
2	scontent.xx.fbcdn.net	www.facebook.com
2	e.dlx.addthis.com	2 redirects
2	cc.adingo.jp	googleads.g.doubleclick.net
2	pixel.rubiconproject.com	2 redirects
2	cms.quantserve.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	connect.facebook.net	timedopovo.tk connect.facebook.net
2	ssl.google-analytics.com	timedopovo.tk
2	indexanetwork.go2cloud.org	timedopovo.tk
1	odr.mookie1.com	googleads.g.doubleclick.net
1	beacon.walmart.com	1 redirects
1	googlecm.hit.gemius.pl	1 redirects
1	d.agkn.com	1 redirects
1	www.google-analytics.com	ad.lomadee.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	media.go2speed.org	timedopovo.tk
0	statistcdn.com Failed	ad.lomadee.com
0	www.google.com.br Failed	timedopovo.tk
161	35

This site contains links to these domains. Also see Links.

Domain
www.timedopovo.tk
www.facebook.com
twitter.com
feeds.feedburner.com
www.youtube.com
indexanetwork.go2cloud.org

Subject Issuer	Validity	Valid
timedopovo.tk R3	`2022-02-08` - `2022-05-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
media.go2speed.org Amazon	`2021-10-06` - `2022-11-04`	a year	crt.sh
*.go2cloud.org Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-19` - `2022-02-17`	3 months	crt.sh
adds.livreuso.tk R3	`2022-01-23` - `2022-04-23`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.lomadee.com Amazon	`2021-03-31` - `2022-04-29`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.adingo.jp DigiCert TLS RSA SHA256 2020 CA1	`2021-03-26` - `2022-04-14`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://timedopovo.tk/
Frame ID: F8903F56849DC5331BC3645AEAA834A9
Requests: 53 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20190131/zrt_lookup.html
Frame ID: B1ED31469DCD277BC75B682F9DA9079E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&adk=1812271804&adf=3025194257&lmt=1644507491&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftimedopovo.tk%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644507491015&bpp=3&bdt=663&idt=363&shv=r20220208&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4845398872052&frm=20&pv=2&ga_vid=26252996.1644507491&ga_sid=1644507491&ga_hid=1368860601&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064716%2C31064733&oid=2&pvsid=3842056236427875&pem=934&tmod=412511344&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=1&uci=a!1&fsb=1&dtd=384
Frame ID: 4DA5D0F294ADD72639A5F97CE7D6FBC6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=60&twa=1&slotname=3804470934&adk=4040837863&adf=2203149399&pi=t.ma~as.3804470934&w=284&fwrn=4&fwrnh=100&lmt=1644507491&format=284x60&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&rh=60&rw=284&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644507491056&bpp=9&bdt=704&idt=364&shv=r20220208&mjsv=m202202030101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0&nras=1&correlator=4845398872052&frm=20&pv=1&ga_vid=26252996.1644507491&ga_sid=1644507491&ga_hid=1368860601&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=988&ady=16&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064716%2C31064733&oid=2&pvsid=3842056236427875&pem=934&tmod=412511344&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YPOW3x4ppt&p=https%3A//timedopovo.tk&dtd=379
Frame ID: 0721B33217AB8C83E995D5D9506EE363
Requests: 11 HTTP requests in this frame

Frame: https://adds.livreuso.tk/anuncios//show_i.php?a=529&z=29&c=1&adurl=14000&target=_blank
Frame ID: 159744567D868ABAAE3BF5499FE20720
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3432341997211165&output=html&h=280&slotname=8825380003&adk=3290701847&adf=215310249&pi=t.ma~as.8825380003&w=1000&fwrn=4&fwrnh=100&lmt=1644507491&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644507491066&bpp=4&bdt=714&idt=393&shv=r20220208&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C284x60&nras=1&correlator=4845398872052&frm=20&pv=2&ga_vid=26252996.1644507491&ga_sid=1644507491&ga_hid=1368860601&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=308&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064716%2C31064733&oid=2&pvsid=3842056236427875&pem=934&tmod=412511344&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&fsb=1&xpc=FQB9RBbdKQ&p=https%3A//timedopovo.tk&dtd=399
Frame ID: 74D44D6324FE3C0503A1BFE650BA7841
Requests: 16 HTTP requests in this frame

Frame: https://ad.lomadee.com/banner/view?sourceId=35923256&dimension=1&width=728&height=90&method=0&advertisers=&tags=
Frame ID: 432BDE74C1768B15B6C032DED21E171A
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=240&adk=4071009227&adf=2944978207&pi=t.aa~a.795276990~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1644507492&rafmt=1&to=qs&pwprc=3910530028&psa=0&format=300x240&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644507492024&bpp=1&bdt=1672&idt=-M&shv=r20220208&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a199bb22fadbc69-22b3b63739cd00a3%3AT%3D1644507491%3ART%3D1644507491%3AS%3DALNI_Ma3GNwb7kibqCQKnG7L14g6h29qdA&prev_fmts=0x0%2C284x60%2C1000x280&nras=2&correlator=4845398872052&frm=20&pv=1&ga_vid=26252996.1644507491&ga_sid=1644507491&ga_hid=1368860601&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064716%2C31064733&oid=2&pvsid=3842056236427875&pem=934&tmod=412511344&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=1TXw4vMJYn&p=https%3A//timedopovo.tk&dtd=15
Frame ID: D055D7BFB8B3C747709167460F4B075F
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=100&adk=702956917&adf=3434027193&pi=t.aa~a.1445354789~rp.1&w=540&fwrn=4&fwrnh=100&lmt=1644507492&rafmt=1&to=qs&pwprc=3910530028&psa=0&format=540x100&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644507492024&bpp=1&bdt=1672&idt=1&shv=r20220208&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a199bb22fadbc69-22b3b63739cd00a3%3AT%3D1644507491%3ART%3D1644507491%3AS%3DALNI_Ma3GNwb7kibqCQKnG7L14g6h29qdA&prev_fmts=0x0%2C284x60%2C1000x280%2C300x240&nras=3&correlator=4845398872052&frm=20&pv=1&ga_vid=26252996.1644507491&ga_sid=1644507491&ga_hid=1368860601&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=452&ady=1420&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064716%2C31064733&oid=2&pvsid=3842056236427875&pem=934&tmod=412511344&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=kJY6ZKxv45&p=https%3A//timedopovo.tk&dtd=18
Frame ID: 678B83C16449DF11FDD822D22930832B
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1
Frame ID: 779104C36860572DE04286F6E3B05FD9
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DA8F26AF8A51429FEC1A133E9ABCA92A
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 5B71E620EE29510B38CDFB53F31B8570
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2D7655C0CCFC56B635FADD2DB4D8BE13
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 51ECDAA7DA9E2EFD4B3313A4E8DD7C94
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 55424E05643C9EF894505CF15035BF36
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C4FF7DC568D8A3AB205D1D6228E4BC79
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4sA8Ua-TyKNj3el8HacmjA-izpCmChALhgIgequxpOM.js
Frame ID: 66C23FA9D1413D95502A2D86F951B08C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4sA8Ua-TyKNj3el8HacmjA-izpCmChALhgIgequxpOM.js
Frame ID: 4A5C60A9E6FA2768AB5D4A475133F2A1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4sA8Ua-TyKNj3el8HacmjA-izpCmChALhgIgequxpOM.js
Frame ID: AA4BEAB59E74FEA4072F75F9F80D6308
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4sA8Ua-TyKNj3el8HacmjA-izpCmChALhgIgequxpOM.js
Frame ID: 87BF74688DEA4C82CC280F40B6ACB0B3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4sA8Ua-TyKNj3el8HacmjA-izpCmChALhgIgequxpOM.js
Frame ID: 3C926F55A522422187FEE2BC35A27CD8
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e1ee4337e1164%26domain%3Dtimedopovo.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftimedopovo.tk%252Ff347308676e0aa%26relation%3Dparent.parent&color_scheme=light&container_width=300&header=true&height=300&href=https%3A%2F%2Fwww.facebook.com%2Ftimedopovonews%3Fref%3Dhl&locale=pt_BR&sdk=joey&show_border=true&show_faces=true&stream=false&width=300
Frame ID: 26FD39CD034499B2422E3F9486090679
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DEC9A04CC5A453674002BB8B9A4F2BBD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 509CC46B33AA4320BF32B57517490807
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Time Do Povo

Page URL History Show full URLs

https://www.timedopovo.tk/ HTTP 301
https://timedopovo.tk/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Twitter Emoji (Twemoji) (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

twemoji(?:\.min)?\.js

WP-Statistics (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<!-- Analytics by WP-Statistics v([\d.]+) -

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

161
Requests

81 %
HTTPS

47 %
IPv6

29
Domains

35
Subdomains

24
IPs

6
Countries

1938 kB
Transfer

4522 kB
Size

27
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://www.timedopovo.tk/category/ultimasnoticias/
Title: Últimas notícias

Search URL Search Domain Scan URL

URL: https://www.facebook.com/timedopovonews

Search URL Search Domain Scan URL

URL: http://twitter.com/#!/time_do_povo

Search URL Search Domain Scan URL

URL: http://feeds.feedburner.com/TimeDoPovo

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/TimeDoPovoCom

Search URL Search Domain Scan URL

URL: https://indexanetwork.go2cloud.org/aff_c?offer_id=2580&aff_id=1321&file_id=46468

Search URL Search Domain Scan URL

URL: http://www.timedopovo.tk/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.timedopovo.tk/ HTTP 301
https://timedopovo.tk/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_64,h_64/https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/facebook.png HTTP 302
https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/facebook.png

Request Chain 9

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_64,h_64/https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/twitter.png HTTP 302
https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/twitter.png

Request Chain 10

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_64,h_64/https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/rss.png HTTP 302
https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/rss.png

Request Chain 11

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_64,h_64/https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/youtube.png HTTP 302
https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/youtube.png

Request Chain 29

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://timedopovo.tk/wp-content/themes/crystalhosting/images/sidebarup.png HTTP 302
https://timedopovo.tk/wp-content/themes/crystalhosting/images/sidebarup.png

Request Chain 30

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://timedopovo.tk/wp-content/themes/crystalhosting/images/postindex.png HTTP 302
https://timedopovo.tk/wp-content/themes/crystalhosting/images/postindex.png

Request Chain 31

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://timedopovo.tk/wp-content/themes/crystalhosting/images/postfim-2.png HTTP 302
https://timedopovo.tk/wp-content/themes/crystalhosting/images/postfim-2.png

Request Chain 32

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://timedopovo.tk/wp-content/themes/crystalhosting/images/sidebaruppp.png HTTP 302
https://timedopovo.tk/wp-content/themes/crystalhosting/images/sidebaruppp.png

Request Chain 33

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_150/https://timedopovo.tk/wp-content/uploads/2021/07/agenciacorinthians-foto-146342-1024x682-1-150x100.jpg HTTP 302
https://timedopovo.tk/wp-content/uploads/2021/07/agenciacorinthians-foto-146342-1024x682-1-150x100.jpg

Request Chain 34

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_150/https://timedopovo.tk/wp-content/uploads/2021/07/0002-150x100.jpg HTTP 302
https://timedopovo.tk/wp-content/uploads/2021/07/0002-150x100.jpg

Request Chain 35

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_150/https://timedopovo.tk/wp-content/uploads/2021/07/agenciacorinthians-foto-181530-1024x681-1-150x100.jpg HTTP 302
https://timedopovo.tk/wp-content/uploads/2021/07/agenciacorinthians-foto-181530-1024x681-1-150x100.jpg

Request Chain 36

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_160/https://timedopovo.tk/wp-content/uploads/2021/07/33e966bfc3e98wzmzawq9o40d960foeg2-635x397-1-160x100.jpg HTTP 302
https://timedopovo.tk/wp-content/uploads/2021/07/33e966bfc3e98wzmzawq9o40d960foeg2-635x397-1-160x100.jpg

Request Chain 37

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_145/https://timedopovo.tk/wp-content/uploads/2021/06/004-145x100.jpg HTTP 302
https://timedopovo.tk/wp-content/uploads/2021/06/004-145x100.jpg

Request Chain 38

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_144/https://timedopovo.tk/wp-content/uploads/2021/06/003-144x100.jpg HTTP 302
https://timedopovo.tk/wp-content/uploads/2021/06/003-144x100.jpg

Request Chain 39

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_147/https://timedopovo.tk/wp-content/uploads/2021/06/agenciacorinthians-foto-180450-1-1024x695-1-147x100.jpg HTTP 302
https://timedopovo.tk/wp-content/uploads/2021/06/agenciacorinthians-foto-180450-1-1024x695-1-147x100.jpg

Request Chain 40

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_147/https://timedopovo.tk/wp-content/uploads/2021/06/Se-entrar-em-campo-Ramiro-vai-completar-100-jogos-pelo-Corinthians-147x100.jpg HTTP 302
https://timedopovo.tk/wp-content/uploads/2021/06/Se-entrar-em-campo-Ramiro-vai-completar-100-jogos-pelo-Corinthians-147x100.jpg

Request Chain 82

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 123

https://d.agkn.com/pixel/2175/?google_gid=CAESED8LJeAVhXz4mYxOiiHpOsQ&google_cver=1&google_push=AYg5qPIBdl2IJWR0_f4277E5K7H_5yMK4tdY_9TLqAPLj8PwIKN15zXdyPR0RoC8qzkk3RCq0ehTpkgDdpDTDmVo84OlwwefPw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIBdl2IJWR0_f4277E5K7H_5yMK4tdY_9TLqAPLj8PwIKN15zXdyPR0RoC8qzkk3RCq0ehTpkgDdpDTDmVo84OlwwefPw&google_hm=Q0FFU0VEOExKZUFWaFh6NG1ZeE9paUhwT3NR

Request Chain 124

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIEKgQTvFvcKnOuqse3GZn0&google_cver=1&google_push=AYg5qPIsG5ASwhar7wUh7Yut6nQ8OeXgABy-tU136AxvTF8LLMnFYloKVN5kIFiISF-EVUOt-Rc4I6ANX1KTzP0oKX-oHvNXGbE HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIEKgQTvFvcKnOuqse3GZn0&google_cver=1&google_push=AYg5qPIsG5ASwhar7wUh7Yut6nQ8OeXgABy-tU136AxvTF8LLMnFYloKVN5kIFiISF-EVUOt-Rc4I6ANX1KTzP0oKX-oHvNXGbE&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ntZdTt77T7y-DAmUjcVdkQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIsG5ASwhar7wUh7Yut6nQ8OeXgABy-tU136AxvTF8LLMnFYloKVN5kIFiISF-EVUOt-Rc4I6ANX1KTzP0oKX-oHvNXGbE

Request Chain 125

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBdSCudOz2sN0lNCrimNuco&google_cver=1&google_push=AYg5qPJd0_50QW04gZw0cqBE7_v57y-WxPg087NIzZ7S2pZHLR07pbbppfmp4XzRHBM7rUo_LusVJLzSadIJLuWI6Ro5J_Q4pg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pINUFVTkEtQS1EVENQ&google_push=AYg5qPJd0_50QW04gZw0cqBE7_v57y-WxPg087NIzZ7S2pZHLR07pbbppfmp4XzRHBM7rUo_LusVJLzSadIJLuWI6Ro5J_Q4pg

Request Chain 126

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_cver=1&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHsOBeBzq0YIf8oNnsZRuS0735a2tGRS3tQA3QlBx15yybiSBQ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHsOBeBzq0YIf8oNnsZRuS0735a2tGRS3tQA3QlBx15yybiSBQ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHsOBeBzq0YIf8oNnsZRuS0735a2tGRS3tQA3QlBx15yybiSBQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHsOBeBzq0YIf8oNnsZRuS0735a2tGRS3tQA3QlBx15yybiSBQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHsOBeBzq0YIf8oNnsZRuS0735a2tGRS3tQA3QlBx15yybiSBQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHsOBeBzq0YIf8oNnsZRuS0735a2tGRS3tQA3QlBx15yybiSBQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHsOBeBzq0YIf8oNnsZRuS0735a2tGRS3tQA3QlBx15yybiSBQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHsOBeBzq0YIf8oNnsZRuS0735a2tGRS3tQA3QlBx15yybiSBQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHsOBeBzq0YIf8oNnsZRuS0735a2tGRS3tQA3QlBx15yybiSBQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHsOBeBzq0YIf8oNnsZRuS0735a2tGRS3tQA3QlBx15yybiSBQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHsOBeBzq0YIf8oNnsZRuS0735a2tGRS3tQA3QlBx15yybiSBQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHsOBeBzq0YIf8oNnsZRuS0735a2tGRS3tQA3QlBx15yybiSBQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHsOBeBzq0YIf8oNnsZRuS0735a2tGRS3tQA3QlBx15yybiSBQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHsOBeBzq0YIf8oNnsZRuS0735a2tGRS3tQA3QlBx15yybiSBQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHsOBeBzq0YIf8oNnsZRuS0735a2tGRS3tQA3QlBx15yybiSBQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHsOBeBzq0YIf8oNnsZRuS0735a2tGRS3tQA3QlBx15yybiSBQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHsOBeBzq0YIf8oNnsZRuS0735a2tGRS3tQA3QlBx15yybiSBQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHsOBeBzq0YIf8oNnsZRuS0735a2tGRS3tQA3QlBx15yybiSBQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHsOBeBzq0YIf8oNnsZRuS0735a2tGRS3tQA3QlBx15yybiSBQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHsOBeBzq0YIf8oNnsZRuS0735a2tGRS3tQA3QlBx15yybiSBQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHsOBeBzq0YIf8oNnsZRuS0735a2tGRS3tQA3QlBx15yybiSBQ&google_cver=1

