www.u-pull-it.com Open in urlscan Pro
2606:4700:e4::ac40:ad16 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.u-pull-it.com/
Submission: On February 06 via manual (February 6th 2022, 12:43:12 pm UTC) from US — Scanned from IT

Summary HTTP 179 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 11 domains to perform 179 HTTP transactions. The main IP is 2606:4700:e4::ac40:ad16, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.u-pull-it.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 3rd 2021. Valid for: a year.

This is the only time www.u-pull-it.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
56	2606:4700:e4:... 2606:4700:e4::ac40:ad16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
31	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
3 9	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
49	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
179	19

56 2606:4700:e4::ac40:ad16 (United States)

ASN13335 (CLOUDFLARENET, US)

www.u-pull-it.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 124	1 MB
56	u-pull-it.com www.u-pull-it.com	769 KB
18	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 96 googleads.g.doubleclick.net — Cisco Umbrella Rank: 46	186 KB
14	google.com 3 redirects cse.google.com — Cisco Umbrella Rank: 2788 www.google.com — Cisco Umbrella Rank: 13 clients1.google.com — Cisco Umbrella Rank: 437 adservice.google.com — Cisco Umbrella Rank: 80	168 KB
13	gstatic.com www.gstatic.com fonts.gstatic.com	140 KB
7	googleapis.com www.googleapis.com — Cisco Umbrella Rank: 35 fonts.googleapis.com — Cisco Umbrella Rank: 47	5 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	187 KB
3	google.it www.google.it — Cisco Umbrella Rank: 15707 adservice.google.it — Cisco Umbrella Rank: 44821	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 777	645 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	36 KB
179	11

	Domain	Requested by
56	www.u-pull-it.com	www.u-pull-it.com
49	tpc.googlesyndication.com	googleads.g.doubleclick.net www.u-pull-it.com tpc.googlesyndication.com pagead2.googlesyndication.com
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.u-pull-it.com
13	pagead2.googlesyndication.com	www.u-pull-it.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	www.google.com	3 redirects cse.google.com www.u-pull-it.com www.google.com tpc.googlesyndication.com
8	fonts.gstatic.com	fonts.googleapis.com
6	fonts.googleapis.com	googleads.g.doubleclick.net tpc.googlesyndication.com
5	www.gstatic.com	googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.it	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cse.google.com	www.u-pull-it.com www.google.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	clients1.google.com	www.u-pull-it.com
1	www.googleapis.com	www.u-pull-it.com
1	www.google.it	www.u-pull-it.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagmanager.com	www.u-pull-it.com
179	19

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.google.it GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://www.u-pull-it.com/
Frame ID: 8C6B01C3449BCBAE901B87F410167948
Requests: 108 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20190131/zrt_lookup.html
Frame ID: D55CE7357F147F7D11E7CDD4DB855B24
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&adk=1812271804&adf=3025194257&lmt=1644151387&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.u-pull-it.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387588&bpp=2&bdt=538&idt=242&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5343799261868&frm=20&pv=2&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=257
Frame ID: 51909BD8892972C40770D29B7302C19F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=3845584887&adf=3466629865&pi=t.ma~as.4651459360&w=1130&fwrn=4&fwrnh=100&lmt=1644151387&rafmt=1&psa=0&format=1130x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387598&bpp=3&bdt=547&idt=250&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5343799261868&frm=20&pv=1&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yeD0pNJMvA&p=https%3A//www.u-pull-it.com&dtd=255
Frame ID: 36D17F5088DAD49347292E81DE93C1CE
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=1643172156&adf=697320281&pi=t.ma~as.4651459360&w=750&fwrn=4&fwrnh=100&lmt=1644151387&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387610&bpp=1&bdt=560&idt=343&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=1&correlator=5343799261868&frm=20&pv=1&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=1803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MVI1HqZYps&p=https%3A//www.u-pull-it.com&dtd=347
Frame ID: 4C85901CF9AF2FBE5AC98A30BE47B388
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=2108774078&adf=4050763930&pi=t.ma~as.4651459360&w=370&fwrn=4&fwrnh=100&lmt=1644151387&rafmt=1&psa=0&format=370x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387613&bpp=1&bdt=562&idt=364&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280%2C750x280&nras=1&correlator=5343799261868&frm=20&pv=1&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=995&ady=1174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=cmJ8tkajUQ&p=https%3A//www.u-pull-it.com&dtd=366
Frame ID: 6A05410899837E58257E2744AB63B4C1
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17845836043024390609/index.html
Frame ID: 8AA6EE04AC434B801828A4D5D5979D9F
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CTscaW8L_YayfPMWh9u8Pye6W8AHK3IKUaIPk1InUD6zw1ITkDBABILiK9Vdg_YKRhOgRoAG85JiYA8gBCakChe8Dwc41sz6oAwHIA0iqBOYBT9Aj-X_dsuIMd2zN6EVYqC6VpJircpNpIFoV5k5C2zWqLWfj4ObIpXpqEo8KU-yj-vbWUG5ruxOnpYB3MiAGqyPFzZLf5Swj-F9iT1Mkqx8RysnLnSqSLtu4-t_-ZERHB-nLOfWvot2PLijTx69hl4zI-ckJ9-w9Ut1Ro9NjRDdisV0Ae-bxda4gP7XHdbzveFCFeRBgmo9EsydCMpL-GpSIaef_yBAvz3dvmLqBq9tl_jxgGim7AXWQVkrAfdNNvwXt9huhxQQNa4Bbf59JBIPNSvwGfVg_RpKQIv_3l0NIXaG-aRrABL6776LqA6AGLoAHrJvnZ6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEIfUB9IICQiA4YAQEAEYH4AKAcgLAdgTA9AVAYAXAbIXHAoaCAASFHB1Yi0xOTU3NzA3NzA1NjAzMDA2GAA&sigh=bjj-NmdKkDg&uach_m=[UACH]&template_id=419
Frame ID: F9EE747716FF3CA8E02B7050571C6ECB
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8200CC7B5868A95236089F63545ADFC9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js
Frame ID: 928B2A1A92703DBF339871E620FD2C81
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js
Frame ID: AB943C3D6CE84F85843A83D2DAF207C8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1
Frame ID: 53FE0D122493E849676944AC4FAB5861
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1
Frame ID: FB0E3F627F73C45065EB2F7F7FC4165D
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356520481313741674/index.html
Frame ID: EA7ACA03296CEC355CD009961D9239FB
Requests: 20 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 6E8BDFE4ABD76B5EAE620DDAA15525F6
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 95E5E3CCFDFF77C6F50279584FED30F3
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EEFE0C117A6214ADF3226821C4A53311
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D85FF5B8516F5D02917CB051F1B68702
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A51C9334A06AF41F484B1A08716DC9B2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CAR JUNKYARDS NEAR ME - U PULLL IT SELF SERVICE USED AUTO PARTSExpandToggle MenusearchScroll to topScroll to topExpand

