momen.tofu.fit Open in urlscan Pro
49.212.207.53 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://momen.tofu.fit/
Effective URL:
https://momen.tofu.fit/
Submission: On June 07 via manual (June 7th 2023, 5:21:27 am UTC) from JP — Scanned from IT

Summary HTTP 187 Redirects Behaviour Indicators

Summary

This website contacted 28 IPs in 6 countries across 23 domains to perform 187 HTTP transactions. The main IP is 49.212.207.53, located in Chigasaki, Japan and belongs to SAKURA-C SAKURA Internet Inc., JP. The main domain is momen.tofu.fit.
TLS certificate: Issued by R3 on May 23rd 2023. Valid for: 3 months.

This is the only time momen.tofu.fit was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 30	49.212.207.53 49.212.207.53	9371 (SAKURA-C ...) (SAKURA-C SAKURA Internet Inc.)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
30	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:225e:ba00:18:82c:9d80:93a1	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	54.65.90.255 54.65.90.255	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
29	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
5 11	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 4	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
20	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 2	3.126.192.167 3.126.192.167	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
187	28

30 49.212.207.53 (Chigasaki, Japan) 1 redirects

ASN9371 (SAKURA-C SAKURA Internet Inc., JP)
PTR: www3043.sakura.ne.jp

momen.tofu.fit	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:ba00:18:82c:9d80:93a1 (United States)

ASN16509 (AMAZON-02, US)

vpj.valuecommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.65.90.255 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-65-90-255.ap-northeast-1.compute.amazonaws.com

dalc.valuecommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.184.226 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.244 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.192.167 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-192-167.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.217.42 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	520 KB
30	tofu.fit 1 redirects momen.tofu.fit	580 KB
29	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 51 cm.g.doubleclick.net — Cisco Umbrella Rank: 231 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 351	186 KB
20	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 324	894 KB
18	google.com 2 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1888 adservice.google.com — Cisco Umbrella Rank: 103 www.google.com — Cisco Umbrella Rank: 3	57 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com	127 KB
7	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 398 fonts.googleapis.com — Cisco Umbrella Rank: 66	37 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	271 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 239	4 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 568	3 KB
3	google.it adservice.google.it — Cisco Umbrella Rank: 50002	818 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1314	453 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 896	2 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 952 r.turn.com — Cisco Umbrella Rank: 3464	869 B
2	valuecommerce.com vpj.valuecommerce.com dalc.valuecommerce.com — Cisco Umbrella Rank: 186417	11 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	132 KB
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2034	174 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 43979	609 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 870	718 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 702	539 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1056	600 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1866	253 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 249	4 KB
187	23

	Domain	Requested by
30	pagead2.googlesyndication.com	momen.tofu.fit pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
30	momen.tofu.fit	1 redirects momen.tofu.fit
29	tpc.googlesyndication.com	googleads.g.doubleclick.net momen.tofu.fit tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
20	s0.2mdn.net	momen.tofu.fit s0.2mdn.net
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
12	fundingchoicesmessages.google.com	momen.tofu.fit
11	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net
8	www.gstatic.com	googleads.g.doubleclick.net
6	fonts.googleapis.com	googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	fonts.gstatic.com	fonts.googleapis.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.it	pagead2.googlesyndication.com
2	googleads4.g.doubleclick.net	momen.tofu.fit
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	pm.w55c.net	2 redirects
2	www.googletagmanager.com	momen.tofu.fit www.googletagmanager.com
1	tr.blismedia.com	googleads.g.doubleclick.net
1	gcm.ctnsnet.com	1 redirects
1	um.simpli.fi	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	dalc.valuecommerce.com	vpj.valuecommerce.com
1	region1.google-analytics.com	www.googletagmanager.com
1	vpj.valuecommerce.com	momen.tofu.fit
1	cdnjs.cloudflare.com	momen.tofu.fit
1	ajax.googleapis.com	momen.tofu.fit
187	32

This site contains no links.

Subject Issuer	Validity	Valid
momen.tofu.fit R3	`2023-05-23` - `2023-08-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.valuecommerce.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-24` - `2023-09-24`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.it GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-04-12` - `2023-07-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://momen.tofu.fit/
Frame ID: 8EB39A67F17D4E18DA6CC833E9E48782
Requests: 67 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230601/r20190131/zrt_lookup.html
Frame ID: 0160646F081C7EB9E044F5C972F6200A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7228184907055996&output=html&adk=1812271804&adf=3025194257&lmt=1686072738&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Fmomen.tofu.fit%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686115282326&bpp=5&bdt=1162&idt=275&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7333939706129&frm=20&pv=2&ga_vid=1646744520.1686115282&ga_sid=1686115283&ga_hid=1458372198&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C44772269%2C44788441&oid=2&pvsid=2227705292742720&tmod=1865976778&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=299
Frame ID: 1CCA813703763F55EB313501E7D593F1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7228184907055996&output=html&h=280&slotname=6078613337&adk=1703001207&adf=1202215118&pi=t.ma~as.6078613337&w=336&fwrn=4&fwrnh=100&lmt=1686072738&rafmt=1&format=336x280&url=https%3A%2F%2Fmomen.tofu.fit%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686115282331&bpp=3&bdt=1167&idt=300&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7333939706129&frm=20&pv=1&ga_vid=1646744520.1686115282&ga_sid=1686115283&ga_hid=1458372198&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C44772269%2C44788441&oid=2&pvsid=2227705292742720&tmod=1865976778&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bb3YolyC3C&p=https%3A//momen.tofu.fit&dtd=306
Frame ID: 2E9EF12C5F3BEB93AA52AF4E8B571CFB
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7228184907055996&output=html&h=280&slotname=6533706617&adk=3655802702&adf=3568310119&pi=t.ma~as.6533706617&w=336&fwrn=4&fwrnh=100&lmt=1686072738&rafmt=1&format=336x280&url=https%3A%2F%2Fmomen.tofu.fit%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686115282429&bpp=1&bdt=1266&idt=222&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=7333939706129&frm=20&pv=1&ga_vid=1646744520.1686115282&ga_sid=1686115283&ga_hid=1458372198&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=2440&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C44772269%2C44788441&oid=2&pvsid=2227705292742720&tmod=1865976778&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=wyD2oQ3B0H&p=https%3A//momen.tofu.fit&dtd=226
Frame ID: D1AD3102EA1F4C0E2AC74A04D775FC89
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7228184907055996&output=html&h=280&adk=3432959759&adf=2581218329&pi=t.aa~a.2671591709~rp.4&w=336&fwrn=4&fwrnh=100&lmt=1686072738&rafmt=1&to=qs&pwprc=8410908443&format=336x280&url=https%3A%2F%2Fmomen.tofu.fit%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686115283440&bpp=2&bdt=2276&idt=2&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D122eabd051d4239e-22598b5107de00c0%3AT%3D1686115282%3ART%3D1686115282%3AS%3DALNI_MbPY-C57Cv0ISc7KCjiWZMfMMtqog&gpic=UID%3D00000c44f299b23c%3AT%3D1686115282%3ART%3D1686115282%3AS%3DALNI_Mb3eNoaX_gLDpfXPikO3y7zvovwsA&prev_fmts=0x0%2C336x280%2C336x280&nras=2&correlator=7333939706129&frm=20&pv=1&ga_vid=1646744520.1686115282&ga_sid=1686115283&ga_hid=1458372198&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C44772269%2C44788441&oid=2&pvsid=2227705292742720&tmod=1865976778&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=W3BB1rScry&p=https%3A//momen.tofu.fit&dtd=22
Frame ID: 550F46434993A72BC9D812E7A0148DC4
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230601/r20110914/zrt_lookup.html?fsb=1
Frame ID: C66F8B18977F669A0B9416218391DBD9
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230601/r20110914/zrt_lookup.html?fsb=1
Frame ID: C4F7C649C1B24130BA07A7B4268EC0BA
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EHMIEcXmxjhpa6ysVw94xheqxns9jQBWcUzwmgw4Ck0.js
Frame ID: 944374152B8B0502CBB60E6697EB25FA
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400&text=%E3%81%98%E3%82%8B%E9%96%89
Frame ID: 68A5E061067D26F9520D0F14CFCEC716
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B424F20BD6C88DFC63807168ED27B692
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 95070CC752C805FC5DF2F0F1CFB9D319
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EHMIEcXmxjhpa6ysVw94xheqxns9jQBWcUzwmgw4Ck0.js
Frame ID: EF926B8F6DC11FDB335F7EB093E79317
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQu9SFAhi-_IDkATAB&v=APEucNWVO7iHCT8ZMDW-xJsNq-E_kMxSTGWKkTvk7FUQG2t1SS86D25sFRywCI4wg6xQCyOQtVrw_aGvJdZyAt3n_u_1C8VWRzZuGBLZ-ntqMPPb8wO_LuYO-Zc0Cbyb5enO9OPeiZqRwA3Qh-VU9Dirn60ZegePP-0B2y5Ofn1qhISVg2B1Pe0
Frame ID: CF89EEA398BF702C93BDE9500333CFA3
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8F5C9A18A589A635FA89362DB76D86E1
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 39898CF8612361F262ED36404FD67499
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=c2q4ClWZif&t=1&renderingType=2&ev=01_250
Frame ID: 526F689E648E6C6E0102314A1E149DDF
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EHMIEcXmxjhpa6ysVw94xheqxns9jQBWcUzwmgw4Ck0.js
Frame ID: 3E4CA2F68626B8488D768D6F73FA5832
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 53B485F9CCD46387F5F01472CA20C3E1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 875616FA41D72E7F8485150105A61490
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

豆腐の角

Page URL History Show full URLs

http://momen.tofu.fit/ HTTP 301
https://momen.tofu.fit/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

187
Requests

95 %
HTTPS

61 %
IPv6

23
Domains

32
Subdomains

28
IPs

6
Countries

2823 kB
Transfer

6153 kB
Size

21
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://momen.tofu.fit/ HTTP 301
https://momen.tofu.fit/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 124

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 125

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 126

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMpzYNGdu3e6GHnnuggmJds&google_cver=1

Request Chain 127

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZIAT1BjSgY2HlWMF.cHQ-AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMpzYNGdu3e6GHnnuggmJds&google_cver=1&google_hm=2

Request Chain 128

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIVq0KdsWzUclybOc710iko&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIVq0KdsWzUclybOc710iko%26google_cver%3D1

Request Chain 129

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA1NDEwMzg0MzUwMzUwNDQzMw%3D%3D

Request Chain 143

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKi78qJmeYWOZRQZvEac4Tk&google_cver=1&google_push=ATf1kGPhbTf6re-B_Scj9lQ3UGAFCiZ7pdfeeFdNpwVhFkITWum-1oHt8RmL8UYjWHH4rwi_atgJvNFv0PHwNys-f5srORPQBTA1p9w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjUyNzAxMDU0ODMzNzU4NzUzOA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKi78qJmeYWOZRQZvEac4Tk&google_cver=1

Request Chain 144

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENyRgQA1vKChP_Gdp7dNXEU&google_cver=1&google_push=ATf1kGPIueakG7Msoqgl2PZbZlE2wbie3flAfCZ-8TXPH2HtCaCsNrryd2FuTsN4oywul1NZQm3YtWHeS_-j8vnFXPR6Esyh64EtTw HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENyRgQA1vKChP_Gdp7dNXEU&google_cver=1&google_push=ATf1kGPIueakG7Msoqgl2PZbZlE2wbie3flAfCZ-8TXPH2HtCaCsNrryd2FuTsN4oywul1NZQm3YtWHeS_-j8vnFXPR6Esyh64EtTw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Q01DajdiQ1gxUTZMQk81&google_gid=CAESENyRgQA1vKChP_Gdp7dNXEU&google_cver=1&google_push=ATf1kGPIueakG7Msoqgl2PZbZlE2wbie3flAfCZ-8TXPH2HtCaCsNrryd2FuTsN4oywul1NZQm3YtWHeS_-j8vnFXPR6Esyh64EtTw

Request Chain 145

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEBEHQRj0dVa3SBLz1q2HoQU&google_cver=1&google_push=ATf1kGOIq_t4Wu3FGwDgcoZIGkzas-lUeH5KqA94hjNHOEgdTnTOZacVKo4-YlyxfnG9gx4jyzcqF6s6VXnwyeUwidrVmdymcmTiYA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBEHQRj0dVa3SBLz1q2HoQU&google_push=ATf1kGOIq_t4Wu3FGwDgcoZIGkzas-lUeH5KqA94hjNHOEgdTnTOZacVKo4-YlyxfnG9gx4jyzcqF6s6VXnwyeUwidrVmdymcmTiYA

Request Chain 146

https://um.simpli.fi/gp_match?google_gid=CAESEOf3lkgNosQRcfSB9ILpwfc&google_cver=1&google_push=ATf1kGMCTJZWa4C43qOFFR4jPp6kmQKAOM1wcKksyMqRFmYa9RuWE-GfErz3aw_Pg1BCm7UTDP_fTR45RXoSMqb1tBZdWxLBWAPG5g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D24FB9361BE347EC8B269639FEDD4F63&google_push=ATf1kGMCTJZWa4C43qOFFR4jPp6kmQKAOM1wcKksyMqRFmYa9RuWE-GfErz3aw_Pg1BCm7UTDP_fTR45RXoSMqb1tBZdWxLBWAPG5g

Request Chain 147

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEHNKYC-mjOgc3YYbpbosoRc&google_cver=1&google_push=ATf1kGPw9uuPfaEdpbf9JZI_1qAO3fi8E3OV98vUFEKs3IjPoDIfxoU2V0kaEo8wJWSzVUNX3GcsB1acE0zBVY41GJ83qDyQXXl6DQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGPw9uuPfaEdpbf9JZI_1qAO3fi8E3OV98vUFEKs3IjPoDIfxoU2V0kaEo8wJWSzVUNX3GcsB1acE0zBVY41GJ83qDyQXXl6DQ&google_hm=Kyc5TvLaTaW-5aAyEDoV4tU

Request Chain 149

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOnzdNiA928JAOipKMPkSV0&google_cver=1&google_push=ATf1kGM5DOgjVgBsg-j3UMGny5ArgWKULzcZWWZ7LMrZbzW4j_7z7mrzqmFKm4FvujW3rkwllRN40NLXUM4NXPpZ-Y_2HdOlSQrlAojI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGM5DOgjVgBsg-j3UMGny5ArgWKULzcZWWZ7LMrZbzW4j_7z7mrzqmFKm4FvujW3rkwllRN40NLXUM4NXPpZ-Y_2HdOlSQrlAojI HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

187 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
momen.tofu.fit/
Redirect Chain

http://momen.tofu.fit/
https://momen.tofu.fit/

340 KB
58 KB

834ms
281ms

Document
text/html

49.212.207.53
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://momen.tofu.fit/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 49.212.207.53 Chigasaki, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www3043.sakura.ne.jp
Software: nginx /
Resource Hash: 4434bbbcc6d25483cc0b1be91f94c180d1f3b52df2c410bd9db1d035d572982b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=3, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 07 Jun 2023 05:21:21 GMT
etag: "5500d-5fd79669dcf85-gzip"
expires: Wed, 07 Jun 2023 05:21:24 GMT
last-modified: Tue, 06 Jun 2023 17:32:18 GMT
server: nginx
vary: Accept-Encoding,Cookie

Redirect headers

Connection: keep-alive
Content-Length: 231
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 07 Jun 2023 05:21:20 GMT
Location: https://momen.tofu.fit/
Server: nginx

GET
H2 200 icomoon.woff
momen.tofu.fit/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/ 13 KB
13 KB 1160ms
1158ms Font
font/woff 49.212.207.53
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://momen.tofu.fit/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/icomoon.woff
Requested by: Host: momen.tofu.fit
URL: https://momen.tofu.fit/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 49.212.207.53 Chigasaki, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www3043.sakura.ne.jp
Software: nginx /
Resource Hash: c54947e67503bb21778d64789ceac992de7249f7cbcfea7dc233e7db5c2a72fa

Request headers

Referer: https://momen.tofu.fit/
Origin: https://momen.tofu.fit
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:22 GMT
last-modified: Mon, 22 May 2023 06:19:47 GMT
server: nginx
accept-ranges: bytes
etag: "32c8-5fc4241e545df"
content-length: 13000
content-type: font/woff

GET
H2 200 fontawesome-webfont.woff2
momen.tofu.fit/wp-content/themes/cocoon-master/webfonts/fontawesome/fonts/ 75 KB
76 KB 816ms
814ms Font
font/woff2 49.212.207.53
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://momen.tofu.fit/wp-content/themes/cocoon-master/webfonts/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: momen.tofu.fit
URL: https://momen.tofu.fit/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 49.212.207.53 Chigasaki, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www3043.sakura.ne.jp
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://momen.tofu.fit/
Origin: https://momen.tofu.fit
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:21 GMT
last-modified: Mon, 22 May 2023 06:19:46 GMT
server: nginx
accept-ranges: bytes
etag: "12d68-5fc4241e1f9a7"
content-length: 77160
content-type: font/woff2

GET
H2 200 style.min.css
momen.tofu.fit/wp-includes/css/dist/block-library/ 95 KB
13 KB 545ms
544ms Stylesheet
text/css 49.212.207.53
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://momen.tofu.fit/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2&fver=20230330061718
Requested by: Host: momen.tofu.fit
URL: https://momen.tofu.fit/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 49.212.207.53 Chigasaki, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www3043.sakura.ne.jp
Software: nginx /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:21 GMT
content-encoding: gzip
last-modified: Thu, 30 Mar 2023 06:17:18 GMT
server: nginx
etag: "17ced-5f8180b7111dc-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 12736

GET
H2 200 styles.css
momen.tofu.fit/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 543ms
541ms Stylesheet
text/css 49.212.207.53
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://momen.tofu.fit/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.7&fver=20230531061738
Requested by: Host: momen.tofu.fit
URL: https://momen.tofu.fit/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 49.212.207.53 Chigasaki, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www3043.sakura.ne.jp
Software: nginx /
Resource Hash: ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:21 GMT
content-encoding: gzip
last-modified: Wed, 31 May 2023 18:17:38 GMT
server: nginx
etag: "b2b-5fd0155be352c-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1004

GET
H2 200 jquery.fancybox.min.css
momen.tofu.fit/wp-content/plugins/responsive-lightbox/assets/fancybox/ 7 KB
2 KB 544ms
542ms Stylesheet
text/css 49.212.207.53
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://momen.tofu.fit/wp-content/plugins/responsive-lightbox/assets/fancybox/jquery.fancybox.min.css?ver=2.4.5&fver=20230412035144
Requested by: Host: momen.tofu.fit
URL: https://momen.tofu.fit/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 49.212.207.53 Chigasaki, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www3043.sakura.ne.jp
Software: nginx /
Resource Hash: 4cfdfc2ed4fa9301edd5fb41a18f88773221f982fe220ac8340237667b705a1c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:21 GMT
content-encoding: gzip
last-modified: Wed, 12 Apr 2023 15:51:44 GMT
server: nginx
etag: "1b01-5f92595b7fbe8-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1417

GET
H2 200 style.css
momen.tofu.fit/wp-content/plugins/yyi-rinker/css/ 15 KB
3 KB 544ms
543ms Stylesheet
text/css 49.212.207.53
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://momen.tofu.fit/wp-content/plugins/yyi-rinker/css/style.css?v=1.10.1&ver=6.2.2&fver=20230603073552
Requested by: Host: momen.tofu.fit
URL: https://momen.tofu.fit/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 49.212.207.53 Chigasaki, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www3043.sakura.ne.jp
Software: nginx /
Resource Hash: 7763cf61ef887eab9387b512247ceb8dcf43bf89125c3709ba5d3f33627a85a2

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:21 GMT
content-encoding: gzip
last-modified: Sat, 03 Jun 2023 19:35:52 GMT
server: nginx
etag: "3de6-5fd3ec70bc0d9-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 2679

GET
H2 200 style.css
momen.tofu.fit/wp-content/themes/cocoon-master/ 243 KB
41 KB 545ms
544ms Stylesheet
text/css 49.212.207.53
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://momen.tofu.fit/wp-content/themes/cocoon-master/style.css?ver=6.2.2&fver=20230522061946
Requested by: Host: momen.tofu.fit
URL: https://momen.tofu.fit/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 49.212.207.53 Chigasaki, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www3043.sakura.ne.jp
Software: nginx /
Resource Hash: 8324420ade444d21ad9e758609a2448e087326fcb487aa7f1b427b20bf3cb248