Request Chain 128

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEC5jpSc31anpzKX3OC6S5dY&google_cver=1&google_push=AYg5qPJ3lPOnQg9etK-dZcHwisypfi2xIkxyxBQS4eksnaGfziD6IGuq8jAIsicRzvyn0NdsU4Hz7ZIhb-yFXgtvlWoUZLL03hE HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJ3lPOnQg9etK-dZcHwisypfi2xIkxyxBQS4eksnaGfziD6IGuq8jAIsicRzvyn0NdsU4Hz7ZIhb-yFXgtvlWoUZLL03hE&google_hm=

Request Chain 130

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 132

https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESEEWjWCJj-iMXJ4GaRz9xXtE&google_cver=1&google_push=AYg5qPLdsXVxK47RFuXBGYHaEf2whhFi4z0oVI9rWffEKf7Yoq6A596boCrgf0dj8AAoW8QBqWv9RNL06CUl-T8j3jjQMIVol6M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=SUEUV-2vL7XskeI9DcVUdw&tap=gAds&google_gid=CAESEEWjWCJj-iMXJ4GaRz9xXtE&google_cver=1&google_push=AYg5qPLdsXVxK47RFuXBGYHaEf2whhFi4z0oVI9rWffEKf7Yoq6A596boCrgf0dj8AAoW8QBqWv9RNL06CUl-T8j3jjQMIVol6M

Request Chain 133

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJcSHdgnA2YEkdZAzOKsfYJylbQ0QwCeH-5LoSz9fBUOIYf6MulSvgvXroIKcitFuYvJThdbx6f4Syqlz1f8JKpJ6lOkpg&google_gid=CAESEMz0wUxvAfdO5zUeSDINjBo&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJcSHdgnA2YEkdZAzOKsfYJylbQ0QwCeH-5LoSz9fBUOIYf6MulSvgvXroIKcitFuYvJThdbx6f4Syqlz1f8JKpJ6lOkpg&google_gid=CAESEMz0wUxvAfdO5zUeSDINjBo&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAyMTAxNTM4MTMwMDAxNDI2NDgyNjQyOA%3D%3D&google_push=AYg5qPJcSHdgnA2YEkdZAzOKsfYJylbQ0QwCeH-5LoSz9fBUOIYf6MulSvgvXroIKcitFuYvJThdbx6f4Syqlz1f8JKpJ6lOkpg

Request Chain 135

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEALwF6K-RdvVfUNxWTOoQg&google_cver=1&google_push=AYg5qPK4lnTq4QlAU0HkIz4kmlvHuDe-wFrKZgT7t7KygWBIYYMaWYV935xZA-TS43B-btVCUPbckD34lphrzfEkkwPmDVDL9AR5 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEALwF6K-RdvVfUNxWTOoQg&google_cver=1&google_push=AYg5qPK4lnTq4QlAU0HkIz4kmlvHuDe-wFrKZgT7t7KygWBIYYMaWYV935xZA-TS43B-btVCUPbckD34lphrzfEkkwPmDVDL9AR5&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0VQDJmqNSG-O6z6bIHZOaA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK4lnTq4QlAU0HkIz4kmlvHuDe-wFrKZgT7t7KygWBIYYMaWYV935xZA-TS43B-btVCUPbckD34lphrzfEkkwPmDVDL9AR5

Request Chain 136

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEP3I4WwqzkGl0oZhp_dAUPg&google_cver=1&google_push=AYg5qPLkyx0wEscMbZfSFcauO7mgP85dWGnWg8rfav0s5z59YhSqyVqTp9ktVx5YGjwb6KNXb2lhcCLUUrqkvYZSu4YxrDTe1QM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pINUFVTkUtMU8tTEYxRA==&google_push=AYg5qPLkyx0wEscMbZfSFcauO7mgP85dWGnWg8rfav0s5z59YhSqyVqTp9ktVx5YGjwb6KNXb2lhcCLUUrqkvYZSu4YxrDTe1QM

Request Chain 140

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

161 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
timedopovo.tk/
Redirect Chain

https://www.timedopovo.tk/
https://timedopovo.tk/

47 KB
11 KB

1619ms
1595ms

Document
text/html

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL

https://timedopovo.tk/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),

Reverse DNS

sv46.byethost46.org

Software

nginx /

Resource Hash

55dffd4a76f8f06f5bb26309662a1a12182d7dfe0dec0e60bc2e0ffa5ef48c5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

server: nginx
date: Thu, 10 Feb 2022 15:38:09 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://timedopovo.tk/wp-json/>; rel="https://api.w.org/"
cache-control: max-age=0
expires: Thu, 10 Feb 2022 15:38:07 GMT
content-encoding: br

Redirect headers

server: nginx
date: Thu, 10 Feb 2022 15:38:07 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://timedopovo.tk/
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-redirect-by: WordPress
cache-control: max-age=0
expires: Thu, 10 Feb 2022 15:38:05 GMT

GET
H2 200 autoptimize_b29b1f69340b6254e65047bbb2ef974d.css
timedopovo.tk/wp-content/cache/autoptimize/css/ 17 KB
3 KB 73ms
72ms Stylesheet
text/css 31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://timedopovo.tk/wp-content/cache/autoptimize/css/autoptimize_b29b1f69340b6254e65047bbb2ef974d.css
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: f356c1330b17335df99dda5bb53bfd858ff27b903d555e9edb775b2c08d0b357

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:09 GMT
content-encoding: gzip
last-modified: Tue, 23 Mar 2021 15:58:14 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=30672000, public, immutable, public, proxy-revalidate
accept-ranges: bytes
content-length: 3012
expires: Tue, 31 Jan 2023 15:38:09 GMT

GET
H2 200 autoptimize_f4db39f018aeddfe8271b0d5d2502cab.css
timedopovo.tk/wp-content/cache/autoptimize/css/ 91 KB
16 KB 78ms
78ms Stylesheet
text/css 31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://timedopovo.tk/wp-content/cache/autoptimize/css/autoptimize_f4db39f018aeddfe8271b0d5d2502cab.css
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 87852b2933a18f87f4632a086a928e734c9e8ab17d09725d327906c5a42ee4c6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:09 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 13:29:50 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=30672000, public, immutable, public, proxy-revalidate
accept-ranges: bytes
content-length: 16009
expires: Tue, 31 Jan 2023 15:38:09 GMT

GET
H2 200 jquery.js Show response
timedopovo.tk/wp-includes/js/jquery/ 281 KB
84 KB 131ms
131ms Script
application/javascript 31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://timedopovo.tk/wp-includes/js/jquery/jquery.js?ver=3.5.1
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 86f937a29eaee70aaf9935799a414bea46c62fb136cc0465f63f9d6820cf4982

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:09 GMT
content-encoding: br
last-modified: Tue, 23 Feb 2021 22:25:34 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
expires: Sat, 12 Mar 2022 15:38:09 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
53 KB 230ms
215ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: timedopovo.tk
URL: https://timedopovo.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1f540f14e3e2b6018ccbf81e492d780c2a54b8d00802a57d6de05d7d2aea14c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53612
x-xss-protection: 0
server: cafe
etag: 1908286220525776688
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 10 Feb 2022 15:38:10 GMT

GET
H2 200 logotdp.png
www.timedopovo.tk/ 31 KB
31 KB 202ms
201ms Image
image/png 31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.timedopovo.tk/logotdp.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: fc08809552becc11633f8ae84e133f62f1ee23689f6aa71d532ed5ab3ac3d821

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:09 GMT
last-modified: Fri, 06 Apr 2018 00:39:56 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 31497
expires: Sat, 12 Mar 2022 15:38:09 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 113 KB
39 KB 547ms
408ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: timedopovo.tk
URL: https://timedopovo.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1bdcfa69c65e859f2a6202598117b998f246ef00311a51e3ac501570d6b4d229

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39885
x-xss-protection: 0
server: cafe
etag: 7250341886927471300
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 10 Feb 2022 15:38:10 GMT

GET
H2 200 vercompleto.png
www.timedopovo.tk/wp-content/themes/crystalhosting/images/ 9 KB
9 KB 443ms
441ms Image
image/png 31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.timedopovo.tk/wp-content/themes/crystalhosting/images/vercompleto.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 986037628ef2f713282cdf6658e45f2d778e374635e2b7b6ec0f3e2fd9281ba3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:09 GMT
last-modified: Fri, 06 Apr 2018 00:41:57 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 9074
expires: Sat, 12 Mar 2022 15:38:09 GMT

GET
H2 200 escudo.png
www.timedopovo.tk/ 46 KB
46 KB 443ms
441ms Image
image/png 31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.timedopovo.tk/escudo.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: ce2c2f487561a1e72f77b2c28bdf121fef04e9c7d3189f5affd499a3a8a77db5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:09 GMT
last-modified: Fri, 06 Apr 2018 00:46:34 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 46795
expires: Sat, 12 Mar 2022 15:38:09 GMT

GET
H2

200

facebook.png
timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_64,h_64/https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/facebook.png
https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/facebook.png

763 B
957 B

164ms
164ms

Image
image/png

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/facebook.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: b8e86c44c2f2cc0f6d192de5b6a94b23e3c60db1117bed35701ae1e7ec6cfe5a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:10 GMT
last-modified: Fri, 06 Apr 2018 00:40:17 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 763
expires: Sat, 12 Mar 2022 15:38:10 GMT

Redirect headers

date: Thu, 10 Feb 2022 15:38:10 GMT
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-cachedat: 02/09/2022 22:46:34
cdn-pullzone: 257218
cdn-tag: 0; Domain: timedopovo.tk; 302
content-length: 0
server: BunnyCDN-DE1-756
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/facebook.png
content-type: text/html; charset=utf-8
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: ab35c4f7d17fee6d1b37afe7df4a806a
cdn-requestcountrycode: CH
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

twitter.png
timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_64,h_64/https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/twitter.png
https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/twitter.png

1 KB
2 KB

164ms
164ms

Image
image/png

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/twitter.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 7961fb8e2c56c456004b8621329bcc73e2030785eb88be511bec404c80a659b7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:10 GMT
last-modified: Fri, 06 Apr 2018 00:40:17 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 1342
expires: Sat, 12 Mar 2022 15:38:10 GMT

Redirect headers

date: Thu, 10 Feb 2022 15:38:10 GMT
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-cachedat: 02/10/2022 13:52:12
cdn-pullzone: 257218
cdn-tag: 0; Domain: timedopovo.tk; 302
content-length: 0
server: BunnyCDN-DE1-756
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/twitter.png
content-type: text/html; charset=utf-8
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: 3c08a5daedb640aed1f9e647a6805d86
cdn-requestcountrycode: CH
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

rss.png
timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_64,h_64/https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/rss.png
https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/rss.png

3 KB
3 KB

164ms
164ms

Image
image/png

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/rss.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 6bd760dc672e6d692fd30cca41e3629ab4c67d24fde1d13d2b3d5744fd06f351

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:10 GMT
last-modified: Fri, 06 Apr 2018 00:40:17 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 2746
expires: Sat, 12 Mar 2022 15:38:10 GMT

Redirect headers

date: Thu, 10 Feb 2022 15:38:10 GMT
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-cachedat: 02/10/2022 13:52:12
cdn-pullzone: 257218
cdn-tag: 0; Domain: timedopovo.tk; 302
content-length: 0
server: BunnyCDN-DE1-756
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/rss.png
content-type: text/html; charset=utf-8
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: ba4b28db4ce1ec2839d01250896aba15
cdn-requestcountrycode: CH
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

youtube.png
timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_64,h_64/https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/youtube.png
https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/youtube.png

3 KB
3 KB

163ms
163ms

Image
image/png

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/youtube.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 70026657c87a5132b6a431dff968771873d699737fb63c32af45f5790a1a38c3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:10 GMT
last-modified: Fri, 06 Apr 2018 00:40:17 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 3229
expires: Sat, 12 Mar 2022 15:38:10 GMT

Redirect headers

date: Thu, 10 Feb 2022 15:38:10 GMT
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-cachedat: 02/10/2022 13:52:12
cdn-pullzone: 257218
cdn-tag: 0; Domain: timedopovo.tk; 302
content-length: 0
server: BunnyCDN-DE1-756
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/youtube.png
content-type: text/html; charset=utf-8
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: c300bfcd41da920f30800761554967d4
cdn-requestcountrycode: CH
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2 200 300x250-REFRESH_OFERTA_300_MEGA_ALL-TYPE_26_11.png
media.go2speed.org/brand/files/indexanetwork/2580/ 77 KB
77 KB 410ms
189ms Image
image/png 108.157.4.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.go2speed.org/brand/files/indexanetwork/2580/300x250-REFRESH_OFERTA_300_MEGA_ALL-TYPE_26_11.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-7.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a08922f7698f6a95eea3c8123b08d4187f4ffd54d300c39b17e8f6315c132d9d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 10 Feb 2022 15:38:10 GMT
via: 1.1 6eb77e673c2aa566dbadbc817458b976.cloudfront.net (CloudFront)
last-modified: Wed, 19 Jan 2022 19:14:21 GMT
server: AmazonS3
age: 599
etag: "df0a70fd8e039021636730b4f835eee2"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=3600
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-length: 78498
x-amz-cf-id: uGpyg22BH2wcS7vY2BXFb8JgAHCS1UAm6rl4t_-RZmGTz698sQfN8g==

GET
H/1.1 200
OK aff_i
indexanetwork.go2cloud.org/ 43 B
523 B 418ms
94ms Image
image/gif 18.202.12.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indexanetwork.go2cloud.org/aff_i?offer_id=2580&file_id=46468&aff_id=1321
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.12.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-12-61.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 15:38:10 GMT
Content-Encoding: gzip
Server: nginx
Tracking_id: 1023276250af816200d17b5dd7adc6
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Tune-SDK-Version
X-Request-Id: edf524eb8e225fe3831f5b3a8f62d9ce
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 logo.gif
www.timedopovo.tk/ 259 KB
260 KB 202ms
200ms Image
image/gif 31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.timedopovo.tk/logo.gif
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 74a14c3c9efff84398be5969f5ed596e76fd40786aa034907d67e2cafbf746d6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:09 GMT
last-modified: Fri, 06 Apr 2018 00:46:39 GMT
server: nginx
content-type: image/gif
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 265726
expires: Sat, 12 Mar 2022 15:38:09 GMT

GET
H2 200 autoptimize_6ccab22e2ababbb6f9254f9d76a105cd.js Show response
timedopovo.tk/wp-content/cache/autoptimize/js/ 25 KB
8 KB 441ms
440ms Script
application/javascript 31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://timedopovo.tk/wp-content/cache/autoptimize/js/autoptimize_6ccab22e2ababbb6f9254f9d76a105cd.js
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 095141e7068ce4b679b220eb6c6ba5d4c49102c2343dbb9b71569c5e84a59079

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:09 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 13:29:50 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=30672000, public, immutable, public, proxy-revalidate, public, proxy-revalidate
accept-ranges: bytes
content-length: 8158
expires: Tue, 31 Jan 2023 15:38:09 GMT

GET
H2 200 twemoji.js Show response
timedopovo.tk/wp-includes/js/ 27 KB
8 KB 441ms
441ms Script
application/javascript 31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://timedopovo.tk/wp-includes/js/twemoji.js?ver=5.7.5
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: e98cd00e7be004c4360ad0c38471911312d74a117babcc29f239935afc80c8cb

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:09 GMT
content-encoding: br
last-modified: Tue, 23 Feb 2021 22:25:34 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
expires: Sat, 12 Mar 2022 15:38:09 GMT

GET
H2 200 wp-emoji.js Show response
timedopovo.tk/wp-includes/js/ 9 KB
4 KB 253ms
252ms Script
application/javascript 31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://timedopovo.tk/wp-includes/js/wp-emoji.js?ver=5.7.5
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: e503c59c36fc19803b2e9572b10e7c06236bda692aebd97f29e2a5a96f9aa5b6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:09 GMT
content-encoding: br
last-modified: Sun, 03 May 2020 16:41:02 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
expires: Sat, 12 Mar 2022 15:38:09 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 205ms
83ms Script
text/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: timedopovo.tk
URL: https://timedopovo.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2142
date: Thu, 10 Feb 2022 15:02:29 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Thu, 10 Feb 2022 17:02:29 GMT

GET
H2 200 all.js Show response
connect.facebook.net/pt_BR/ 3 KB
2 KB 209ms
89ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/all.js

Requested by

Host: timedopovo.tk
URL: https://timedopovo.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4781c71e42e9c275dcfc00afbff9387a29fe754597fcc0de649dd994c4840de5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: O9mNX6L/suMkYyrVDHjHDA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Thu, 10 Feb 2022 15:54:25 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: gHDdo40VNdfeiQvT9C43DY7oyoWlCLtwPPgl0V2yBGJlTF9sTquA5VV0eUli5PMTPfHJ2kTcCP2jP6h8lEnm2w==
x-fb-trip-id: 686109401
x-fb-content-md5: 6612d5ec72539bd04824c07bd2c97ee0
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 10 Feb 2022 15:38:11 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "6f0941f45422bc087b2171b2946baf14"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/ 289 KB
104 KB 92ms
91ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9397577970694762&plah=timedopovo.tk&bust=31064716

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c8fdefb68efa78ff2fd4092d3c68d5c064d2442f837bc5c7832f48cf07abd6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106377
x-xss-protection: 0
server: cafe
etag: 592664747098002576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 10 Feb 2022 15:38:11 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220208/r20190131/ Frame B1ED 10 KB
5 KB 214ms
89ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220208/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Wed, 09 Feb 2022 21:54:54 GMT
expires: Wed, 23 Feb 2022 21:54:54 GMT
cache-control: public, max-age=1209600
age: 63797
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET query_renderer.js
www.google.com/cse/ 0
0

GET js
www.google.com/cse/api/partner-pub-3432341997211165/cse/6624308046/queries/ 0
0