Page URL History Show full URLs

https://www.u-pull-it.com/ Page URL
https://www.u-pull-it.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

179
Requests

100 %
HTTPS

94 %
IPv6

11
Domains

19
Subdomains

19
IPs

3
Countries

2586 kB
Transfer

7825 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.u-pull-it.com/ Page URL
https://www.u-pull-it.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 135

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 178

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 179

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

179 HTTP transactions
34 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
www.u-pull-it.com/ 160 KB
31 KB 248ms
191ms Document
text/html 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b758e4ade89d0f63877c3ad2aa989ca9910aa958de5e8148e4ffa1ea42513365

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9

Response headers

date: Sun, 06 Feb 2022 12:43:06 GMT
content-type: text/html; charset=UTF-8
x-dns-prefetch-control: on
link: <https://www.u-pull-it.com/wp-json/>; rel="https://api.w.org/" <https://www.u-pull-it.com/wp-json/wp/v2/pages/3013>; rel="alternate"; type="application/json" <https://www.u-pull-it.com/>; rel=shortlink
vary: Accept-Encoding
x-litespeed-cache: hit
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jB%2FeO7xjSd%2FXS1%2FvwavHXNW0vyr0UYbUD9QSlYImpHPIjrcJ0D6RBFuCLHOdIsgfpBsu73CNTXuVo06n8qR1vyOhlEu3H58cI0pc9vNLsxmgp7FJ9Lr%2FhcNKShhRiiJLvPfubLOjpGRibtnOFO4THg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d9476557c82839d-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 BvpFCnKzEDSH2kx2aFtjkKl65GM.js Show response
www.u-pull-it.com/cdn-cgi/apps/head/ 5 KB
2 KB 71ms
70ms Script
application/javascript 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/cdn-cgi/apps/head/BvpFCnKzEDSH2kx2aFtjkKl65GM.js
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0385ba4f9e7baf0cd4c8eb69afa560a0b0eb355d3e1baa4bd3cc8b2c8e45d5f7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 219879
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: QHDJXHTWBWESGRG3
x-amz-id-2: tXukZrWDcT5uTc77Y2iKH93hj4t9UbvFx+Gerxy4E+4fgbBR9t4Wu0L2HHXPE8QcAlcNQ1AxLqE=
last-modified: Thu, 12 Dec 2019 05:16:57 GMT
server: cloudflare
etag: W/"81d512416ea4a115efa5d17b5e6d7631"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oRwEHKOhPxs%2BqeneW4A4C72yDc4lzGmc6Z2IZI4F%2Fuj%2BX3Ovsm5CUVOXNLkdsDIzjMVnvQuhXQi4HDmmhffkBVo0lJFRF1Gt%2BGRyOimdHr2Tfg7liIHC32XYov9p6E8Lq3gySHknU98XoiNarLnViQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: uqB02dDzB1FZlnAORqNe.QYATYukZyQY
cf-ray: 6d947656e878839d-MXP

GET
H2 200 985090d54afab95b86f9fbbb12201337.css
www.u-pull-it.com/wp-content/litespeed/css/ 1 MB
162 KB 53ms
52ms Stylesheet
text/css 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/css/985090d54afab95b86f9fbbb12201337.css?ver=fd4cc
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea3318e2b92bdbbc82916c7f662dd295a53d8d7c99bd16cd45c5392c26d62256

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1664
cf-polished: status=cannot_optimize
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 25 Jan 2022 14:27:25 GMT
server: cloudflare
etag: W/"16f877-61f008cd-320b94;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VFkviRRWi6kpN9gedgSOwR%2BI6x2FFB1HMsqO8XboE46ymOpEOy63dnCIcgWW7OPxdqiChF3hNe32mt%2FGeKJTRo9wctqMwQwzzgSOnTIhR0i72wzQ7vqlrfD%2F7Zbl2wiZTxUeT0aJ4hbeJynGNqfBWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6d947656e87b839d-MXP
expires: Sun, 06 Feb 2022 00:14:36 GMT

GET
H2 200 cropped-UPIlogo.png
www.u-pull-it.com/wp-content/uploads/2018/12/ 1 KB
2 KB 95ms
94ms Image
image/png 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u-pull-it.com/wp-content/uploads/2018/12/cropped-UPIlogo.png
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7abbd50259f3bcff758cf50b078fa045c1b5adc3e0456baa0b64170ab97c54

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:06 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 03 Oct 2021 22:25:48 GMT
server: cloudflare
etag: "4f2-615a2dec-301e03;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmumX4tKURmCvzi1pu7FACR4JSTYmYifSewiEJ%2Bvkp2zGT%2FXUaLqClnnFXu3SVhG4P0yIk895bxLSzYrAZ08UkRZnCPKBj3bLzF1y2ISc9LpsNDXiDUikb65U47dzDBp7sjOyMHlWF%2FKCB324lIblQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 6d94765759a5839d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1266
expires: Mon, 07 Feb 2022 00:43:06 GMT

GET
H2 200 aoG1Ey13nth2pvRxIIjAevmqzNM.js Show response
www.u-pull-it.com/cdn-cgi/apps/body/ 6 KB
3 KB 44ms
43ms Script
application/javascript 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/cdn-cgi/apps/body/aoG1Ey13nth2pvRxIIjAevmqzNM.js
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/apps/head/BvpFCnKzEDSH2kx2aFtjkKl65GM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bea82a0e496f9ac4fc5a0349674c20fc8733ac9651e2d06d6ece1a63d15ca735

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 218966
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: YKENWXAM765NSD3P
x-amz-id-2: mUhtWoMxUMX527CMqbBZMHemTPgwYqL7Os/1CD/+haj0odjQUTME3Lp4jInfEkANxjOsXYO79YM=
last-modified: Thu, 12 Dec 2019 05:16:56 GMT
server: cloudflare
etag: W/"d78ae742b3db62c395093f9910ba28eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pa4h%2FgmAOzDTDwMqx%2BZw%2FG%2FvsLW2I9fl0iJ%2BIX8S7NEflgqLgDSxaLePWMKibmNPA%2FpTlTYaT2W1deRDayHccUJ1L2CxdbAg%2FEb2fIwzYB8xatYCMJ41QW2kftBdn2dEKQzKGKVShGsmGkPNHoEhSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: yV2YeiByh76RsMr0WIyQG.CdsDX3o8fC
cf-ray: 6d94765759b3839d-MXP

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 129b2f90622753ed6ccfd8e610d3236ec87f1b93af9afed05bc68e808b8f595e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c7a62d35038f015936e535fd55a52eb94116831c5008679867f55615470380

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4ef235c3eef8bef32e50772b0e1304d8b32c115f886b9ea90200b5834045c6e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 144 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5cb3c2477e41ca879dd08266a7cc5ca76272ff26f53fedcff5672feeaa7bb97

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 144 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 545a515e4e22ea119ed0f30968bc6a3b07c9c77755735a1d654a8b2206434d56