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:21 GMT
content-encoding: gzip
last-modified: Mon, 22 May 2023 06:19:46 GMT
server: nginx
etag: "3cd61-5fc4241e1c2e7-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 42250

GET
H2 200 keyframes.css
momen.tofu.fit/wp-content/themes/cocoon-master/ 292 B
305 B 542ms
541ms Stylesheet
text/css 49.212.207.53
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://momen.tofu.fit/wp-content/themes/cocoon-master/keyframes.css?ver=6.2.2&fver=20230522061946
Requested by: Host: momen.tofu.fit
URL: https://momen.tofu.fit/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 49.212.207.53 Chigasaki, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www3043.sakura.ne.jp
Software: nginx /
Resource Hash: d04b1faa2da8b85f4f650a0ed3645bb5aee8b8faa5ce054de1115b315059ad68

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:21 GMT
content-encoding: gzip
last-modified: Mon, 22 May 2023 06:19:46 GMT
server: nginx
etag: "124-5fc4241df6a78-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 124

GET
H2 200 font-awesome.min.css
momen.tofu.fit/wp-content/themes/cocoon-master/webfonts/fontawesome/css/ 30 KB
7 KB 544ms
543ms Stylesheet
text/css 49.212.207.53
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://momen.tofu.fit/wp-content/themes/cocoon-master/webfonts/fontawesome/css/font-awesome.min.css?ver=6.2.2&fver=20230522061946
Requested by: Host: momen.tofu.fit
URL: https://momen.tofu.fit/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 49.212.207.53 Chigasaki, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www3043.sakura.ne.jp
Software: nginx /
Resource Hash: 6f14101998fff51d94efe7f1946d812be542fc3f97b7306ddc116eaeca8fcf7f

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:21 GMT
content-encoding: gzip
last-modified: Mon, 22 May 2023 06:19:46 GMT
server: nginx
etag: "792a-5fc4241e1e12c-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 7059

GET
H2 200 style.css
momen.tofu.fit/wp-content/themes/cocoon-master/webfonts/icomoon/ 3 KB
896 B 543ms
542ms Stylesheet
text/css 49.212.207.53
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://momen.tofu.fit/wp-content/themes/cocoon-master/webfonts/icomoon/style.css?ver=6.2.2&fver=20230522061947
Requested by: Host: momen.tofu.fit
URL: https://momen.tofu.fit/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 49.212.207.53 Chigasaki, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www3043.sakura.ne.jp
Software: nginx /
Resource Hash: f6956c081898cba209f04bf3a248390c30564a1042f500d1152ecb50429acbce

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:21 GMT
content-encoding: gzip
last-modified: Mon, 22 May 2023 06:19:47 GMT
server: nginx
etag: "add-5fc4241e5479c-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 715

GET
H2 200 style.css
momen.tofu.fit/wp-content/themes/cocoon-master/skins/skin-simplicity/ 2 KB
1 KB 817ms
816ms Stylesheet
text/css 49.212.207.53
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://momen.tofu.fit/wp-content/themes/cocoon-master/skins/skin-simplicity/style.css?ver=6.2.2&fver=20230522061946
Requested by: Host: momen.tofu.fit
URL: https://momen.tofu.fit/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 49.212.207.53 Chigasaki, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www3043.sakura.ne.jp
Software: nginx /
Resource Hash: b8a06a04982c11388ea357a3d3c5e76b94b5a1ed159fd947afa86b5348824ef4

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:21 GMT
content-encoding: gzip
last-modified: Mon, 22 May 2023 06:19:46 GMT
server: nginx
etag: "6bf-5fc4241e140e5-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 865

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 136 KB
50 KB 102ms
40ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TGHP57W

Requested by

Host: momen.tofu.fit
URL: https://momen.tofu.fit/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

46b28dc3c9cba6768e8c9ae495191178acb66dc15cd4e8de6bc8929b58c86069

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51062
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Jun 2023 05:21:22 GMT

GET
H2 200 style.css
momen.tofu.fit/wp-content/themes/cocoon-child-master/ 845 B
566 B 543ms
542ms Stylesheet
text/css 49.212.207.53
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://momen.tofu.fit/wp-content/themes/cocoon-child-master/style.css?ver=6.2.2&fver=20220923090933
Requested by: Host: momen.tofu.fit
URL: https://momen.tofu.fit/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 49.212.207.53 Chigasaki, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www3043.sakura.ne.jp
Software: nginx /
Resource Hash: ccf84bb53b19b1e5310d031c599b2ac4f0311ac5cdc17bd47da8e409e72ffa49

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:21 GMT
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 09:09:33 GMT
server: nginx
etag: "34d-5e954894e8add-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 385

GET
H2 200 keyframes.css
momen.tofu.fit/wp-content/themes/cocoon-child-master/ 130 B
316 B 542ms
541ms Stylesheet
text/css 49.212.207.53
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://momen.tofu.fit/wp-content/themes/cocoon-child-master/keyframes.css?ver=6.2.2&fver=20220923090933
Requested by: Host: momen.tofu.fit
URL: https://momen.tofu.fit/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 49.212.207.53 Chigasaki, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www3043.sakura.ne.jp
Software: nginx /
Resource Hash: 6bdc2bf2db4744a741fc90761e27b7cb360ecabd9a3edfd586defc9eb95717df

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:21 GMT
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 09:09:33 GMT
server: nginx
etag: "82-5e954894e8a34-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 136

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.1/ 88 KB
31 KB 101ms
26ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js?ver=3.6.1

Requested by

Host: momen.tofu.fit
URL: https://momen.tofu.fit/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:53:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 347290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31100
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 18:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 04:53:11 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.2/ 11 KB
4 KB 59ms
24ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.2/jquery-migrate.min.js?ver=3.0.1

Requested by

Host: momen.tofu.fit
URL: https://momen.tofu.fit/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

106fcd8d723eda7d92a26893a439ccef998e5fc68ad228253607143d801e8cd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1079831
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3718
last-modified: Wed, 18 Nov 2020 00:51:42 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fb4701e-2c03"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iMSOlWcdeVLIC1rZlp%2B2WKEld41aAi4oXIYq7BwSjTxN8w5DkiJUy6BhdGWrYcvTFIrqRKadD2XOl1UfJcHNR8ML71iiNhbPX6sfD%2F5iCwWMj5xrHmq0rd1Elh%2FsUwBqcqCWBc9TlJNMq%2FfaOQo9m4VH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d36737d49f4ba9f-MXP
expires: Mon, 27 May 2024 05:21:21 GMT

GET
H2 200 infinite-scroll.pkgd.min.js Show response
momen.tofu.fit/wp-content/plugins/responsive-lightbox/assets/infinitescroll/ 22 KB
7 KB 546ms
545ms Script
application/javascript 49.212.207.53
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://momen.tofu.fit/wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=6.2.2&fver=20230412035144
Requested by: Host: momen.tofu.fit
URL: https://momen.tofu.fit/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 49.212.207.53 Chigasaki, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www3043.sakura.ne.jp
Software: nginx /
Resource Hash: 095834cc86bd018fdb4a9e31c99f9f96904b819be2b9dc16b3390383288d4d90

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:21 GMT
content-encoding: gzip
last-modified: Wed, 12 Apr 2023 15:51:44 GMT
server: nginx
etag: "581b-5f92595b805d5-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 6724

GET
H2 200 event-tracking.js Show response
momen.tofu.fit/wp-content/plugins/yyi-rinker/js/ 598 B
496 B 542ms
541ms Script
application/javascript 49.212.207.53
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://momen.tofu.fit/wp-content/plugins/yyi-rinker/js/event-tracking.js?v=1.10.1&fver=20230603073552
Requested by: Host: momen.tofu.fit
URL: https://momen.tofu.fit/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 49.212.207.53 Chigasaki, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www3043.sakura.ne.jp
Software: nginx /
Resource Hash: b22a6914bcfd51c615ea47a6ae43f2801fb7cefb1bd63cd7a425f1d1f6d7f0c0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:21 GMT
content-encoding: gzip
last-modified: Sat, 03 Jun 2023 19:35:52 GMT
server: nginx
etag: "256-5fd3ec70bc299-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 305

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 165ms
84ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7228184907055996

Requested by

Host: momen.tofu.fit
URL: https://momen.tofu.fit/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6bfb98fd0e8004afcc32e10b2d0f877b3f6bd8671225d982e0408baf87ec0985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://momen.tofu.fit/
Origin: https://momen.tofu.fit
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47600
x-xss-protection: 0
server: cafe
etag: 8441993555458560174
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 07 Jun 2023 05:21:22 GMT

GET
H2 200 vcparam_pvd.js Show response
vpj.valuecommerce.com/ 10 KB
11 KB 120ms
31ms Script
application/javascript 2600:9000:225e:ba00:18:82c:9d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpj.valuecommerce.com/vcparam_pvd.js
Requested by: Host: momen.tofu.fit
URL: https://momen.tofu.fit/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:ba00:18:82c:9d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 56d01ad66f7da669c13688d4767db0d9f3dfa60b3ba93c0da30382fd7d2b8e0a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:10 GMT
via: 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 12
x-guploader-uploadid: ADPycdvBAz_MUY61rrh4XA9knsYPDABOjwAEwRN7mNATJjBSICBKfWjrULtX0V0ePe5ufwLTC1jUPjISDBsgGpAMg0eguXj8HBCF
x-cache: Hit from cloudfront
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 10489
last-modified: Wed, 26 Apr 2023 02:44:11 GMT
server: UploadServer
etag: "9973d8d049fa16c1229ee389e8039b24"
vary: Accept-Encoding
x-goog-generation: 1682477051354708
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=L2kmQA==, md5=mXPY0En6FsEinuOJ6AObJA==
access-control-expose-headers: Content-Type, Content-Range, x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 10489
accept-ranges: bytes
x-amz-cf-id: 9bGCM-wXRGjEy92pKa7QY8j8kJFFBkWWfqw7ByMq7o6kICJauEa_BQ==
expires: Wed, 07 Jun 2023 05:26:10 GMT

GET
H2 200 pub-7228184907055996 Show response
fundingchoicesmessages.google.com/i/ 140 KB
47 KB 164ms
68ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-7228184907055996?ers=1

Requested by

Host: momen.tofu.fit
URL: https://momen.tofu.fit/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ee1b47be81579325f7ab11625c9bb6398fa607a1667a72a264303f568782a53e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-3HCLiabBMvcoN9zSzR4UAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-3HCLiabBMvcoN9zSzR4UAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 kaba6-320x180.gif
momen.tofu.fit/wp-content/uploads/2023/06/ 12 KB
12 KB 282ms
280ms Image
image/gif 49.212.207.53
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://momen.tofu.fit/wp-content/uploads/2023/06/kaba6-320x180.gif
Requested by: Host: momen.tofu.fit
URL: https://momen.tofu.fit/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 49.212.207.53 Chigasaki, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www3043.sakura.ne.jp
Software: nginx /
Resource Hash: dfb71f5afd277376cd1ed2b530adc5a3c3452549f7f923b3c69768bd1571306a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:22 GMT
last-modified: Tue, 06 Jun 2023 17:22:08 GMT
server: nginx
accept-ranges: bytes
etag: "3068-5fd794247a578"
content-length: 12392
content-type: image/gif

GET
H2 200 no-image-320.png
momen.tofu.fit/wp-content/themes/cocoon-master/images/ 739 B
882 B 283ms
282ms Image
image/png 49.212.207.53
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://momen.tofu.fit/wp-content/themes/cocoon-master/images/no-image-320.png
Requested by: Host: momen.tofu.fit
URL: https://momen.tofu.fit/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 49.212.207.53 Chigasaki, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www3043.sakura.ne.jp
Software: nginx /
Resource Hash: cae69e643674ce071a2b636b10b21583a97e9fc958a8f5a21c14d3aff49790b4

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:22 GMT
last-modified: Mon, 22 May 2023 06:19:46 GMT
server: nginx
accept-ranges: bytes
etag: "2e3-5fc4241df640e"
content-length: 739
content-type: image/png

GET
H2 200 index.js Show response
momen.tofu.fit/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 275ms
275ms Script
application/javascript 49.212.207.53
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://momen.tofu.fit/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.7&fver=20230531061738
Requested by: Host: momen.tofu.fit
URL: https://momen.tofu.fit/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 49.212.207.53 Chigasaki, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www3043.sakura.ne.jp
Software: nginx /
Resource Hash: 52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:22 GMT
content-encoding: gzip
last-modified: Wed, 31 May 2023 18:17:38 GMT
server: nginx
etag: "2801-5fd0155be4251-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 3010

GET
H2 200 index.js Show response
momen.tofu.fit/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 276ms
274ms Script
application/javascript 49.212.207.53
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://momen.tofu.fit/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.7&fver=20230531061738
Requested by: Host: momen.tofu.fit
URL: https://momen.tofu.fit/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 49.212.207.53 Chigasaki, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www3043.sakura.ne.jp
Software: nginx /
Resource Hash: 1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:22 GMT
content-encoding: gzip
last-modified: Wed, 31 May 2023 18:17:38 GMT
server: nginx
etag: "328f-5fd0155be3961-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 4182

GET
H2 200 jquery.fancybox.min.js Show response
momen.tofu.fit/wp-content/plugins/responsive-lightbox/assets/fancybox/ 15 KB
5 KB 279ms
276ms Script
application/javascript 49.212.207.53
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://momen.tofu.fit/wp-content/plugins/responsive-lightbox/assets/fancybox/jquery.fancybox.min.js?ver=2.4.5&fver=20230412035144
Requested by: Host: momen.tofu.fit
URL: https://momen.tofu.fit/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 49.212.207.53 Chigasaki, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www3043.sakura.ne.jp
Software: nginx /
Resource Hash: fee6d29c185ca3cc6c7ab081e154531e2dabbe980afa68d89ff23417c79976d8

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:22 GMT
content-encoding: gzip
last-modified: Wed, 12 Apr 2023 15:51:44 GMT
server: nginx
etag: "3b04-5f92595b7fc79-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 5326

GET
H2 200 underscore.min.js Show response
momen.tofu.fit/wp-includes/js/ 18 KB
7 KB 281ms
278ms Script
application/javascript 49.212.207.53
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://momen.tofu.fit/wp-includes/js/underscore.min.js?ver=1.13.4&fver=20221102071219
Requested by: Host: momen.tofu.fit
URL: https://momen.tofu.fit/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 49.212.207.53 Chigasaki, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www3043.sakura.ne.jp
Software: nginx /
Resource Hash: 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:22 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 07:12:19 GMT
server: nginx
etag: "4991-5ec778faafa42-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 7311

GET
H2 200 front.js Show response
momen.tofu.fit/wp-content/plugins/responsive-lightbox/js/ 27 KB
6 KB 283ms
281ms Script
application/javascript 49.212.207.53
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://momen.tofu.fit/wp-content/plugins/responsive-lightbox/js/front.js?ver=2.4.5&fver=20230412035144
Requested by: Host: momen.tofu.fit
URL: https://momen.tofu.fit/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 49.212.207.53 Chigasaki, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www3043.sakura.ne.jp
Software: nginx /
Resource Hash: 9fe6a07f596d507305d1480e6bb301d04cbf5ef8660b24b9fa411e39607a7ab5

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:22 GMT
content-encoding: gzip
last-modified: Wed, 12 Apr 2023 15:51:44 GMT
server: nginx
etag: "6c55-5f92595b86da4-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 6016

GET
H2 200 javascript.js Show response
momen.tofu.fit/wp-content/themes/cocoon-master/ 8 KB
3 KB 280ms
277ms Script
application/javascript 49.212.207.53
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://momen.tofu.fit/wp-content/themes/cocoon-master/javascript.js?ver=6.2.2&fver=20230522061946
Requested by: Host: momen.tofu.fit
URL: https://momen.tofu.fit/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 49.212.207.53 Chigasaki, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www3043.sakura.ne.jp
Software: nginx /
Resource Hash: 22e5f1ed3df935248f27fa5727af86a1572746560a29d83bc99fa9cf8cc3fc16

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:22 GMT
content-encoding: gzip
last-modified: Mon, 22 May 2023 06:19:46 GMT
server: nginx
etag: "1e7b-5fc4241df6767-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 2765

GET
H2 200 javascript.js Show response
momen.tofu.fit/wp-content/themes/cocoon-master/skins/skin-simplicity/ 61 B
211 B 277ms
275ms Script
application/javascript 49.212.207.53
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://momen.tofu.fit/wp-content/themes/cocoon-master/skins/skin-simplicity/javascript.js?ver=6.2.2&fver=20230522061946
Requested by: Host: momen.tofu.fit
URL: https://momen.tofu.fit/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 49.212.207.53 Chigasaki, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www3043.sakura.ne.jp
Software: nginx /
Resource Hash: dce792814c67bc03cf20b5bb4bf6d317f052add475115e305f0c0924df4ad9f0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:22 GMT
last-modified: Mon, 22 May 2023 06:19:46 GMT
server: nginx
accept-ranges: bytes
etag: "3d-5fc4241e1406a"
content-length: 61
content-type: application/javascript

GET
H2 200 javascript.js Show response
momen.tofu.fit/wp-content/themes/cocoon-child-master/ 298 B
403 B 281ms
279ms Script
application/javascript 49.212.207.53
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://momen.tofu.fit/wp-content/themes/cocoon-child-master/javascript.js?ver=6.2.2&fver=20220923090933
Requested by: Host: momen.tofu.fit
URL: https://momen.tofu.fit/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 49.212.207.53 Chigasaki, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www3043.sakura.ne.jp
Software: nginx /
Resource Hash: b0bb9969a7c75f2d24e8c08cacb1856ecc281c6759da8ab8c60b43605b8c3b5b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:22 GMT
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 09:09:33 GMT
server: nginx
etag: "12a-5e954894e89e7-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 212

GET
H2 200 1683350474029-320x180.png
momen.tofu.fit/wp-content/uploads/2023/05/ 117 KB
117 KB 275ms
274ms Image
image/png 49.212.207.53
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://momen.tofu.fit/wp-content/uploads/2023/05/1683350474029-320x180.png
Requested by: Host: momen.tofu.fit
URL: https://momen.tofu.fit/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 49.212.207.53 Chigasaki, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www3043.sakura.ne.jp
Software: nginx /
Resource Hash: ea2da4aa00ab6fd2fc25ee6d3980e7ffb10f885caf38df2dce561565a521f350

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:22 GMT
last-modified: Sun, 07 May 2023 12:45:37 GMT
server: nginx
accept-ranges: bytes
etag: "1d30d-5fb19e62a05c2"
content-length: 119565
content-type: image/png

GET
H2 200 DSC_0167-320x180.png
momen.tofu.fit/wp-content/uploads/2023/05/ 88 KB
88 KB 548ms
547ms Image
image/png 49.212.207.53
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://momen.tofu.fit/wp-content/uploads/2023/05/DSC_0167-320x180.png
Requested by: Host: momen.tofu.fit
URL: https://momen.tofu.fit/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 49.212.207.53 Chigasaki, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www3043.sakura.ne.jp
Software: nginx /
Resource Hash: dec615839bd2fc44786c684ff2d80b279bf37196b0f07cd20b5216652ab81069

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:22 GMT
last-modified: Thu, 04 May 2023 15:53:59 GMT
server: nginx
accept-ranges: bytes
etag: "15ef5-5fae02e4964b6"
content-length: 89845
content-type: image/png

GET
H2 200 vvv-300x180.png
momen.tofu.fit/wp-content/uploads/2023/04/ 108 KB
108 KB 502ms
502ms Image
image/png 49.212.207.53
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://momen.tofu.fit/wp-content/uploads/2023/04/vvv-300x180.png
Requested by: Host: momen.tofu.fit
URL: https://momen.tofu.fit/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 49.212.207.53 Chigasaki, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www3043.sakura.ne.jp
Software: nginx /
Resource Hash: e108912e5dd660ddce587e49147a4c3355e740471ba32194aa78ab18c1eddbcd

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:22 GMT
last-modified: Tue, 11 Apr 2023 16:42:15 GMT
server: nginx
accept-ranges: bytes
etag: "1af5a-5f9122c87464d"
content-length: 110426
content-type: image/png

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 237 KB
81 KB 45ms
44ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WXTCPLWTR4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGHP57W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b866238e8afa54b890387ce3f783b5a8a1cac40e0251839d83c579eaa0ebc7f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83239
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 07 Jun 2023 05:21:22 GMT