GET show_afs_search.js
www.google.com/afsonline/ 0
0

GET show_ads.js
pagead2.googlesyndication.com/pagead/ 0
0

GET brand
www.google.com.br/coop/cse/ 0
0

GET
H/1.1 200
OK aff_i
indexanetwork.go2cloud.org/ 43 B
523 B 66ms
66ms Image
image/gif 18.202.12.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indexanetwork.go2cloud.org/aff_i?offer_id=2580&file_id=46468&aff_id=1321
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.12.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-12-61.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 15:38:11 GMT
Content-Encoding: gzip
Server: nginx
Tracking_id: 1029cbd8dbf7a936d580b255fcf36b
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Tune-SDK-Version
X-Request-Id: 800f3f9ebbc4e1c789b0273ce683a2f8
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 show.php Show response
adds.livreuso.tk/anuncios// 483 B
487 B 300ms
97ms Script
text/html 31.22.4.94
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://adds.livreuso.tk/anuncios//show.php?z=29&j=1&code=1644507491084
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.94 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv23.byethost23.org
Software: nginx /
Resource Hash: 61bfbe6d6f3df62e49dc26624b55b9a97717fb69dbd623e073586203657f29e6

Request headers

Referer: https://timedopovo.tk/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 15:38:10 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
content-type: text/html
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

sidebarup.png
timedopovo.tk/wp-content/themes/crystalhosting/images/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://timedopovo.tk/wp-content/themes/crystalhosting/images/sidebarup.png
https://timedopovo.tk/wp-content/themes/crystalhosting/images/sidebarup.png

3 KB
3 KB

227ms
227ms

Image
image/png

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/themes/crystalhosting/images/sidebarup.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/wp-content/cache/autoptimize/css/autoptimize_f4db39f018aeddfe8271b0d5d2502cab.css
Protocol: H2
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: cbd509669e176f744af1c69d7c339e14127f4be4c59185d6c5ba6fe448fca6f9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:10 GMT
last-modified: Fri, 06 Apr 2018 00:41:57 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 3225
expires: Sat, 12 Mar 2022 15:38:10 GMT

Redirect headers

date: Thu, 10 Feb 2022 15:38:11 GMT
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-cachedat: 02/10/2022 13:52:13
cdn-pullzone: 257218
cdn-tag: 0; Domain: timedopovo.tk; 302
content-length: 0
server: BunnyCDN-DE1-756
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://timedopovo.tk/wp-content/themes/crystalhosting/images/sidebarup.png
content-type: text/html; charset=utf-8
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: 5ff8c279bef3f63268a455c8f3983a7b
cdn-requestcountrycode: CH
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

postindex.png
timedopovo.tk/wp-content/themes/crystalhosting/images/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://timedopovo.tk/wp-content/themes/crystalhosting/images/postindex.png
https://timedopovo.tk/wp-content/themes/crystalhosting/images/postindex.png

8 KB
8 KB

230ms
229ms

Image
image/png

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/themes/crystalhosting/images/postindex.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/wp-content/cache/autoptimize/css/autoptimize_f4db39f018aeddfe8271b0d5d2502cab.css
Protocol: H2
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 64ad2b889e573ea0f48d0c21a22e7dbc47d08ca54dff2091e418e9b4b418be14

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:10 GMT
last-modified: Fri, 06 Apr 2018 00:41:57 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 7795
expires: Sat, 12 Mar 2022 15:38:10 GMT

Redirect headers

date: Thu, 10 Feb 2022 15:38:11 GMT
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-cachedat: 02/10/2022 13:52:12
cdn-pullzone: 257218
cdn-tag: 0; Domain: timedopovo.tk; 302
content-length: 0
server: BunnyCDN-DE1-756
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://timedopovo.tk/wp-content/themes/crystalhosting/images/postindex.png
content-type: text/html; charset=utf-8
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: b015094b8823cebd83bcba16a222af3e
cdn-requestcountrycode: CH
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

postfim-2.png
timedopovo.tk/wp-content/themes/crystalhosting/images/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://timedopovo.tk/wp-content/themes/crystalhosting/images/postfim-2.png
https://timedopovo.tk/wp-content/themes/crystalhosting/images/postfim-2.png

3 KB
3 KB

228ms
227ms

Image
image/png

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/themes/crystalhosting/images/postfim-2.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/wp-content/cache/autoptimize/css/autoptimize_f4db39f018aeddfe8271b0d5d2502cab.css
Protocol: H2
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 5a02e2246cb69facdac93ae2789f172c7ad079808db6bf62f41af6c6c2857a95

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:10 GMT
last-modified: Fri, 06 Apr 2018 00:41:57 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 3249
expires: Sat, 12 Mar 2022 15:38:10 GMT

Redirect headers

date: Thu, 10 Feb 2022 15:38:11 GMT
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-cachedat: 02/10/2022 13:52:12
cdn-pullzone: 257218
cdn-tag: 0; Domain: timedopovo.tk; 302
content-length: 0
server: BunnyCDN-DE1-756
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://timedopovo.tk/wp-content/themes/crystalhosting/images/postfim-2.png
content-type: text/html; charset=utf-8
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: cdcf7dc02db271199c784199e54423d8
cdn-requestcountrycode: CH
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

sidebaruppp.png
timedopovo.tk/wp-content/themes/crystalhosting/images/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://timedopovo.tk/wp-content/themes/crystalhosting/images/sidebaruppp.png
https://timedopovo.tk/wp-content/themes/crystalhosting/images/sidebaruppp.png

3 KB
3 KB

229ms
227ms

Image
image/png

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/themes/crystalhosting/images/sidebaruppp.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/wp-content/cache/autoptimize/css/autoptimize_f4db39f018aeddfe8271b0d5d2502cab.css
Protocol: H2
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 2ef3959264092b72de9339f88c90054eed3c2c83a3e755b058df53ce75310ee7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:10 GMT
last-modified: Fri, 06 Apr 2018 00:41:57 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 3281
expires: Sat, 12 Mar 2022 15:38:10 GMT

Redirect headers

date: Thu, 10 Feb 2022 15:38:11 GMT
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-cachedat: 02/10/2022 13:52:12
cdn-pullzone: 257218
cdn-tag: 0; Domain: timedopovo.tk; 302
content-length: 0
server: BunnyCDN-DE1-756
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://timedopovo.tk/wp-content/themes/crystalhosting/images/sidebaruppp.png
content-type: text/html; charset=utf-8
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: addb8c96a87972accd1c6391aace988d
cdn-requestcountrycode: CH
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

agenciacorinthians-foto-146342-1024x682-1-150x100.jpg
timedopovo.tk/wp-content/uploads/2021/07/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_150/https://timedopovo.tk/wp-content/uploads/2021/07/agenciacorinthians-foto-146342-1024x682-1-150x100.jpg
https://timedopovo.tk/wp-content/uploads/2021/07/agenciacorinthians-foto-146342-1024x682-1-150x100.jpg

5 KB
5 KB

176ms
176ms

Image
image/jpeg

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/uploads/2021/07/agenciacorinthians-foto-146342-1024x682-1-150x100.jpg
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 88f99f7451346524594c256652e87a14571331976592d46fd6a9b03c71cff121

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:10 GMT
last-modified: Wed, 07 Jul 2021 12:20:07 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 5251
expires: Sat, 12 Mar 2022 15:38:10 GMT

Redirect headers

date: Thu, 10 Feb 2022 15:38:11 GMT
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-cachedat: 02/10/2022 12:58:13
cdn-pullzone: 257218
cdn-tag: 0; Domain: timedopovo.tk; 302
content-length: 0
server: BunnyCDN-DE1-756
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://timedopovo.tk/wp-content/uploads/2021/07/agenciacorinthians-foto-146342-1024x682-1-150x100.jpg
content-type: text/html; charset=utf-8
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: ee938b241e293c8e9aaa76e1181422c0
cdn-requestcountrycode: CH
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

0002-150x100.jpg
timedopovo.tk/wp-content/uploads/2021/07/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_150/https://timedopovo.tk/wp-content/uploads/2021/07/0002-150x100.jpg
https://timedopovo.tk/wp-content/uploads/2021/07/0002-150x100.jpg

5 KB
5 KB

173ms
173ms

Image
image/jpeg

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/uploads/2021/07/0002-150x100.jpg
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: fa4921b4a9286703010ab2a2f33064e6fca5b1430791d0876c8269ea0bb85269

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:10 GMT
last-modified: Wed, 07 Jul 2021 12:14:52 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 5168
expires: Sat, 12 Mar 2022 15:38:10 GMT

Redirect headers

date: Thu, 10 Feb 2022 15:38:11 GMT
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-cachedat: 02/10/2022 13:52:12
cdn-pullzone: 257218
cdn-tag: 0; Domain: timedopovo.tk; 302
content-length: 0
server: BunnyCDN-DE1-756
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://timedopovo.tk/wp-content/uploads/2021/07/0002-150x100.jpg
content-type: text/html; charset=utf-8
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: ef2df0e4ce731a099a70e98854e8f139
cdn-requestcountrycode: CH
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

agenciacorinthians-foto-181530-1024x681-1-150x100.jpg
timedopovo.tk/wp-content/uploads/2021/07/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_150/https://timedopovo.tk/wp-content/uploads/2021/07/agenciacorinthians-foto-181530-1024x681-1-150x100.jpg
https://timedopovo.tk/wp-content/uploads/2021/07/agenciacorinthians-foto-181530-1024x681-1-150x100.jpg

4 KB
4 KB

178ms
178ms

Image
image/jpeg

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/uploads/2021/07/agenciacorinthians-foto-181530-1024x681-1-150x100.jpg
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 63b0d31f6c1c010ab66aac9a67e7a94c289b26088c583fa9ef41a63b6fb5f564

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:10 GMT
last-modified: Wed, 07 Jul 2021 12:09:15 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 3874
expires: Sat, 12 Mar 2022 15:38:10 GMT

Redirect headers

date: Thu, 10 Feb 2022 15:38:11 GMT
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-cachedat: 02/09/2022 22:46:34
cdn-pullzone: 257218
cdn-tag: 0; Domain: timedopovo.tk; 302
content-length: 0
server: BunnyCDN-DE1-756
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://timedopovo.tk/wp-content/uploads/2021/07/agenciacorinthians-foto-181530-1024x681-1-150x100.jpg
content-type: text/html; charset=utf-8
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: 1017923d586845aebd3482d1e2bde7c1
cdn-requestcountrycode: CH
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

33e966bfc3e98wzmzawq9o40d960foeg2-635x397-1-160x100.jpg
timedopovo.tk/wp-content/uploads/2021/07/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_160/https://timedopovo.tk/wp-content/uploads/2021/07/33e966bfc3e98wzmzawq9o40d960foeg2-635x397-1-160x100.jpg
https://timedopovo.tk/wp-content/uploads/2021/07/33e966bfc3e98wzmzawq9o40d960foeg2-635x397-1-160x100.jpg

6 KB
6 KB

173ms
173ms

Image
image/jpeg

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/uploads/2021/07/33e966bfc3e98wzmzawq9o40d960foeg2-635x397-1-160x100.jpg
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: d21420e670e9be893b2af1fb01238a93a8269df2b7b771566ee614093ecf2d73

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:10 GMT
last-modified: Sun, 04 Jul 2021 12:47:22 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 5707
expires: Sat, 12 Mar 2022 15:38:10 GMT

Redirect headers

date: Thu, 10 Feb 2022 15:38:11 GMT
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-cachedat: 02/10/2022 13:52:12
cdn-pullzone: 257218
cdn-tag: 0; Domain: timedopovo.tk; 302
content-length: 0
server: BunnyCDN-DE1-756
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://timedopovo.tk/wp-content/uploads/2021/07/33e966bfc3e98wzmzawq9o40d960foeg2-635x397-1-160x100.jpg
content-type: text/html; charset=utf-8
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: b199ecdf61dbba4efcd0d19d31fd8465
cdn-requestcountrycode: CH
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

004-145x100.jpg
timedopovo.tk/wp-content/uploads/2021/06/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_145/https://timedopovo.tk/wp-content/uploads/2021/06/004-145x100.jpg
https://timedopovo.tk/wp-content/uploads/2021/06/004-145x100.jpg

4 KB
5 KB

178ms
178ms

Image
image/jpeg

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/uploads/2021/06/004-145x100.jpg
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 23f91e8fed1b07720dbb269a526666a72ca20e4af6388c95757f7469229708dd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:10 GMT
last-modified: Wed, 09 Jun 2021 12:19:41 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 4416
expires: Sat, 12 Mar 2022 15:38:10 GMT

Redirect headers

date: Thu, 10 Feb 2022 15:38:11 GMT
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-cachedat: 02/10/2022 13:52:12
cdn-pullzone: 257218
cdn-tag: 0; Domain: timedopovo.tk; 302
content-length: 0
server: BunnyCDN-DE1-756
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://timedopovo.tk/wp-content/uploads/2021/06/004-145x100.jpg
content-type: text/html; charset=utf-8
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: 5ce7b99e4bcb810ec6f5200327eefee0
cdn-requestcountrycode: CH
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

003-144x100.jpg
timedopovo.tk/wp-content/uploads/2021/06/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_144/https://timedopovo.tk/wp-content/uploads/2021/06/003-144x100.jpg
https://timedopovo.tk/wp-content/uploads/2021/06/003-144x100.jpg

4 KB
5 KB

174ms
173ms

Image
image/jpeg

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/uploads/2021/06/003-144x100.jpg
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: b57245994e1df062a0eb10265547e7d49d7e3007df0c1f409dd34a42e78430e6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:10 GMT
last-modified: Fri, 04 Jun 2021 17:53:38 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 4476
expires: Sat, 12 Mar 2022 15:38:10 GMT

Redirect headers

date: Thu, 10 Feb 2022 15:38:11 GMT
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-cachedat: 02/10/2022 13:52:12
cdn-pullzone: 257218
cdn-tag: 0; Domain: timedopovo.tk; 302
content-length: 0
server: BunnyCDN-DE1-756
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://timedopovo.tk/wp-content/uploads/2021/06/003-144x100.jpg
content-type: text/html; charset=utf-8
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: 3f830aa599662f10def8e136c8c7ff0e
cdn-requestcountrycode: CH
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

agenciacorinthians-foto-180450-1-1024x695-1-147x100.jpg
timedopovo.tk/wp-content/uploads/2021/06/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_147/https://timedopovo.tk/wp-content/uploads/2021/06/agenciacorinthians-foto-180450-1-1024x695-1-147x100.jpg
https://timedopovo.tk/wp-content/uploads/2021/06/agenciacorinthians-foto-180450-1-1024x695-1-147x100.jpg

5 KB
5 KB

173ms
173ms

Image
image/jpeg

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/uploads/2021/06/agenciacorinthians-foto-180450-1-1024x695-1-147x100.jpg
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: dcdf89c03c77ddfecca983f3193527d5ecadb6703589b8cdd0ba77ff0928ef2c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:10 GMT
last-modified: Fri, 04 Jun 2021 17:49:39 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 5414
expires: Sat, 12 Mar 2022 15:38:10 GMT

Redirect headers

date: Thu, 10 Feb 2022 15:38:11 GMT
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-cachedat: 02/10/2022 13:52:12
cdn-pullzone: 257218
cdn-tag: 0; Domain: timedopovo.tk; 302
content-length: 0
server: BunnyCDN-DE1-756
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://timedopovo.tk/wp-content/uploads/2021/06/agenciacorinthians-foto-180450-1-1024x695-1-147x100.jpg
content-type: text/html; charset=utf-8
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: 184e6f24ec83e72e060935ad678b4429
cdn-requestcountrycode: CH
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

Se-entrar-em-campo-Ramiro-vai-completar-100-jogos-pelo-Corinthians-147x100.jpg
timedopovo.tk/wp-content/uploads/2021/06/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_147/https://timedopovo.tk/wp-content/uploads/2021/06/Se-entrar-em-campo-Ramiro-vai-completar-100-jogos-pelo-Corinthians-147x100.jpg
https://timedopovo.tk/wp-content/uploads/2021/06/Se-entrar-em-campo-Ramiro-vai-completar-100-jogos-pelo-Corinthians-147x100.jpg

5 KB
5 KB

176ms
176ms

Image
image/jpeg

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/uploads/2021/06/Se-entrar-em-campo-Ramiro-vai-completar-100-jogos-pelo-Corinthians-147x100.jpg
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Server: 31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: a984aa4dd8ef7b364554086f53750aadfeee7e5eb91194afa2b68eb776d7d090

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:10 GMT
last-modified: Wed, 02 Jun 2021 12:16:17 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 4680
expires: Sat, 12 Mar 2022 15:38:10 GMT

Redirect headers

date: Thu, 10 Feb 2022 15:38:11 GMT
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-cachedat: 02/10/2022 13:52:12
cdn-pullzone: 257218
cdn-tag: 0; Domain: timedopovo.tk; 302
content-length: 0
server: BunnyCDN-DE1-756
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://timedopovo.tk/wp-content/uploads/2021/06/Se-entrar-em-campo-Ramiro-vai-completar-100-jogos-pelo-Corinthians-147x100.jpg
content-type: text/html; charset=utf-8
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: 8a3ba51b8ba4167623892badcd8c8103
cdn-requestcountrycode: CH
cdn-status: 302
cdn-requestpullsuccess: True

GET
H3 200 all.js Show response
connect.facebook.net/pt_BR/ 285 KB
80 KB 173ms
76ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/all.js?hash=a472a659b24d62d3242205f9fd66d2ea