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1914c65f50a289e8c61022e4ff089c99f7e41459a50c7a7e8636fbd42342d582

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 header-bg.jpg.webp
www.u-pull-it.com/wp-content/uploads/2018/12/ 16 KB
16 KB 169ms
169ms Image
image/webp 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u-pull-it.com/wp-content/uploads/2018/12/header-bg.jpg.webp
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:06 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 03 Oct 2021 22:25:48 GMT
server: cloudflare
etag: "4036-615a2dec-301ef7;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G59k%2FUNfIL9zJ%2FcBjMrvxC7zGL13syAh5IuTttsUZKyMywlfQgXDtWt%2FfPULJEKlfd0U3AfxHBsX9sW67EqMUeHEn0YCFzRsxqUz1fh4mZTfVmeznBKl3QqVb5HINTzZQX91ZjQd2ttQXmr%2F1zHCQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 6d94765769cf839d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16438
expires: Mon, 07 Feb 2022 00:43:06 GMT

POST
H2 200 guest.vary.php
www.u-pull-it.com/wp-content/plugins/litespeed-cache/ 16 B
663 B 92ms
92ms Fetch
text/html 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/plugins/litespeed-cache/guest.vary.php
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rU2bDBSTXvgi7e4ITDHv3WgHyKyC6PrXgsUekYWWSUXPdJQoUDXH%2BmoEu9w5dGyk%2Bic5qm9DVn31tu0DuKHrDg5uG2zZQR2UeH9WjW%2FwTFQihGMLbs8T77pCiyj0Y7SRqAtukpWJUwGSwT5XjsrsMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-litespeed-cache-control: no-cache
cf-ray: 6d947657db18839d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 854 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8567910c20a8d5d4780282da4d9bbd8d6ecb51cda15a6a52c0ff0e08d21e44ca

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 fa-solid-900.woff2
www.u-pull-it.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 76 KB
77 KB 29ms
28ms Font
font/woff2 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/wp-content/litespeed/css/985090d54afab95b86f9fbbb12201337.css?ver=fd4cc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.u-pull-it.com/wp-content/litespeed/css/985090d54afab95b86f9fbbb12201337.css?ver=fd4cc
Origin: https://www.u-pull-it.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 419
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78196
last-modified: Tue, 25 Jan 2022 14:24:08 GMT
server: cloudflare
etag: "13174-61f00808-30572d;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u6aSzh56kMrOsmotxgglNUkOjp8QYu7rkPOCjybVsEtAsBzyF13%2F6ghIBB9q%2FEzoPZeMn7sBaMzdo9ZJL0NwOwXWDgdowCGgs4FJGAnBktaC8V8jooidaOuHMq2inuspkojtn4bcVvL9UNXkbDqBbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6d9476583c5c839d-MXP
expires: Sun, 06 Feb 2022 00:21:11 GMT

GET
H2 200 Primary Request / Show response
www.u-pull-it.com/ 196 KB
38 KB 87ms
86ms Document
text/html 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dde8490690d90faf4b84d4c8f83cfb3980f432ddcff3ee47f5e58a0efb954d58

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-type: text/html; charset=UTF-8
x-dns-prefetch-control: on
link: <https://www.u-pull-it.com/wp-json/>; rel="https://api.w.org/" <https://www.u-pull-it.com/wp-json/wp/v2/pages/3013>; rel="alternate"; type="application/json" <https://www.u-pull-it.com/>; rel=shortlink
vary: Accept-Encoding
x-litespeed-cache: hit
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bnGQEUp3FeC4HIwEj71xnJGkSD859u7Wn%2FXL9vKop86voXDx5nPsPoaFSyEwD6lHLeILDbfpxi4Jwk9iHz5oe3rbvjJmkGYRhGdXjvhbG7o%2BMPiZFOB%2BV%2B5KF4agKQovmXRH5NlfF3rg5AoA1sNz4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d9476588d1c839d-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 BvpFCnKzEDSH2kx2aFtjkKl65GM.js Show response
www.u-pull-it.com/cdn-cgi/apps/head/ 5 KB
2 KB 69ms
68ms Script
application/javascript 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/cdn-cgi/apps/head/BvpFCnKzEDSH2kx2aFtjkKl65GM.js
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0385ba4f9e7baf0cd4c8eb69afa560a0b0eb355d3e1baa4bd3cc8b2c8e45d5f7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 219880
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: QHDJXHTWBWESGRG3
x-amz-id-2: tXukZrWDcT5uTc77Y2iKH93hj4t9UbvFx+Gerxy4E+4fgbBR9t4Wu0L2HHXPE8QcAlcNQ1AxLqE=
last-modified: Thu, 12 Dec 2019 05:16:57 GMT
server: cloudflare
etag: W/"81d512416ea4a115efa5d17b5e6d7631"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dSeJ7pAZQ1G87IuDWiXrnt9wczhHIGn1Flgz20RvCWe5sb%2FJfMKdh2jpLdnPdbO5TqM3a282%2BDsiiJApdz3%2FF6IMC2H%2BkCi5Da5OkdtO%2FaIQ4DTIa0aThpA65Q2dlzY1G3ZvpGzooafk76xxpbj6Rw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: uqB02dDzB1FZlnAORqNe.QYATYukZyQY
cf-ray: 6d9476595f51839d-MXP

GET
H2 200 bb14a09b08830491ee7de12ccaa10347.css
www.u-pull-it.com/wp-content/litespeed/css/ 78 KB
11 KB 71ms
71ms Stylesheet
text/css 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/css/bb14a09b08830491ee7de12ccaa10347.css?ver=10347
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49d4be8be611ea416f078b0cac27ea6b677cec33d8e5f0ce29542da2deaa9d80

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420
cf-polished: origSize=80557
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Feb 2022 09:50:55 GMT
server: cloudflare
etag: W/"13aad-61ff99ff-32023b;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7sqez%2BdyOQBofxPj99v1Q02HmBGUutI5E1O9Q8AyY5Tdqz5yiR7n2cfoaJrL8FNmzKN7Een5qg7E0rrwpYgVvo3cJLXGiu4Hx6HSbtjGUo4XQX6Jw2GHAMAjNGjxyMPfefD8tWd7b986lZq5VUGVOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6d9476595f58839d-MXP
expires: Mon, 07 Feb 2022 00:36:07 GMT

GET
H2 200 6d02cae2e9b506159959ae97d61c8237.css
www.u-pull-it.com/wp-content/litespeed/css/ 18 KB
5 KB 73ms
73ms Stylesheet
text/css 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/css/6d02cae2e9b506159959ae97d61c8237.css?ver=c8237
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae3ab6e55cd6b5a798aeba2ef677cd891ae62a2bcf15395bfcc917d4751aeae2