GET
H2 200 AGSKWxUZXJSPykpdqTvOhG0U_Lhg3Arh4srEibuTccK6WUP4Vv_ljF-dQWZmnmcnCoAkPttH2qDIOuDuDUUbP_zkAmE= Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 84ms
82ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUZXJSPykpdqTvOhG0U_Lhg3Arh4srEibuTccK6WUP4Vv_ljF-dQWZmnmcnCoAkPttH2qDIOuDuDUUbP_zkAmE=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg2MTE1MjgyLDI4NjAwMDAwMF0sIjhEQTI2NDFDLUQ3OTItNDI5OS1CQjU3LTZBODRCM0VBMTkzQiIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vbW9tZW4udG9mdS5maXQvIixudWxsLFtbOCwiZjB4R0owVnJYbjQiXSxbOSwiaXQiXSxbMTYsIlsxLDEsMV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.f0xGJ0VrXn4.es5.O/d=1/rs=AJlcJMz5JG0In2EpB3hYVQEPjgvSD0ElTg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1146162f2a10d80de0984b174ea81e9c33ff85ce6e979758511dedcc23cf584a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-2GLgjU296olLStip-Co7HA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-2GLgjU296olLStip-Co7HA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/ 351 KB
118 KB 176ms
102ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7228184907055996&plah=momen.tofu.fit

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7228184907055996

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad13039f1eb7069fad699b7a4ecb4dd49cf4685efd8b3ea892b118e53bbfd688

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120655
x-xss-protection: 0
server: cafe
etag: 10395016805449404202
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 07 Jun 2023 05:21:22 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230601/r20190131/ Frame 0160 10 KB
5 KB 126ms
35ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230601/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7228184907055996

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://momen.tofu.fit/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 39144
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Jun 2023 18:28:58 GMT
etag: 15057649708203361565
expires: Tue, 20 Jun 2023 18:28:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 85ms
32ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WXTCPLWTR4&gtm=45je3650&_p=1458372198&cid=1646744520.1686115282&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1686115282&sct=1&seg=0&dl=https%3A%2F%2Fmomen.tofu.fit%2F&dt=%E8%B1%86%E8%85%90%E3%81%AE%E8%A7%92&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WXTCPLWTR4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 05:21:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://momen.tofu.fit
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vcid Show response
dalc.valuecommerce.com/ 93 B
456 B 1644ms
244ms Script
application/javascript 54.65.90.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dalc.valuecommerce.com/vcid?_s=https%3A%2F%2Fmomen.tofu.fit%2F

Requested by

Host: vpj.valuecommerce.com
URL: https://vpj.valuecommerce.com/vcparam_pvd.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.65.90.255 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-65-90-255.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

b506f8f76bfb47bbfcbb4b89338b5c6e4345c41f33e9c65117138d9dec93fe28

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:23 GMT
x-content-type-options: nosniff
server: nginx
front-end-https: on
p3p: CP="ALL DSP COR CURa OUR BUS"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8;
cache-control: private, max-age=0, no-cache
content-length: 93

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 383 B
600 B 123ms
41ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=momen.tofu.fit&callback=_gfp_s_&client=ca-pub-7228184907055996

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7228184907055996&plah=momen.tofu.fit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05cf5455374ae4dac3d14afcda1af08c385a6d974204e33606e79adbc77e193e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.it/adsid/ 107 B
531 B 111ms
37ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.it/adsid/integrator.js?domain=momen.tofu.fit

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 108ms
34ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=momen.tofu.fit

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1CCA 254 KB
54 KB 727ms
726ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7228184907055996&output=html&adk=1812271804&adf=3025194257&lmt=1686072738&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Fmomen.tofu.fit%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686115282326&bpp=5&bdt=1162&idt=275&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7333939706129&frm=20&pv=2&ga_vid=1646744520.1686115282&ga_sid=1686115283&ga_hid=1458372198&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C44772269%2C44788441&oid=2&pvsid=2227705292742720&tmod=1865976778&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=299

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f30aaa659d9d5e3658a6bb3b1e177c7090466a4d2bd2df32364263e63dc96c93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://momen.tofu.fit/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 55199
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 05:21:23 GMT
expires: Wed, 07 Jun 2023 05:21:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2E9E 96 KB
34 KB 857ms
857ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7228184907055996&output=html&h=280&slotname=6078613337&adk=1703001207&adf=1202215118&pi=t.ma~as.6078613337&w=336&fwrn=4&fwrnh=100&lmt=1686072738&rafmt=1&format=336x280&url=https%3A%2F%2Fmomen.tofu.fit%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686115282331&bpp=3&bdt=1167&idt=300&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7333939706129&frm=20&pv=1&ga_vid=1646744520.1686115282&ga_sid=1686115283&ga_hid=1458372198&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C44772269%2C44788441&oid=2&pvsid=2227705292742720&tmod=1865976778&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bb3YolyC3C&p=https%3A//momen.tofu.fit&dtd=306

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc4d059a1635069ff8d028f8dbc26a45283d28eb9d6a78823c44b35d77517568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://momen.tofu.fit/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34774
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 05:21:23 GMT
expires: Wed, 07 Jun 2023 05:21:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D1AD 95 KB
34 KB 387ms
387ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7228184907055996&output=html&h=280&slotname=6533706617&adk=3655802702&adf=3568310119&pi=t.ma~as.6533706617&w=336&fwrn=4&fwrnh=100&lmt=1686072738&rafmt=1&format=336x280&url=https%3A%2F%2Fmomen.tofu.fit%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686115282429&bpp=1&bdt=1266&idt=222&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=7333939706129&frm=20&pv=1&ga_vid=1646744520.1686115282&ga_sid=1686115283&ga_hid=1458372198&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=2440&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C44772269%2C44788441&oid=2&pvsid=2227705292742720&tmod=1865976778&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=wyD2oQ3B0H&p=https%3A//momen.tofu.fit&dtd=226

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c65085463ea0bc4267a3299ca0e61dc2145eab11169dae0cbe20d7e75d0fb4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://momen.tofu.fit/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34547
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 05:21:23 GMT
expires: Wed, 07 Jun 2023 05:21:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame D1AD 14 KB
2 KB 94ms
35ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7228184907055996&output=html&h=280&slotname=6533706617&adk=3655802702&adf=3568310119&pi=t.ma~as.6533706617&w=336&fwrn=4&fwrnh=100&lmt=1686072738&rafmt=1&format=336x280&url=https%3A%2F%2Fmomen.tofu.fit%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686115282429&bpp=1&bdt=1266&idt=222&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=7333939706129&frm=20&pv=1&ga_vid=1646744520.1686115282&ga_sid=1686115283&ga_hid=1458372198&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=2440&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C44772269%2C44788441&oid=2&pvsid=2227705292742720&tmod=1865976778&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=wyD2oQ3B0H&p=https%3A//momen.tofu.fit&dtd=226

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Jun 2023 05:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 04:58:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Jun 2023 05:21:23 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/ Frame D1AD 2 KB
972 B 303ms
228ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:05:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 05:05:43 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D1AD 0
0 70ms
70ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C8yHE0hOAZPq8Kp7L1fAPtL6xqA27iaWpb_jipoaPEfCZnbf0ChABIO2M3RJg_YKRhOgRoAHy97qZKMgBAakCa5nSKhz-sT6oAwHIA8sEqgT8AU_QtNCKba8D4KiBCpKvu7dpERXMslxE36DfUMISajZx8tsSLBIznoiNqE6I92MAuEgMDdUB_qyOxnwvhdDK9w3DAcDU35fUdwcEuw4G4D5VE9Q4QbR2k-YKcKZiaumlrwpSw_pbT9Rc4TdEm9eXqC40EgoWUKtbbX770H2qjN3LTrc4u_B_Pd9wmZAvW3dDrZd4kXSawi2sVzFzR7RhdBr00VJLQ5oLlYaUhXFFOebycJIB7IHA9s6xJNmZZ_LZtY7JWmWv8LplsmaLcdVHGhnKpu8LYrv2S3lMJb9UVwXfoNFKSTLsaSzdCnBg8UOFFYIiZq4cgznUo0o-08AE-biV7_sDkgUECAQYAZIFBAgFGASgBi6AB_Kvi_kCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ3toB0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTCtAVAYAXAbIXHAoaCAASFHB1Yi03MjI4MTg0OTA3MDU1OTk2GAA&sigh=yng-5GAtcss&uach_m=[UACH]&cid=CAQSGwBygQiDSY-7EkTGI7cKsqEJZ2kBW4H4U4jQIBgB&template_id=5021

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7228184907055996&output=html&h=280&slotname=6533706617&adk=3655802702&adf=3568310119&pi=t.ma~as.6533706617&w=336&fwrn=4&fwrnh=100&lmt=1686072738&rafmt=1&format=336x280&url=https%3A%2F%2Fmomen.tofu.fit%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686115282429&bpp=1&bdt=1266&idt=222&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=7333939706129&frm=20&pv=1&ga_vid=1646744520.1686115282&ga_sid=1686115283&ga_hid=1458372198&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=2440&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C44772269%2C44788441&oid=2&pvsid=2227705292742720&tmod=1865976778&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=wyD2oQ3B0H&p=https%3A//momen.tofu.fit&dtd=226
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 07 Jun 2023 05:21:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 07 Jun 2023 05:21:23 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/6323950214526364778/ Frame D1AD 2 KB
2 KB 302ms
234ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6323950214526364778/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0a566320d88f842ad7c4c521464cd2a460366bb2bd12bb819540ba9dc441047

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 05:51:49 GMT
x-content-type-options: nosniff
age: 257374
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2175
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 15:52:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 03 Jun 2024 05:51:49 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/5594786552434803822/ Frame D1AD 13 KB
13 KB 306ms
239ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5594786552434803822/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1a6ed36e244a80342ee9f18d1dc120eb58adcdf730cbd18fd962f195086e209

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 06:24:53 GMT
x-content-type-options: nosniff
age: 255390
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13221
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 15:52:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 03 Jun 2024 06:24:53 GMT

GET
DATA 200
OK truncated
/ Frame D1AD 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b83370488f38f5f46819790bb00826c31ddc782b16c545b8028a89e629d4a4b

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D1AD 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/ Frame D1AD 22 KB
9 KB 290ms
230ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f7c9dd864d72d258d50918e941413675eb7db0e7b6418e8a3b072e2c386885a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 04:57:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8791
x-xss-protection: 0
server: cafe
etag: 14754480374493709716
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 04:57:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/ Frame D1AD 3 KB
1 KB 293ms
233ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 04:51:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1805
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 04:51:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/ Frame D1AD 19 KB
8 KB 285ms
225ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6803cee2f4dc388c4b4b7919a46731c73ac178a7f1f1e8c561bc7b10419edfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 04:58:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1387
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7969
x-xss-protection: 0
server: cafe
etag: 12322974680428514663
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 04:58:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D1AD 173 KB
55 KB 309ms
230ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55245
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685965250302189"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 05:21:23 GMT

GET
H2 200 a0f85236eb26cc0778ab5a91ae2d3422.js Show response
www.gstatic.com/mysidia/ Frame D1AD 32 KB
14 KB 281ms
222ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0f85236eb26cc0778ab5a91ae2d3422.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ddeb39a928825cfb11fbd72a2c5a5fabf18add9b6208e4bee826e7bcfd9c2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 12:05:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13674
x-xss-protection: 0
last-modified: Wed, 31 May 2023 20:13:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 12:05:32 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/ 152 KB
52 KB 97ms
96ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7953a1c7bf47abfd18374b1ce5d22ceb75374fd46282fba9b5bfd9d962ce771e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52779
x-xss-protection: 0
server: cafe
etag: 13793283155311926815
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Jun 2023 05:21:23 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 70ms
70ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=8%2C1&c=ca-pub-7228184907055996&eid=44759927%2C44759837%2C44759876%2C44772269%2C44788441

Requested by

Host: momen.tofu.fit
URL: https://momen.tofu.fit/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 05:21:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 70ms
70ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=3844884559447945&num=0&dvc=0&eid=44759927%2C44759837%2C44759876%2C44772269%2C44788441

Requested by

Host: momen.tofu.fit
URL: https://momen.tofu.fit/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 05:21:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.it/adsid/ 107 B
165 B 39ms
37ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.it/adsid/integrator.js?domain=momen.tofu.fit

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 39ms
37ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=momen.tofu.fit

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 550F 23 KB
11 KB 455ms
455ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7228184907055996&output=html&h=280&adk=3432959759&adf=2581218329&pi=t.aa~a.2671591709~rp.4&w=336&fwrn=4&fwrnh=100&lmt=1686072738&rafmt=1&to=qs&pwprc=8410908443&format=336x280&url=https%3A%2F%2Fmomen.tofu.fit%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686115283440&bpp=2&bdt=2276&idt=2&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D122eabd051d4239e-22598b5107de00c0%3AT%3D1686115282%3ART%3D1686115282%3AS%3DALNI_MbPY-C57Cv0ISc7KCjiWZMfMMtqog&gpic=UID%3D00000c44f299b23c%3AT%3D1686115282%3ART%3D1686115282%3AS%3DALNI_Mb3eNoaX_gLDpfXPikO3y7zvovwsA&prev_fmts=0x0%2C336x280%2C336x280&nras=2&correlator=7333939706129&frm=20&pv=1&ga_vid=1646744520.1686115282&ga_sid=1686115283&ga_hid=1458372198&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C44772269%2C44788441&oid=2&pvsid=2227705292742720&tmod=1865976778&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=W3BB1rScry&p=https%3A//momen.tofu.fit&dtd=22

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5395c4125ab919ab7bf4c8500d8d7357df1dbbfbbd2acef81fd0cf09f884abdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://momen.tofu.fit/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 10793
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 05:21:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 71ms
70ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=2169031150526859&num=0&dvc=0&eid=44759927%2C44759837%2C44759876%2C44772269%2C44788441

Requested by

Host: momen.tofu.fit
URL: https://momen.tofu.fit/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 05:21:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 71ms
71ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=1&wpc=ca-pub-7228184907055996&warn=13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=true&reatf=true&a=6%2C1%2C5%2C7&apv=20230605_103457&sat=1686051891670&afm=0&as_count=2&d_count=0&ng_count=0&am_count=1&atf_count=1&mdns=0.177&alldns=0.265&allp=28&fd=(0%2C15%2C1)%2C(1%2C5%2C1)%2C(2%2C0%2C0)&pgh=3171&abl=false&rr=n&su=momen.tofu.fit&pvc=2227705292742720&r=0.1&eid=44759927%2C44759837%2C44759876%2C44772269%2C44788441

Requested by

Host: momen.tofu.fit
URL: https://momen.tofu.fit/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 05:21:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 40ms
40ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=9.591137326591515

Requested by

Host: momen.tofu.fit
URL: https://momen.tofu.fit/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-bdNVqhkkMs7vHih185LFqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:23 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-bdNVqhkkMs7vHih185LFqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 81ms
81ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=9.992193412972457

Requested by

Host: momen.tofu.fit
URL: https://momen.tofu.fit/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-zdzQvl3-7EQF4mVw_v_cWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:23 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-zdzQvl3-7EQF4mVw_v_cWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2E9E 4 KB
728 B 35ms
34ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7228184907055996&output=html&h=280&slotname=6078613337&adk=1703001207&adf=1202215118&pi=t.ma~as.6078613337&w=336&fwrn=4&fwrnh=100&lmt=1686072738&rafmt=1&format=336x280&url=https%3A%2F%2Fmomen.tofu.fit%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686115282331&bpp=3&bdt=1167&idt=300&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7333939706129&frm=20&pv=1&ga_vid=1646744520.1686115282&ga_sid=1686115283&ga_hid=1458372198&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C44772269%2C44788441&oid=2&pvsid=2227705292742720&tmod=1865976778&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bb3YolyC3C&p=https%3A//momen.tofu.fit&dtd=306

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Jun 2023 05:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 05:04:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Jun 2023 05:21:23 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/ Frame 2E9E 2 KB
926 B 30ms
28ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7228184907055996&output=html&h=280&slotname=6078613337&adk=1703001207&adf=1202215118&pi=t.ma~as.6078613337&w=336&fwrn=4&fwrnh=100&lmt=1686072738&rafmt=1&format=336x280&url=https%3A%2F%2Fmomen.tofu.fit%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686115282331&bpp=3&bdt=1167&idt=300&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7333939706129&frm=20&pv=1&ga_vid=1646744520.1686115282&ga_sid=1686115283&ga_hid=1458372198&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C44772269%2C44788441&oid=2&pvsid=2227705292742720&tmod=1865976778&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bb3YolyC3C&p=https%3A//momen.tofu.fit&dtd=306

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:05:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 05:05:43 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/ Frame 2E9E 22 KB
9 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7228184907055996&output=html&h=280&slotname=6078613337&adk=1703001207&adf=1202215118&pi=t.ma~as.6078613337&w=336&fwrn=4&fwrnh=100&lmt=1686072738&rafmt=1&format=336x280&url=https%3A%2F%2Fmomen.tofu.fit%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686115282331&bpp=3&bdt=1167&idt=300&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7333939706129&frm=20&pv=1&ga_vid=1646744520.1686115282&ga_sid=1686115283&ga_hid=1458372198&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C44772269%2C44788441&oid=2&pvsid=2227705292742720&tmod=1865976778&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bb3YolyC3C&p=https%3A//momen.tofu.fit&dtd=306

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f7c9dd864d72d258d50918e941413675eb7db0e7b6418e8a3b072e2c386885a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 04:57:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8791
x-xss-protection: 0
server: cafe
etag: 14754480374493709716
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 04:57:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/ Frame 2E9E 3 KB
1 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7228184907055996&output=html&h=280&slotname=6078613337&adk=1703001207&adf=1202215118&pi=t.ma~as.6078613337&w=336&fwrn=4&fwrnh=100&lmt=1686072738&rafmt=1&format=336x280&url=https%3A%2F%2Fmomen.tofu.fit%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686115282331&bpp=3&bdt=1167&idt=300&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7333939706129&frm=20&pv=1&ga_vid=1646744520.1686115282&ga_sid=1686115283&ga_hid=1458372198&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C44772269%2C44788441&oid=2&pvsid=2227705292742720&tmod=1865976778&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bb3YolyC3C&p=https%3A//momen.tofu.fit&dtd=306

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 04:51:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1805
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 04:51:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/ Frame 2E9E 19 KB
8 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7228184907055996&output=html&h=280&slotname=6078613337&adk=1703001207&adf=1202215118&pi=t.ma~as.6078613337&w=336&fwrn=4&fwrnh=100&lmt=1686072738&rafmt=1&format=336x280&url=https%3A%2F%2Fmomen.tofu.fit%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686115282331&bpp=3&bdt=1167&idt=300&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7333939706129&frm=20&pv=1&ga_vid=1646744520.1686115282&ga_sid=1686115283&ga_hid=1458372198&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C44772269%2C44788441&oid=2&pvsid=2227705292742720&tmod=1865976778&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bb3YolyC3C&p=https%3A//momen.tofu.fit&dtd=306

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6803cee2f4dc388c4b4b7919a46731c73ac178a7f1f1e8c561bc7b10419edfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 04:58:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1387
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7969
x-xss-protection: 0
server: cafe
etag: 12322974680428514663
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 04:58:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2E9E 173 KB
54 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7228184907055996&output=html&h=280&slotname=6078613337&adk=1703001207&adf=1202215118&pi=t.ma~as.6078613337&w=336&fwrn=4&fwrnh=100&lmt=1686072738&rafmt=1&format=336x280&url=https%3A%2F%2Fmomen.tofu.fit%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686115282331&bpp=3&bdt=1167&idt=300&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7333939706129&frm=20&pv=1&ga_vid=1646744520.1686115282&ga_sid=1686115283&ga_hid=1458372198&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C44772269%2C44788441&oid=2&pvsid=2227705292742720&tmod=1865976778&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bb3YolyC3C&p=https%3A//momen.tofu.fit&dtd=306

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55245
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685965250302189"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 05:21:23 GMT

GET
H2 200 a0f85236eb26cc0778ab5a91ae2d3422.js Show response
www.gstatic.com/mysidia/ Frame 2E9E 32 KB
13 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0f85236eb26cc0778ab5a91ae2d3422.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7228184907055996&output=html&h=280&slotname=6078613337&adk=1703001207&adf=1202215118&pi=t.ma~as.6078613337&w=336&fwrn=4&fwrnh=100&lmt=1686072738&rafmt=1&format=336x280&url=https%3A%2F%2Fmomen.tofu.fit%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686115282331&bpp=3&bdt=1167&idt=300&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7333939706129&frm=20&pv=1&ga_vid=1646744520.1686115282&ga_sid=1686115283&ga_hid=1458372198&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C44772269%2C44788441&oid=2&pvsid=2227705292742720&tmod=1865976778&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bb3YolyC3C&p=https%3A//momen.tofu.fit&dtd=306