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ac7ca987581dd2e46a840b716297195c670c2c171a8bd46ac923d5917a62e2c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://timedopovo.tk/
Origin: https://timedopovo.tk
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: /497aoXDnZB319F+dHMAwg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Fri, 10 Feb 2023 14:03:53 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82139
x-fb-rlafr: 0
x-fb-debug: 1ow9xAIMgtyVzUQIDwAMlRHIrXKsAi9gZg3iFAyQHLzVbdXKheFyZzFhbFW74wFDF5iv/7KeE4ddUn33teuNmw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 8704408b23fcd4fd084bf6fc2f291d0f
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 10 Feb 2022 15:38:11 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "1ab79b46c43e53086eef5b771908de97"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
54 B 198ms
91ms Image
image/gif 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=674297045&utmhn=timedopovo.tk&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Time%20Do%20Povo&utmhid=1368860601&utmr=-&utmp=%2F&utmht=1644507491229&utmac=UA-23996175-16&utmcc=__utma%3D204431381.26252996.1644507491.1644507491.1644507491.1%3B%2B__utmz%3D204431381.1644507491.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=326909588&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: timedopovo.tk
URL: https://timedopovo.tk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 15:38:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 217 B
644 B 272ms
69ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=timedopovo.tk&callback=_gfp_s_&client=ca-pub-3432341997211165

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9397577970694762&plah=timedopovo.tk&bust=31064716

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

9394118d5c5a98830283589035f6a16c4e65c3f428cddff3e07575fc88cc9e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 231ms
82ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=timedopovo.tk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Feb 2022 15:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 231ms
82ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=timedopovo.tk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Feb 2022 15:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4DA5 159 KB
43 KB 524ms
450ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&adk=1812271804&adf=3025194257&lmt=1644507491&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftimedopovo.tk%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644507491015&bpp=3&bdt=663&idt=363&shv=r20220208&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4845398872052&frm=20&pv=2&ga_vid=26252996.1644507491&ga_sid=1644507491&ga_hid=1368860601&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064716%2C31064733&oid=2&pvsid=3842056236427875&pem=934&tmod=412511344&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=1&uci=a!1&fsb=1&dtd=384

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

165d6da950c3c3b396e239eaa4649a0ead5172212d0808fa6cb19b2559064df7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 10 Feb 2022 15:38:11 GMT
server: cafe
content-length: 44248
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Feb 2022 15:38:11 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0721 73 KB
29 KB 527ms
493ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=60&twa=1&slotname=3804470934&adk=4040837863&adf=2203149399&pi=t.ma~as.3804470934&w=284&fwrn=4&fwrnh=100&lmt=1644507491&format=284x60&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&rh=60&rw=284&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644507491056&bpp=9&bdt=704&idt=364&shv=r20220208&mjsv=m202202030101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0&nras=1&correlator=4845398872052&frm=20&pv=1&ga_vid=26252996.1644507491&ga_sid=1644507491&ga_hid=1368860601&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=988&ady=16&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064716%2C31064733&oid=2&pvsid=3842056236427875&pem=934&tmod=412511344&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YPOW3x4ppt&p=https%3A//timedopovo.tk&dtd=379

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcd4dbff18d65b19d3a064b2f66b6cf309cc328fbf8ce08390b5c528faf4ef00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 10 Feb 2022 15:38:11 GMT
server: cafe
content-length: 29901
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Feb 2022 15:38:11 GMT
cache-control: private

GET
H2 200 show_i.php Show response
adds.livreuso.tk/anuncios// Frame 1597 1 KB
732 B 80ms
80ms Document
text/html 31.22.4.94
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://adds.livreuso.tk/anuncios//show_i.php?a=529&z=29&c=1&adurl=14000&target=_blank
Requested by: Host: adds.livreuso.tk
URL: https://adds.livreuso.tk/anuncios//show.php?z=29&j=1&code=1644507491084
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.94 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv23.byethost23.org
Software: nginx /
Resource Hash: 77beab1c723cf69fffda6bfbf710337d386a86f6f5f3d08e9a567de1947ef202

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/

Response headers

server: nginx
date: Thu, 10 Feb 2022 15:38:11 GMT
content-type: text/html
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-encoding: br

GET
H2 200 blank.gif
adds.livreuso.tk/anuncios//images/ 43 B
236 B 77ms
77ms Image
image/gif 31.22.4.94
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adds.livreuso.tk/anuncios//images/blank.gif
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.94 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv23.byethost23.org
Software: nginx /
Resource Hash: 204e26ceed9d428095faf4121c5049f1e106116971865681001c2298f7cc5689

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:11 GMT
last-modified: Sun, 17 Dec 2017 15:19:14 GMT
server: nginx
content-type: image/gif
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 43
expires: Sat, 12 Mar 2022 15:38:11 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 74D4 83 KB
30 KB 708ms
702ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3432341997211165&output=html&h=280&slotname=8825380003&adk=3290701847&adf=215310249&pi=t.ma~as.8825380003&w=1000&fwrn=4&fwrnh=100&lmt=1644507491&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644507491066&bpp=4&bdt=714&idt=393&shv=r20220208&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C284x60&nras=1&correlator=4845398872052&frm=20&pv=2&ga_vid=26252996.1644507491&ga_sid=1644507491&ga_hid=1368860601&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=308&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064716%2C31064733&oid=2&pvsid=3842056236427875&pem=934&tmod=412511344&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&fsb=1&xpc=FQB9RBbdKQ&p=https%3A//timedopovo.tk&dtd=399

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ae7f07e8f00b28fd719f0d3c0e726a46425fade109c4987d7dc93b10864e9c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 10 Feb 2022 15:38:12 GMT
server: cafe
content-length: 30426
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Feb 2022 15:38:12 GMT
cache-control: private

GET
H2 200 script.js Show response
ad.lomadee.com/banners/ Frame 1597 430 B
588 B 211ms
53ms Script
text/html 18.66.248.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lomadee.com/banners/script.js?sourceId=35923256&dimension=1&height=90&width=728&method=0
Requested by: Host: adds.livreuso.tk
URL: https://adds.livreuso.tk/anuncios//show_i.php?a=529&z=29&c=1&adurl=14000&target=_blank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-81.dus51.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: cd3600e9be27f74665aba132c024322645a8e61af8dc08072c617386511268bb

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://adds.livreuso.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:36:28 GMT
via: 1.1 cd8cc1ff175a63c59feeb56bb3687766.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
age: 252102
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-language: en-US
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
content-type: text/html;charset=UTF-8
x-amz-cf-id: -YDL4B4LRLcFA1Td5NZUzfv0PcRL0lkiwwApt6SXyM_pgr_qbmpA1A==

GET
H2 200 blank.gif
adds.livreuso.tk/anuncios//images/ Frame 1597 43 B
236 B 84ms
83ms Image
image/gif 31.22.4.94
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adds.livreuso.tk/anuncios//images/blank.gif
Requested by: Host: adds.livreuso.tk
URL: https://adds.livreuso.tk/anuncios//show_i.php?a=529&z=29&c=1&adurl=14000&target=_blank
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.94 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv23.byethost23.org
Software: nginx /
Resource Hash: 204e26ceed9d428095faf4121c5049f1e106116971865681001c2298f7cc5689

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://adds.livreuso.tk/anuncios//show_i.php?a=529&z=29&c=1&adurl=14000&target=_blank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:11 GMT
last-modified: Sun, 17 Dec 2017 15:19:14 GMT
server: nginx
content-type: image/gif
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 43
expires: Sat, 12 Mar 2022 15:38:11 GMT

GET
H2 200 view Show response
ad.lomadee.com/banner/ Frame 432B 1 KB
1 KB 518ms
518ms Document
text/html 18.66.248.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lomadee.com/banner/view?sourceId=35923256&dimension=1&width=728&height=90&method=0&advertisers=&tags=
Requested by: Host: ad.lomadee.com
URL: https://ad.lomadee.com/banners/script.js?sourceId=35923256&dimension=1&height=90&width=728&method=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-81.dus51.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: 6352d5b72592fe9d9912b5d5c1a9a3e55723bf802c9a6802f757c1e6b22a43bf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://adds.livreuso.tk/

Response headers

content-type: text/html;charset=UTF-8
content-encoding: gzip
content-language: en-US
date: Thu, 10 Feb 2022 15:38:12 GMT
server: Apache-Coyote/1.1
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 cd8cc1ff175a63c59feeb56bb3687766.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: wBz9JyoH4olKCct0JK8CHSVj_IyQyXjJvM0uQ3c8BOoZG_WlTCUwig==

GET
H2 200 14250782581357425771
tpc.googlesyndication.com/simgad/ Frame 0721 7 KB
7 KB 188ms
70ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14250782581357425771?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qllflyrDBeWpWgNeLL4okwoxlb3KQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=60&twa=1&slotname=3804470934&adk=4040837863&adf=2203149399&pi=t.ma~as.3804470934&w=284&fwrn=4&fwrnh=100&lmt=1644507491&format=284x60&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&rh=60&rw=284&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644507491056&bpp=9&bdt=704&idt=364&shv=r20220208&mjsv=m202202030101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0&nras=1&correlator=4845398872052&frm=20&pv=1&ga_vid=26252996.1644507491&ga_sid=1644507491&ga_hid=1368860601&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=988&ady=16&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064716%2C31064733&oid=2&pvsid=3842056236427875&pem=934&tmod=412511344&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YPOW3x4ppt&p=https%3A//timedopovo.tk&dtd=379

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14d73457af5bcee8a2820cabb73e3f236982baa26747eb60c020415ea01f60d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 15:28:50 GMT
x-content-type-options: nosniff
age: 86962
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7323
x-xss-protection: 0
last-modified: Thu, 23 Jul 2020 02:03:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 09 Feb 2023 15:28:50 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0721 0
0 127ms
127ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnXU7YzEFYsrAII3uygWkv7TYCLGSq8FmgIvbg50MpOfy7ZUCEAEgkLzWG2DZAqAB0O7ryAPIAQKpAihqkFOzHqg-qAMByAPJBKoEzQFP0KRSPi40moJOFAtiAB87rxsqNz1cXCw1zeCBfZ9sllGHLqy9JD9ySH8E2Ky1N5U-4C9QMMG-FAc3kHwK_OgWaGII1CSeWQotw2qFE56DLcl1BzOQURUd2VPylMN2qH7B5clL1kzrUHEraial80uZz7xatM1CksKc0F6gQUHs3Ae3GcgF2MF4pF14kJcT1zSvtL4jZBbS1eGuRv241N5aiCWDUXdSVH1T_goo3KSCbNjPnIW7OOW2Swdt6vQUnx8AiilIWQsiS9cDdoknwASH6cahpAKSBQQIBBgBkgUECAUYBKAGAoAHmJGUN6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEIyuOtIIBwiAYRABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItOTM5NzU3Nzk3MDY5NDc2MhgA&sigh=Y9rSfCDElIo&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=60&twa=1&slotname=3804470934&adk=4040837863&adf=2203149399&pi=t.ma~as.3804470934&w=284&fwrn=4&fwrnh=100&lmt=1644507491&format=284x60&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&rh=60&rw=284&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644507491056&bpp=9&bdt=704&idt=364&shv=r20220208&mjsv=m202202030101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0&nras=1&correlator=4845398872052&frm=20&pv=1&ga_vid=26252996.1644507491&ga_sid=1644507491&ga_hid=1368860601&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=988&ady=16&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064716%2C31064733&oid=2&pvsid=3842056236427875&pem=934&tmod=412511344&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YPOW3x4ppt&p=https%3A//timedopovo.tk&dtd=379
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 10 Feb 2022 15:38:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 10 Feb 2022 15:38:12 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/ Frame 0721 19 KB
8 KB 164ms
53ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:36:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
server: cafe
etag: 7051432691878289762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 15:36:46 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/ 150 KB
53 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/reactive_library_fy2019.js?bust=31064716

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1cafcf2b3ed8226b5d67a0e6850325be44c2e293aabbcfb1aa7138119df97ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54417
x-xss-protection: 0
server: cafe
etag: 8992883226118480278
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Feb 2022 15:38:12 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 131ms
66ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=timedopovo.tk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Feb 2022 15:38:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 127ms
64ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=timedopovo.tk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Feb 2022 15:38:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D055 74 KB
30 KB 420ms
420ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=240&adk=4071009227&adf=2944978207&pi=t.aa~a.795276990~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1644507492&rafmt=1&to=qs&pwprc=3910530028&psa=0&format=300x240&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644507492024&bpp=1&bdt=1672&idt=-M&shv=r20220208&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a199bb22fadbc69-22b3b63739cd00a3%3AT%3D1644507491%3ART%3D1644507491%3AS%3DALNI_Ma3GNwb7kibqCQKnG7L14g6h29qdA&prev_fmts=0x0%2C284x60%2C1000x280&nras=2&correlator=4845398872052&frm=20&pv=1&ga_vid=26252996.1644507491&ga_sid=1644507491&ga_hid=1368860601&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064716%2C31064733&oid=2&pvsid=3842056236427875&pem=934&tmod=412511344&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=1TXw4vMJYn&p=https%3A//timedopovo.tk&dtd=15

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f77c5a08e1b1c6b74fa69a53c34044375c85184a963057fbbe06fa79ce30741

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 10 Feb 2022 15:38:12 GMT
server: cafe
content-length: 30881
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Feb 2022 15:38:12 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 678B 74 KB
30 KB 431ms
431ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=100&adk=702956917&adf=3434027193&pi=t.aa~a.1445354789~rp.1&w=540&fwrn=4&fwrnh=100&lmt=1644507492&rafmt=1&to=qs&pwprc=3910530028&psa=0&format=540x100&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644507492024&bpp=1&bdt=1672&idt=1&shv=r20220208&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a199bb22fadbc69-22b3b63739cd00a3%3AT%3D1644507491%3ART%3D1644507491%3AS%3DALNI_Ma3GNwb7kibqCQKnG7L14g6h29qdA&prev_fmts=0x0%2C284x60%2C1000x280%2C300x240&nras=3&correlator=4845398872052&frm=20&pv=1&ga_vid=26252996.1644507491&ga_sid=1644507491&ga_hid=1368860601&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=452&ady=1420&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064716%2C31064733&oid=2&pvsid=3842056236427875&pem=934&tmod=412511344&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=kJY6ZKxv45&p=https%3A//timedopovo.tk&dtd=18

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89a6f112fbf5c36b66fff90f641071fbc8be443cf77139c4c2d47ec430cc1a3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 10 Feb 2022 15:38:12 GMT
server: cafe
content-length: 31011
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Feb 2022 15:38:12 GMT
cache-control: private

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame 0721 2 KB
1 KB 127ms
67ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 15:34:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0721 124 KB
38 KB 189ms
71ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Feb 2022 15:38:12 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame 0721 15 KB
6 KB 121ms
61ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 15:30:05 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame 0721 28 KB
11 KB 168ms
108ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3b84e5e485619983c2f805dac6f3fde572d0c825c672d1a02f48af0149eea93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 08:48:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24553
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11662
x-xss-protection: 0
server: cafe
etag: 6226773659199191033
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 08:48:59 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/ Frame 7791 10 KB
5 KB 54ms
54ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Thu, 10 Feb 2022 04:17:51 GMT
expires: Thu, 24 Feb 2022 04:17:51 GMT
cache-control: public, max-age=1209600
age: 40821
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DA8F 143 B
163 B 55ms
54ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=60&twa=1&slotname=3804470934&adk=4040837863&adf=2203149399&pi=t.ma~as.3804470934&w=284&fwrn=4&fwrnh=100&lmt=1644507491&format=284x60&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&rh=60&rw=284&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644507491056&bpp=9&bdt=704&idt=364&shv=r20220208&mjsv=m202202030101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0&nras=1&correlator=4845398872052&frm=20&pv=1&ga_vid=26252996.1644507491&ga_sid=1644507491&ga_hid=1368860601&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=988&ady=16&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064716%2C31064733&oid=2&pvsid=3842056236427875&pem=934&tmod=412511344&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YPOW3x4ppt&p=https%3A//timedopovo.tk&dtd=379

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Thu, 10 Feb 2022 15:04:52 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 2000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css
fonts.googleapis.com/ Frame 74D4 6 KB
1 KB 180ms
63ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3432341997211165&output=html&h=280&slotname=8825380003&adk=3290701847&adf=215310249&pi=t.ma~as.8825380003&w=1000&fwrn=4&fwrnh=100&lmt=1644507491&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644507491066&bpp=4&bdt=714&idt=393&shv=r20220208&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C284x60&nras=1&correlator=4845398872052&frm=20&pv=2&ga_vid=26252996.1644507491&ga_sid=1644507491&ga_hid=1368860601&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=308&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064716%2C31064733&oid=2&pvsid=3842056236427875&pem=934&tmod=412511344&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&fsb=1&xpc=FQB9RBbdKQ&p=https%3A//timedopovo.tk&dtd=399

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 15:28:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 10 Feb 2022 15:38:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Feb 2022 15:38:12 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame 74D4 1 KB
875 B 156ms
91ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:20:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1075
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 15:20:17 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/ Frame 74D4 19 KB
8 KB 118ms
55ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
server: cafe
etag: 7051432691878289762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 15:34:20 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame 74D4 2 KB
1 KB 155ms
92ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 15:34:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 74D4 124 KB
38 KB 107ms
107ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Feb 2022 15:38:12 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame 74D4 15 KB
6 KB 125ms
61ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 15:36:21 GMT