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420
cf-polished: origSize=19001
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Feb 2022 09:50:55 GMT
server: cloudflare
etag: W/"4a39-61ff99ff-32023f;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JY0sRlNCU2V8J%2B9eKB%2Fc91WvbHZ8ZbsuVsWQG7H%2Bg7LO2F9PMz6EIy5u5bK9mzDXBCTww7x9ekl4PbdIWLFZ7oMhIPl3Ho77hAVOZE1frH%2FjWgUF%2FfETA%2FAEOMwr%2Bk%2F5Vl1KocUo%2B5QPHhydyca74Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6d9476595f5d839d-MXP
expires: Mon, 07 Feb 2022 00:36:07 GMT

GET
H2 200 c442bf114a8daf1c42b0081298c0ba65.css
www.u-pull-it.com/wp-content/litespeed/css/ 28 KB
5 KB 68ms
68ms Stylesheet
text/css 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/css/c442bf114a8daf1c42b0081298c0ba65.css?ver=0ba65
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 014899709e9abfbb29ff89d5964d40a1d3efbecb1faf88173e999a08e7c8a4d3

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420
cf-polished: origSize=28748
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Feb 2022 09:50:55 GMT
server: cloudflare
etag: W/"704c-61ff99ff-3202e2;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLJWxChHRAuc3qLd8Cnj3REMixU50hmmCbakCabFhwojKEeo5evvOMQr%2FqF85yFXxAGjQ6I83d7IgBid4KElsrLM3%2FXrlRMDEfMAl%2BS5c3KHvnhT1d3%2BwjGoiXJBkz1VsYMoRhIIlZObi5twxWisUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6d9476595f61839d-MXP
expires: Mon, 07 Feb 2022 00:36:07 GMT

GET
H2 200 8ff6a77c81d476f6b5e7f41f55cfa488.css
www.u-pull-it.com/wp-content/litespeed/css/ 30 KB
6 KB 69ms
68ms Stylesheet
text/css 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/css/8ff6a77c81d476f6b5e7f41f55cfa488.css?ver=fa488
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ffcca15dc6aa1936d268a8c3f1b0237193fc9d8dd5f23627daf57c1eb273b5d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420
cf-polished: origSize=30982
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Feb 2022 09:50:55 GMT
server: cloudflare
etag: W/"7906-61ff99ff-3202e9;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95a6i8XKslJPgiug4yrgQMWv664wLJ2MYKJCJoiBizTSJ9wbIdAAZpy8m0K2vb7evtF9nXw8wy8gzXFlfC82epKen1rLEV9hio47ju5sMEK%2BpuIBhYk%2BPCrRjX8jb%2FTST6sDEyMd%2BlBBloYdJM%2BKeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6d9476595f64839d-MXP
expires: Mon, 07 Feb 2022 00:36:07 GMT

GET
H2 200 484745072a1c2d0685ab45565e8d6a6a.css
www.u-pull-it.com/wp-content/litespeed/css/ 17 KB
2 KB 71ms
70ms Stylesheet
text/css 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/css/484745072a1c2d0685ab45565e8d6a6a.css?ver=d6a6a
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c13c3bee4e1b31c9287f7720de7a0586e3c411ae1f25a3137593265c3bb03cb2

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420
cf-polished: origSize=17035
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Feb 2022 09:50:55 GMT
server: cloudflare
etag: W/"428b-61ff99ff-3204b1;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3uHUNf8GcofxvYAZRUPdc3BpeE8Dh7slMkzCBzEf2tzaJ8etDRq2EnbptkBWomM4qf9WfbiQmfJ9e%2Fg9fENi1yQQGLxDUR4EuTTUXlGrg%2Fg8zFZU8sVDLHYBRsiLUWRMzT9GUX2WWRxMJZ8LOSm6kg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6d9476595f66839d-MXP
expires: Mon, 07 Feb 2022 00:36:07 GMT

GET
H2 200 1ec2a537ccdba69294253bd2bfd5e3aa.css
www.u-pull-it.com/wp-content/litespeed/css/ 19 KB
4 KB 69ms
68ms Stylesheet
text/css 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/css/1ec2a537ccdba69294253bd2bfd5e3aa.css?ver=5e3aa
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a198c3338edcdaab4efbdb7784d627e2bee2e510730b7ccd008d683aabf9f1c3

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420
cf-polished: origSize=19338
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Feb 2022 05:04:01 GMT
server: cloudflare
etag: W/"4b8a-61ff56c1-3204ba;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2FpeRAbE1ORvXL6q80FZCyKnjzFio0Ck2Y%2FGlE2ycE8O4U2PtBwhsNzBTG8Ie4VjwgMEdp1cQfcUbK9Rb5f%2BdkO0BwBYPQu2Nds%2FOZuJZNeAIHPA%2FGzs3ID%2F7H982WWrgUZTaNOqWFQPg%2BVL59K6kw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6d9476595f69839d-MXP
expires: Mon, 07 Feb 2022 00:36:07 GMT

GET
H2 200 acb75d8091b62f469cfc0dcbcb11a853.css
www.u-pull-it.com/wp-content/litespeed/css/ 97 KB
13 KB 93ms
91ms Stylesheet
text/css 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/css/acb75d8091b62f469cfc0dcbcb11a853.css?ver=1a853
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f71a9986cb020bf7a514780063787879d613df7c6248eb7d2cb6801f2d7c86b6

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Feb 2022 05:04:01 GMT
server: cloudflare
etag: W/"18204-61ff56c1-3204be;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3I73UOglvc88msp1bq6WW9Btjo%2B3iHL7IqWnKL7kE4jUZoDUfljUE3dTMrU2OXlHBUE2CeqNrQeBn0zB010QioIVmRQPmjs%2FDm5CP10eYlG15zn5xpGjkS04Fs3xcdp0mbMQn3Y7T8%2FA7pYitc1iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6d9476595f71839d-MXP
expires: Mon, 07 Feb 2022 00:36:07 GMT

GET
H2 200 3e216314622873dde73f8f56469e75c1.css
www.u-pull-it.com/wp-content/litespeed/css/ 2 KB
787 B 71ms
70ms Stylesheet
text/css 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/css/3e216314622873dde73f8f56469e75c1.css?ver=e75c1
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0058b35acb32c71242691060f6c85edd4d68ce71e8a4ae6da17c60f9a7819dea

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Feb 2022 05:04:01 GMT
server: cloudflare
etag: W/"663-61ff56c1-3204f0;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UWAqmr47mlXX%2FdgZhMivX3tdZyNKFGfaXtUoeUxIZEWe7bEVrW87EB2QRZEucHWVlP2i8hrHj4bPG1jjpNzDfw3azyNssAdQ%2BEww2QW%2BdhIgaDPVkVRlUsU136USHYg9IhpQVDM1Ny2bkzFyDXy94w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6d9476595f9b839d-MXP
expires: Mon, 07 Feb 2022 00:36:07 GMT

GET
H2 200 8c2791619e099434f92fbd6699356376.css
www.u-pull-it.com/wp-content/litespeed/css/ 124 KB
15 KB 80ms
79ms Stylesheet
text/css 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/css/8c2791619e099434f92fbd6699356376.css?ver=56376
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 943e028100328495e950208f3da149c633cd00272275310031f90fac060cf80a