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ddeb39a928825cfb11fbd72a2c5a5fabf18add9b6208e4bee826e7bcfd9c2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 12:05:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13674
x-xss-protection: 0
last-modified: Wed, 31 May 2023 20:13:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 12:05:32 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2E9E 0
0 71ms
71ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdxGI0hOAZMmdKafL1fAPprOV4An38tqmbaT9ouvMENCg1vesARABIO2M3RJg_YKRhOgRoAGOgvrHA8gBCakCa5nSKhz-sT6oAwHIA8sEqgT7AU_QqEM8wDMMNe_3s5BRTwGIhI-g7BEb1nRdy9MzG7odgeaxYs2WEqJHoj_lYxEvjU-02WLH8zyqSa1DO_0w1JoLGuAAymaYrnTSCBvWMZdk6zCctqpKeVXWVbeImYqBJYjKI7J7nZkVMYpiwFyLqqIEEGq4KXjasIMBs2WKsJvn05FszfKsVfHu3krAdrQ6ZebO3USCVEIXWIG6Z2UKKJdkvfEXMtzggbEMr2mPFsI7W5DSlFrM5kBsya6pjfUbn1vrrbdkboJ4wWkZHcEyOqAPDOLscgPSfC9P4l1_q83fU22e30N2euCXgrnUXofIOMv-2LQpaK-e0cQ6wASDrPCA9gGSBQQIBBgBkgUECAUYBKAGLoAH2v2FOKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKa4DNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNzIyODE4NDkwNzA1NTk5NhgA&sigh=44f-CP3M9-E&uach_m=[UACH]&cid=CAQSGwBygQiDqvdx2E-Ud_zya1qMC1n7Ad0-KQv4QRgB&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7228184907055996&output=html&h=280&slotname=6078613337&adk=1703001207&adf=1202215118&pi=t.ma~as.6078613337&w=336&fwrn=4&fwrnh=100&lmt=1686072738&rafmt=1&format=336x280&url=https%3A%2F%2Fmomen.tofu.fit%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686115282331&bpp=3&bdt=1167&idt=300&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7333939706129&frm=20&pv=1&ga_vid=1646744520.1686115282&ga_sid=1686115283&ga_hid=1458372198&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C44772269%2C44788441&oid=2&pvsid=2227705292742720&tmod=1865976778&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bb3YolyC3C&p=https%3A//momen.tofu.fit&dtd=306

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7228184907055996&output=html&h=280&slotname=6078613337&adk=1703001207&adf=1202215118&pi=t.ma~as.6078613337&w=336&fwrn=4&fwrnh=100&lmt=1686072738&rafmt=1&format=336x280&url=https%3A%2F%2Fmomen.tofu.fit%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686115282331&bpp=3&bdt=1167&idt=300&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7333939706129&frm=20&pv=1&ga_vid=1646744520.1686115282&ga_sid=1686115283&ga_hid=1458372198&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C44772269%2C44788441&oid=2&pvsid=2227705292742720&tmod=1865976778&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bb3YolyC3C&p=https%3A//momen.tofu.fit&dtd=306
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 07 Jun 2023 05:21:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D1AD 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19b9347484f1dd210556d500e9291f9bc1d658c25192ce8dc349b751c7f91f71

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 3514131790483889263
tpc.googlesyndication.com/simgad/8912763047840022795/ Frame 2E9E 6 KB
6 KB 87ms
85ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8912763047840022795/3514131790483889263?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7228184907055996&output=html&h=280&slotname=6078613337&adk=1703001207&adf=1202215118&pi=t.ma~as.6078613337&w=336&fwrn=4&fwrnh=100&lmt=1686072738&rafmt=1&format=336x280&url=https%3A%2F%2Fmomen.tofu.fit%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686115282331&bpp=3&bdt=1167&idt=300&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7333939706129&frm=20&pv=1&ga_vid=1646744520.1686115282&ga_sid=1686115283&ga_hid=1458372198&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C44772269%2C44788441&oid=2&pvsid=2227705292742720&tmod=1865976778&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bb3YolyC3C&p=https%3A//momen.tofu.fit&dtd=306

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5d2b3f5d707efa01a5ebd71c0baabf61f8e0207ff92f26412a5a14db04c8593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:23 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6042
x-xss-protection: 0
last-modified: Wed, 31 May 2023 14:18:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 06 Jun 2024 05:21:23 GMT

GET
DATA 200
OK truncated
/ Frame 2E9E 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame D1AD 33 KB
34 KB 95ms
32ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 36726
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jun 2024 19:09:17 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 69ms
69ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=8%2C1&c=ca-pub-7228184907055996&eid=44759927%2C44759837%2C44759876%2C44772269%2C44788441

Requested by

Host: momen.tofu.fit
URL: https://momen.tofu.fit/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 05:21:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.it/adsid/ 107 B
122 B 46ms
46ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.it/adsid/integrator.js?domain=momen.tofu.fit

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 35ms
35ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=momen.tofu.fit

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230601/r20110914/ Frame C66F 10 KB
4 KB 29ms
27ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230601/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://momen.tofu.fit/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 53139
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Jun 2023 14:35:44 GMT
etag: 15057649708203361565
expires: Tue, 20 Jun 2023 14:35:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230601/r20110914/ Frame C4F7 10 KB
4 KB 29ms
28ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230601/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://momen.tofu.fit/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 53139
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Jun 2023 14:35:44 GMT
etag: 15057649708203361565
expires: Tue, 20 Jun 2023 14:35:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 AGSKWxWxZHpXHU4pBFN0YJ6yMLsckCztRuTRmrJutpQ8yULEcU43IHqpuhmjNlz5O9zSKNTQ3IC58KH9xdJ9uvgROHibMmj67_aITXSPNMa6M2JtAxd1Bu1JMvATmsq-u17EEJcrVZgygg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 98ms
43ms XHR
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWxZHpXHU4pBFN0YJ6yMLsckCztRuTRmrJutpQ8yULEcU43IHqpuhmjNlz5O9zSKNTQ3IC58KH9xdJ9uvgROHibMmj67_aITXSPNMa6M2JtAxd1Bu1JMvATmsq-u17EEJcrVZgygg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-t479PWCPksnyVr1mf6vP2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://momen.tofu.fit/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 07 Jun 2023 05:21:23 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-t479PWCPksnyVr1mf6vP2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://momen.tofu.fit
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame C66F 4 KB
671 B 37ms
37ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Jun 2023 05:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 05:02:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Jun 2023 05:21:23 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C66F 205 B
229 B 40ms
39ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 22:41:36 GMT
x-content-type-options: nosniff
age: 23987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 05 Jun 2024 22:41:36 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C66F 604 B
628 B 41ms
40ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 00:04:47 GMT
x-content-type-options: nosniff
age: 18996
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 06 Jun 2024 00:04:47 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/elements/html/ Frame C66F 20 KB
8 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6bcfc620ccfdfa75766e77449ee68a3eb6d6ac6fa6727f454558d815954318cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:15:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83131
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8278
x-xss-protection: 0
server: cafe
etag: 10257818275058520655
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Jun 2023 06:15:52 GMT

GET
H3 200 ef33bde3b6f53b5d50fc677805f1b9fa.js Show response
www.gstatic.com/mysidia/ Frame C4F7 8 KB
4 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ef33bde3b6f53b5d50fc677805f1b9fa.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d42e2b0fdb945504b8da66763e41d57d6245ab8218c6df329b56a841ffbcd7ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 20:41:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3674
x-xss-protection: 0
last-modified: Wed, 31 May 2023 20:13:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 20:41:10 GMT

GET
H3 200 0d45a8785eb2baeb4eb1c97aee3191c6.js Show response
www.gstatic.com/mysidia/ Frame C4F7 9 KB
4 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0d45a8785eb2baeb4eb1c97aee3191c6.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9308b705d2d0ac6c12ed564db32be5b6db776e14ceefd8c7f16c947e65db6b0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 02:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 357317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3912
x-xss-protection: 0
last-modified: Wed, 31 May 2023 20:13:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 01 Sep 2023 02:06:06 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C4F7 14 KB
1 KB 41ms
40ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Jun 2023 05:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 05:04:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Jun 2023 05:21:23 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/ Frame C4F7 2 KB
892 B 26ms
25ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:05:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 05:05:43 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/ Frame C4F7 22 KB
9 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f7c9dd864d72d258d50918e941413675eb7db0e7b6418e8a3b072e2c386885a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 04:57:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8791
x-xss-protection: 0
server: cafe
etag: 14754480374493709716
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 04:57:47 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/ Frame C4F7 3 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 04:51:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1805
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 04:51:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/ Frame C4F7 19 KB
8 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6803cee2f4dc388c4b4b7919a46731c73ac178a7f1f1e8c561bc7b10419edfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 04:58:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1387
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7969
x-xss-protection: 0
server: cafe
etag: 12322974680428514663
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 04:58:16 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C4F7 173 KB
54 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55245
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685965250302189"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 05:21:23 GMT

GET
H3 200 a0f85236eb26cc0778ab5a91ae2d3422.js Show response
www.gstatic.com/mysidia/ Frame C4F7 32 KB
13 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0f85236eb26cc0778ab5a91ae2d3422.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ddeb39a928825cfb11fbd72a2c5a5fabf18add9b6208e4bee826e7bcfd9c2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 12:05:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13674
x-xss-protection: 0
last-modified: Wed, 31 May 2023 20:13:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 12:05:32 GMT

GET
DATA 200
OK truncated
/ Frame 2E9E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59384e6ba0f5c00e2c1519e13b5ef7d63832ad7c50a34ef520a449160f780184

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 EHMIEcXmxjhpa6ysVw94xheqxns9jQBWcUzwmgw4Ck0.js Show response
pagead2.googlesyndication.com/bg/ Frame 9443 38 KB
15 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EHMIEcXmxjhpa6ysVw94xheqxns9jQBWcUzwmgw4Ck0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10730811c5e6c638696bacac570f78c617aac67b3d8d0056714cf09a0c380a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:05:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36955
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jun 2024 19:05:28 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2E9E 16 KB
16 KB 32ms
32ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 19:08:02 GMT
x-content-type-options: nosniff
age: 296001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 19:08:02 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2E9E 15 KB
15 KB 37ms
36ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:30:27 GMT
x-content-type-options: nosniff
age: 352256
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 03:30:27 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 68A5 249 B
266 B 38ms
38ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400&text=%E3%81%98%E3%82%8B%E9%96%89

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0bb5af18639dfc54932f4340945c1dceeb1e5aac5933b578f2ab597f29137599

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Jun 2023 05:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 05:21:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Jun 2023 05:21:23 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 68A5 14 KB
1 KB 37ms
37ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Jun 2023 05:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 05:08:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Jun 2023 05:21:23 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/ Frame 68A5 2 KB
892 B 25ms
25ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:05:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 05:05:43 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/ Frame 68A5 22 KB
9 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f7c9dd864d72d258d50918e941413675eb7db0e7b6418e8a3b072e2c386885a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 04:57:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8791
x-xss-protection: 0
server: cafe
etag: 14754480374493709716
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 04:57:47 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B424 143 B
166 B 26ms
25ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230601/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 1770
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 04:51:53 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/ Frame 68A5 3 KB
1 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 04:51:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1805
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 04:51:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/ Frame 68A5 19 KB
8 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6803cee2f4dc388c4b4b7919a46731c73ac178a7f1f1e8c561bc7b10419edfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 04:58:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1387
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7969
x-xss-protection: 0
server: cafe
etag: 12322974680428514663
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 04:58:16 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 68A5 173 KB
54 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55245
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685965250302189"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 05:21:23 GMT

GET
H3 200 a0f85236eb26cc0778ab5a91ae2d3422.js Show response
www.gstatic.com/mysidia/ Frame 68A5 32 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0f85236eb26cc0778ab5a91ae2d3422.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ddeb39a928825cfb11fbd72a2c5a5fabf18add9b6208e4bee826e7bcfd9c2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 12:05:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13674
x-xss-protection: 0
last-modified: Wed, 31 May 2023 20:13:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 12:05:32 GMT

GET
H3 200 3514131790483889263
tpc.googlesyndication.com/simgad/6323950214526364778/ Frame C4F7 2 KB
2 KB 68ms
67ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6323950214526364778/3514131790483889263?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56bf61827b36342f5ef80ad46f9d290bd2251d3e2100576c6bfa0eac8f3bc668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:23 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2041
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 04:55:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 06 Jun 2024 05:21:23 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C4F7 0
0 69ms
69ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CvAoL0hOAZOOYKeOK-cAPvtWTiAa7iaWpb_jipoaPEfCZnbf0ChABIO2M3RJg_YKRhOgRoAHy97qZKMgBAakCa5nSKhz-sT6oAwGqBP0BT9ARRbF6bCEeIIG63VGR92EfZ8NfV1nvP2drZAS-slpKo08ldVmrItHzZY5ZSKsoqVmDTsXipVpMKxRa1-8gFVaJP1yer5Vi0t5nIbuPjnCKOvVRXacvuOCXxjqTHCClOg2FluQ_jZYKD0G1RC2X_jbBjqLBGI3CnRCRMkVcnRTBemA_GleC82h2BNrRPoX7Ka6o8pJ3RwDuNIom9vl3xcuV3OojgZBQzK4uiO6WaJ0wp0YvNUQBW5s2EbzhH9NSS1pCCt-nMWCOzyVdrFdrKF_Y22XiJFmkInem1242VE66R6A2JiJ_Mu6wOBR6agzZ6DKwNx-tyQb4oN0NlsAE-biV7_sDkgUECAQYAZIFBAgFGASAB_Kvi_kCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQpsUK0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTCtAVAYAXAbIXHAoaCAASFHB1Yi03MjI4MTg0OTA3MDU1OTk2GAA&sigh=EO6IJHBdg_Q&uach_m=[UACH]&cid=CAQSGwBygQiDmaXfrP1SQMhw3zZeba1mkosSBTX5MxgB&template_id=5001

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230601/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 07 Jun 2023 05:21:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9507 143 B
166 B 29ms
25ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230601/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 1770
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 04:51:53 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C4F7 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2d6603678aff496698fdc77cfd6f771c6d43f1bfe3862c81b68365125a708a7

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 EHMIEcXmxjhpa6ysVw94xheqxns9jQBWcUzwmgw4Ck0.js Show response
pagead2.googlesyndication.com/bg/ Frame EF92 38 KB
15 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EHMIEcXmxjhpa6ysVw94xheqxns9jQBWcUzwmgw4Ck0.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7228184907055996&output=html&h=280&slotname=6078613337&adk=1703001207&adf=1202215118&pi=t.ma~as.6078613337&w=336&fwrn=4&fwrnh=100&lmt=1686072738&rafmt=1&format=336x280&url=https%3A%2F%2Fmomen.tofu.fit%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686115282331&bpp=3&bdt=1167&idt=300&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7333939706129&frm=20&pv=1&ga_vid=1646744520.1686115282&ga_sid=1686115283&ga_hid=1458372198&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C44772269%2C44788441&oid=2&pvsid=2227705292742720&tmod=1865976778&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bb3YolyC3C&p=https%3A//momen.tofu.fit&dtd=306

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10730811c5e6c638696bacac570f78c617aac67b3d8d0056714cf09a0c380a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:05:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36955
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jun 2024 19:05:28 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 550F 42 B
63 B 70ms
65ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CSVSXJxiT1Ummguzhq-uM0JHFjQCIv5P_LgONfW974etZJ5D3twKYiB2NfhwxiUumCsP6x1q2yZ7AWMvG-ex0ratsTx9IB-qXxXknmfHd9mkfBT5s

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7228184907055996&output=html&h=280&adk=3432959759&adf=2581218329&pi=t.aa~a.2671591709~rp.4&w=336&fwrn=4&fwrnh=100&lmt=1686072738&rafmt=1&to=qs&pwprc=8410908443&format=336x280&url=https%3A%2F%2Fmomen.tofu.fit%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686115283440&bpp=2&bdt=2276&idt=2&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D122eabd051d4239e-22598b5107de00c0%3AT%3D1686115282%3ART%3D1686115282%3AS%3DALNI_MbPY-C57Cv0ISc7KCjiWZMfMMtqog&gpic=UID%3D00000c44f299b23c%3AT%3D1686115282%3ART%3D1686115282%3AS%3DALNI_Mb3eNoaX_gLDpfXPikO3y7zvovwsA&prev_fmts=0x0%2C336x280%2C336x280&nras=2&correlator=7333939706129&frm=20&pv=1&ga_vid=1646744520.1686115282&ga_sid=1686115283&ga_hid=1458372198&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C44772269%2C44788441&oid=2&pvsid=2227705292742720&tmod=1865976778&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=W3BB1rScry&p=https%3A//momen.tofu.fit&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 05:21:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 550F 0
20 B 75ms
70ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2863911554026776542&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 05:21:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 550F 78 KB
27 KB 144ms
144ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 07 Jun 2023 05:21:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/ Frame 550F 3 KB
1 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 04:51:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1806
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 04:51:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/ Frame 550F 19 KB
8 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6803cee2f4dc388c4b4b7919a46731c73ac178a7f1f1e8c561bc7b10419edfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 04:58:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1388
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7969
x-xss-protection: 0
server: cafe
etag: 12322974680428514663
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 04:58:16 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 550F 173 KB
54 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55245
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685965250302189"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 05:21:24 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CF89 624 B
245 B 66ms
65ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQu9SFAhi-_IDkATAB&v=APEucNWVO7iHCT8ZMDW-xJsNq-E_kMxSTGWKkTvk7FUQG2t1SS86D25sFRywCI4wg6xQCyOQtVrw_aGvJdZyAt3n_u_1C8VWRzZuGBLZ-ntqMPPb8wO_LuYO-Zc0Cbyb5enO9OPeiZqRwA3Qh-VU9Dirn60ZegePP-0B2y5Ofn1qhISVg2B1Pe0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7228184907055996&output=html&h=280&adk=3432959759&adf=2581218329&pi=t.aa~a.2671591709~rp.4&w=336&fwrn=4&fwrnh=100&lmt=1686072738&rafmt=1&to=qs&pwprc=8410908443&format=336x280&url=https%3A%2F%2Fmomen.tofu.fit%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686115283440&bpp=2&bdt=2276&idt=2&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D122eabd051d4239e-22598b5107de00c0%3AT%3D1686115282%3ART%3D1686115282%3AS%3DALNI_MbPY-C57Cv0ISc7KCjiWZMfMMtqog&gpic=UID%3D00000c44f299b23c%3AT%3D1686115282%3ART%3D1686115282%3AS%3DALNI_Mb3eNoaX_gLDpfXPikO3y7zvovwsA&prev_fmts=0x0%2C336x280%2C336x280&nras=2&correlator=7333939706129&frm=20&pv=1&ga_vid=1646744520.1686115282&ga_sid=1686115283&ga_hid=1458372198&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C44772269%2C44788441&oid=2&pvsid=2227705292742720&tmod=1865976778&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=W3BB1rScry&p=https%3A//momen.tofu.fit&dtd=22
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 05:21:24 GMT
expires: Wed, 07 Jun 2023 05:21:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B424
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

38ms
37ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 05:21:24 GMT
expires: Wed, 07 Jun 2023 05:21:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 05:21:24 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9507
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

64ms
63ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 05:21:24 GMT
expires: Wed, 07 Jun 2023 05:21:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 05:21:24 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CF89
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMpzYNGdu3e6GHnnuggmJds&google_cver=1

43 B
766 B

35ms
25ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMpzYNGdu3e6GHnnuggmJds&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQu9SFAhi-_IDkATAB&v=APEucNWVO7iHCT8ZMDW-xJsNq-E_kMxSTGWKkTvk7FUQG2t1SS86D25sFRywCI4wg6xQCyOQtVrw_aGvJdZyAt3n_u_1C8VWRzZuGBLZ-ntqMPPb8wO_LuYO-Zc0Cbyb5enO9OPeiZqRwA3Qh-VU9Dirn60ZegePP-0B2y5Ofn1qhISVg2B1Pe0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Jun 2023 05:21:24 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Jun 2023 05:21:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMpzYNGdu3e6GHnnuggmJds&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CF89
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZIAT1BjSgY2HlWMF.cHQ-AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMpzYNGdu3e6GHnnuggmJds&google_cver=1&google_hm=2