GET
H2 200 ff20f166b0acb5bbc58563e896201b58.js Show response
www.gstatic.com/mysidia/ Frame 74D4 27 KB
12 KB 176ms
57ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ff20f166b0acb5bbc58563e896201b58.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60b6fb70c39877b90333526914dbc0d47052cd8c4c298c421aaee2f9d6b48bcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 05:35:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11452
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 06:53:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 10 May 2022 05:35:55 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 74D4 0
0 130ms
129ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIhlUYzEFYsi8H42G3wOuy6aoBujU1eBnnbeXz5gP2bqs644OEAEgkaG_E2DZAqABhYaeuAPIAQmoAwHIA8sEqgTJAU_QovY0bSeLAmMTwSUCseJooJCiaU2HiGWIpxO__KlvK_xU5fKAEGGuzif6aMdsoqlGnyM2q4YoS4fKlwkoPqk0XLuam673KBTZlG6B0hc_yArn3E_-DMEqFlUg4yOq2rrgFO40i3FyxctHyGhCywDWTY63UhVsUeuMamkeCLOF-CDZerJegrN9jvh8EUiB07CJHUAyjH1IfNn_OtgbwQILJVjjkbi5_XAvpkso2XFberSurGmBzAEVrtzjH1CMMPe-s8LZSc_z_MAEi83B3LYDkgUECAQYAZIFBAgFGASgBi6AB-2rqqUCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwUQlP39D9IIBwiAYRABGB-ACgHICwHYEw2IFAHQFQGAFwGyFxwKGggAEhRwdWItMzQzMjM0MTk5NzIxMTE2NRgA&sigh=DO2DjHikAgc&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3432341997211165&output=html&h=280&slotname=8825380003&adk=3290701847&adf=215310249&pi=t.ma~as.8825380003&w=1000&fwrn=4&fwrnh=100&lmt=1644507491&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644507491066&bpp=4&bdt=714&idt=393&shv=r20220208&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C284x60&nras=1&correlator=4845398872052&frm=20&pv=2&ga_vid=26252996.1644507491&ga_sid=1644507491&ga_hid=1368860601&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=308&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064716%2C31064733&oid=2&pvsid=3842056236427875&pem=934&tmod=412511344&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&fsb=1&xpc=FQB9RBbdKQ&p=https%3A//timedopovo.tk&dtd=399
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 10 Feb 2022 15:38:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14844937731233938484/ Frame 74D4 9 KB
9 KB 111ms
74ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14844937731233938484/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0264595944479b8172166d6c4bf5ca5c4ebd0886311f9ecd154d050026610752

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 15:28:50 GMT
x-content-type-options: nosniff
age: 86962
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9279
x-xss-protection: 0
last-modified: Tue, 15 Dec 2020 19:22:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 09 Feb 2023 15:28:50 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13638830731511120788/ Frame 74D4 493 B
520 B 105ms
68ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13638830731511120788/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a630cac1dcc430e57ea2663e8f6ec069e715cb938b838fb72adc0bf7a0b78ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 22:36:59 GMT
x-content-type-options: nosniff
age: 147673
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 493
x-xss-protection: 0
last-modified: Tue, 15 Dec 2020 19:22:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 08 Feb 2023 22:36:59 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 7791 4 KB
707 B 119ms
64ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 15:22:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 10 Feb 2022 15:38:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Feb 2022 15:38:12 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7791 205 B
294 B 117ms
57ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:32:29 GMT
x-content-type-options: nosniff
age: 343
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 10 Feb 2023 15:32:29 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7791 604 B
1 KB 116ms
56ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 11:56:50 GMT
x-content-type-options: nosniff
age: 13282
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 10 Feb 2023 11:56:50 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/elements/html/ Frame 7791 19 KB
8 KB 85ms
81ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a7b5f2e7e3fd51102d05b2706291210864e7890361d932311a18048073374ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8079
x-xss-protection: 0
server: cafe
etag: 5902764951541284931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 15:30:25 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DA8F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

119ms
118ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 10 Feb 2022 15:38:12 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Feb 2022 15:38:12 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 10 Feb 2022 15:38:12 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 85d094f35d4e2e17a1ceac785c60d4f8
ad.lomadee.com/banners/6826/ Frame 432B 45 KB
45 KB 65ms
64ms Image
image/png 18.66.248.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.lomadee.com/banners/6826/85d094f35d4e2e17a1ceac785c60d4f8
Requested by: Host: ad.lomadee.com
URL: https://ad.lomadee.com/banner/view?sourceId=35923256&dimension=1&width=728&height=90&method=0&advertisers=&tags=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-81.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb37a116c77f6c45e904778987eaf3197bc069af51f7d421f3e520785dc8667a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.lomadee.com/banner/view?sourceId=35923256&dimension=1&width=728&height=90&method=0&advertisers=&tags=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 04:00:46 GMT
via: 1.1 cd8cc1ff175a63c59feeb56bb3687766.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jan 2022 18:08:00 GMT
server: AmazonS3
age: 819447
etag: "c9100cde2699f0ffe9f72d342c56a6aa"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 46063
x-amz-cf-id: QWdXvMA0Rdx-MH90PpqqhEmVU9NZHVeIyu-mKglsXI1G9Qao89bRJQ==

GET analyze.js
statistcdn.com/ Frame 432B 0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 432B 49 KB
20 KB 171ms
53ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ad.lomadee.com
URL: https://ad.lomadee.com/banner/view?sourceId=35923256&dimension=1&width=728&height=90&method=0&advertisers=&tags=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.lomadee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 198
date: Thu, 10 Feb 2022 15:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 10 Feb 2022 17:34:54 GMT

GET
DATA 200
OK truncated
/ Frame 0721 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 790de302e4493c260c08c620935128fd87d6820e65183f1467dc7d17c5be79a7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 74D4 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bfcb8d31fa62c15f8d02af36e1c1ef315d2f6e824cf3e7d8514cc9f30449cec7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 5B71 8 KB
888 B 136ms
73ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 15:21:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 10 Feb 2022 15:38:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Feb 2022 15:38:12 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame 5B71 1 KB
875 B 55ms
55ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:20:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1075
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 15:20:17 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/ Frame 5B71 19 KB
8 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
server: cafe
etag: 7051432691878289762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 15:34:20 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame 5B71 2 KB
1 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 15:34:14 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5B71 124 KB
38 KB 145ms
75ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Feb 2022 15:38:12 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame 5B71 15 KB
6 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 15:36:21 GMT

GET
H3 200 6db0573cb067ea4557d3af56fc7062b8.js Show response
www.gstatic.com/mysidia/ Frame 5B71 28 KB
11 KB 134ms
63ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6db0573cb067ea4557d3af56fc7062b8.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a50761af47976acf2a9b1ed88cff6727c6c0fa4a18c2806a26f108c5268b4c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 10:18:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11678
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 09:43:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 11 May 2022 10:18:59 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 74D4 15 KB
16 KB 193ms
54ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 11:22:37 GMT
x-content-type-options: nosniff
age: 101735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 11:22:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 74D4 15 KB
16 KB 208ms
72ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 156617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 20:07:55 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 74D4 15 KB
15 KB 251ms
118ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 160703
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 18:59:49 GMT

GET
H3 200 10224440996963865604
tpc.googlesyndication.com/simgad/ Frame D055 31 KB
31 KB 67ms
67ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10224440996963865604?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlPOyekzLTwyHTdhVzRU0d7IiWWdw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=240&adk=4071009227&adf=2944978207&pi=t.aa~a.795276990~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1644507492&rafmt=1&to=qs&pwprc=3910530028&psa=0&format=300x240&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644507492024&bpp=1&bdt=1672&idt=-M&shv=r20220208&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a199bb22fadbc69-22b3b63739cd00a3%3AT%3D1644507491%3ART%3D1644507491%3AS%3DALNI_Ma3GNwb7kibqCQKnG7L14g6h29qdA&prev_fmts=0x0%2C284x60%2C1000x280&nras=2&correlator=4845398872052&frm=20&pv=1&ga_vid=26252996.1644507491&ga_sid=1644507491&ga_hid=1368860601&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064716%2C31064733&oid=2&pvsid=3842056236427875&pem=934&tmod=412511344&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=1TXw4vMJYn&p=https%3A//timedopovo.tk&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3861e2429c849c6542244b6f097f0fee86a9cf046a4086a5593651e8826e8bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:54:48 GMT
x-content-type-options: nosniff
age: 96204
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31262
x-xss-protection: 0
last-modified: Tue, 07 Jul 2020 03:23:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 09 Feb 2023 12:54:48 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/ Frame D055 19 KB
8 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
server: cafe
etag: 7051432691878289762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 15:34:20 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame D055 2 KB
1 KB 85ms
85ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 15:34:14 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D055 124 KB
38 KB 114ms
114ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Feb 2022 15:38:12 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame D055 15 KB
6 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 15:36:21 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame D055 28 KB
11 KB 86ms
86ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3b84e5e485619983c2f805dac6f3fde572d0c825c672d1a02f48af0149eea93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 08:48:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24553
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11662
x-xss-protection: 0
server: cafe
etag: 6226773659199191033
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 08:48:59 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D055 0
0 135ms
134ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CuLaPZDEFYsOHBsGlywW6iYjYDbGSq8Fm86y9xeALpOfy7ZUCEAEgkLzWG2DZAqAB0O7ryAPIAQKpAihqkFOzHqg-qAMByAPJBKoEyAFP0HGzUMIrmpKTDH5D14HeP4ZKPUY6GMIDgDVRd0COfFFISgTQAA4pgv5HHBmD7uVidgVG_RAOC9-p8y_uEZhKK1pc50lVNzF1GVhHrSSM5S9xNL0bLCupuFnb5oK-F_khGvbsrL3-0LVx-VUURArtrUklDBZn1q5Au9acQdwA1kQPrwrFIm3nY8hyxWoVc031jXMYL9O9ZwmHXTercB9LUDwSsEck21G603TwduzHgZ-6imgvjgTz422WPTM3ekQ7YnG29ccQy8AEh-nGoaQCkgUECAQYAZIFBAgFGASgBgKAB5iRlDeoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCt3hnSCAcIgGEQARgfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTkzOTc1Nzc5NzA2OTQ3NjIYAA&sigh=NPITOJlfuqA&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=240&adk=4071009227&adf=2944978207&pi=t.aa~a.795276990~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1644507492&rafmt=1&to=qs&pwprc=3910530028&psa=0&format=300x240&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644507492024&bpp=1&bdt=1672&idt=-M&shv=r20220208&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a199bb22fadbc69-22b3b63739cd00a3%3AT%3D1644507491%3ART%3D1644507491%3AS%3DALNI_Ma3GNwb7kibqCQKnG7L14g6h29qdA&prev_fmts=0x0%2C284x60%2C1000x280&nras=2&correlator=4845398872052&frm=20&pv=1&ga_vid=26252996.1644507491&ga_sid=1644507491&ga_hid=1368860601&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064716%2C31064733&oid=2&pvsid=3842056236427875&pem=934&tmod=412511344&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=1TXw4vMJYn&p=https%3A//timedopovo.tk&dtd=15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 10 Feb 2022 15:38:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 12877292939327145215
tpc.googlesyndication.com/simgad/ Frame 678B 12 KB
12 KB 155ms
155ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12877292939327145215?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmXxTlNyoUc9Ad8_tJsMTcFHhpYvA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=100&adk=702956917&adf=3434027193&pi=t.aa~a.1445354789~rp.1&w=540&fwrn=4&fwrnh=100&lmt=1644507492&rafmt=1&to=qs&pwprc=3910530028&psa=0&format=540x100&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644507492024&bpp=1&bdt=1672&idt=1&shv=r20220208&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a199bb22fadbc69-22b3b63739cd00a3%3AT%3D1644507491%3ART%3D1644507491%3AS%3DALNI_Ma3GNwb7kibqCQKnG7L14g6h29qdA&prev_fmts=0x0%2C284x60%2C1000x280%2C300x240&nras=3&correlator=4845398872052&frm=20&pv=1&ga_vid=26252996.1644507491&ga_sid=1644507491&ga_hid=1368860601&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=452&ady=1420&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064716%2C31064733&oid=2&pvsid=3842056236427875&pem=934&tmod=412511344&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=kJY6ZKxv45&p=https%3A//timedopovo.tk&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c6dd8a507bcd95e5baee20d673b22c98ba21b4969014970f0efbfdef3b034f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:12 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12106
x-xss-protection: 0
last-modified: Thu, 23 Jul 2020 02:03:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 10 Feb 2023 15:38:12 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/ Frame 678B 19 KB
8 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
server: cafe
etag: 7051432691878289762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 15:34:20 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame 678B 2 KB
1 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 15:34:14 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 678B 124 KB
38 KB 102ms
101ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Feb 2022 15:38:12 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame 678B 15 KB
6 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 15:36:21 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame 678B 28 KB
11 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3b84e5e485619983c2f805dac6f3fde572d0c825c672d1a02f48af0149eea93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 08:48:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24553
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11662
x-xss-protection: 0
server: cafe
etag: 6226773659199191033
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 08:48:59 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 678B 0
0 129ms
129ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CmsPWZDEFYtbHBsLBywWehqTwDbGSq8Fm8Izbg50MpOfy7ZUCEAEgkLzWG2DZAqAB0O7ryAPIAQKpAihqkFOzHqg-qAMByAPJBKoEzgFP0G2TksbgFriFYE6TGa-6mkfAnVUJMrmJprHjXu-z5ebmWAUKqEjbaxWAwLBhYcrmgu6c7--NsML-cr_z8_gbe0GIcD5C6yQBqWLq4za-IJ7EVncHvb5UGjmYign9SYdYDt4WzhcatwLBQOwj1JtONcOWlUVZy_pS5ot_J09uSZJN2WjFf6B0Y1ladbTY2aEmoeOVKAwyB1AhBPt9jRo_zdY5h1lD_-D_-5D8L9mpJvTJQc42IRdrHMRVBeFef74AxWSdO6xNvEXH_NvwqsAEh-nGoaQCkgUECAQYAZIFBAgFGASgBgKAB5iRlDeoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCyhArSCAcIgGEQARgfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTkzOTc1Nzc5NzA2OTQ3NjIYAA&sigh=DiDxOTUelRg&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=100&adk=702956917&adf=3434027193&pi=t.aa~a.1445354789~rp.1&w=540&fwrn=4&fwrnh=100&lmt=1644507492&rafmt=1&to=qs&pwprc=3910530028&psa=0&format=540x100&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644507492024&bpp=1&bdt=1672&idt=1&shv=r20220208&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a199bb22fadbc69-22b3b63739cd00a3%3AT%3D1644507491%3ART%3D1644507491%3AS%3DALNI_Ma3GNwb7kibqCQKnG7L14g6h29qdA&prev_fmts=0x0%2C284x60%2C1000x280%2C300x240&nras=3&correlator=4845398872052&frm=20&pv=1&ga_vid=26252996.1644507491&ga_sid=1644507491&ga_hid=1368860601&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=452&ady=1420&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064716%2C31064733&oid=2&pvsid=3842056236427875&pem=934&tmod=412511344&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=kJY6ZKxv45&p=https%3A//timedopovo.tk&dtd=18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 10 Feb 2022 15:38:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2D76 143 B
163 B 59ms
56ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=240&adk=4071009227&adf=2944978207&pi=t.aa~a.795276990~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1644507492&rafmt=1&to=qs&pwprc=3910530028&psa=0&format=300x240&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644507492024&bpp=1&bdt=1672&idt=-M&shv=r20220208&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a199bb22fadbc69-22b3b63739cd00a3%3AT%3D1644507491%3ART%3D1644507491%3AS%3DALNI_Ma3GNwb7kibqCQKnG7L14g6h29qdA&prev_fmts=0x0%2C284x60%2C1000x280&nras=2&correlator=4845398872052&frm=20&pv=1&ga_vid=26252996.1644507491&ga_sid=1644507491&ga_hid=1368860601&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064716%2C31064733&oid=2&pvsid=3842056236427875&pem=934&tmod=412511344&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=1TXw4vMJYn&p=https%3A//timedopovo.tk&dtd=15

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Thu, 10 Feb 2022 15:04:52 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 2000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 51EC 1 KB
749 B 60ms
58ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Thu, 10 Feb 2022 13:26:12 GMT
expires: Fri, 11 Feb 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 7920
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5542 143 B
163 B 65ms
54ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=100&adk=702956917&adf=3434027193&pi=t.aa~a.1445354789~rp.1&w=540&fwrn=4&fwrnh=100&lmt=1644507492&rafmt=1&to=qs&pwprc=3910530028&psa=0&format=540x100&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644507492024&bpp=1&bdt=1672&idt=1&shv=r20220208&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a199bb22fadbc69-22b3b63739cd00a3%3AT%3D1644507491%3ART%3D1644507491%3AS%3DALNI_Ma3GNwb7kibqCQKnG7L14g6h29qdA&prev_fmts=0x0%2C284x60%2C1000x280%2C300x240&nras=3&correlator=4845398872052&frm=20&pv=1&ga_vid=26252996.1644507491&ga_sid=1644507491&ga_hid=1368860601&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=452&ady=1420&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064716%2C31064733&oid=2&pvsid=3842056236427875&pem=934&tmod=412511344&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=kJY6ZKxv45&p=https%3A//timedopovo.tk&dtd=18

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Thu, 10 Feb 2022 15:04:52 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 2000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C4FF 1 KB
749 B 63ms
55ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Thu, 10 Feb 2022 13:26:12 GMT
expires: Fri, 11 Feb 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 7920
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0721 0
20 B 87ms
87ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?v=3&s=pagead&action=loadimgad&it=bdt.704,req.379,bpp.9,fb.912,e2e.1649,fs.384,reqs.419,ress.912,rese.955&srt=528&e=&id=csi_pagead&gqid=YzEFYpr5HsSArASdz5zQBQ&qqid=CIr-8-a79fUCFQ23sgodpB8Niw&rt=ol.737

Requested by

Host: timedopovo.tk
URL: https://timedopovo.tk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 15:38:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame D055 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86239f09335ef6841697b2918c97ebf17b74b01c425bb36f0e383f7bc60a2609

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 678B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d5e42889c3ad34064cca184d9e273a31a0c41e0c045f1a6b0aae9fea70dadd5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4sA8Ua-TyKNj3el8HacmjA-izpCmChALhgIgequxpOM.js Show response
pagead2.googlesyndication.com/bg/ Frame 66C2 35 KB
13 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4sA8Ua-TyKNj3el8HacmjA-izpCmChALhgIgequxpOM.js

Requested by

Host: timedopovo.tk
URL: https://timedopovo.tk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2c03c51af93c8a363dde97c1da7268c0fa2ce90a60a100b8602207aabb1a4e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13672
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Feb 2023 14:44:43 GMT

GET
H3 200 4sA8Ua-TyKNj3el8HacmjA-izpCmChALhgIgequxpOM.js Show response
pagead2.googlesyndication.com/bg/ Frame 4A5C 35 KB
13 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4sA8Ua-TyKNj3el8HacmjA-izpCmChALhgIgequxpOM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2c03c51af93c8a363dde97c1da7268c0fa2ce90a60a100b8602207aabb1a4e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13672
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Feb 2023 14:44:43 GMT

GET
H3 200 4sA8Ua-TyKNj3el8HacmjA-izpCmChALhgIgequxpOM.js Show response
pagead2.googlesyndication.com/bg/ Frame AA4B 35 KB
13 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4sA8Ua-TyKNj3el8HacmjA-izpCmChALhgIgequxpOM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2c03c51af93c8a363dde97c1da7268c0fa2ce90a60a100b8602207aabb1a4e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13672
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Feb 2023 14:44:43 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 51EC 35 B
463 B 199ms
62ms Image
image/gif 2620:116:800d:21:ee05:6a01:4b41:8c89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFjzpuRWoGDg68Shq2pqDTk&google_cver=1&google_push=AYg5qPIpKyPQWOkLgw262pjaeColunIygd6W8Oa2SGM1MZGSj3ZL2XEV7jP0vAvCcijLcDIA-7ui1NtH4M97xYuvBO2J-V3fZ5w

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 15:38:12 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 51EC
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESED8LJeAVhXz4mYxOiiHpOsQ&google_cver=1&google_push=AYg5qPIBdl2IJWR0_f4277E5K7H_5yMK4tdY_9TLqAPLj8PwIKN15zXdyPR0RoC8qzkk3RCq0ehTpkgDdpDTDmVo84OlwwefPw
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIBdl2IJWR0_f4277E5K7H_5yMK4tdY_9TLqAPLj8PwIKN15zXdyPR0RoC8qzkk3RCq0ehTpkgDdpDTDmVo84OlwwefPw&google_hm=Q0FFU0VEOExKZUFWaFh6NG1...