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420
cf-polished: origSize=127275
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Feb 2022 05:04:01 GMT
server: cloudflare
etag: W/"1f12b-61ff56c1-32051d;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LA2Zag%2B2Gc6PrjMLr7UuJTls0%2BZU58MejV%2FXQBchdSlaBeRVKePjPTVrNTKB%2Bm4%2BTk1R0nqpdK5g9Gr3wbKgHeewb2jhzDJ%2Btu7b3FkQPArQInsh8wgY%2BDZsSkyIWVd4JRsbjTS%2BNWjzVPq9TtuMRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6d9476595fa6839d-MXP
expires: Mon, 07 Feb 2022 00:36:07 GMT

GET
H2 200 438e8fcd9860af24e2ec0724fc3f444e.css
www.u-pull-it.com/wp-content/litespeed/css/ 611 KB
68 KB 89ms
88ms Stylesheet
text/css 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/css/438e8fcd9860af24e2ec0724fc3f444e.css?ver=f444e
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ffd4fa5a264b3e898d603cdb70ace1d105677ea64c5bbcb12e19c26269fd2c6

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420
cf-polished: origSize=626134
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Feb 2022 05:04:01 GMT
server: cloudflare
etag: W/"98dd6-61ff56c1-32051f;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D3SGTDAWH9D%2BAVeoSPQX2Vkwd6ZL1rEOKny%2FPib1%2FV6GEgJlzbV6WglAtYQyXhSNm16%2FQk4ryl1cdHgtX5Hzmr%2FZgT5aQSS9Dix%2F%2FiuVSopzzbn6zHuFmANjPVW0sK1QsIckFUGWRltcVUwwz6Ybiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6d9476595fab839d-MXP
expires: Mon, 07 Feb 2022 00:36:07 GMT

GET
H2 200 5dea695f7ae99dc3eb46a0ba1ffb226f.css
www.u-pull-it.com/wp-content/litespeed/css/ 114 KB
9 KB 73ms
72ms Stylesheet
text/css 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/css/5dea695f7ae99dc3eb46a0ba1ffb226f.css?ver=b226f
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd57a03a1fa028e612c6dd570dac10933c925b2939d6e9859178b33c19c38805

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420
cf-polished: origSize=116582
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Feb 2022 05:04:01 GMT
server: cloudflare
etag: W/"1c766-61ff56c1-320521;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y21J6a2PN1JVwWxUMEi7Yb6Zo9H2F0dfcowmodK9U70Lh2hjcc%2FRqb%2FmX%2BN2OjCKuVFgAvFOA9nKnAjfYPWUzo65rIpAdghHjpFQ8SsLcmVZ4rj%2BBR%2BUma2DxFXshBWGNRDymxbu9sBqz777UTFPeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6d9476595fb2839d-MXP
expires: Mon, 07 Feb 2022 00:36:07 GMT

GET
H2 200 736d84e039aef6c5e56aa60afe1c52d5.css
www.u-pull-it.com/wp-content/litespeed/css/ 211 KB
12 KB 78ms
77ms Stylesheet
text/css 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/css/736d84e039aef6c5e56aa60afe1c52d5.css?ver=c52d5
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68e9325be2037baf4361e4cf39a4ebf5619b92aa2a0da34484152b93a08b3623

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420
cf-polished: status=cannot_optimize
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Feb 2022 05:04:01 GMT
server: cloudflare
etag: W/"34b50-61ff56c1-320537;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FR1Buk41OU5dVHNfHPJIzY8O92Vtg6vXFKfzQLyjUnK6mk%2B8orZ9C%2BtAWoHdEWRvFLtXJInjxstg7wlmwi4EYJQ%2Fy277j80UXRfq%2BaA2Wm%2F6XEMW16k4lpIt2umc4O%2FLF%2BM14vXYsCDhdFq6iFFsCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6d9476595fb7839d-MXP
expires: Mon, 07 Feb 2022 00:36:07 GMT

GET
H2 200 cae54cdd115e2e5752ce8b5c892725d0.css
www.u-pull-it.com/wp-content/litespeed/css/ 32 KB
2 KB 78ms
77ms Stylesheet
text/css 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/css/cae54cdd115e2e5752ce8b5c892725d0.css?ver=725d0
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52f1c429d3f82fb1ab271ac382d7d769ab3a99f85455200f730cceac136d8b29

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420
cf-polished: origSize=32860
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 04 Feb 2022 18:51:43 GMT
server: cloudflare
etag: W/"805c-61fd75bf-320b8e;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hP%2FNfGGFaoWD%2FT3hF65VG%2FWR7ENFf88Eg9uShk6rg9hsrXurk8qFEJHXMLcRsPWcEYlrF3upO18pTejowmAYhD03MjCN5Vp4m1BLYCrG2uyr0G0TiikXp06sgDL3vFldAXvHyeAVIZ3LpGOAkYh0gw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6d9476595fbf839d-MXP
expires: Sat, 05 Feb 2022 23:30:57 GMT

GET
H2 200 1bde7c430826f13957512663e75e2577.css
www.u-pull-it.com/wp-content/litespeed/css/ 57 KB
13 KB 91ms
91ms Stylesheet
text/css 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/css/1bde7c430826f13957512663e75e2577.css?ver=e2577
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfe02bd50e2842b72df433fc489678e766b5c82be918efbecbe277038896353a

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420
cf-polished: origSize=57912
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 05 Feb 2022 19:11:06 GMT
server: cloudflare
etag: W/"e238-61fecbca-320b4f;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=roRP%2F28laRyj7tTQAqL2sWYUcXKIiulcIzoj%2B5RmY%2Bv1HGMTM%2BPfQY0%2B5D%2FzZAVdxuBp7X4pRaslBmL4kyrrre8LvUfaxsgdSetILVV6VVHRsdz6ifmyoPhw2S%2Fjk7Q2XBQ4O60EBv3dXws%2Fw1KOgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6d9476595fc5839d-MXP
expires: Sun, 06 Feb 2022 12:31:45 GMT

GET
H2 200 e33c1c4e9481650db7b1e36196fd2003.css
www.u-pull-it.com/wp-content/litespeed/css/ 987 B
744 B 76ms
76ms Stylesheet
text/css 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/css/e33c1c4e9481650db7b1e36196fd2003.css?ver=d2003
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34b6fbf1d6e59e931eafbf2a913a686868f3b64c6a98ad6d117aa6d657f76868

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420
cf-polished: origSize=993
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 04 Feb 2022 18:51:43 GMT
server: cloudflare
etag: W/"3e1-61fd75bf-320b5c;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WS21VL1czY27xZRVGebzU9LmOAvAK%2FBR2wOtUS5YPHJRbzbbZXlnCNepY03Ll6GYAs2EurMcs96QuXhohCXzQL56EvVYXwpgv9HbyuWwQSAAkX1i9gvWZS2sgKgyutM0Lef5XonS5xMfv8XVpG9hFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6d9476595fcb839d-MXP
expires: Sat, 05 Feb 2022 23:30:57 GMT