43 B
766 B

27ms
26ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMpzYNGdu3e6GHnnuggmJds&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQu9SFAhi-_IDkATAB&v=APEucNWVO7iHCT8ZMDW-xJsNq-E_kMxSTGWKkTvk7FUQG2t1SS86D25sFRywCI4wg6xQCyOQtVrw_aGvJdZyAt3n_u_1C8VWRzZuGBLZ-ntqMPPb8wO_LuYO-Zc0Cbyb5enO9OPeiZqRwA3Qh-VU9Dirn60ZegePP-0B2y5Ofn1qhISVg2B1Pe0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Jun 2023 05:21:24 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Jun 2023 05:21:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMpzYNGdu3e6GHnnuggmJds&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame CF89
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIVq0KdsWzUclybOc710iko&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIVq0KdsWzUclybOc710iko%26google_cver%3D1

43 B
1 KB

61ms
36ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIVq0KdsWzUclybOc710iko%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQu9SFAhi-_IDkATAB&v=APEucNWVO7iHCT8ZMDW-xJsNq-E_kMxSTGWKkTvk7FUQG2t1SS86D25sFRywCI4wg6xQCyOQtVrw_aGvJdZyAt3n_u_1C8VWRzZuGBLZ-ntqMPPb8wO_LuYO-Zc0Cbyb5enO9OPeiZqRwA3Qh-VU9Dirn60ZegePP-0B2y5Ofn1qhISVg2B1Pe0

Protocol

HTTP/1.1

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Jun 2023 05:21:24 GMT
AN-X-Request-Uuid: c5ede6e5-a1e3-4d9b-9ac7-dcbbc8fdbb2f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 192.145.127.213; 192.145.127.213; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 07 Jun 2023 05:21:24 GMT
AN-X-Request-Uuid: e658fe69-ef11-4bf8-8627-e50c5f0ffacd
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIVq0KdsWzUclybOc710iko%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 192.145.127.213; 192.145.127.213; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CF89
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA1NDEwMzg0MzUwMzUwNDQzMw%3D%3D

170 B
188 B

42ms
41ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA1NDEwMzg0MzUwMzUwNDQzMw%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 05:21:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 07 Jun 2023 05:21:24 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 192.145.127.213; 192.145.127.213; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f2622509-46bf-4fa9-9fda-49ef43f048f0
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA1NDEwMzg0MzUwMzUwNDQzMw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 550F 0
20 B 71ms
70ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=469251284279&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 05:21:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 550F 0
20 B 70ms
69ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=469251284279&version=m202301230201&ct=76&x=1&cor=2863911554026776600

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 05:21:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 550F 92 KB
37 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BeKhTP5QUsqxMgaZpeF0Bk0kCpg_6OyHAK-AruzCsUx_brU7HoufsBI1sBsfQPNzAyOo6GUJ0496A90S8PRUmcBSghEL_uZY-wNcxh6lOXhTv8EFs&cry=1&dbm_d=AKAmf-CcQreP3_h5yjrFhq3Ga6MCn-w5TY7DvEV6-zLt0Zm9MENxxTkTkr4IINMSRwLshxV7loCsxqU5A8r0npomQUWa8CXUS7sXR_yW6MMcbcurFfvRD0Us5P9C4u5_Vo2t72f4YUTVF06q6f5_LDPyUVY2eJvOmSyy_5zLZCCvUqn-FCj55wKTgb9VPRxNiPYily04ArAfr_1Vk0K3pCu3ZmDm6Ym84pNux-0FujokomVKzKo62tbQ8sXmTGlSYyphypqTAJRL8MTtyY7PJObh4tdiSoBpj3sH2cbBVgS3WvIBy24jqRaqB5WpMjhxiFTgeB65kblC7WEwHimwInEByMhteNb-9pI9l6l11oOM-VDdIS8GfYdN68YV7mikGvO8m0je1SX825C71pnihTQ9AlIejsPissukhLu-HApzEXTEYZQkdAyC2KglN5WfSdZ5O9b4nFGwu4sL2t49nKVOcvmEMPoLN6c2zuLlWueBgBPL6L1_585Q9pjWfLBm6fkJNmXTj0tlMZYEOsX3Lf7k5cXCrR46_1025k__fuyAZbCWxREY4TgnVQLlJ3z45TBXuw1vrCGc8uVDtu4MTIhKSojiYJY60BCuTRxkJyy-uCrWhe1yjPXZ2_lTWvCqIQHrSSU2cdLyu8jWvWI38rh1F83_iLeRNiC8De4uxPDnOMdmVjP-zgUH3qTh04xWOUTaJexPjCOuPziwGwPxj4TGB-jrxJvJ5CW-Idf8s8B1ICNcs7hSJ2kMPaMpCqqaM16n6EkGFqJ_HZ67_WdcisPrP7XqphXz2cAyMeYoknDBIbCLtDJz3auhlReDRPp1mx_QXxFtQyl5WTapW8a0HGcA0c_RN-VWwS3C5URkgx_8A-HbvfkREnKi_CJtpBxnqdZFf4op_Uj17dUIdqt5yp_PKFcdxz9LiuAFsHAmjK5K929YxpisYtrGPshjheJw3CV_c7Ufc3GHIl4r3JTiHdq3GsYx-AtoEmBgxB9ozTlpfVI_OHW0gV0RzbZ72a4eK885iMWUS-EEAZESqaPE_z21aPR7gxn-MzKV7J3mpx2sv7WcsnXFW9o76IGu5b0i60G7YjzfzTWuiJ4A3MqpOuIVaq2mFuwTv_KXfZD69ZQ1IDSqTj50o6Xl8-GdEVJg_Yer_0x8l63PF4chFo6jGG2-pB4j6ZHL8BHNZB7M8NsEO-NeSL53Jyjt4SGQS3X9qzsmTcgzskAhi8agCzt6EAWjT-wj7-6ToykR3m3rMMVIEK95BjN5ybs0mCbkg6UtBbLlqX_IrEpe6oOlTHu_L3Wq7Hm7iH5YYP5Pglfb2Of7AgeQv4zU8F2abFbAmmI4pB2_F6n1MaD6oYnMw0vHBs0CmfpOKaCI4NmJEqOHXoaiI9XKdlweNM-Tw0Vc5HWC8AiM9P4xtAIbH5n0nzKhe8s9kfwW0vWL3dQ_JwHIMnbvymZYaY_quruGQRplPjBkUD6E5OxD1Y1h_ZejxGthDfFtT2NITlOwmx2OuJTQYxsgSuYgQ1l0wkN6F9G6NDXM11yEUtmffoJwajufH5w7kJfBCudHmva1b6zVtsf_Q2Q0KBCbR4bbJKEu12hEXwWvDoKeepvZtRhsphCarnZ9bmbee5Cuyoi5enezuRCxwJUd0JrJC-NGvajAsmTgjUe9jHWUjyEekdcF3Zqa2hRIA_zCtCS_MjWM_ktPsS-pi8jUDYPdEznKHVMkrriLKvrmkSu44rlahxLvNW86AwPb_lIZmSPoUhVJSYQG1IWmL2CSzjxqDQucs1aXOQuBclaRUMnAKNbdWB-syVpr9D89rrpyw0DPAuSDzn0cPFNc9YhmBGbryKLx9BnK9dh4LTnQYllx6fq51YgceJCRyauA2HeAEnNJ6xgeFqUkmWqF_-EnT19zQK-b-lBZm-mtzPkX4sDeSwaqEikwEmKw2tIwurwOaTSSz6CHkVZvo7GZILomRhnYN7byNZI1tMtUASsHc_FggHUSyllHTByppH17aHUWSfNjKKrwudDuITsoMThvfbg135ua1DVeHy4DDQvw2wbkzpifYm5mtyGWorAz3h5L_0W28fyan9Fqem8KiH1TPhluclABYD10S5dXGKHyDx2yYsoEnFE1Y05AvC9MYC0WbH8lJZReoyTrplgERQQJ6OyEFXpIO1muoGexAF7pUcS2KrmQxO-sl0yMb-gugdoDpeNzwV20nlfCd6Ye3R_rPntIpHLr_bGwKfTd8RFYpptCkq5P7UVn2QvyJSxNcWtTFfw0HOZmCzY4Waswgrzio4Ql4_s0fS6AI6rcuit_KhSdZCJPt3pb6SSCs6pjE0T3-4VK2MVOxDeSDQJMGwn60U5yMvyhEeCpxr3KxCpQIwyXTuSCxZI2WjXw-bP8BcDSK1njwW_TSfvfIPdGRlddPZsIT9x-FIRHj_JTbj01_NgksbB48VIIfJwMn9nM9wo-uCmqm3Ya_t1m3C9mW-cJn4zwE6uRz2zk1AbGvkWhik6aguYJuDoqIZjBEpMWM5nMNyZzAXaCioENtasrvPRQg-C6R4cc9njUhGatG_iLC5tkVtuxp4u2LSsAbUJWXo1S4-g4hSJJkGjp1nwn5pwW8SOpU1Ea6yVlWnjL_Mr-H30-i_Rhs209QEVaJNaIEoFEruIj09z9CmderHHZPwGh_GXfY1AQdbJ6Yz-EhNwx3VygRToCzoy4WUIzPuKdg-TLt-ZVDLFmSb-Msesg0rcKWl9chnXGnZiQ6vQJPsb2WPop44KoPiEasi7mjzAMNLtj8MlC8Mp-9Nn8N4Bfrf4GCg_KXzhmxE4bgTABsMj-R5vgBhGVr09K-nnzrB7Qzm3cA9ox8NSrrNhOs9tJg8bCOBd6ptmBqWhB75iYqaiWGbdMNBMgm5wqW4FYtvLGA-hHeX6_hFqyb_gMmZKeZP9XQivmc7uwDdBk0Pchsi2_XMznqJwPEVyhBFICZDOvej7AK9l-86zTK-NhVI7zsPNMvFGaGn_QaermCEp6zLiKytLc2vL9_dTmd5yTSU3HoUW1FGgFQ4pqQao2USh34UwLEk88ULiwzYyXHzl5kXxZPH74nwRWSnOI6ijF09DwcCaCiolHDrQOa4lPBCeG9a681IvAX1GcyFXtLZjtUGWKqbIoglWRl4IBVXJwrnLsWFhkEhz48Wu2y3tVIGaf2Ibn2JycBAk9y3ZsYDbYUSP1QmwJnrFpMi-q13xA-R53B53ajhAuhQsbOFliYiB899SZ2rZe-qVuWFBa4Cw-ZkORUaIunre6Wp6RgQLlaztVDy6mJZM2nfOfYwo5aOJLjgbx1QOEHhBV55pbZt4rnhvU2HHwKU3ShpqAq36bhmZfc0pXu_yJnW62hL9kXKUCO_h06GooZmxfhLvST3gVEiRUW5EYHeiFPpbfWTSMoppm5ZZBQYXJkkBvlJqfQ_ip2yGxx9JlU2OozGm8ubaY_HWU8RTZaIHxDmjMqZrbOT50eVf673zZe1KbFQ&cid=CAQSOwBygQiDGNZPKMlsqX3Ac4zf1isKKwxjzWkJH2fF--PbD2Um11IoCq9jg63kFMXXxFfBUwVdPNlNAiY5GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fmomen.tofu.fit%2F&ds=l&xdt=1&iif=1&cor=2863911554026776600&adk=2857193498&idt=167&cac=0&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88f583ee58b9bff1c37eca6691a3a51d19563ea7824d06d62dfcc6a81b189b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7228184907055996&output=html&h=280&adk=3432959759&adf=2581218329&pi=t.aa~a.2671591709~rp.4&w=336&fwrn=4&fwrnh=100&lmt=1686072738&rafmt=1&to=qs&pwprc=8410908443&format=336x280&url=https%3A%2F%2Fmomen.tofu.fit%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686115283440&bpp=2&bdt=2276&idt=2&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D122eabd051d4239e-22598b5107de00c0%3AT%3D1686115282%3ART%3D1686115282%3AS%3DALNI_MbPY-C57Cv0ISc7KCjiWZMfMMtqog&gpic=UID%3D00000c44f299b23c%3AT%3D1686115282%3ART%3D1686115282%3AS%3DALNI_Mb3eNoaX_gLDpfXPikO3y7zvovwsA&prev_fmts=0x0%2C336x280%2C336x280&nras=2&correlator=7333939706129&frm=20&pv=1&ga_vid=1646744520.1686115282&ga_sid=1686115283&ga_hid=1458372198&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C44772269%2C44788441&oid=2&pvsid=2227705292742720&tmod=1865976778&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=W3BB1rScry&p=https%3A//momen.tofu.fit&dtd=22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 05:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37790
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 550F 170 KB
59 KB 139ms
35ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: momen.tofu.fit
URL: https://momen.tofu.fit/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 07:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79358
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Jun 2023 07:18:46 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230601/r20110914/elements/html/ Frame 550F 11 KB
4 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230601/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BeKhTP5QUsqxMgaZpeF0Bk0kCpg_6OyHAK-AruzCsUx_brU7HoufsBI1sBsfQPNzAyOo6GUJ0496A90S8PRUmcBSghEL_uZY-wNcxh6lOXhTv8EFs&cry=1&dbm_d=AKAmf-CcQreP3_h5yjrFhq3Ga6MCn-w5TY7DvEV6-zLt0Zm9MENxxTkTkr4IINMSRwLshxV7loCsxqU5A8r0npomQUWa8CXUS7sXR_yW6MMcbcurFfvRD0Us5P9C4u5_Vo2t72f4YUTVF06q6f5_LDPyUVY2eJvOmSyy_5zLZCCvUqn-FCj55wKTgb9VPRxNiPYily04ArAfr_1Vk0K3pCu3ZmDm6Ym84pNux-0FujokomVKzKo62tbQ8sXmTGlSYyphypqTAJRL8MTtyY7PJObh4tdiSoBpj3sH2cbBVgS3WvIBy24jqRaqB5WpMjhxiFTgeB65kblC7WEwHimwInEByMhteNb-9pI9l6l11oOM-VDdIS8GfYdN68YV7mikGvO8m0je1SX825C71pnihTQ9AlIejsPissukhLu-HApzEXTEYZQkdAyC2KglN5WfSdZ5O9b4nFGwu4sL2t49nKVOcvmEMPoLN6c2zuLlWueBgBPL6L1_585Q9pjWfLBm6fkJNmXTj0tlMZYEOsX3Lf7k5cXCrR46_1025k__fuyAZbCWxREY4TgnVQLlJ3z45TBXuw1vrCGc8uVDtu4MTIhKSojiYJY60BCuTRxkJyy-uCrWhe1yjPXZ2_lTWvCqIQHrSSU2cdLyu8jWvWI38rh1F83_iLeRNiC8De4uxPDnOMdmVjP-zgUH3qTh04xWOUTaJexPjCOuPziwGwPxj4TGB-jrxJvJ5CW-Idf8s8B1ICNcs7hSJ2kMPaMpCqqaM16n6EkGFqJ_HZ67_WdcisPrP7XqphXz2cAyMeYoknDBIbCLtDJz3auhlReDRPp1mx_QXxFtQyl5WTapW8a0HGcA0c_RN-VWwS3C5URkgx_8A-HbvfkREnKi_CJtpBxnqdZFf4op_Uj17dUIdqt5yp_PKFcdxz9LiuAFsHAmjK5K929YxpisYtrGPshjheJw3CV_c7Ufc3GHIl4r3JTiHdq3GsYx-AtoEmBgxB9ozTlpfVI_OHW0gV0RzbZ72a4eK885iMWUS-EEAZESqaPE_z21aPR7gxn-MzKV7J3mpx2sv7WcsnXFW9o76IGu5b0i60G7YjzfzTWuiJ4A3MqpOuIVaq2mFuwTv_KXfZD69ZQ1IDSqTj50o6Xl8-GdEVJg_Yer_0x8l63PF4chFo6jGG2-pB4j6ZHL8BHNZB7M8NsEO-NeSL53Jyjt4SGQS3X9qzsmTcgzskAhi8agCzt6EAWjT-wj7-6ToykR3m3rMMVIEK95BjN5ybs0mCbkg6UtBbLlqX_IrEpe6oOlTHu_L3Wq7Hm7iH5YYP5Pglfb2Of7AgeQv4zU8F2abFbAmmI4pB2_F6n1MaD6oYnMw0vHBs0CmfpOKaCI4NmJEqOHXoaiI9XKdlweNM-Tw0Vc5HWC8AiM9P4xtAIbH5n0nzKhe8s9kfwW0vWL3dQ_JwHIMnbvymZYaY_quruGQRplPjBkUD6E5OxD1Y1h_ZejxGthDfFtT2NITlOwmx2OuJTQYxsgSuYgQ1l0wkN6F9G6NDXM11yEUtmffoJwajufH5w7kJfBCudHmva1b6zVtsf_Q2Q0KBCbR4bbJKEu12hEXwWvDoKeepvZtRhsphCarnZ9bmbee5Cuyoi5enezuRCxwJUd0JrJC-NGvajAsmTgjUe9jHWUjyEekdcF3Zqa2hRIA_zCtCS_MjWM_ktPsS-pi8jUDYPdEznKHVMkrriLKvrmkSu44rlahxLvNW86AwPb_lIZmSPoUhVJSYQG1IWmL2CSzjxqDQucs1aXOQuBclaRUMnAKNbdWB-syVpr9D89rrpyw0DPAuSDzn0cPFNc9YhmBGbryKLx9BnK9dh4LTnQYllx6fq51YgceJCRyauA2HeAEnNJ6xgeFqUkmWqF_-EnT19zQK-b-lBZm-mtzPkX4sDeSwaqEikwEmKw2tIwurwOaTSSz6CHkVZvo7GZILomRhnYN7byNZI1tMtUASsHc_FggHUSyllHTByppH17aHUWSfNjKKrwudDuITsoMThvfbg135ua1DVeHy4DDQvw2wbkzpifYm5mtyGWorAz3h5L_0W28fyan9Fqem8KiH1TPhluclABYD10S5dXGKHyDx2yYsoEnFE1Y05AvC9MYC0WbH8lJZReoyTrplgERQQJ6OyEFXpIO1muoGexAF7pUcS2KrmQxO-sl0yMb-gugdoDpeNzwV20nlfCd6Ye3R_rPntIpHLr_bGwKfTd8RFYpptCkq5P7UVn2QvyJSxNcWtTFfw0HOZmCzY4Waswgrzio4Ql4_s0fS6AI6rcuit_KhSdZCJPt3pb6SSCs6pjE0T3-4VK2MVOxDeSDQJMGwn60U5yMvyhEeCpxr3KxCpQIwyXTuSCxZI2WjXw-bP8BcDSK1njwW_TSfvfIPdGRlddPZsIT9x-FIRHj_JTbj01_NgksbB48VIIfJwMn9nM9wo-uCmqm3Ya_t1m3C9mW-cJn4zwE6uRz2zk1AbGvkWhik6aguYJuDoqIZjBEpMWM5nMNyZzAXaCioENtasrvPRQg-C6R4cc9njUhGatG_iLC5tkVtuxp4u2LSsAbUJWXo1S4-g4hSJJkGjp1nwn5pwW8SOpU1Ea6yVlWnjL_Mr-H30-i_Rhs209QEVaJNaIEoFEruIj09z9CmderHHZPwGh_GXfY1AQdbJ6Yz-EhNwx3VygRToCzoy4WUIzPuKdg-TLt-ZVDLFmSb-Msesg0rcKWl9chnXGnZiQ6vQJPsb2WPop44KoPiEasi7mjzAMNLtj8MlC8Mp-9Nn8N4Bfrf4GCg_KXzhmxE4bgTABsMj-R5vgBhGVr09K-nnzrB7Qzm3cA9ox8NSrrNhOs9tJg8bCOBd6ptmBqWhB75iYqaiWGbdMNBMgm5wqW4FYtvLGA-hHeX6_hFqyb_gMmZKeZP9XQivmc7uwDdBk0Pchsi2_XMznqJwPEVyhBFICZDOvej7AK9l-86zTK-NhVI7zsPNMvFGaGn_QaermCEp6zLiKytLc2vL9_dTmd5yTSU3HoUW1FGgFQ4pqQao2USh34UwLEk88ULiwzYyXHzl5kXxZPH74nwRWSnOI6ijF09DwcCaCiolHDrQOa4lPBCeG9a681IvAX1GcyFXtLZjtUGWKqbIoglWRl4IBVXJwrnLsWFhkEhz48Wu2y3tVIGaf2Ibn2JycBAk9y3ZsYDbYUSP1QmwJnrFpMi-q13xA-R53B53ajhAuhQsbOFliYiB899SZ2rZe-qVuWFBa4Cw-ZkORUaIunre6Wp6RgQLlaztVDy6mJZM2nfOfYwo5aOJLjgbx1QOEHhBV55pbZt4rnhvU2HHwKU3ShpqAq36bhmZfc0pXu_yJnW62hL9kXKUCO_h06GooZmxfhLvST3gVEiRUW5EYHeiFPpbfWTSMoppm5ZZBQYXJkkBvlJqfQ_ip2yGxx9JlU2OozGm8ubaY_HWU8RTZaIHxDmjMqZrbOT50eVf673zZe1KbFQ&cid=CAQSOwBygQiDGNZPKMlsqX3Ac4zf1isKKwxjzWkJH2fF--PbD2Um11IoCq9jg63kFMXXxFfBUwVdPNlNAiY5GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fmomen.tofu.fit%2F&ds=l&xdt=1&iif=1&cor=2863911554026776600&adk=2857193498&idt=167&cac=0&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:00:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 6053914914909336730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 05:00:46 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230601/r20110914/ Frame 550F 29 KB
11 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230601/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb2e82355927b12155d9455aa6b5cca86252379428cd8cde028a282bee334e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 05:30:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85829
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11009
x-xss-protection: 0
server: cafe
etag: 3370048937579134139
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Jun 2023 05:30:55 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 550F 41 KB
15 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: momen.tofu.fit
URL: https://momen.tofu.fit/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 07:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78111
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jun 2024 07:39:33 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8F5C 1 KB
643 B 39ms
38ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 39973
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Jun 2023 18:15:11 GMT
etag: 48472445140208031
expires: Wed, 07 Jun 2023 18:15:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 550F 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9119e8ca4c1919a4c1dfa203cf9cb37ec1d866d0096b33316dbaf0061ff410d