170 B
188 B

143ms
80ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIBdl2IJWR0_f4277E5K7H_5yMK4tdY_9TLqAPLj8PwIKN15zXdyPR0RoC8qzkk3RCq0ehTpkgDdpDTDmVo84OlwwefPw&google_hm=Q0FFU0VEOExKZUFWaFh6NG1ZeE9paUhwT3NR

Requested by

Host: timedopovo.tk
URL: https://timedopovo.tk/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 15:38:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 15:38:12 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIBdl2IJWR0_f4277E5K7H_5yMK4tdY_9TLqAPLj8PwIKN15zXdyPR0RoC8qzkk3RCq0ehTpkgDdpDTDmVo84OlwwefPw&google_hm=Q0FFU0VEOExKZUFWaFh6NG1ZeE9paUhwT3NR
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 51EC
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ntZdTt77T7y-DAmUjcVdkQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

82ms
82ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ntZdTt77T7y-DAmUjcVdkQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIsG5ASwhar7wUh7Yut6nQ8OeXgABy-tU136AxvTF8LLMnFYloKVN5kIFiISF-EVUOt-Rc4I6ANX1KTzP0oKX-oHvNXGbE

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 15:38:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ntZdTt77T7y-DAmUjcVdkQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIsG5ASwhar7wUh7Yut6nQ8OeXgABy-tU136AxvTF8LLMnFYloKVN5kIFiISF-EVUOt-Rc4I6ANX1KTzP0oKX-oHvNXGbE
date: Thu, 10 Feb 2022 15:38:12 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 51EC
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBdSCudOz2sN0lNCrimNuco&google_cver=1&google_push=AYg5qPJd0_50QW04gZw0cqBE7_v57y-WxPg087NIzZ7S2pZHLR07pbbppfmp4XzRHBM7rUo_Lus...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pINUFVTkEtQS1EVENQ&google_push=AYg5qPJd0_50QW04gZw0cqBE7_v57y-WxPg087NIzZ7S2pZHLR07pbbppfmp4XzRHBM7rUo_LusVJLzSadIJLuWI6Ro5J_Q4pg

170 B
188 B

145ms
81ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pINUFVTkEtQS1EVENQ&google_push=AYg5qPJd0_50QW04gZw0cqBE7_v57y-WxPg087NIzZ7S2pZHLR07pbbppfmp4XzRHBM7rUo_LusVJLzSadIJLuWI6Ro5J_Q4pg

Requested by

Host: timedopovo.tk
URL: https://timedopovo.tk/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 15:38:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pINUFVTkEtQS1EVENQ&google_push=AYg5qPJd0_50QW04gZw0cqBE7_v57y-WxPg087NIzZ7S2pZHLR07pbbppfmp4XzRHBM7rUo_LusVJLzSadIJLuWI6Ro5J_Q4pg
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 51EC
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHs...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHs...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHs...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHs...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHs...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHs...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHs...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHs...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHs...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHs...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHs...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHs...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHs...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHs...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHs...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHs...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHs...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHs...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHs...

0
0

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame 51EC 0
44 B 873ms
284ms Image
text/plain 13.115.149.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEAmUE1vsqUNEmVc3VvyColQ&google_cver=1&google_push=AYg5qPK1xggG89ohJsWAN2jfpqbe3R0_Pev-mPQ7mzMXPljF1cc0BK0uix4nDO6VO8mjOJW46H9BRpjFuxPKqKvDiSWo6YtiFg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=240&adk=4071009227&adf=2944978207&pi=t.aa~a.795276990~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1644507492&rafmt=1&to=qs&pwprc=3910530028&psa=0&format=300x240&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644507492024&bpp=1&bdt=1672&idt=-M&shv=r20220208&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a199bb22fadbc69-22b3b63739cd00a3%3AT%3D1644507491%3ART%3D1644507491%3AS%3DALNI_Ma3GNwb7kibqCQKnG7L14g6h29qdA&prev_fmts=0x0%2C284x60%2C1000x280&nras=2&correlator=4845398872052&frm=20&pv=1&ga_vid=26252996.1644507491&ga_sid=1644507491&ga_hid=1368860601&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064716%2C31064733&oid=2&pvsid=3842056236427875&pem=934&tmod=412511344&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=1TXw4vMJYn&p=https%3A//timedopovo.tk&dtd=15
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.115.149.166 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-115-149-166.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:13 GMT
server: awselb/2.0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 51EC
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEC5jpSc31anpzKX3OC6S5dY&google_cver=1&google_push=AYg5qPJ3lPOnQg9etK-dZcHw...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJ3lPOnQg9etK-dZcHwisypfi2xIkxyxBQS4eksnaGfziD6IGuq8jAIsicRzvyn0NdsU4Hz7ZIhb-yFXgtvlWoUZLL03hE&google_hm=

170 B
188 B

131ms
82ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJ3lPOnQg9etK-dZcHwisypfi2xIkxyxBQS4eksnaGfziD6IGuq8jAIsicRzvyn0NdsU4Hz7ZIhb-yFXgtvlWoUZLL03hE&google_hm=

Requested by

Host: timedopovo.tk
URL: https://timedopovo.tk/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 15:38:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Feb 2022 15:38:13 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJ3lPOnQg9etK-dZcHwisypfi2xIkxyxBQS4eksnaGfziD6IGuq8jAIsicRzvyn0NdsU4Hz7ZIhb-yFXgtvlWoUZLL03hE&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Wed, 09 Feb 2022 15:38:13 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 51EC 0
223 B 192ms
63ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KDjT46S0baqL84IPGpjfXWAO-YatnxUKowTNUGw0U4VQqmRZafSdp9H-CPgfDTIxGSj_bacQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2D76
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

148ms
147ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 10 Feb 2022 15:38:13 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Feb 2022 15:38:13 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 10 Feb 2022 15:38:13 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dpixel
cms.quantserve.com/ Frame C4FF 35 B
463 B 184ms
63ms Image
image/gif 2620:116:800d:21:ee05:6a01:4b41:8c89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMDKi_W--o4VQR0vzVb-KSw&google_cver=1&google_push=AYg5qPJLye44LPLB44cGPK97jJBdT0xJH49zgVhk5Y7j9SPNUi6FB4xlpQNMvF5VzvhlF5VSZ6YuzhVLEJscEGnpuY44ffaf5aqC

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 15:38:12 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C4FF
Redirect Chain

https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESEEWjWCJj-iMXJ4GaRz9xXtE&google_cver=1&google_push=AYg5qPLdsXVxK47RFuXBGYHaEf2whhFi4z0oVI9rWffEKf7Yoq6A596boCrgf0dj8AAoW8QBqWv9RNL06CUl-T8...
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=SUEUV-2vL7XskeI9DcVUdw&tap=gAds&google_gid=CAESEEWjWCJj-iMXJ4GaRz9xXtE&google_cver=1&google_push=AYg5qPLdsXVxK47RFuXBGYHaEf2whhFi4z0o...

170 B
188 B

80ms
80ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=SUEUV-2vL7XskeI9DcVUdw&tap=gAds&google_gid=CAESEEWjWCJj-iMXJ4GaRz9xXtE&google_cver=1&google_push=AYg5qPLdsXVxK47RFuXBGYHaEf2whhFi4z0oVI9rWffEKf7Yoq6A596boCrgf0dj8AAoW8QBqWv9RNL06CUl-T8j3jjQMIVol6M

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 15:38:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

strict-transport-security: max-age=7884000; includeSubDomains
via: HTTP/2.0 odnd
last-modified: Thu, 20 Jan 2022 19:51:32 GMT
date: Thu, 10 Feb 2022 15:38:13 GMT
content-type: text/plain; charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=SUEUV-2vL7XskeI9DcVUdw&tap=gAds&google_gid=CAESEEWjWCJj-iMXJ4GaRz9xXtE&google_cver=1&google_push=AYg5qPLdsXVxK47RFuXBGYHaEf2whhFi4z0oVI9rWffEKf7Yoq6A596boCrgf0dj8AAoW8QBqWv9RNL06CUl-T8j3jjQMIVol6M
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 0
x-tb: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C4FF
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJcSHdg...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJcSHdg...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAyMTAxNTM4MTMwMDAxNDI2NDgyNjQyOA%3D%3D&google_push=AYg5qPJcSHdgnA2YEkdZAzOKsfYJylbQ0QwCeH-5LoSz9fBUOIYf6MulSvgvXroIKcitFu...

170 B
188 B

83ms
82ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAyMTAxNTM4MTMwMDAxNDI2NDgyNjQyOA%3D%3D&google_push=AYg5qPJcSHdgnA2YEkdZAzOKsfYJylbQ0QwCeH-5LoSz9fBUOIYf6MulSvgvXroIKcitFuYvJThdbx6f4Syqlz1f8JKpJ6lOkpg

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 15:38:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAyMTAxNTM4MTMwMDAxNDI2NDgyNjQyOA%3D%3D&google_push=AYg5qPJcSHdgnA2YEkdZAzOKsfYJylbQ0QwCeH-5LoSz9fBUOIYf6MulSvgvXroIKcitFuYvJThdbx6f4Syqlz1f8JKpJ6lOkpg
pragma: no-cache
date: Thu, 10 Feb 2022 15:38:13 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Thu, 10 Feb 2022 15:38:13 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame C4FF 43 B
324 B 178ms
63ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESEFvgz_SQQaidXMT-vsC37lY&google_cver=1&google_push=AYg5qPI8B-zNlz1KbmaI8r-O_4c4Kz77-CtKE1f8oxck_EehIu28qAd9gwwiNm--C9cxrGIYXBT2SQQfVE38gc_2EKYNQa6uTjBY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=100&adk=702956917&adf=3434027193&pi=t.aa~a.1445354789~rp.1&w=540&fwrn=4&fwrnh=100&lmt=1644507492&rafmt=1&to=qs&pwprc=3910530028&psa=0&format=540x100&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644507492024&bpp=1&bdt=1672&idt=1&shv=r20220208&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a199bb22fadbc69-22b3b63739cd00a3%3AT%3D1644507491%3ART%3D1644507491%3AS%3DALNI_Ma3GNwb7kibqCQKnG7L14g6h29qdA&prev_fmts=0x0%2C284x60%2C1000x280%2C300x240&nras=3&correlator=4845398872052&frm=20&pv=1&ga_vid=26252996.1644507491&ga_sid=1644507491&ga_hid=1368860601&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=452&ady=1420&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064716%2C31064733&oid=2&pvsid=3842056236427875&pem=934&tmod=412511344&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=kJY6ZKxv45&p=https%3A//timedopovo.tk&dtd=18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 15:38:12 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C4FF
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0VQDJmqNSG-O6z6bIHZOaA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

82ms
81ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0VQDJmqNSG-O6z6bIHZOaA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK4lnTq4QlAU0HkIz4kmlvHuDe-wFrKZgT7t7KygWBIYYMaWYV935xZA-TS43B-btVCUPbckD34lphrzfEkkwPmDVDL9AR5

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 15:38:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0VQDJmqNSG-O6z6bIHZOaA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK4lnTq4QlAU0HkIz4kmlvHuDe-wFrKZgT7t7KygWBIYYMaWYV935xZA-TS43B-btVCUPbckD34lphrzfEkkwPmDVDL9AR5
date: Thu, 10 Feb 2022 15:38:13 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C4FF
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEP3I4WwqzkGl0oZhp_dAUPg&google_cver=1&google_push=AYg5qPLkyx0wEscMbZfSFcauO7mgP85dWGnWg8rfav0s5z59YhSqyVqTp9ktVx5YGjwb6KNXb2l...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pINUFVTkUtMU8tTEYxRA==&google_push=AYg5qPLkyx0wEscMbZfSFcauO7mgP85dWGnWg8rfav0s5z59YhSqyVqTp9ktVx5YGjwb6KNXb2lhcCLUUrqkvYZSu4YxrDTe1QM

170 B
188 B

145ms
82ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pINUFVTkUtMU8tTEYxRA==&google_push=AYg5qPLkyx0wEscMbZfSFcauO7mgP85dWGnWg8rfav0s5z59YhSqyVqTp9ktVx5YGjwb6KNXb2lhcCLUUrqkvYZSu4YxrDTe1QM

Requested by

Host: timedopovo.tk
URL: https://timedopovo.tk/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 15:38:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pINUFVTkUtMU8tTEYxRA==&google_push=AYg5qPLkyx0wEscMbZfSFcauO7mgP85dWGnWg8rfav0s5z59YhSqyVqTp9ktVx5YGjwb6KNXb2lhcCLUUrqkvYZSu4YxrDTe1QM
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame C4FF 0
43 B 858ms
284ms Image
text/plain 13.115.149.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEGt_Ia1yArzhIdrcvyQZjsA&google_cver=1&google_push=AYg5qPJv0i2Yb1wYwXznYI0PhGXHg_GXgYiLzDJTWn56Nr2a513DwotJUQknH0AKoiRoQ99V0m6Z3zgK6etuLEIECtPn-aQnF0E6
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=100&adk=702956917&adf=3434027193&pi=t.aa~a.1445354789~rp.1&w=540&fwrn=4&fwrnh=100&lmt=1644507492&rafmt=1&to=qs&pwprc=3910530028&psa=0&format=540x100&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644507492024&bpp=1&bdt=1672&idt=1&shv=r20220208&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a199bb22fadbc69-22b3b63739cd00a3%3AT%3D1644507491%3ART%3D1644507491%3AS%3DALNI_Ma3GNwb7kibqCQKnG7L14g6h29qdA&prev_fmts=0x0%2C284x60%2C1000x280%2C300x240&nras=3&correlator=4845398872052&frm=20&pv=1&ga_vid=26252996.1644507491&ga_sid=1644507491&ga_hid=1368860601&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=452&ady=1420&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064716%2C31064733&oid=2&pvsid=3842056236427875&pem=934&tmod=412511344&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=kJY6ZKxv45&p=https%3A//timedopovo.tk&dtd=18
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.115.149.166 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-115-149-166.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:13 GMT
server: awselb/2.0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame C4FF 0
49 B 177ms
63ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jf9zKEixf6HdiU_XT7jzb1ES5Wjc5pV5rt4a7violNbGQdQFiz354G7qDR7KzueWltsRiE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4sA8Ua-TyKNj3el8HacmjA-izpCmChALhgIgequxpOM.js Show response
pagead2.googlesyndication.com/bg/ Frame 87BF 35 KB
13 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4sA8Ua-TyKNj3el8HacmjA-izpCmChALhgIgequxpOM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2c03c51af93c8a363dde97c1da7268c0fa2ce90a60a100b8602207aabb1a4e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13672
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Feb 2023 14:44:43 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5542
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

106ms
105ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 10 Feb 2022 15:38:13 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Feb 2022 15:38:13 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 10 Feb 2022 15:38:13 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 4sA8Ua-TyKNj3el8HacmjA-izpCmChALhgIgequxpOM.js Show response
pagead2.googlesyndication.com/bg/ Frame 3C92 35 KB
13 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4sA8Ua-TyKNj3el8HacmjA-izpCmChALhgIgequxpOM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2c03c51af93c8a363dde97c1da7268c0fa2ce90a60a100b8602207aabb1a4e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13672
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Feb 2023 14:44:43 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 133ms
70ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220208&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68edf546c971f8a8a8201bf5b647e9e4ac4073e7d0f0eeec70b1d27f441730b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Feb 2022 15:38:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9924
x-xss-protection: 0