GET
H2 200 jquery.min.js Show response
www.u-pull-it.com/wp-includes/js/jquery/ 87 KB
32 KB 93ms
93ms Script
application/x-javascript 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-includes/js/jquery/jquery.min.js
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 03 Oct 2021 22:22:24 GMT
server: cloudflare
etag: W/"15db1-615a2d20-3002de;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BpwNAJXqKLDB20Sf9QXTwyYT0XgBa6zITmtyBtPjPqAyqX5u5ir2mxMRZDaH5Dr%2BLXrycWX2WpAhbuBX%2F40PB2ie9oThCLWM%2FnOvEQGnNSNHadgzhFF1LmZXRwz2X1Iqv%2FNDxGqYZZwXAi6Iaa86lw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6d9476595fda839d-MXP
expires: Tue, 01 Feb 2022 11:31:52 GMT

GET
H2 200 acbfa3073de5a55df296fed5651802c0.js Show response
www.u-pull-it.com/wp-content/litespeed/js/ 11 KB
5 KB 44ms
44ms Script
application/x-javascript 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/js/acbfa3073de5a55df296fed5651802c0.js?ver=802c0
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b387cd72d1c80a0c7aaf5a7e7e9f10acdb76857ebef49fc0ac0b14174fa1636

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420
cf-polished: origSize=11225
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Feb 2022 09:50:55 GMT
server: cloudflare
etag: W/"2bd9-61ff99ff-320b61;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LuILBH31T%2B0XT7Oi9VPbbHMtDNdu%2BxE1NiWP%2FsuaEPcOzeWyS73t4MA5d2WowksxoOR4BRszXUyFC%2BLMekW%2BTM0s7rG9RVJZh7MHO7mj9BQUwVxru0kV8Jm5geBPgy7ugYy10yfNUjU8QK5zf1zw1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6d947659e944839d-MXP
expires: Mon, 07 Feb 2022 00:36:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 112ms
49ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-115192652-2

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a3e4ba355dfc9f329b78853bec058aae1ec6faba763013efe129740525dd1e2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35988
x-xss-protection: 0
last-modified: Sun, 06 Feb 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 06 Feb 2022 12:43:07 GMT

GET
H2 200 cropped-UPIlogo.png
www.u-pull-it.com/wp-content/uploads/2018/12/ 1 KB
2 KB 81ms
79ms Image
image/png 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u-pull-it.com/wp-content/uploads/2018/12/cropped-UPIlogo.png
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7abbd50259f3bcff758cf50b078fa045c1b5adc3e0456baa0b64170ab97c54

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 03 Oct 2021 22:25:48 GMT
server: cloudflare
etag: "4f2-615a2dec-301e03;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eLI7GmDKFO92tjQinIfUAhlOpq%2B%2F%2Bb5eXBkCwb1kgSg4PIDlsAR11E0xqCeNwQh5DaywE0euZrDcih763OxangpTO%2BDSbJt12OlxBTb364xbQe%2BTvjHUnEY0VzfB7kGe9EPi0%2FTo%2BtT4LMTsue6Ucg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 6d947659f982839d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1266
expires: Mon, 07 Feb 2022 00:43:07 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 10 KB
4 KB 383ms
298ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=008229716389279171738:ruztqiee2l8

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

321ddcf81fbfd4bc14255430ea728d48eefc7870cd72cbbd1b87bcfd5d0416c5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

bfcache-opt-in: unload
date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: br
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3554
x-xss-protection: 0
server: gws
expires: Sun, 06 Feb 2022 12:43:07 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
53 KB 111ms
48ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1957707705603006

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

449efa6c99cda11ec2f0873a3b8575d6477e482a6523a48c101d36572eb72742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u-pull-it.com/
Origin: https://www.u-pull-it.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54031
x-xss-protection: 0
server: cafe
etag: 1399090220517561114
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 06 Feb 2022 12:43:07 GMT

GET
H2 200 0ef0bc878f437a718dbd99d94c743e2e.css
www.u-pull-it.com/wp-content/litespeed/css/ 2 KB
734 B 52ms
52ms Stylesheet
text/css 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/css/0ef0bc878f437a718dbd99d94c743e2e.css?ver=43e2e
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad879f7ef2970533c1cae474b822894d6c736259e46f9ff5f52da2b0a405db02

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420
cf-polished: origSize=1768
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Feb 2022 05:04:01 GMT
server: cloudflare
etag: W/"6e8-61ff56c1-320b5f;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AOyzVrQQBHXXn3kbWm426keHlpJyXASimYidREPgBzlk7g4O61KGYj6QYsAsomIbv%2FRDUpklZG8n8RCToHTO7kdcVlE8mo79hxVUY5BnLDzZBaI4P8%2FI6cYhaDueh%2F8KxA86XteR2FVM4wTxOxRRQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6d947659c8ea839d-MXP
expires: Mon, 07 Feb 2022 00:36:07 GMT

GET
H2 200 122ee508f2612c7dc5ac7ab30e1afd9e.js Show response
www.u-pull-it.com/wp-content/litespeed/js/ 6 KB
2 KB 34ms
32ms Script
application/x-javascript 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/js/122ee508f2612c7dc5ac7ab30e1afd9e.js?ver=afd9e
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42ffbeb4bebb4a2fd22fc5661a9b4843cfcbfec8c1c6e9731ed49cb11e5f70d9

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420
cf-polished: origSize=5874
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Feb 2022 09:50:55 GMT
server: cloudflare
etag: W/"16f2-61ff99ff-320b64;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8K4c3uPFXSZ5G9kr3KBva%2Flybb5uTAqo5VjTcLguYnTPlKwZl9n0ERIFo1tWYB5whsgpnHRPW68qJEDVf4TFxi6lIm6ouzzAAUxJ%2FYoOXpFUQgTJdLZCbMGsXrOf2W6411L%2FbtFiB6C9hLloafc2aA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6d947659f987839d-MXP
expires: Mon, 07 Feb 2022 00:36:07 GMT

GET
H2 200 1db9224732dccada9dd79d6241ab69d8.js Show response
www.u-pull-it.com/wp-content/litespeed/js/ 20 KB
6 KB 44ms
42ms Script
application/x-javascript 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/js/1db9224732dccada9dd79d6241ab69d8.js?ver=b69d8
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 883ad5e99217795191d9b87ad696ceb0b508b6c3c257899eb39ffb94938420d4

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420
cf-polished: origSize=20632
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Feb 2022 09:50:55 GMT
server: cloudflare
etag: W/"5098-61ff99ff-320b65;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BdKAunr4D5ZCDE%2Fi4JDSfY%2Fktnj%2FIXCnI3CEOJQWHUVme4oiKk30DyPtTeSMu3RWm6vfkoZYE1%2Fu9jXuQ3SJnWNnkiJhl%2BouedJKoHkQ0f51cClv7TCH18wNO2HBc2QKNJT1gdYB%2BlrVh0irNLzawA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6d947659f991839d-MXP
expires: Mon, 07 Feb 2022 00:36:07 GMT