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adprove_ Show response
fundingchoicesmessages.google.com/f/AGSKWxWlThnmT-r8tiG-1xnW0jxj94iGkeVjVMgQXudkrc3KoMNzCX0V9d8Znsc-vPPLv20284t2uEtnhV6oY2UevRWOK61rT41rbvVM_3msJLaNRUwN3sceZYqSj4czUiU4OoGbGsmXuEccw--bHEc2cD_Avx-JJ... 54 B
109 B 47ms
43ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWlThnmT-r8tiG-1xnW0jxj94iGkeVjVMgQXudkrc3KoMNzCX0V9d8Znsc-vPPLv20284t2uEtnhV6oY2UevRWOK61rT41rbvVM_3msJLaNRUwN3sceZYqSj4czUiU4OoGbGsmXuEccw--bHEc2cD_Avx-JJZKxSGQCkzN96_0qSVzx8fFRIcgVDMKa/_/sevenads./js.ad/size=/adengage0._adengage_/adprove_

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.f0xGJ0VrXn4.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMz5JG0In2EpB3hYVQEPjgvSD0ElTg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

53a6e3e559ac16571fdb15b82b383e10017a31ea38a907aac8aa0fbd6ed02a9c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-zZBLAYUUcHH6fIkz3Ur2IQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:24 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-zZBLAYUUcHH6fIkz3Ur2IQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 45 KB
15 KB 42ms
38ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

069b4b349dd050e98f438fb36ac14dd91f9f279e8a1cf9a71b8a9cd8e51b8ab8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:20:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15525
x-xss-protection: 0
server: cafe
etag: 9686826173922550253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 07 Jun 2023 06:20:59 GMT

POST
H3 204 AGSKWxWxZHpXHU4pBFN0YJ6yMLsckCztRuTRmrJutpQ8yULEcU43IHqpuhmjNlz5O9zSKNTQ3IC58KH9xdJ9uvgROHibMmj67_aITXSPNMa6M2JtAxd1Bu1JMvATmsq-u17EEJcrVZgygg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 55ms
51ms XHR
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWxZHpXHU4pBFN0YJ6yMLsckCztRuTRmrJutpQ8yULEcU43IHqpuhmjNlz5O9zSKNTQ3IC58KH9xdJ9uvgROHibMmj67_aITXSPNMa6M2JtAxd1Bu1JMvATmsq-u17EEJcrVZgygg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-LBMqnMBcvFlp2OuBNYQoqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://momen.tofu.fit/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 07 Jun 2023 05:21:24 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-LBMqnMBcvFlp2OuBNYQoqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://momen.tofu.fit
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3989 22 KB
8 KB 26ms
26ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
age: 347321
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 04:52:43 GMT
expires: Sun, 02 Jun 2024 04:52:43 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 8F5C
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKi78qJmeYWOZRQZvEac4Tk&google_cver=1&google_push=ATf1kGPhbTf6re-B_Scj9lQ3UGAFCiZ7pdfeeFdNpwVhFkITWum-1oHt8RmL8UYjWHH4rwi_atgJvNFv0PHwNys-f5srORPQBTA1p9w
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjUyNzAxMDU0ODMzNzU4NzUzOA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKi78qJmeYWOZRQZvEac4Tk&google_cver=1

43 B
398 B

96ms
54ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKi78qJmeYWOZRQZvEac4Tk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7228184907055996&output=html&h=280&adk=3432959759&adf=2581218329&pi=t.aa~a.2671591709~rp.4&w=336&fwrn=4&fwrnh=100&lmt=1686072738&rafmt=1&to=qs&pwprc=8410908443&format=336x280&url=https%3A%2F%2Fmomen.tofu.fit%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686115283440&bpp=2&bdt=2276&idt=2&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D122eabd051d4239e-22598b5107de00c0%3AT%3D1686115282%3ART%3D1686115282%3AS%3DALNI_MbPY-C57Cv0ISc7KCjiWZMfMMtqog&gpic=UID%3D00000c44f299b23c%3AT%3D1686115282%3ART%3D1686115282%3AS%3DALNI_Mb3eNoaX_gLDpfXPikO3y7zvovwsA&prev_fmts=0x0%2C336x280%2C336x280&nras=2&correlator=7333939706129&frm=20&pv=1&ga_vid=1646744520.1686115282&ga_sid=1686115283&ga_hid=1458372198&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C44772269%2C44788441&oid=2&pvsid=2227705292742720&tmod=1865976778&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=W3BB1rScry&p=https%3A//momen.tofu.fit&dtd=22
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 07 Jun 2023 05:21:24 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 07 Jun 2023 05:21:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKi78qJmeYWOZRQZvEac4Tk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8F5C
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENyRgQA1vKChP_Gdp7dNXEU&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENyRgQA1vKChP_Gdp7dNXEU&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Q01DajdiQ1gxUTZMQk81&google_gid=CAESENyRgQA1vKChP_Gdp7dNXEU&google_cver=1&google_push=ATf1kGPIueakG7Msoqgl2PZbZlE2wbie3flAfCZ-8TXPH2H...

170 B
188 B

46ms
44ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Q01DajdiQ1gxUTZMQk81&google_gid=CAESENyRgQA1vKChP_Gdp7dNXEU&google_cver=1&google_push=ATf1kGPIueakG7Msoqgl2PZbZlE2wbie3flAfCZ-8TXPH2HtCaCsNrryd2FuTsN4oywul1NZQm3YtWHeS_-j8vnFXPR6Esyh64EtTw

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 05:21:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 07 Jun 2023 05:21:24 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-0943143fd00beb9c6@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Q01DajdiQ1gxUTZMQk81&google_gid=CAESENyRgQA1vKChP_Gdp7dNXEU&google_cver=1&google_push=ATf1kGPIueakG7Msoqgl2PZbZlE2wbie3flAfCZ-8TXPH2HtCaCsNrryd2FuTsN4oywul1NZQm3YtWHeS_-j8vnFXPR6Esyh64EtTw
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8F5C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBEHQRj0dVa3SBLz1q2HoQU&google_push=ATf1kGOIq_t4Wu3FGwDgcoZIGkzas-lUeH5KqA94hjNHOEgdTnTOZacVKo...

170 B
188 B

44ms
42ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBEHQRj0dVa3SBLz1q2HoQU&google_push=ATf1kGOIq_t4Wu3FGwDgcoZIGkzas-lUeH5KqA94hjNHOEgdTnTOZacVKo4-YlyxfnG9gx4jyzcqF6s6VXnwyeUwidrVmdymcmTiYA

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 05:21:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-mxp6965-MXP
pragma: no-cache
date: Wed, 07 Jun 2023 05:21:24 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1686115284.446324,VS0,VE101
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBEHQRj0dVa3SBLz1q2HoQU&google_push=ATf1kGOIq_t4Wu3FGwDgcoZIGkzas-lUeH5KqA94hjNHOEgdTnTOZacVKo4-YlyxfnG9gx4jyzcqF6s6VXnwyeUwidrVmdymcmTiYA
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8F5C
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEOf3lkgNosQRcfSB9ILpwfc&google_cver=1&google_push=ATf1kGMCTJZWa4C43qOFFR4jPp6kmQKAOM1wcKksyMqRFmYa9RuWE-GfErz3aw_Pg1BCm7UTDP_fTR45RXoSMqb1tBZdWxLBWAPG5g
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D24FB9361BE347EC8B269639FEDD4F63&google_push=ATf1kGMCTJZWa4C43qOFFR4jPp6kmQKAOM1wcKksyMqRFmYa9RuWE-GfErz3aw_Pg1BCm7UTDP_fTR45RXoSMqb...

170 B
188 B

47ms
47ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D24FB9361BE347EC8B269639FEDD4F63&google_push=ATf1kGMCTJZWa4C43qOFFR4jPp6kmQKAOM1wcKksyMqRFmYa9RuWE-GfErz3aw_Pg1BCm7UTDP_fTR45RXoSMqb1tBZdWxLBWAPG5g

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 05:21:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 07 Jun 2023 05:21:24 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D24FB9361BE347EC8B269639FEDD4F63&google_push=ATf1kGMCTJZWa4C43qOFFR4jPp6kmQKAOM1wcKksyMqRFmYa9RuWE-GfErz3aw_Pg1BCm7UTDP_fTR45RXoSMqb1tBZdWxLBWAPG5g
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 06 Jun 2023 05:21:24 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8F5C
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEHNKYC-mjOgc3YYbpbosoRc&google_cver=1&google_push=ATf1kGPw9uuPfaEdpbf9JZI_1qAO3fi8E3OV98vUFEKs3IjPoDIfxoU2V0kaEo8wJWSzVUNX3GcsB1acE0z...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGPw9uuPfaEdpbf9JZI_1qAO3fi8E3OV98vUFEKs3IjPoDIfxoU2V0kaEo8wJWSzVUNX3GcsB1acE0zBVY41GJ83qDyQXXl6DQ&google_hm=Kyc5TvLaTaW-5aAyED...

170 B
188 B

42ms
41ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGPw9uuPfaEdpbf9JZI_1qAO3fi8E3OV98vUFEKs3IjPoDIfxoU2V0kaEo8wJWSzVUNX3GcsB1acE0zBVY41GJ83qDyQXXl6DQ&google_hm=Kyc5TvLaTaW-5aAyEDoV4tU

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 05:21:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Jun 2023 05:21:24 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGPw9uuPfaEdpbf9JZI_1qAO3fi8E3OV98vUFEKs3IjPoDIfxoU2V0kaEo8wJWSzVUNX3GcsB1acE0zBVY41GJ83qDyQXXl6DQ&google_hm=Kyc5TvLaTaW-5aAyEDoV4tU
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 8F5C 0
174 B 81ms
37ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESECpIO1nJvlg1N6WdnQQoovU&google_cver=1&google_push=ATf1kGMAzH4cPU5HozyMJGjvCTcTH5BlbLtIq7Qi2VS7vnBx5k9gBSPpbqvu_t2NAuAszlb6filwemkChtsRhRQciGHWwqYhFwP0gYw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7228184907055996&output=html&h=280&adk=3432959759&adf=2581218329&pi=t.aa~a.2671591709~rp.4&w=336&fwrn=4&fwrnh=100&lmt=1686072738&rafmt=1&to=qs&pwprc=8410908443&format=336x280&url=https%3A%2F%2Fmomen.tofu.fit%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686115283440&bpp=2&bdt=2276&idt=2&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D122eabd051d4239e-22598b5107de00c0%3AT%3D1686115282%3ART%3D1686115282%3AS%3DALNI_MbPY-C57Cv0ISc7KCjiWZMfMMtqog&gpic=UID%3D00000c44f299b23c%3AT%3D1686115282%3ART%3D1686115282%3AS%3DALNI_Mb3eNoaX_gLDpfXPikO3y7zvovwsA&prev_fmts=0x0%2C336x280%2C336x280&nras=2&correlator=7333939706129&frm=20&pv=1&ga_vid=1646744520.1686115282&ga_sid=1686115283&ga_hid=1458372198&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C44772269%2C44788441&oid=2&pvsid=2227705292742720&tmod=1865976778&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=W3BB1rScry&p=https%3A//momen.tofu.fit&dtd=22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:24 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

report
sync.teads.tv/um/ Frame 8F5C
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOnzdNiA928JAOipKMPkSV0&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGM5DOgjVgBsg-j3UMGny5ArgWKULzcZWWZ7LMrZbzW4j_7z7mrzqmFKm4FvujW3rkwllRN40NLXUM4NXPpZ-Y_2HdOlSQrlAojI
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

54ms
54ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7228184907055996&output=html&h=280&adk=3432959759&adf=2581218329&pi=t.aa~a.2671591709~rp.4&w=336&fwrn=4&fwrnh=100&lmt=1686072738&rafmt=1&to=qs&pwprc=8410908443&format=336x280&url=https%3A%2F%2Fmomen.tofu.fit%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686115283440&bpp=2&bdt=2276&idt=2&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D122eabd051d4239e-22598b5107de00c0%3AT%3D1686115282%3ART%3D1686115282%3AS%3DALNI_MbPY-C57Cv0ISc7KCjiWZMfMMtqog&gpic=UID%3D00000c44f299b23c%3AT%3D1686115282%3ART%3D1686115282%3AS%3DALNI_Mb3eNoaX_gLDpfXPikO3y7zvovwsA&prev_fmts=0x0%2C336x280%2C336x280&nras=2&correlator=7333939706129&frm=20&pv=1&ga_vid=1646744520.1686115282&ga_sid=1686115283&ga_hid=1458372198&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C44772269%2C44788441&oid=2&pvsid=2227705292742720&tmod=1865976778&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=W3BB1rScry&p=https%3A//momen.tofu.fit&dtd=22
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Wed, 07 Jun 2023 05:21:24 GMT
pragma: no-cache
date: Wed, 07 Jun 2023 05:21:24 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 07 Jun 2023 05:21:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8F5C 0
12 B 40ms
39ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KCoC0NgEPU7nempMAGLFjk4cH3QzfcdDifZegDOZxR8i6VDQ7oWD3R2Q8PEfUix8BsyBeYwQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 204 AGSKWxWxZHpXHU4pBFN0YJ6yMLsckCztRuTRmrJutpQ8yULEcU43IHqpuhmjNlz5O9zSKNTQ3IC58KH9xdJ9uvgROHibMmj67_aITXSPNMa6M2JtAxd1Bu1JMvATmsq-u17EEJcrVZgygg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 45ms
44ms XHR
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWxZHpXHU4pBFN0YJ6yMLsckCztRuTRmrJutpQ8yULEcU43IHqpuhmjNlz5O9zSKNTQ3IC58KH9xdJ9uvgROHibMmj67_aITXSPNMa6M2JtAxd1Bu1JMvATmsq-u17EEJcrVZgygg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-d-tAGFBlsyuSoYnWQsYplw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://momen.tofu.fit/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 07 Jun 2023 05:21:24 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-d-tAGFBlsyuSoYnWQsYplw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://momen.tofu.fit
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWxZHpXHU4pBFN0YJ6yMLsckCztRuTRmrJutpQ8yULEcU43IHqpuhmjNlz5O9zSKNTQ3IC58KH9xdJ9uvgROHibMmj67_aITXSPNMa6M2JtAxd1Bu1JMvATmsq-u17EEJcrVZgygg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 45ms
44ms XHR
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWxZHpXHU4pBFN0YJ6yMLsckCztRuTRmrJutpQ8yULEcU43IHqpuhmjNlz5O9zSKNTQ3IC58KH9xdJ9uvgROHibMmj67_aITXSPNMa6M2JtAxd1Bu1JMvATmsq-u17EEJcrVZgygg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nTQxVaifUFuILiLtwJoBaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://momen.tofu.fit/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 07 Jun 2023 05:21:24 GMT
content-security-policy: script-src 'report-sample' 'nonce-nTQxVaifUFuILiLtwJoBaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://momen.tofu.fit
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWxZHpXHU4pBFN0YJ6yMLsckCztRuTRmrJutpQ8yULEcU43IHqpuhmjNlz5O9zSKNTQ3IC58KH9xdJ9uvgROHibMmj67_aITXSPNMa6M2JtAxd1Bu1JMvATmsq-u17EEJcrVZgygg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 46ms
45ms XHR
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWxZHpXHU4pBFN0YJ6yMLsckCztRuTRmrJutpQ8yULEcU43IHqpuhmjNlz5O9zSKNTQ3IC58KH9xdJ9uvgROHibMmj67_aITXSPNMa6M2JtAxd1Bu1JMvATmsq-u17EEJcrVZgygg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NrglLTmWYakg_zztEpE-yg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://momen.tofu.fit/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 07 Jun 2023 05:21:24 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NrglLTmWYakg_zztEpE-yg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://momen.tofu.fit
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUKgWUFzpTNYHjsYDSiMfMCJG6shsznsKhGBVeZFvtUgb3N7m7gRit04NiF0ASJS_QydJnB5JqKK0GyDJ_Sx-b3eaQRcIjwAYnueU8pbQTElmfyRlNDpPtziSX1ZdlamcSv67jISw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 59ms
59ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUKgWUFzpTNYHjsYDSiMfMCJG6shsznsKhGBVeZFvtUgb3N7m7gRit04NiF0ASJS_QydJnB5JqKK0GyDJ_Sx-b3eaQRcIjwAYnueU8pbQTElmfyRlNDpPtziSX1ZdlamcSv67jISw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg2MTE1Mjg0LDM5MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vbW9tZW4udG9mdS5maXQvIixudWxsLFtbOCwiZjB4R0owVnJYbjQiXSxbOSwiaXQiXSxbMTYsIlsxLDEsMV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f75c289e7ebc8e9c95e7356946f5677e4d1d380b2a916aa08f2ac0941414c2a1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gVq_DEGBGuF10YwncCOT5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:24 GMT
content-security-policy: script-src 'report-sample' 'nonce-gVq_DEGBGuF10YwncCOT5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 EHMIEcXmxjhpa6ysVw94xheqxns9jQBWcUzwmgw4Ck0.js Show response
pagead2.googlesyndication.com/bg/ Frame 3989 38 KB
15 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EHMIEcXmxjhpa6ysVw94xheqxns9jQBWcUzwmgw4Ck0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10730811c5e6c638696bacac570f78c617aac67b3d8d0056714cf09a0c380a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:05:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jun 2024 19:05:28 GMT