GET
H2 200 like_box.php Show response
www.facebook.com/plugins/ Frame 26FD 46 KB
17 KB 455ms
337ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e1ee4337e1164%26domain%3Dtimedopovo.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftimedopovo.tk%252Ff347308676e0aa%26relation%3Dparent.parent&color_scheme=light&container_width=300&header=true&height=300&href=https%3A%2F%2Fwww.facebook.com%2Ftimedopovonews%3Fref%3Dhl&locale=pt_BR&sdk=joey&show_border=true&show_faces=true&stream=false&width=300

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/all.js?hash=a472a659b24d62d3242205f9fd66d2ea

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c3953d216f3748d0ac73f89e8c4d3e04dbb3b044777932b5d542544a81095254

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 6yPs5T+9lLgPApX1YhaPA/xUJnJaT1eMlMFHVldEqyFIrUO+Yh3ZnNlI5ZCUOeFg7z82KtSS/Ef5xuYmHNSNtA==
date: Thu, 10 Feb 2022 15:38:13 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0721 42 B
64 B 92ms
91ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssV-bt-G5j3iKa2OepeYeuUbtpx39VDQP5BzEIHM3jZPapSn1N_QMTwj8e6KO2-QdcEFvTcDBOaCiFuZq-X1WH2Ibjib_qarNGTOwDFGU2XBbvPSmA&sai=AMfl-YQEGmfT6M440a2gKcbho5amyLtheyPg9QpcPIClcaEd-JPd_mcT5G8BEFlW9q8jHrJhaR3Z21QH18Zu&sig=Cg0ArKJSzIra7H2sIZAuEAE&id=lidar2&mcvt=1000&p=0,0,47,284&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220209&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=4040837863&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644507491440&rpt=901&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 15:38:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Feb 2022 15:38:13 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DEC9 13 KB
5 KB 55ms
55ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Feb 2022 15:37:12 GMT
expires: Fri, 10 Feb 2023 15:37:12 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 61
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 509C 783 B
533 B 65ms
65ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e04a04dd531e905c22f6e1121a26f36133284c6f7c84e9b50f451671e594425a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tglJZ8g7fPyRI/7/DyAkdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 10 Feb 2022 15:38:13 GMT
date: Thu, 10 Feb 2022 15:38:13 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-tglJZ8g7fPyRI/7/DyAkdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 4sA8Ua-TyKNj3el8HacmjA-izpCmChALhgIgequxpOM.js Show response
pagead2.googlesyndication.com/bg/ Frame DEC9 35 KB
13 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4sA8Ua-TyKNj3el8HacmjA-izpCmChALhgIgequxpOM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2c03c51af93c8a363dde97c1da7268c0fa2ce90a60a100b8602207aabb1a4e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3210
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13672
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Feb 2023 14:44:43 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 509C 0
0 96ms
96ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220208&jk=3842056236427875&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DEC9 0
9 B 54ms
54ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?d4A7FQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:38:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 3eISSfQWB8r.css
www.facebook.com/rsrc.php/v3/yN/l/0,cross/ Frame 26FD 22 KB
5 KB 202ms
141ms Stylesheet
text/css 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yN/l/0,cross/3eISSfQWB8r.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e1ee4337e1164%26domain%3Dtimedopovo.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftimedopovo.tk%252Ff347308676e0aa%26relation%3Dparent.parent&color_scheme=light&container_width=300&header=true&height=300&href=https%3A%2F%2Fwww.facebook.com%2Ftimedopovonews%3Fref%3Dhl&locale=pt_BR&sdk=joey&show_border=true&show_faces=true&stream=false&width=300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

01a6591d0267bede38ca3421801e22ecaf08e51100267cccd10973d16f79d448

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e1ee4337e1164%26domain%3Dtimedopovo.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftimedopovo.tk%252Ff347308676e0aa%26relation%3Dparent.parent&color_scheme=light&container_width=300&header=true&height=300&href=https%3A%2F%2Fwww.facebook.com%2Ftimedopovonews%3Fref%3Dhl&locale=pt_BR&sdk=joey&show_border=true&show_faces=true&stream=false&width=300
Origin: https://www.facebook.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 15:38:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ElRbBEBbkimEbWxjKsxGBQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 5396
x-fb-rlafr: 0
x-fb-debug: uIaD1VjbKSAGJC/o4K/0LlsrBZjp0vbbki080BNvo2GkRDPx3SeV/Pncwy51J9Hspx4ClXvJABIbQxA9kblP+g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 09 Feb 2023 15:38:37 GMT

GET
H3 200 FPdNN1TK3wJ.css
www.facebook.com/rsrc.php/v3/yF/l/0,cross/ Frame 26FD 2 KB
869 B 174ms
114ms Stylesheet
text/css 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yF/l/0,cross/FPdNN1TK3wJ.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a33a18d3ade364ae94fdc88f786c869ff8b45cae9bf98f2e2a16dd1459d98cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e1ee4337e1164%26domain%3Dtimedopovo.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftimedopovo.tk%252Ff347308676e0aa%26relation%3Dparent.parent&color_scheme=light&container_width=300&header=true&height=300&href=https%3A%2F%2Fwww.facebook.com%2Ftimedopovonews%3Fref%3Dhl&locale=pt_BR&sdk=joey&show_border=true&show_faces=true&stream=false&width=300
Origin: https://www.facebook.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:03:20 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qki4Wy05mlz5CwH9oqDKag==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 815
x-fb-rlafr: 0
x-fb-debug: mlvBkj1HLXFIw2YLz+kGqGzB9X+b8W2srkg94Og/WuGb1sIcmersS/AyICtZGRU5IucrRxZ6ZhC9F0Qe+i/HIA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=0
expires: Tue, 07 Feb 2023 14:03:20 GMT

GET
H3 200 mKJTiHBQduW.js Show response
www.facebook.com/rsrc.php/v3/yf/r/ Frame 26FD 307 KB
82 KB 179ms
119ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yf/r/mKJTiHBQduW.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8cec5a85f5192ba77b4182d2202148e870ce6623bc972921796e56b5b03dfdae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e1ee4337e1164%26domain%3Dtimedopovo.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftimedopovo.tk%252Ff347308676e0aa%26relation%3Dparent.parent&color_scheme=light&container_width=300&header=true&height=300&href=https%3A%2F%2Fwww.facebook.com%2Ftimedopovonews%3Fref%3Dhl&locale=pt_BR&sdk=joey&show_border=true&show_faces=true&stream=false&width=300
Origin: https://www.facebook.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 01:51:17 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uMLVCLppfmRFecrjoMVgfQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 84346
x-fb-rlafr: 0
x-fb-debug: dB7dOXuCMs+JBwLSIxbhiS8Ct+IMgHmA3wktpSfHTArbxQCIcINpBvQK7krdItJFk0jMOARVZmOlBcnV24ABLA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 09 Feb 2023 01:51:17 GMT

GET
H3 200 GG1Y0sYc7My.js Show response
www.facebook.com/rsrc.php/v3/yv/r/ Frame 26FD 5 KB
2 KB 178ms
118ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

de934a085817710cb3bbd98d33e5b0c91709425d89eada2a2c55909c8b3443de

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e1ee4337e1164%26domain%3Dtimedopovo.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftimedopovo.tk%252Ff347308676e0aa%26relation%3Dparent.parent&color_scheme=light&container_width=300&header=true&height=300&href=https%3A%2F%2Fwww.facebook.com%2Ftimedopovonews%3Fref%3Dhl&locale=pt_BR&sdk=joey&show_border=true&show_faces=true&stream=false&width=300
Origin: https://www.facebook.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:10:26 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: yJ9Wq2491L53MWugs2kUlg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 1642
x-fb-rlafr: 0
x-fb-debug: PGqGmi0fEUPEpFD/vlVyHFAs1esH3GI4XmHNXQEWs1fStzqB6k10KXI7tMXty02FMC6ZK4jSV5oig/YZWIlnNg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 09 Feb 2023 20:10:26 GMT

GET
H3 200 VSW8dUTDzHM.js Show response
www.facebook.com/rsrc.php/v3/yW/r/ Frame 26FD 42 KB
13 KB 119ms
59ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yW/r/VSW8dUTDzHM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b6c87e34a8918cb44cdba9606325887a96848b71f27e710a1cdc75ba7fa34cb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e1ee4337e1164%26domain%3Dtimedopovo.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftimedopovo.tk%252Ff347308676e0aa%26relation%3Dparent.parent&color_scheme=light&container_width=300&header=true&height=300&href=https%3A%2F%2Fwww.facebook.com%2Ftimedopovonews%3Fref%3Dhl&locale=pt_BR&sdk=joey&show_border=true&show_faces=true&stream=false&width=300
Origin: https://www.facebook.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 00:08:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ukQOwxilElpixKXcZMuJVA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 13584
x-fb-rlafr: 0
x-fb-debug: XlOQwkaGG8EUN57+13HZvk0mromw5WoQqnl3OK+W2QnTf3okMbE3p+uCcCk6jWRMAQX+VRQKdmg0uIEG+GEBiA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 08 Feb 2023 00:08:32 GMT

GET
H3 200 SLy7pE8vFGA.js Show response
www.facebook.com/rsrc.php/v3/yo/r/ Frame 26FD 46 KB
15 KB 117ms
58ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yo/r/SLy7pE8vFGA.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

da54edd8d6d14d7439a764a84f70518dfebda99ba0e4cb7b034f3f09857e98b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e1ee4337e1164%26domain%3Dtimedopovo.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftimedopovo.tk%252Ff347308676e0aa%26relation%3Dparent.parent&color_scheme=light&container_width=300&header=true&height=300&href=https%3A%2F%2Fwww.facebook.com%2Ftimedopovonews%3Fref%3Dhl&locale=pt_BR&sdk=joey&show_border=true&show_faces=true&stream=false&width=300
Origin: https://www.facebook.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 02:58:56 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: cuqbI/7YL5AZ6eHjnHtNCA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 14900
x-fb-rlafr: 0
x-fb-debug: LXnm2eR5+MxdgnuJvrh3jJRxiDtnJYvOAS5DQEvzw4Symj2y0bNJMLFyoGddBsE++OxZ+N1t6cFJ/bc69D7N+w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 10 Feb 2023 02:58:56 GMT

GET
H3 200 x9ZrO_yAkJs.js Show response
www.facebook.com/rsrc.php/v3iM-F4/yr/l/pt_BR/ Frame 26FD 82 KB
22 KB 174ms
115ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iM-F4/yr/l/pt_BR/x9ZrO_yAkJs.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fe46dda386757ac75fe68f7b274d2294a7780e9df2f4ca3b280dd43df7152cd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e1ee4337e1164%26domain%3Dtimedopovo.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftimedopovo.tk%252Ff347308676e0aa%26relation%3Dparent.parent&color_scheme=light&container_width=300&header=true&height=300&href=https%3A%2F%2Fwww.facebook.com%2Ftimedopovonews%3Fref%3Dhl&locale=pt_BR&sdk=joey&show_border=true&show_faces=true&stream=false&width=300
Origin: https://www.facebook.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 02:24:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: JO+S22acG4SYBlkaynnUEA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 22968
x-fb-rlafr: 0
x-fb-debug: v0jOOCDDBpAJYiA9fWz7EuH5URHfpOUgxOG0wE4a5Q1ob4W+Vx1+0Lz3wKAVL4O/heNEZJ8W2bJFl8tFkYgEjQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Fri, 10 Feb 2023 02:24:57 GMT

GET
H2 200 162126389_377230966935912_1257415983679306562_n.jpg
scontent.xx.fbcdn.net/v/t1.6435-9/p173x172/ Frame 26FD 5 KB
5 KB 58ms
58ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t1.6435-9/p173x172/162126389_377230966935912_1257415983679306562_n.jpg?_nc_cat=104&ccb=1-5&_nc_sid=dd9801&_nc_ohc=xe1pCaybucgAX9lbZvA&_nc_ht=scontent.xx&edm=ANSO7JkEAAAA&oh=00_AT95yTke8iQC_HAccKyvwFb3z8rAsptQkWxkGgb2QWj8_w&oe=622C66FA
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e1ee4337e1164%26domain%3Dtimedopovo.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftimedopovo.tk%252Ff347308676e0aa%26relation%3Dparent.parent&color_scheme=light&container_width=300&header=true&height=300&href=https%3A%2F%2Fwww.facebook.com%2Ftimedopovonews%3Fref%3Dhl&locale=pt_BR&sdk=joey&show_border=true&show_faces=true&stream=false&width=300
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: d8579af2c54f11352abb915b550533c1044a3a829dab28308a9b2ecd930ef7c0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-haystack-needlechecksum: 1547564174
date: Thu, 10 Feb 2022 15:38:14 GMT
x-fb-trip-id: 686109401
last-modified: Fri, 19 Mar 2021 05:15:20 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2076410692
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 305900824
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 5082

GET
H2 200 162390066_377230960269246_6419053152677816258_n.jpg
scontent.xx.fbcdn.net/v/t1.6435-1/cp0/p50x50/ Frame 26FD 2 KB
2 KB 59ms
58ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t1.6435-1/cp0/p50x50/162390066_377230960269246_6419053152677816258_n.jpg?_nc_cat=105&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=Jqz_CFRbpwYAX84gka0&_nc_ht=scontent.xx&edm=ANSO7JkEAAAA&oh=00_AT9BAc9jSVhlJnRbTXXyVnq6OiSdqvSVb9so-wj0KupF8A&oe=622C07C0
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e1ee4337e1164%26domain%3Dtimedopovo.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftimedopovo.tk%252Ff347308676e0aa%26relation%3Dparent.parent&color_scheme=light&container_width=300&header=true&height=300&href=https%3A%2F%2Fwww.facebook.com%2Ftimedopovonews%3Fref%3Dhl&locale=pt_BR&sdk=joey&show_border=true&show_faces=true&stream=false&width=300
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 7036fa2f8a7ef682e0080e3ea8dc0ead49e3c803a76d73a70a927eefb3174ad6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-haystack-needlechecksum: 3854558068
date: Thu, 10 Feb 2022 15:38:14 GMT
x-fb-trip-id: 686109401
last-modified: Fri, 19 Mar 2021 05:15:20 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=269961139
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2642312792
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1692

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 74D4 42 B
64 B 90ms
90ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssbnBqqz12mtEP-NRta4oTavZLd0PfTVneRcdfvw9rP5-OsZhEIr4VikDg6dj2glGmjkp_-N35L4XWQejLzHy6e0hyCaWgOCk0ATeU9mA52JXmOHsQ&sai=AMfl-YS9Yrdhan6IMcUwubpRZmA_WTL_HlFc8ypXOwjiwvB4LnwJPscgtGQn-SIljPODZGNtp1rXm-MAQ3vu&sig=Cg0ArKJSzM1IKppSvsNAEAE&id=lidar2&mcvt=1000&p=0,0,280,1000&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220209&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3290701847&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644507491467&rpt=1272&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 15:38:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 SQZZiMWhOLh.png
www.facebook.com/rsrc.php/v3/yH/r/ Frame 26FD 767 B
819 B 57ms
57ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/yH/r/SQZZiMWhOLh.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yN/l/0,cross/3eISSfQWB8r.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

818ce38e548c8222a2d3d31e6739658683964f9233ae770d41a918ead12001bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.facebook.com/rsrc.php/v3/yN/l/0,cross/3eISSfQWB8r.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 16:08:23 GMT
x-content-type-options: nosniff
content-md5: 7Ob9foDk+QbAEt4lrnDs0w==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 767
x-fb-rlafr: 0
x-fb-debug: c/JPIq1ut0HXAiVFsCPrCpYpj0IUsORTpkm+dEFa7zNTshw/e8EaijhKZexFFPlgGB7CvGHLZtlN76dbg5MRiw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 07 Feb 2023 16:08:23 GMT

GET
H3 200 RHKJlxaGsHb.js Show response
www.facebook.com/rsrc.php/v3/yV/r/ Frame 26FD 22 KB
7 KB 59ms
58ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yV/r/RHKJlxaGsHb.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yf/r/mKJTiHBQduW.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dc661afb221b1ae218aaa434df4f88bbed344ad25d9fd957d7ec777b065fd3c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e1ee4337e1164%26domain%3Dtimedopovo.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftimedopovo.tk%252Ff347308676e0aa%26relation%3Dparent.parent&color_scheme=light&container_width=300&header=true&height=300&href=https%3A%2F%2Fwww.facebook.com%2Ftimedopovonews%3Fref%3Dhl&locale=pt_BR&sdk=joey&show_border=true&show_faces=true&stream=false&width=300
Origin: https://www.facebook.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 12:33:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: FmPm6VCKw7i/aIOayuZ4lw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 7135
x-fb-rlafr: 0
x-fb-debug: bsnAosv3AiomLyBkKE+uiQNcOvp84WS5kG93oKTAw0Qxb7D2cpTqo2t1GfQLpVZHGB2eh2exsle5Lei83xIbzQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 05 Feb 2023 12:33:54 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 96ms
95ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220208&jk=3842056236427875&bg=!kJOlk9fNAAbS3PJy0tw7ACkAdvg8WlPwxT0iBcQUhmDVQ0SFlNXCGthrYABtYE4UbN_5EzeLML7DoAIAAABiUgAAAAJoAQcKAJIyfloxEwQkARnXhuUVzaEocOreGhB_Ev7UL7FQolZOyqi4cmn7lqooZXgkro79OGZrzqp7rmFSd0FHOwYJggF5kxUoxKiK0GkEB8YK35rK8s5CHtDhdS_ilz4nTZT86XJ0RCVz-wiTBM-hKuHlBTHBe7QGyUzTc7BMm480VV_AVX0jDplSgBxu5bU20qsDmC-nfpkCiafyfdJXHEbDKXKz-CwEpKjP61KGT6yU6tGu_kcWWrdyzRoB78fIhD-agdoNXqmD4hFuxWSeEefqmaIfzz_dypwaFwvZno20oP4tGfJaubi6GvvIHseZUsvJ34p1MZIHyX1ac44cOGj9ctHPoIcUsBox5S_yi8KRoahBsQWiNIZfTuW34egV5c98htczFQQ0LnwjMie6U4NPq39Eel-2qDutl7fZPmV_vxsijoQ8yepOWvEdTpM35QUN0OHiZNE6gSuqOL7zxxedKRE2m6yMvK7ra2nD2vnD3WNVUb_atR71P3amVvICD_T8U1xJt5vmQGm9Z0SacxqGz1UIKxelOp-zv10Mhdyj_c3zb2-ecqGr_cEf5By3QyosHzAaSwjcYTfclVaGswuZUPI6N-lvcQ8TdfTL47at_hoU8PWPr3hCF6VpYYCW-genANxOQCpLs3E2e9BmtBWBsB67HMvGYu5qdb47Znje9XRfaaeg_28tliOaO-I5rGCs4qpFa3NHdbAHAKKZ-sCgtbLE1Y6MGONYhjtHN1ng0JCtWQdQMUaWtx9yfPpuMflTLg38ax6YY8upfUoghq5aV0o_Itbkd9Ub8By2oBwDd9txX_YoKipRbqspnxhrZXSh3Val8fwPM83deSZDiw3BBTZy8hRzh38mG9GaJvp5QEwriK7NaFM6jC3k3T5uXhDrG0cyo5qHaLpG9kjbLmyKfv2_06MjHZPeV1Prbv6XRORJ-O7R11wx4JpmmKXD6XpClfLmfnn8iSXtIYYmC10uWsz7TF8ZGxe59NRYNnborYPgYoO385VE2QuvIEDxPD3H7c_ypT50NcnYSWFD3HPb0S0lIPIkV5bQXehM2hIpiKI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 15:38:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.com
URL: http://www.google.com/cse/query_renderer.js