GET
H2 200 c3f095d8193f7a0c887ad8a54617f396.js Show response
www.u-pull-it.com/wp-content/litespeed/js/ 1 KB
1 KB 39ms
37ms Script
application/x-javascript 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/js/c3f095d8193f7a0c887ad8a54617f396.js?ver=7f396
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dae60c1ae93830b79a4a973b55a51e457d539eb298da9fca643b3ed0042d569

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420
cf-polished: origSize=1428
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Feb 2022 09:50:55 GMT
server: cloudflare
etag: W/"594-61ff99ff-320b66;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BnaXgDq798t4PFCIq35JPkEXbIIWA%2FwFP%2BHBRLii7a%2BAqvnSE53kaahQc%2FGVhuiCV6LggP6p%2FwIYLOhdfO1KW4B%2BJ2FAXtjeXVpBFvSp%2FsTBCs0%2FYdGwUyo0TyooMHw%2BNgxgn%2BZkklma9xP%2FEio4yw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6d947659f998839d-MXP
expires: Mon, 07 Feb 2022 00:36:07 GMT

GET
H2 200 a0078045184e205479ed674367301903.js Show response
www.u-pull-it.com/wp-content/litespeed/js/ 5 KB
2 KB 34ms
33ms Script
application/x-javascript 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/js/a0078045184e205479ed674367301903.js?ver=01903
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ef1bb35d078499d5e68d0e512a205e3011574896787e614c9e2365443dae72e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420
cf-polished: origSize=5321
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 04 Feb 2022 18:51:43 GMT
server: cloudflare
etag: W/"14c9-61fd75bf-320b8f;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wYPqpSM3IvUWer923El9dTUqbs5MLS7ILx7QP0uYkKuWPeU8sZJ8hGvz88tTz6RhdLLC2VOrSqW9zbv11IqQ51%2BoyWzuBbYx5J3ir2b5EZv%2FpUYkqAyJM0PTTZ49tkKFTfwJfLVCzFvH0n2QV43EJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6d947659f9a0839d-MXP
expires: Sat, 05 Feb 2022 23:30:57 GMT

GET
H2 200 55a2118db9a14ae316db542f82c80e1c.js Show response
www.u-pull-it.com/wp-content/litespeed/js/ 5 KB
3 KB 38ms
37ms Script
application/x-javascript 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/js/55a2118db9a14ae316db542f82c80e1c.js?ver=80e1c
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e6f3e6e46e5f2d2ddd0f5c7f50cbb06058260292fa52bb0c3b668c8218e4931

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420
cf-polished: origSize=4967
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Feb 2022 05:04:01 GMT
server: cloudflare
etag: W/"1367-61ff56c1-320b6a;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NAj9E9BUsD1WSbzy7bGjZyKcJZkIg7pil9dBiw1%2FeB3sE3iBTLJcBKNCwYrGO4%2Fqtyo4SpSbYJmvfPDk4lH5X1o%2B%2ByCM9lcoYW9i%2Fx%2FW04wMnuH7aZkHWSM9ZeR1h8NDkWQTBiMw7hJ%2BGrd73RdPmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6d947659f9a1839d-MXP
expires: Mon, 07 Feb 2022 00:36:07 GMT

GET
H2 200 9c9d22345674ca26ecf5e3cc3ff14577.js Show response
www.u-pull-it.com/wp-content/litespeed/js/ 5 KB
3 KB 43ms
41ms Script
application/x-javascript 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/js/9c9d22345674ca26ecf5e3cc3ff14577.js?ver=14577
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fecc04a26eea4188c3e0e5b28ab84af44d6d76992c9ba36146a10c414f288aa

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420
cf-polished: origSize=4907
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Feb 2022 05:04:01 GMT
server: cloudflare
etag: W/"132b-61ff56c1-320b6b;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QUM7DDmnPUlegKRvGuiFvowEdfH373WvEkGO%2BwSx7G2J%2BlIzhAiF9JCzSWfT%2F2bCAWPtm4pvtBU6BN5SYIBp9ymScFFqvpnXbfO%2Fs0yGvbpdx%2FxaYBnI7D9H1Gl3EZAqQ1SJDpSkk2kS%2FariaowqXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6d947659f9a5839d-MXP
expires: Mon, 07 Feb 2022 00:36:07 GMT

GET
H2 200 b77727d0701be8ba28d08e29e597d2ec.js Show response
www.u-pull-it.com/wp-content/litespeed/js/ 14 KB
5 KB 42ms
41ms Script
application/x-javascript 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/js/b77727d0701be8ba28d08e29e597d2ec.js?ver=7d2ec
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3749103b4853851dc340e4bd226c2e35f565c3de7b5c53c8d585845092763a9

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420
cf-polished: origSize=14237
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Feb 2022 05:04:01 GMT
server: cloudflare
etag: W/"379d-61ff56c1-320b6c;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8BxgNAoHXoWQ678VMLBTg2hdViexqKAEiywOddIjew7XKmdQfcmfswblSrfiicSlGbq2K3RN%2F7856XODo1%2BeIGB%2BaIMnClfPBE4a7fxkTXt5OMuJAWn2hTEU5CMC02OxNZjvnmo0ud7HqDp%2F3U29ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6d947659f9ae839d-MXP
expires: Mon, 07 Feb 2022 00:36:07 GMT

GET
H2 200 39261cfe022652dcfdd41ee5ea9b99e5.js Show response
www.u-pull-it.com/wp-content/litespeed/js/ 20 KB
6 KB 41ms
39ms Script
application/x-javascript 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/js/39261cfe022652dcfdd41ee5ea9b99e5.js?ver=b99e5
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2320e98c348f70864c1093c40f834a4c59543baae078bdf4a3d9e609e2924654

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420
cf-polished: origSize=20295
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Feb 2022 05:04:01 GMT
server: cloudflare
etag: W/"4f47-61ff56c1-320b6d;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F3nYgOM1hxpyo%2F20ZMbhwHs%2BQ0QjC8%2F2leALn0a8KnbcYH3FrZOnePjYVl78d2d34S4gyMlAlvt6oIQCl72eLN117VF5LxhtefzTZJF4vVdQ641d0bjY6OjyalEQ9DkjFe3%2BigMrWhvndGTK5VsKDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6d947659f9b0839d-MXP
expires: Mon, 07 Feb 2022 00:36:07 GMT