POST
H3 204 AGSKWxU0ch-EskxJIge7CKKW7c8kUF0-Yo2EDEGwmoHA7YVXOf1MFpJVOtHa-KZXR8cW5WI9lbJL_DilfQKVENqb8EtcV82BPZqIEhwjeBjeumB8Ct60FxXazpxFstBCOmgiNegJy21riA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 44ms
44ms XHR
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU0ch-EskxJIge7CKKW7c8kUF0-Yo2EDEGwmoHA7YVXOf1MFpJVOtHa-KZXR8cW5WI9lbJL_DilfQKVENqb8EtcV82BPZqIEhwjeBjeumB8Ct60FxXazpxFstBCOmgiNegJy21riA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-spY6_Ka5_pt2zOYmgQR4NQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://momen.tofu.fit/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 07 Jun 2023 05:21:24 GMT
content-security-policy: script-src 'report-sample' 'nonce-spY6_Ka5_pt2zOYmgQR4NQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://momen.tofu.fit
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/ Frame 526F 14 KB
4 KB 103ms
37ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=c2q4ClWZif&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1017622739cf5b1a5aa4f9d8a2fc4b3f6b43b32072615e61e54c9ac4fb32e71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3884
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 05:21:24 GMT
expires: Thu, 06 Jun 2024 05:21:24 GMT
last-modified: Tue, 28 Mar 2023 09:34:17 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 550F 0
0 177ms
78ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssJ8g21o8r-9mbVGZuwg0zKiCcaxwKCbqRUUolokAzLyqtNt926egxf64Y0HL4LphXyJ9P_OUZcqQDEsVGC77fj-UQz5LZhjQJgpNhxModjbvBNpr7TlYbbqkMes87Mfg_J_QsU2BHggBpV6OkFdDOPZlKdH8b4onjz8k_cBWKDfLNDaa82m_MaOa2VTweN73WCqnsfUmBVt2jTJSCZQhPg8XO5q6LX3i2ALlLsSedGIxA586lLmr-GuphLGnDdDpi9tOwBZLI_HtQVfk9BzGjV2J_ZbG58vL7-vlf7GTJSWbMZhk8gEabunxjs-DEM53k4IMlacn4IFYbtTAdm0gzcLVOebmJjq2KkqL8sM9JBVhgG7ozXR6Z0U5KpvaBJFIX9t-Dm33iFsN8JloYf0aIfJ63hV3lwImqlshvH02oKkFTlSfpSj7SpWJEiZImqipvX1nf9SJIFCt-DeYxutOLnkPAEdqtaHP1nuqJWIy08J9JCq7ccHJHJAnzocWMNMM_GwoCXUSo-TjLLs1h-bkWOVpCy5J74fUmCJu5TDd-0Ip0IibieKtcLS3dSfgcEs1cvoTx6lHsWzpaMBD_K-g89oyovvjuWC8aCecD3i5AT4yXQ-yED65-cLrRyfaeJGXyJ9Xw-sBPBShtigB5FpZHyLxemUkNdXU14ZBpWHLo_2dDtTx_uUUlusgfCGk0ftmTgXm_1AbgW7vJ8oz48fyWGszrl8oRtqvlL7Eykaq26EY_ORN4w0wNtydhtGm5QEmCRPHfpGsvNVQd9fYRzD0BIn_DGIHYlYoM3WzQSlkIgwuiTK_wgmj6fMbAwdPklZonvr5wBiNvGvXn-HCV1pqQZJsT8n4HWIIvZDcKZE2EDY9SOe0LsITJdOnQ3_22HdGZf8Qd3dIf8GYILNrC7lWBUU8eRP8yovDFXQ1AYUErWZHlMaWAGm5Lz2S1JMgyqSjVf8gj2ysnOCLFoH-Sf4dvlgrkoS1L3xNYA4G_as2rJP8wM5PnX_rfiXNPdUccq_qFzhZaayLNwJ_1nrTnvgo9EkGRlxgKoab5fnz6WKCho0i3KVbMlZ83vlcx1q2yy5d2ByIwleHvoBHs3PBqwQQsUj_wzgLdqhpQIYdvGWTlJXCE8OHuO-WhOqqmkocw2p-X7t89YE1MdrrNsZTOnQOEQRjBxRgWN9g5rIOgSk6AnJXg5FyD0qoQU9jQd379oyxVBGd1PzpSUeyBhrLHyPKWBzef5ED50VHyHCCOgWMOJMcOHlAA9hVHrMYrnSyR6LXDLCsLG33nauejnHgIx6ruhxO-liE8rYuSnShPYBLE1GREO4YnbGg1iaGVLFic5zH8Me5vT481HH_00VaHbWqLXvRh0B5g&sai=AMfl-YRGivk7CcOjWywKGUTWhhvIZ7by4tySkOP8dD0a15W0eLO8bG63WnbBS3vrjNvqUCZ_kdXyLgiNtbE-7aZem5tz-KwfPsf6yfHh3jhfyJmBUFPVozVw-3PTPlblrA-OxyaaXi3qvFD5a8NGAfURsyIu7I74NPqKywjyJUNLpZg2mRek8r6kqfcS8X3c6rVjHmQZ3Bjpc259mkPEAkPQ6uuB1JieE4C4NvUewW9sRANSPHy4jf3uOmfHfJXCrHxE3NGjIwK4_NYSjrU-vJgFHPeNAbIQmw&sig=Cg0ArKJSzMx1uE7ZhNPZEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=230&cbvp=1&cstd=214&cisv=r20230601.92467&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: momen.tofu.fit
URL: https://momen.tofu.fit/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 07 Jun 2023 05:21:24 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 07 Jun 2023 05:21:24 GMT

GET
H3 200 adlib.css
s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/ Frame 526F 5 KB
2 KB 26ms
25ms Stylesheet
text/css 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/adlib.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=c2q4ClWZif&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ac0a8d8faf26b8a5ab31b9a5dcb8778adb98efcea5b4d2e38197e0a06e765c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=c2q4ClWZif&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 16:06:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 306894
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1887
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 09:34:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 16:06:30 GMT

GET
H3 200 adStyle.css
s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/ Frame 526F 5 KB
1 KB 26ms
25ms Stylesheet
text/css 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/adStyle.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=c2q4ClWZif&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c3c9f4a209eac69eadb26e959100c5b20e767f95d5e6b9f9fc0a59558f722fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=c2q4ClWZif&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 16:06:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 306894
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1218
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 09:34:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 16:06:30 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 526F 118 KB
40 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=c2q4ClWZif&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=c2q4ClWZif&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 07:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79358
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Jun 2023 07:18:46 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 526F 57 KB
23 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=c2q4ClWZif&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=c2q4ClWZif&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Jun 2023 05:21:24 GMT

GET
H3 200 static-doodle.png
s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/ Frame 526F 3 KB
3 KB 41ms
39ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/static-doodle.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=c2q4ClWZif&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9dd6bb872079f1549abb3a4b8da2f45549a4362e84079869e74a1ad43d92375e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=c2q4ClWZif&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 00:16:17 GMT
x-content-type-options: nosniff
age: 18307
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2824
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 09:34:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 06 Jun 2024 00:16:17 GMT

GET
H3 200 gradient1.png
s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/ Frame 526F 5 KB
5 KB 39ms
38ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/gradient1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=c2q4ClWZif&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6403dd0b8af39a0f0ebd94fc353ff7ca5f93415d9b17f51f989b113bc41e672a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=c2q4ClWZif&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 15:29:12 GMT
x-content-type-options: nosniff
age: 481932
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4799
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 09:34:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 31 May 2024 15:29:12 GMT

GET
H3 200 gradient2.png
s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/ Frame 526F 4 KB
4 KB 40ms
38ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/gradient2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=c2q4ClWZif&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc880095d2fa8e54c06c0a2b0b79d6553ac8646bab2249705cc4e0128ac195d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=c2q4ClWZif&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 15:29:12 GMT
x-content-type-options: nosniff
age: 481932
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4205
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 09:34:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 31 May 2024 15:29:12 GMT

GET
H3 200 adlibUtils-v3.js Show response
s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/ Frame 526F 26 KB
10 KB 34ms
33ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/adlibUtils-v3.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=c2q4ClWZif&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c89b2c4e3b2a14c8cbce7de23753253297ce0ba0b0496497e63c6a1d095e6349

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=c2q4ClWZif&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 15:29:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481932
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10715
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 09:34:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 31 May 2024 15:29:12 GMT

GET
H3 200 splittext.min.js Show response
s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/ Frame 526F 5 KB
3 KB 42ms
41ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/splittext.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=c2q4ClWZif&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a3a93ff195fb60e6bffb8600751899ca4743fe21f8c4c139bb504689e13d0e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=c2q4ClWZif&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 12:38:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 319384
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2535
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 09:34:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 12:38:20 GMT

GET
H3 200 animation.js Show response
s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/ Frame 526F 8 KB
2 KB 37ms
35ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/animation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=c2q4ClWZif&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95b370c1570e53cc01f461d937c99cc010adc3ef5810d03ef72f870bb4d1b8ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=c2q4ClWZif&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 16:06:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 306894
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2322
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 09:34:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 16:06:30 GMT

GET
H3 200 Roboto-Bold.woff
s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/ Frame 526F 67 KB
67 KB 26ms
26ms Font
font/woff 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/Roboto-Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/adStyle.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bb4630bd42246fedfd677e82b723af1cd563d9d6203bcf3d79701128a5d5b50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/adStyle.css
Origin: https://s0.2mdn.net
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 15:31:17 GMT
x-content-type-options: nosniff
age: 481807
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68428
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 09:34:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 31 May 2024 15:31:17 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 550F 0
0 64ms
64ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssJ8g21o8r-9mbVGZuwg0zKiCcaxwKCbqRUUolokAzLyqtNt926egxf64Y0HL4LphXyJ9P_OUZcqQDEsVGC77fj-UQz5LZhjQJgpNhxModjbvBNpr7TlYbbqkMes87Mfg_J_QsU2BHggBpV6OkFdDOPZlKdH8b4onjz8k_cBWKDfLNDaa82m_MaOa2VTweN73WCqnsfUmBVt2jTJSCZQhPg8XO5q6LX3i2ALlLsSedGIxA586lLmr-GuphLGnDdDpi9tOwBZLI_HtQVfk9BzGjV2J_ZbG58vL7-vlf7GTJSWbMZhk8gEabunxjs-DEM53k4IMlacn4IFYbtTAdm0gzcLVOebmJjq2KkqL8sM9JBVhgG7ozXR6Z0U5KpvaBJFIX9t-Dm33iFsN8JloYf0aIfJ63hV3lwImqlshvH02oKkFTlSfpSj7SpWJEiZImqipvX1nf9SJIFCt-DeYxutOLnkPAEdqtaHP1nuqJWIy08J9JCq7ccHJHJAnzocWMNMM_GwoCXUSo-TjLLs1h-bkWOVpCy5J74fUmCJu5TDd-0Ip0IibieKtcLS3dSfgcEs1cvoTx6lHsWzpaMBD_K-g89oyovvjuWC8aCecD3i5AT4yXQ-yED65-cLrRyfaeJGXyJ9Xw-sBPBShtigB5FpZHyLxemUkNdXU14ZBpWHLo_2dDtTx_uUUlusgfCGk0ftmTgXm_1AbgW7vJ8oz48fyWGszrl8oRtqvlL7Eykaq26EY_ORN4w0wNtydhtGm5QEmCRPHfpGsvNVQd9fYRzD0BIn_DGIHYlYoM3WzQSlkIgwuiTK_wgmj6fMbAwdPklZonvr5wBiNvGvXn-HCV1pqQZJsT8n4HWIIvZDcKZE2EDY9SOe0LsITJdOnQ3_22HdGZf8Qd3dIf8GYILNrC7lWBUU8eRP8yovDFXQ1AYUErWZHlMaWAGm5Lz2S1JMgyqSjVf8gj2ysnOCLFoH-Sf4dvlgrkoS1L3xNYA4G_as2rJP8wM5PnX_rfiXNPdUccq_qFzhZaayLNwJ_1nrTnvgo9EkGRlxgKoab5fnz6WKCho0i3KVbMlZ83vlcx1q2yy5d2ByIwleHvoBHs3PBqwQQsUj_wzgLdqhpQIYdvGWTlJXCE8OHuO-WhOqqmkocw2p-X7t89YE1MdrrNsZTOnQOEQRjBxRgWN9g5rIOgSk6AnJXg5FyD0qoQU9jQd379oyxVBGd1PzpSUeyBhrLHyPKWBzef5ED50VHyHCCOgWMOJMcOHlAA9hVHrMYrnSyR6LXDLCsLG33nauejnHgIx6ruhxO-liE8rYuSnShPYBLE1GREO4YnbGg1iaGVLFic5zH8Me5vT481HH_00VaHbWqLXvRh0B5g&sai=AMfl-YRGivk7CcOjWywKGUTWhhvIZ7by4tySkOP8dD0a15W0eLO8bG63WnbBS3vrjNvqUCZ_kdXyLgiNtbE-7aZem5tz-KwfPsf6yfHh3jhfyJmBUFPVozVw-3PTPlblrA-OxyaaXi3qvFD5a8NGAfURsyIu7I74NPqKywjyJUNLpZg2mRek8r6kqfcS8X3c6rVjHmQZ3Bjpc259mkPEAkPQ6uuB1JieE4C4NvUewW9sRANSPHy4jf3uOmfHfJXCrHxE3NGjIwK4_NYSjrU-vJgFHPeNAbIQmw&sig=Cg0ArKJSzMx1uE7ZhNPZEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=514&vt=11&dtpt=284&dett=3&cstd=214&cisv=r20230601.92467&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: momen.tofu.fit
URL: https://momen.tofu.fit/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 07 Jun 2023 05:21:24 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 92ms
91ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230601&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7a338bf3333756316526db2e2d34a407340656360bfcb57d1ae569dc59a7f8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11293
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 526F 7 KB
6 KB 78ms
78ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a29facf9b45ada2ccb36f2e33ef4b2e08dc3b2b551445d30d934b2d207f4e92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5673
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3989 0
20 B 74ms
73ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9b_F1BOAZIaZDae79u8P1cOZ6AMAAAAAOAHgBAI&bg=!DQ6lDlrNAAY9J7QfHSc7ADkAdvg8WtFlcnldsAeSa8wUzXNO_guOR2nBRHgUieNG93WiP1SFrDaPtluDakQK2m-hRQkTP0LW6hMCAAABUlIAAAAFaAEHmQMY5SGJcU6Tpp650ZVIbPgmR0lFcIWNnRDBPmFfA5pvO9J5POAQYZ-sLt6D4RTEUcwMKZ8wu38DgdmkBjYC6PUocAXgeL-6ntVRqIukibVogD1t6L8YTRPGbTYKmjXCCHGzIKln1HUaFpoaweQomatZqxjEMOX1NMp3cjKLRPIcZSLPQ8Yoxy-P4CffI_VQQVXvwSzY0G_yrD9vj57fYutGqmCPYcEOcPn2HJNI1sKFDZqibS_Z549rKb_A-q_txwEiUkbx44q__L9Xl0nG41tehZ82a0Fu3JczlsNnupa-ljr9G7Mc3iK_MaMNR4UYa_-1X1hdz2iTeUmUlivxz1RQxnAVWjwU1126D0epa4nslnObdFo9du26bzTGwJZpSDNS1zIE__x2Cd0rBrmVgpTUEVb9kbJmKZN9LY9lDL_Tny4TRa2OU5Ob1C-ScF6_WWaGxHJfLKolm9kiA4Bf2VX3BO2hOlwTVHqxkzLhvwtroDqZQn8RlqTAUCq8tESCL_Br3CMebIjH3jr-_9x10Q9hL4rGrapBDcY-3W9GQyg15gplG3H_FRmoKvJ0H4AWjKDknZKrfLA3_Q8ABZWHOsfN-RxjAd-yFcF0sO4jkWiRAZw_nPovY9WguGp3Iet2qZ5w5JzSoO_3sHsdcv3ZsW72jsazHUsGaOSKeQsuFbf7dSX4tKy_TRbYGGmWlnZHGrmL6b6slff84cul1dKmcBQo-EME0hcyBdED4jUwS-FA_Kq_b6AaLpoorN-bSXK4bQ2y9p9Leumv2K6bgXnGKcb0UWHNDoZLNiMoN6NOblGUrzyOBoMYIh8mZGbs9AL61QLefYuEZs6UleVQvEKDpapbNw-Ugw1zJiV5mW6w6fm0qaCyVHzex4H2hIx1CcQSzojUPB5x754JAT29e2KU0JHB7Ltfd7KJqBIKoJGYYzy3iSYVXEtSEiydu1W9JPQ7WiK1hGfjz8y7eFroRUriMSYGz9YWAOZTJFsmp5Y-Qw12OYGPZpwF8ryiiNlIPpyeKPxEfaNqI6HJtQe13NF5htkVQI-naCYjLBBo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 05:21:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2E9E 42 B
64 B 63ms
63ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvszUOSmna1e0u13hJAUR658ld_DPjuWI-YjmwWKTn5kL8qzpZeD_WdmKyCX-jmoaO-zDMVXvTO1qCgdcCkMunRqT-3QZHFYa_VRnevvGrOQlVRBV-Zur1EYnHQZkjLE1zML996s_C4JfFT&sai=AMfl-YSza4iYAz_qibO5wn4jJEdF80q0mym0b8NCOJDqZpbmTQD_kJz22SIO7X7giz4oTksuYso66qBc45aq&sig=Cg0ArKJSzFN4_OB-T1BmEAE&cid=CAQSGwBygQiDqvdx2E-Ud_zya1qMC1n7Ad0-KQv4QRgB&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230605&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1703001207&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686115282638&rpt=1199&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 05:21:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 526F 17 KB
6 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Jun 2023 05:21:24 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Jun 2023 05:21:24 GMT

GET
H3 200 Tokyo_A2.jpeg_1679963537912_Tokyo_A2.jpeg
s0.2mdn.net/dynamic/2/11057738/cdn.ad-lib.io/v3/partners/62c2fe4fd2383e52bc440aff/assets/singleFiles/63beb1823146c871ca35547e/original/ Frame 526F 257 KB
257 KB 27ms
27ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11057738/cdn.ad-lib.io/v3/partners/62c2fe4fd2383e52bc440aff/assets/singleFiles/63beb1823146c871ca35547e/original/Tokyo_A2.jpeg_1679963537912_Tokyo_A2.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

034a7f77d7c4b89b038ff32a0542d1e3e4071c1d27f91747b3d163fb491979af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=c2q4ClWZif&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 18:13:21 GMT
x-content-type-options: nosniff
age: 558483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 262753
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:32:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 May 2024 18:13:21 GMT

GET
H3 200 Tokyo_A1.jpeg_1679963537912_Tokyo_A1.jpeg
s0.2mdn.net/dynamic/2/11057738/cdn.ad-lib.io/v3/partners/62c2fe4fd2383e52bc440aff/assets/singleFiles/63beb1773146c8a8a6355365/original/ Frame 526F 194 KB
194 KB 36ms
35ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11057738/cdn.ad-lib.io/v3/partners/62c2fe4fd2383e52bc440aff/assets/singleFiles/63beb1773146c8a8a6355365/original/Tokyo_A1.jpeg_1679963537912_Tokyo_A1.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e6c93518a7e7ed735e56c13f1c9c7d8a50d5f2a34a235f747984ad07155c5a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=c2q4ClWZif&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 20:33:19 GMT
x-content-type-options: nosniff
age: 118085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198518
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:32:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jun 2024 20:33:19 GMT

GET
H3 200 Tokyo_3.jpeg_1679963537912_Tokyo_3.jpeg
s0.2mdn.net/dynamic/2/11057738/cdn.ad-lib.io/v3/partners/62c2fe4fd2383e52bc440aff/assets/singleFiles/640f3eaaf9301b58f04f3523/original/ Frame 526F 145 KB
145 KB 33ms
32ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11057738/cdn.ad-lib.io/v3/partners/62c2fe4fd2383e52bc440aff/assets/singleFiles/640f3eaaf9301b58f04f3523/original/Tokyo_3.jpeg_1679963537912_Tokyo_3.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4960979cc68301bb2d83cb8c9a419b2a277d83b8a827db55da18dbd6319ed0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=c2q4ClWZif&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 19:07:35 GMT
x-content-type-options: nosniff
age: 555229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148835
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:32:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 May 2024 19:07:35 GMT

GET
H3 200 blank.png_1679963537912_blank.png
s0.2mdn.net/dynamic/2/11057738/cdn.ad-lib.io/v3/partners/62c2fe4fd2383e52bc440aff/assets/singleFiles/6318848867d6c1b497193ee8/original/ Frame 526F 927 B
956 B 40ms
39ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11057738/cdn.ad-lib.io/v3/partners/62c2fe4fd2383e52bc440aff/assets/singleFiles/6318848867d6c1b497193ee8/original/blank.png_1679963537912_blank.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c45dbdb7b09412d6e8d0a108245bf284d53a80fe178119869ca65654c0621a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=c2q4ClWZif&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:06:34 GMT
x-content-type-options: nosniff
age: 83690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 927
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:32:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jun 2024 06:06:34 GMT

GET
H3 200 sunny-ico.png_1679963537912_sunny-ico.png
s0.2mdn.net/dynamic/2/11057738/cdn.ad-lib.io/v2/partners/62c2fe4fd2383e52bc440aff/assets/concepts/6310b51367d6c130d20fa9eb/templates/63347937690e3501fe8edc8d/content/ Frame 526F 2 KB
2 KB 39ms
38ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11057738/cdn.ad-lib.io/v2/partners/62c2fe4fd2383e52bc440aff/assets/concepts/6310b51367d6c130d20fa9eb/templates/63347937690e3501fe8edc8d/content/sunny-ico.png_1679963537912_sunny-ico.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2e9b9928610c087592b74ac222151ee41ee3231c790dd820822f7c40a193a75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=c2q4ClWZif&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 15:29:13 GMT
x-content-type-options: nosniff
age: 481931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2402
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:32:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 May 2024 15:29:13 GMT