Domain: www.google.com
URL: http://www.google.com/cse/api/partner-pub-3432341997211165/cse/6624308046/queries/js?oe=ISO-8859-1&callback=(new+PopularQueryRenderer(document.getElementById(%22queries%22))).render

Domain: www.google.com
URL: http://www.google.com/afsonline/show_afs_search.js

Domain: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Domain: www.google.com.br
URL: http://www.google.com.br/coop/cse/brand?form=cse-search-box&lang=pt

Domain: statistcdn.com
URL: https://statistcdn.com/analyze.js?typeId=f

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHsOBeBzq0YIf8oNnsZRuS0735a2tGRS3tQA3QlBx15yybiSBQ&google_cver=1

Verdicts & Comments Add Verdict or Comment

185 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.timedopovo.tk/	1970-01-20 18:19:39	Name: __utma Value: 204431381.26252996.1644507491.1644507491.1644507491.1
.timedopovo.tk/	1969-12-31 23:59:59	Name: __utmc Value: 204431381
.timedopovo.tk/	1970-01-20 05:11:15	Name: __utmz Value: 204431381.1644507491.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.timedopovo.tk/	1970-01-20 00:48:28	Name: __utmt Value: 1
.timedopovo.tk/	1970-01-20 00:48:29	Name: __utmb Value: 204431381.1.10.1644507491
.timedopovo.tk/	1970-01-20 10:10:03	Name: __gads Value: ID=7a199bb22fadbc69-22b3b63739cd00a3:T=1644507491:RT=1644507491:S=ALNI_Ma3GNwb7kibqCQKnG7L14g6h29qdA
.doubleclick.net/	1970-01-20 18:19:39	Name: IDE Value: AHWqTUkOPEYKH4Mdeu0Z8qDFqlvsC3Q18h_7EPcIjvcG4LEsfus_cugPi45_sNRM5uY
.doubleclick.net/	1970-01-20 00:48:31	Name: DSID Value: NO_DATA
.quantserve.com/	1970-01-20 02:58:03	Name: d Value: EAkBCQG0JYEA
.quantserve.com/	1970-01-20 10:18:41	Name: mc Value: 62053164-f11a0-67db7-776f3
.casalemedia.com/	1970-01-20 09:34:03	Name: CMID Value: YgUxZZ7MyET3XWk3-F7DXwAA
.casalemedia.com/	1970-01-20 02:58:03	Name: CMPS Value: 1839
.agkn.com/	1970-01-20 09:34:03	Name: ab Value: 0001%3AoJUxMX3X91gCGJ9Q4mhspOsOudBGupx3
.agkn.com/	1970-01-20 09:34:03	Name: u Value: C\|0CEApl-3lKZft5QAAAAAAAQ13AQCAAQpAAAAAAA
.e.dlx.addthis.com/	1970-01-20 10:18:41	Name: na_tc Value: Y
.casalemedia.com/	1970-01-20 02:58:03	Name: CMPRO Value: 653
.casalemedia.com/	1970-01-20 00:49:53	Name: CMST Value: YgUxZWIFMWUA
.addthis.com/	1970-01-20 10:18:41	Name: na_id Value: 2022021015381300014264826428
.addthis.com/	1970-01-20 10:18:41	Name: na_tc Value: Y
.addthis.com/	1970-01-20 10:18:41	Name: uid Value: 62053165d07e04be
.addthis.com/	1970-01-20 10:18:41	Name: ouid Value: 620531650001f75517751bee6cf0b2caac7f768cc890051e5539
.dlx.addthis.com/	1970-01-20 01:31:39	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 01:31:39	Name: na_sr Value: 20220210
.dlx.addthis.com/	1970-01-20 00:48:27	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 01:31:39	Name: na_sc_e Value: 0
.pubmatic.com/	1970-01-20 00:49:53	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 02:58:03	Name: KADUSERCOOKIE Value: 9ED65D4E-DEFB-4FBC-BE0C-09948DC55D91

31 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/logotdp.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/wp-content/themes/crystalhosting/images/vercompleto.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/wp-content/themes/crystalhosting/images/vercompleto.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/wp-content/themes/crystalhosting/images/vercompleto.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/wp-content/themes/crystalhosting/images/vercompleto.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/wp-content/themes/crystalhosting/images/vercompleto.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/wp-content/themes/crystalhosting/images/vercompleto.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/wp-content/themes/crystalhosting/images/vercompleto.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/wp-content/themes/crystalhosting/images/vercompleto.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/escudo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/(Line 367) Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/logotdp.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure script 'http://www.google.com/cse/query_renderer.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure script 'http://www.google.com/cse/api/partner-pub-3432341997211165/cse/6624308046/queries/js?oe=ISO-8859-1&callback=(new+PopularQueryRenderer(document.getElementById(%22queries%22))).render'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure script 'http://www.google.com/afsonline/show_afs_search.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure script 'http://pagead2.googlesyndication.com/pagead/show_ads.js'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/wp-content/themes/crystalhosting/images/vercompleto.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/wp-content/themes/crystalhosting/images/vercompleto.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/wp-content/themes/crystalhosting/images/vercompleto.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/wp-content/themes/crystalhosting/images/vercompleto.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/wp-content/themes/crystalhosting/images/vercompleto.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/wp-content/themes/crystalhosting/images/vercompleto.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/wp-content/themes/crystalhosting/images/vercompleto.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/wp-content/themes/crystalhosting/images/vercompleto.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/escudo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://timedopovo.tk/ Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure script 'http://www.google.com.br/coop/cse/brand?form=cse-search-box&lang=pt'. This request has been blocked; the content must be served over HTTPS.
javascript	warning	URL: https://timedopovo.tk/(Line 811) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://adds.livreuso.tk/anuncios//show.php?z=29&j=1&code=1644507491084, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://timedopovo.tk/(Line 811) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://adds.livreuso.tk/anuncios//show.php?z=29&j=1&code=1644507491084, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	warning	URL: https://timedopovo.tk/(Line 847) Message: Mixed Content: The page at 'https://timedopovo.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.timedopovo.tk/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://statistcdn.com/analyze.js?typeId=f Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgUxZZ7MyET3XWk3_F7DXwAAAo0AAAAB&google_gid=CAESEKZtBHWIZc2IZWBS3YxkOQk&google_push=AYg5qPLI9GsnQspaa1B8vErxP-CtuvH0mNOhEe5ZWAuS92fpZHsOBeBzq0YIf8oNnsZRuS0735a2tGRS3tQA3QlBx15yybiSBQ&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.lomadee.com
adds.livreuso.tk
adservice.google.com
adservice.google.de
beacon.walmart.com
cc.adingo.jp
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
d.agkn.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
image6.pubmatic.com
indexanetwork.go2cloud.org
media.go2speed.org
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
scontent.xx.fbcdn.net
sp-ao.shortpixel.ai
ssl.google-analytics.com
statistcdn.com
timedopovo.tk
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.br
www.googletagservices.com
www.gstatic.com
www.timedopovo.tk
cm.g.doubleclick.net
pagead2.googlesyndication.com
statistcdn.com
www.google.com
www.google.com.br
104.36.113.23
104.90.192.27
108.157.4.7
13.115.149.166
142.250.186.34
146.59.70.99
172.217.16.130
18.202.12.61
18.66.248.81
20.85.9.11
2620:116:800d:21:ee05:6a01:4b41:8c89
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2003
2a00:1450:4001:811::200e
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:830::200a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.122.111.84
31.22.4.81
31.22.4.94
34.98.67.61
69.173.144.139
89.187.169.47
01a6591d0267bede38ca3421801e22ecaf08e51100267cccd10973d16f79d448
0264595944479b8172166d6c4bf5ca5c4ebd0886311f9ecd154d050026610752
095141e7068ce4b679b220eb6c6ba5d4c49102c2343dbb9b71569c5e84a59079
096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c
14d73457af5bcee8a2820cabb73e3f236982baa26747eb60c020415ea01f60d0
165d6da950c3c3b396e239eaa4649a0ead5172212d0808fa6cb19b2559064df7
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1bdcfa69c65e859f2a6202598117b998f246ef00311a51e3ac501570d6b4d229
204e26ceed9d428095faf4121c5049f1e106116971865681001c2298f7cc5689
23f91e8fed1b07720dbb269a526666a72ca20e4af6388c95757f7469229708dd
2ae7f07e8f00b28fd719f0d3c0e726a46425fade109c4987d7dc93b10864e9c9
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2d5e42889c3ad34064cca184d9e273a31a0c41e0c045f1a6b0aae9fea70dadd5
2ef3959264092b72de9339f88c90054eed3c2c83a3e755b058df53ce75310ee7
2f77c5a08e1b1c6b74fa69a53c34044375c85184a963057fbbe06fa79ce30741
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826
3a7b5f2e7e3fd51102d05b2706291210864e7890361d932311a18048073374ae
4781c71e42e9c275dcfc00afbff9387a29fe754597fcc0de649dd994c4840de5
4c8fdefb68efa78ff2fd4092d3c68d5c064d2442f837bc5c7832f48cf07abd6f
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55dffd4a76f8f06f5bb26309662a1a12182d7dfe0dec0e60bc2e0ffa5ef48c5c
5a02e2246cb69facdac93ae2789f172c7ad079808db6bf62f41af6c6c2857a95
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c6dd8a507bcd95e5baee20d673b22c98ba21b4969014970f0efbfdef3b034f3
60b6fb70c39877b90333526914dbc0d47052cd8c4c298c421aaee2f9d6b48bcc
61bfbe6d6f3df62e49dc26624b55b9a97717fb69dbd623e073586203657f29e6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6352d5b72592fe9d9912b5d5c1a9a3e55723bf802c9a6802f757c1e6b22a43bf
63b0d31f6c1c010ab66aac9a67e7a94c289b26088c583fa9ef41a63b6fb5f564
64ad2b889e573ea0f48d0c21a22e7dbc47d08ca54dff2091e418e9b4b418be14
68edf546c971f8a8a8201bf5b647e9e4ac4073e7d0f0eeec70b1d27f441730b2
6bd760dc672e6d692fd30cca41e3629ab4c67d24fde1d13d2b3d5744fd06f351
70026657c87a5132b6a431dff968771873d699737fb63c32af45f5790a1a38c3
7036fa2f8a7ef682e0080e3ea8dc0ead49e3c803a76d73a70a927eefb3174ad6
74a14c3c9efff84398be5969f5ed596e76fd40786aa034907d67e2cafbf746d6
77beab1c723cf69fffda6bfbf710337d386a86f6f5f3d08e9a567de1947ef202
790de302e4493c260c08c620935128fd87d6820e65183f1467dc7d17c5be79a7
7961fb8e2c56c456004b8621329bcc73e2030785eb88be511bec404c80a659b7
818ce38e548c8222a2d3d31e6739658683964f9233ae770d41a918ead12001bd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86239f09335ef6841697b2918c97ebf17b74b01c425bb36f0e383f7bc60a2609
86f937a29eaee70aaf9935799a414bea46c62fb136cc0465f63f9d6820cf4982
87852b2933a18f87f4632a086a928e734c9e8ab17d09725d327906c5a42ee4c6
88f99f7451346524594c256652e87a14571331976592d46fd6a9b03c71cff121
89a6f112fbf5c36b66fff90f641071fbc8be443cf77139c4c2d47ec430cc1a3d
8cec5a85f5192ba77b4182d2202148e870ce6623bc972921796e56b5b03dfdae
9394118d5c5a98830283589035f6a16c4e65c3f428cddff3e07575fc88cc9e16
986037628ef2f713282cdf6658e45f2d778e374635e2b7b6ec0f3e2fd9281ba3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a08922f7698f6a95eea3c8123b08d4187f4ffd54d300c39b17e8f6315c132d9d
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a33a18d3ade364ae94fdc88f786c869ff8b45cae9bf98f2e2a16dd1459d98cdc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50761af47976acf2a9b1ed88cff6727c6c0fa4a18c2806a26f108c5268b4c1f
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a630cac1dcc430e57ea2663e8f6ec069e715cb938b838fb72adc0bf7a0b78ee5
a984aa4dd8ef7b364554086f53750aadfeee7e5eb91194afa2b68eb776d7d090
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c
ac7ca987581dd2e46a840b716297195c670c2c171a8bd46ac923d5917a62e2c3
b1cafcf2b3ed8226b5d67a0e6850325be44c2e293aabbcfb1aa7138119df97ac
b3b84e5e485619983c2f805dac6f3fde572d0c825c672d1a02f48af0149eea93
b57245994e1df062a0eb10265547e7d49d7e3007df0c1f409dd34a42e78430e6
b6c87e34a8918cb44cdba9606325887a96848b71f27e710a1cdc75ba7fa34cb8
b8e86c44c2f2cc0f6d192de5b6a94b23e3c60db1117bed35701ae1e7ec6cfe5a
bfcb8d31fa62c15f8d02af36e1c1ef315d2f6e824cf3e7d8514cc9f30449cec7
c3861e2429c849c6542244b6f097f0fee86a9cf046a4086a5593651e8826e8bf
c3953d216f3748d0ac73f89e8c4d3e04dbb3b044777932b5d542544a81095254
cbd509669e176f744af1c69d7c339e14127f4be4c59185d6c5ba6fe448fca6f9
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd3600e9be27f74665aba132c024322645a8e61af8dc08072c617386511268bb
ce2c2f487561a1e72f77b2c28bdf121fef04e9c7d3189f5affd499a3a8a77db5
d1f540f14e3e2b6018ccbf81e492d780c2a54b8d00802a57d6de05d7d2aea14c
d21420e670e9be893b2af1fb01238a93a8269df2b7b771566ee614093ecf2d73
d8579af2c54f11352abb915b550533c1044a3a829dab28308a9b2ecd930ef7c0
da54edd8d6d14d7439a764a84f70518dfebda99ba0e4cb7b034f3f09857e98b8
dc661afb221b1ae218aaa434df4f88bbed344ad25d9fd957d7ec777b065fd3c1
dcdf89c03c77ddfecca983f3193527d5ecadb6703589b8cdd0ba77ff0928ef2c
de934a085817710cb3bbd98d33e5b0c91709425d89eada2a2c55909c8b3443de
e04a04dd531e905c22f6e1121a26f36133284c6f7c84e9b50f451671e594425a
e2c03c51af93c8a363dde97c1da7268c0fa2ce90a60a100b8602207aabb1a4e3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e503c59c36fc19803b2e9572b10e7c06236bda692aebd97f29e2a5a96f9aa5b6
e98cd00e7be004c4360ad0c38471911312d74a117babcc29f239935afc80c8cb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f356c1330b17335df99dda5bb53bfd858ff27b903d555e9edb775b2c08d0b357
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
fa4921b4a9286703010ab2a2f33064e6fca5b1430791d0876c8269ea0bb85269
fb37a116c77f6c45e904778987eaf3197bc069af51f7d421f3e520785dc8667a
fc08809552becc11633f8ae84e133f62f1ee23689f6aa71d532ed5ab3ac3d821
fcd4dbff18d65b19d3a064b2f66b6cf309cc328fbf8ce08390b5c528faf4ef00
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
fe46dda386757ac75fe68f7b274d2294a7780e9df2f4ca3b280dd43df7152cd5

timedopovo.tk Open in urlscan Pro 31.22.4.81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

161 Requests

81 %HTTPS

47 %IPv6

29 Domains

35 Subdomains

24 IPs

6 Countries

1938 kBTransfer

4522 kBSize

27 Cookies

7 Outgoing links

Page URL History

Redirected requests

161 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

timedopovo.tk Open in urlscan Pro
31.22.4.81 Public Scan

Screenshot
Live screenshot

Full Image

161
Requests

81 %
HTTPS

47 %
IPv6

29
Domains

35
Subdomains

24
IPs

6
Countries

1938 kB
Transfer

4522 kB
Size

27
Cookies

161 HTTP transactions
4 data transactions