GET
H3 200 gyg_logo.png_1679963537912_gyg_logo.png
s0.2mdn.net/dynamic/2/11057738/cdn.ad-lib.io/v2/partners/62c2fe4fd2383e52bc440aff/assets/concepts/6310b51367d6c130d20fa9eb/templates/63347937690e3501fe8edc8d/content/ Frame 526F 5 KB
5 KB 38ms
38ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2679bf19f9779abffec993189bacb964bae792ce90c472bd4e54ef462445121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=c2q4ClWZif&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 12:37:29 GMT
x-content-type-options: nosniff
age: 319435
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5037
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:32:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 12:37:29 GMT

GET
H3 200 GTEestiProDisplay-Bold.woff
s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/ Frame 526F 67 KB
67 KB 28ms
28ms Font
font/woff 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/GTEestiProDisplay-Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/adStyle.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684e3bdd0b48d1a7bf9cfc11024cdb3ccbed72899fd39c3f7976a4c1c84bd70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/407123345897684992/336x280-Things_To_Do/adStyle.css
Origin: https://s0.2mdn.net
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 11:19:46 GMT
x-content-type-options: nosniff
age: 324098
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68136
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 09:34:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 11:19:46 GMT

GET
H3 200 EHMIEcXmxjhpa6ysVw94xheqxns9jQBWcUzwmgw4Ck0.js Show response
pagead2.googlesyndication.com/bg/ Frame 3E4C 38 KB
15 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EHMIEcXmxjhpa6ysVw94xheqxns9jQBWcUzwmgw4Ck0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10730811c5e6c638696bacac570f78c617aac67b3d8d0056714cf09a0c380a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:05:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jun 2024 19:05:28 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 53B4 13 KB
5 KB 28ms
25ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://momen.tofu.fit/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
age: 36511
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Jun 2023 19:12:53 GMT
expires: Wed, 05 Jun 2024 19:12:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8756 783 B
969 B 37ms
36ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

eef5a10696ff6343899bb5f32d3a9537ffb0aea438979e11ad53bca31e0b74a4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-E8FZaycAcNGyUlVLBjLGyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://momen.tofu.fit/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-E8FZaycAcNGyUlVLBjLGyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 05:21:24 GMT
expires: Wed, 07 Jun 2023 05:21:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8756 0
0 70ms
69ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230601&jk=2227705292742720&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 200 EHMIEcXmxjhpa6ysVw94xheqxns9jQBWcUzwmgw4Ck0.js Show response
pagead2.googlesyndication.com/bg/ Frame 53B4 38 KB
15 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EHMIEcXmxjhpa6ysVw94xheqxns9jQBWcUzwmgw4Ck0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10730811c5e6c638696bacac570f78c617aac67b3d8d0056714cf09a0c380a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:05:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jun 2024 19:05:28 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C4F7 42 B
64 B 63ms
63ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-LnRIfFor4K6LFS0uLHXJCfLpz2ylZRn4JAG3X3tMhc-puAVH5SLxLnEeQ1AWQU_dRz7GXoQW2eAW1aLqSS_e6k1BuvAk5-1EjJbcaSIiCR5y9ISH3vZi4LFlc_qdhDFBQQ8TtJzwOB5U&sai=AMfl-YQdyh4eIrlY_MkKMoR5HdMHrzpwTi9h4mbZJ-xUn1unjr8j9Z3jOD_czVZ23SBoWmgvKycM2xjw_CjO&sig=Cg0ArKJSzNIHPNBPoznWEAE&cid=CAQSGwBygQiDmaXfrP1SQMhw3zZeba1mkosSBTX5MxgB&id=lidar2&mcvt=1005&p=0,0,124,1005&mtos=180,864,1005,1005,1005&tos=180,684,141,0,0&v=20230605&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686115283618&rpt=416&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 05:21:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 53B4 0
11 B 25ms
25ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?DK0HeA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:21:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
76ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230601&jk=2227705292742720&bg=!kZKlksbNAAY9J7QfHSc7ADkAdvg8WqOqKXuvY6rMvhZVoTZGf1O3xeNZYQjOoLT7BItfa8kgprqR9q3bxUSGS5e0C7zWfqx2CAMCAAAAZVIAAAADaAEHCgCOan_ccWip5Qznv5ykR2zauZ_TPI2lT_YR_PubskYQBpH7pB-ZhwNlPNG46uHLJrtEx79e1_m1VN1mUg95HeS7wrPAAHErh2aXcsdrzXw7UIX5KI-OJoErd5R2RL5FRhaC9B9SvhLIvtePyErkOzN5W9E_1mYCB7ZeDc6x2wg7PCyMfBwQRz08rJW2F-UI5pkC1rzxKDCznDhVGXYP7tXMiXE_muYValhUZV52KNNQklginoXEkmAdwJf0ZrD_BXkpKw-pYGKz2t9xODNzgjX1r-u4WkRyguSeWm8i5DQG7yZ8vcTZ2ns3OGYmnpU3IAy8LyK4KFFl7CqFJxgoEhQvJ3a7asHyuI-ccZCfrxpEM1o3hPkPWXPY1eiwnOZEfuoO5i14GynPenmpHYSjQr6pJIl2_drcB9bbkFVpe_CXwbIQh2XgAqw1ZmbVuLj5rREnGND-mhROxy-PGbazIoYykJqGcQIlMKD4yr4dcpbDhmeUluDRa3h7CM761srO8o0Ofty_JEkinsNY3UFT0r5ye2jNjog_8z6GjgmThqvIH49xuaDDzNZrzBnORNernadfvmlK-ypuIGfExwBn-PM5p9WHmWrLVo3RLTHJ9PAJhTzfOtigal7XG_k-Zzso8Fs4yv3IUXCbT3M2krQ8k8_i8dCsRYea8BBOo_xRDYEFRBJJkG-MWtUYzWp1JwPtZ0XRmuJdsHVQZETN2rKg76-45ZbVm2IT1FR3lq5MgV7F-RvVid5i8_QcOKhBRPVD4GAqZgHl2ABelJ3jYK3ZO2NoUfVLAgDoizPV62vzNmTIPwYuO4wMsxSvMwMD1DOpFmuC0GZJMJ-leLuAHPge99mmIzhVvZAOErJ2u6mbHLOs1Ze6oz-KJc-e4kI-16doNqVWXFglSeMrgVc5-Eu1B4x2nAD9lCWGKFmhV-yR7t7bcwePJv_CBcqSpc9n-Lj1OvjKUjm-uRurFrikF8ynh1HTsToBKXkqTNh7fvL_iX0vCDvVzQdQj1xxpEJXFQso4DtUwLCZnKF0KsdiBAJeMPj092vm1yysOtGqUz2zqdoqBEuvklTzOYucztFyj241i3jjowXMNYu4yCQ7jGDkFOj5ARszbgS5TRq9mApF90JbPvwzYRiRGkcYtkKNKDJizvJeXoft_E733Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://momen.tofu.fit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 550F 0
21 B 70ms
70ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=469251284279&version=m202301230201&ct=76&x=1&cor=2863911554026776600

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 05:21:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

142 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tofu.fit/	1970-01-20 21:57:55	Name: _ga_WXTCPLWTR4 Value: GS1.1.1686115282.1.0.1686115282.0.0.0
.tofu.fit/	1970-01-20 21:57:55	Name: _ga Value: GA1.1.1646744520.1686115282
.tofu.fit/	1970-01-20 21:43:31	Name: __gads Value: ID=122eabd051d4239e-22598b5107de00c0:T=1686115282:RT=1686115282:S=ALNI_MbPY-C57Cv0ISc7KCjiWZMfMMtqog
.tofu.fit/	1970-01-20 21:43:31	Name: __gpi Value: UID=00000c44f299b23c:T=1686115282:RT=1686115282:S=ALNI_Mb3eNoaX_gLDpfXPikO3y7zvovwsA
.doubleclick.net/	1970-01-20 21:43:31	Name: IDE Value: AHWqTUk81WTgMaaVh0yy3VvkzjPkCjSSY04QANjt215KE-iOZPz9hOH8V2dlqBr6FSE
.valuecommerce.com/	1970-01-20 21:57:55	Name: VCB Value: ZIAT0wAOXkLAkX_VCoICMAqCAoYsog&c=d3138064&v=2&s=82385693
.doubleclick.net/	1970-01-20 12:21:58	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 21:07:31	Name: CMID Value: ZIAT1BjSgY2HlWMF.cHQ-AAA
.casalemedia.com/	1970-01-20 14:31:31	Name: CMPS Value: 1154
.casalemedia.com/	1970-01-20 14:31:31	Name: CMPRO Value: 1154
.adnxs.com/	1970-01-20 14:31:31	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVIM+C:6!@wnfH8K6pQK`!5=E<L5?%K<]S.fIZ+_.?4hdLmf_sN9hqg/.Ck=+yP-c]O%nugO%v4VB%nmvc(Ds4
.adnxs.com/	1970-01-20 14:31:31	Name: uuid2 Value: 5054103843503504433
.ctnsnet.com/	1970-01-20 21:07:31	Name: cid_2b27394ef2da4da5bee5a032103a15e2 Value: 1
.ctnsnet.com/	1970-01-20 21:07:31	Name: gid_CAESEHNKYC-mjOgc3YYbpbosoRc Value: 1
.blismedia.com/	1970-01-20 21:07:35	Name: b Value: 648013D4BCB5575D3F6C3BA5BLIS
.tofu.fit/	1970-01-20 21:07:31	Name: FCNEC Value: %5B%5B%22AKsRol9jJ1aWo-rNaRegBzXgTs6uqilb9nI4fTeCJOnbkkviVhupLjfkLrZihEeLfWdF4LCXNFkjtK0v58uKrG1ViOUEdkwLWAVE0w3Fd4UWQ6lj4e9Hp2lkrSPWvWmZSw9qppuGSmJopL7kTVpwEJuNikYzCRZ9sQ%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
.w55c.net/	1970-01-20 21:52:09	Name: wfivefivec Value: CMCj7bCX1Q6LBO5
.simpli.fi/	1970-01-20 21:08:57	Name: suid Value: D24FB9361BE347EC8B269639FEDD4F63
.turn.com/	1970-01-20 16:41:07	Name: uid Value: 2527010548337587538
.everesttech.net/	1970-01-20 21:07:31	Name: everest_g_v2 Value: g_surferid~ZIAT1AAP2ZlASQBL
.w55c.net/	1970-01-20 13:05:07	Name: matchgoogle Value: 5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
adservice.google.com
adservice.google.it
ajax.googleapis.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
dalc.valuecommerce.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
momen.tofu.fit
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
r.turn.com
region1.google-analytics.com
s0.2mdn.net
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
vpj.valuecommerce.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.111.217.42
142.250.184.226
151.101.2.49
172.217.18.2
185.80.39.216
185.89.210.244
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
2600:9000:225e:ba00:18:82c:9d80:93a1
2606:4700::6811:190e
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:806::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::2008
2a00:1450:4001:82a::2006
2a00:1450:4001:82b::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::2001
2a00:1450:4001:831::200a
3.126.192.167
34.96.105.8
35.186.193.173
35.204.158.49
49.212.207.53
54.65.90.255
034a7f77d7c4b89b038ff32a0542d1e3e4071c1d27f91747b3d163fb491979af
05cf5455374ae4dac3d14afcda1af08c385a6d974204e33606e79adbc77e193e
069b4b349dd050e98f438fb36ac14dd91f9f279e8a1cf9a71b8a9cd8e51b8ab8
095834cc86bd018fdb4a9e31c99f9f96904b819be2b9dc16b3390383288d4d90
0a29facf9b45ada2ccb36f2e33ef4b2e08dc3b2b551445d30d934b2d207f4e92
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb4630bd42246fedfd677e82b723af1cd563d9d6203bcf3d79701128a5d5b50
0bb5af18639dfc54932f4340945c1dceeb1e5aac5933b578f2ab597f29137599
0c65085463ea0bc4267a3299ca0e61dc2145eab11169dae0cbe20d7e75d0fb4a
0f7c9dd864d72d258d50918e941413675eb7db0e7b6418e8a3b072e2c386885a
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
106fcd8d723eda7d92a26893a439ccef998e5fc68ad228253607143d801e8cd8
10730811c5e6c638696bacac570f78c617aac67b3d8d0056714cf09a0c380a4d
1146162f2a10d80de0984b174ea81e9c33ff85ce6e979758511dedcc23cf584a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19b9347484f1dd210556d500e9291f9bc1d658c25192ce8dc349b751c7f91f71
1c3c9f4a209eac69eadb26e959100c5b20e767f95d5e6b9f9fc0a59558f722fe
1c45dbdb7b09412d6e8d0a108245bf284d53a80fe178119869ca65654c0621a1
22e5f1ed3df935248f27fa5727af86a1572746560a29d83bc99fa9cf8cc3fc16
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b
3a3a93ff195fb60e6bffb8600751899ca4743fe21f8c4c139bb504689e13d0e1
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
4434bbbcc6d25483cc0b1be91f94c180d1f3b52df2c410bd9db1d035d572982b
46b28dc3c9cba6768e8c9ae495191178acb66dc15cd4e8de6bc8929b58c86069
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cfdfc2ed4fa9301edd5fb41a18f88773221f982fe220ac8340237667b705a1c
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84
5395c4125ab919ab7bf4c8500d8d7357df1dbbfbbd2acef81fd0cf09f884abdd
53a6e3e559ac16571fdb15b82b383e10017a31ea38a907aac8aa0fbd6ed02a9c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56bf61827b36342f5ef80ad46f9d290bd2251d3e2100576c6bfa0eac8f3bc668
56d01ad66f7da669c13688d4767db0d9f3dfa60b3ba93c0da30382fd7d2b8e0a
59384e6ba0f5c00e2c1519e13b5ef7d63832ad7c50a34ef520a449160f780184
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6403dd0b8af39a0f0ebd94fc353ff7ca5f93415d9b17f51f989b113bc41e672a
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6803cee2f4dc388c4b4b7919a46731c73ac178a7f1f1e8c561bc7b10419edfc4
6b83370488f38f5f46819790bb00826c31ddc782b16c545b8028a89e629d4a4b
6bcfc620ccfdfa75766e77449ee68a3eb6d6ac6fa6727f454558d815954318cf
6bdc2bf2db4744a741fc90761e27b7cb360ecabd9a3edfd586defc9eb95717df
6bfb98fd0e8004afcc32e10b2d0f877b3f6bd8671225d982e0408baf87ec0985
6f14101998fff51d94efe7f1946d812be542fc3f97b7306ddc116eaeca8fcf7f
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
7763cf61ef887eab9387b512247ceb8dcf43bf89125c3709ba5d3f33627a85a2
78ddeb39a928825cfb11fbd72a2c5a5fabf18add9b6208e4bee826e7bcfd9c2c
7953a1c7bf47abfd18374b1ce5d22ceb75374fd46282fba9b5bfd9d962ce771e
7ac0a8d8faf26b8a5ab31b9a5dcb8778adb98efcea5b4d2e38197e0a06e765c2
8324420ade444d21ad9e758609a2448e087326fcb487aa7f1b427b20bf3cb248
88f583ee58b9bff1c37eca6691a3a51d19563ea7824d06d62dfcc6a81b189b5a
8e6c93518a7e7ed735e56c13f1c9c7d8a50d5f2a34a235f747984ad07155c5a7
9308b705d2d0ac6c12ed564db32be5b6db776e14ceefd8c7f16c947e65db6b0b
95b370c1570e53cc01f461d937c99cc010adc3ef5810d03ef72f870bb4d1b8ac
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9dd6bb872079f1549abb3a4b8da2f45549a4362e84079869e74a1ad43d92375e
9fe6a07f596d507305d1480e6bb301d04cbf5ef8660b24b9fa411e39607a7ab5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
ad13039f1eb7069fad699b7a4ecb4dd49cf4685efd8b3ea892b118e53bbfd688
ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0bb9969a7c75f2d24e8c08cacb1856ecc281c6759da8ab8c60b43605b8c3b5b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a6ed36e244a80342ee9f18d1dc120eb58adcdf730cbd18fd962f195086e209
b22a6914bcfd51c615ea47a6ae43f2801fb7cefb1bd63cd7a425f1d1f6d7f0c0
b2d6603678aff496698fdc77cfd6f771c6d43f1bfe3862c81b68365125a708a7
b506f8f76bfb47bbfcbb4b89338b5c6e4345c41f33e9c65117138d9dec93fe28
b866238e8afa54b890387ce3f783b5a8a1cac40e0251839d83c579eaa0ebc7f0
b8a06a04982c11388ea357a3d3c5e76b94b5a1ed159fd947afa86b5348824ef4
c1017622739cf5b1a5aa4f9d8a2fc4b3f6b43b32072615e61e54c9ac4fb32e71
c54947e67503bb21778d64789ceac992de7249f7cbcfea7dc233e7db5c2a72fa
c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b
c7a338bf3333756316526db2e2d34a407340656360bfcb57d1ae569dc59a7f8b
c89b2c4e3b2a14c8cbce7de23753253297ce0ba0b0496497e63c6a1d095e6349
cae69e643674ce071a2b636b10b21583a97e9fc958a8f5a21c14d3aff49790b4
cb2e82355927b12155d9455aa6b5cca86252379428cd8cde028a282bee334e38
cc4d059a1635069ff8d028f8dbc26a45283d28eb9d6a78823c44b35d77517568
ccf84bb53b19b1e5310d031c599b2ac4f0311ac5cdc17bd47da8e409e72ffa49
d04b1faa2da8b85f4f650a0ed3645bb5aee8b8faa5ce054de1115b315059ad68
d2e9b9928610c087592b74ac222151ee41ee3231c790dd820822f7c40a193a75
d42e2b0fdb945504b8da66763e41d57d6245ab8218c6df329b56a841ffbcd7ee
d4960979cc68301bb2d83cb8c9a419b2a277d83b8a827db55da18dbd6319ed0f
d5d2b3f5d707efa01a5ebd71c0baabf61f8e0207ff92f26412a5a14db04c8593
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dce792814c67bc03cf20b5bb4bf6d317f052add475115e305f0c0924df4ad9f0
dec615839bd2fc44786c684ff2d80b279bf37196b0f07cd20b5216652ab81069
dfb71f5afd277376cd1ed2b530adc5a3c3452549f7f923b3c69768bd1571306a
e0a566320d88f842ad7c4c521464cd2a460366bb2bd12bb819540ba9dc441047
e108912e5dd660ddce587e49147a4c3355e740471ba32194aa78ab18c1eddbcd
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e684e3bdd0b48d1a7bf9cfc11024cdb3ccbed72899fd39c3f7976a4c1c84bd70
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
ea2da4aa00ab6fd2fc25ee6d3980e7ffb10f885caf38df2dce561565a521f350
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ee1b47be81579325f7ab11625c9bb6398fa607a1667a72a264303f568782a53e
eef5a10696ff6343899bb5f32d3a9537ffb0aea438979e11ad53bca31e0b74a4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2679bf19f9779abffec993189bacb964bae792ce90c472bd4e54ef462445121
f30aaa659d9d5e3658a6bb3b1e177c7090466a4d2bd2df32364263e63dc96c93
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6956c081898cba209f04bf3a248390c30564a1042f500d1152ecb50429acbce
f75c289e7ebc8e9c95e7356946f5677e4d1d380b2a916aa08f2ac0941414c2a1
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f9119e8ca4c1919a4c1dfa203cf9cb37ec1d866d0096b33316dbaf0061ff410d
fc880095d2fa8e54c06c0a2b0b79d6553ac8646bab2249705cc4e0128ac195d9
fee6d29c185ca3cc6c7ab081e154531e2dabbe980afa68d89ff23417c79976d8

momen.tofu.fit Open in urlscan Pro 49.212.207.53 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

187 Requests

95 %HTTPS

61 %IPv6

23 Domains

32 Subdomains

28 IPs

6 Countries

2823 kBTransfer

6153 kBSize

21 Cookies

0 Outgoing links

Page URL History

Redirected requests

187 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

momen.tofu.fit Open in urlscan Pro
49.212.207.53 Public Scan

Screenshot
Live screenshot

Full Image

187
Requests

95 %
HTTPS

61 %
IPv6

23
Domains

32
Subdomains

28
IPs

6
Countries

2823 kB
Transfer

6153 kB
Size

21
Cookies

187 HTTP transactions
7 data transactions