GET
H2 200 57b6ed2a509a45457e19344de8abf647.js Show response
www.u-pull-it.com/wp-content/litespeed/js/ 12 KB
3 KB 39ms
38ms Script
application/x-javascript 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/js/57b6ed2a509a45457e19344de8abf647.js?ver=bf647
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16f753762797f6d0783a7d74897d179fa104c3946301380911115d6efffe622b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420
cf-polished: origSize=12200
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Feb 2022 05:04:01 GMT
server: cloudflare
etag: W/"2fa8-61ff56c1-320b6e;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ueD3xcLoTWAakrR6HecUbGYccXgqi3IkiFKyq9Z%2FrlzOU3Sn9F8rPBd20enjzdK3p%2FK0SS6HrsdoV3DcnVfwT%2BAvUoSBVBSgGY5G3PPVeFLzDhF8LKGx25j%2FpkEBjFjT5BUWu%2F%2FbsCeT0n7xE2fKgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6d947659f9b4839d-MXP
expires: Mon, 07 Feb 2022 00:36:07 GMT

GET
H2 200 462b8107a97f146dbb485dbaff94c9b4.js Show response
www.u-pull-it.com/wp-content/litespeed/js/ 20 KB
7 KB 45ms
44ms Script
application/x-javascript 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/js/462b8107a97f146dbb485dbaff94c9b4.js?ver=4c9b4
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0a265b5c72dd333fc0340fd81ce10ba69b74ea2c956d143c7004ee51797c287

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420
cf-polished: origSize=20789
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Feb 2022 05:04:01 GMT
server: cloudflare
etag: W/"5135-61ff56c1-320b6f;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sB%2BCbCV4%2Fu8xxzX2Jua8sTBYK%2FcNwI25snIOdSkzIFLk14xnjuWn3hHlmoXXx2Yr9aqBGe%2B8%2F5rQ%2BxvBVtUidLrOYc%2FhBBoCRRD8EZHFo6DCQvdrF%2B9Xv40Ir9Kv6c71DWvSmgTLqVP5vZH9L8Gk2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6d947659f9b6839d-MXP
expires: Mon, 07 Feb 2022 00:36:07 GMT

GET
H2 200 bfdaf3b6f76c5e863ed43a41716500f8.js Show response
www.u-pull-it.com/wp-content/litespeed/js/ 36 KB
11 KB 39ms
38ms Script
application/x-javascript 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/js/bfdaf3b6f76c5e863ed43a41716500f8.js?ver=500f8
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a13dd898914f9e42ad6ff63d9b852a77767ad51b2d48db285129258395138b22

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420
cf-polished: origSize=36891
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Feb 2022 05:04:01 GMT
server: cloudflare
etag: W/"901b-61ff56c1-320b70;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLzgwGb17kvsk4s4At%2FudokRmHzQ8haH7EDVEN%2FFcbMnI4lEuyYy5fNs6N1bX8dgPgbjWJ2xH6pPyJgkAycM5L0WWGT7ROANnf0SnziGzg4g%2BPceo4WVIwlQJdQxyPwFcEcpF3%2BQsmGyDQO3CbpPDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6d947659f9b9839d-MXP
expires: Mon, 07 Feb 2022 00:36:07 GMT

GET
H2 200 899eb82bae1f1992b4f9e0d189d60400.js Show response
www.u-pull-it.com/wp-content/litespeed/js/ 24 KB
6 KB 64ms
63ms Script
application/x-javascript 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/js/899eb82bae1f1992b4f9e0d189d60400.js?ver=60400
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31033aafac839fe09042525e8861e8e8bb9bb7a877309cb03e547f03693e7fca

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420
cf-polished: origSize=24286
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Feb 2022 05:04:01 GMT
server: cloudflare
etag: W/"5ede-61ff56c1-320b71;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRO59iv2r9mC%2Bowolwdsbnql8z07qCA%2FyyMZJVRlyGgEV3KbJ9V3MrI%2BybQFOjBikdD57sRF7biSIOIyzvCpop5TQY8Ua3Z63bGlpNjZ76yMBldJhh%2B3X2rEvKuh%2B3%2FiYPQlkZiqikqR9ErW9PHOmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6d947659f9bd839d-MXP
expires: Mon, 07 Feb 2022 00:36:07 GMT

GET
H2 200 a8924f176f6b8e472022992ebfcd5789.js Show response
www.u-pull-it.com/wp-content/litespeed/js/ 11 KB
3 KB 41ms
40ms Script
application/x-javascript 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/js/a8924f176f6b8e472022992ebfcd5789.js?ver=d5789
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42f04ee0dfec219e46d062e2bae79eee3499d1bfcbb260bbbb78cc4a7cda0d6e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420
cf-polished: origSize=11293
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Feb 2022 05:04:01 GMT
server: cloudflare
etag: W/"2c1d-61ff56c1-320b72;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bCRQj87xqwX6e6jmi48%2Fd5nGe%2BG8cAxcG9pnP5MAOyFxVolyjBlD3bL1nX84Ydi0gNpaPubgdNMloiYNJ0eUiljeg6o6H9OvR7DDGkv714Aj6cqEOVLZ6jchdI9QkXOzGXubTdEQ5W3O4w8ODEwzpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6d947659f9c1839d-MXP
expires: Mon, 07 Feb 2022 00:36:07 GMT

GET
H2 200 aoG1Ey13nth2pvRxIIjAevmqzNM.js Show response
www.u-pull-it.com/cdn-cgi/apps/body/ 6 KB
3 KB 54ms
53ms Script
application/javascript 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/cdn-cgi/apps/body/aoG1Ey13nth2pvRxIIjAevmqzNM.js
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/apps/head/BvpFCnKzEDSH2kx2aFtjkKl65GM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bea82a0e496f9ac4fc5a0349674c20fc8733ac9651e2d06d6ece1a63d15ca735

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 218967
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: YKENWXAM765NSD3P
x-amz-id-2: mUhtWoMxUMX527CMqbBZMHemTPgwYqL7Os/1CD/+haj0odjQUTME3Lp4jInfEkANxjOsXYO79YM=
last-modified: Thu, 12 Dec 2019 05:16:56 GMT
server: cloudflare
etag: W/"d78ae742b3db62c395093f9910ba28eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2F0O95WonwsQ916gVPsWVP1mmO%2FBdHvFHVAn8qitwUZLHIxaqMsmddoNWIb4PGhhhIXqPezfkKaEsmE1PzZJlSkVYDy%2BqAcEjKJOYN8pH4dZt7BjYnvIES%2BY6%2FoKKqB36eJ8BdpcVjGkwCoSNhxIpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: yV2YeiByh76RsMr0WIyQG.CdsDX3o8fC
cf-ray: 6d947659f9c4839d-MXP

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f3a5aa4dcb3c0912452ca3c83baa8113278b60b4037bd1580338dca32d58d71

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 50 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 745aa7922c7f2b2b90fed47707f158c11b5c6d65ebb515bb55db1c57f545b267

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 134 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d9ac50bf404d7817475d636a0db03afa86a8b991912126863dcffd7b50d19daa

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 header-bg.jpg.webp
www.u-pull-it.com/wp-content/uploads/2018/12/ 16 KB
16 KB 92ms
92ms Image
image/webp 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u-pull-it.com/wp-content/uploads/2018/12/header-bg.jpg.webp
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10b71a5a833605ed51291d417eb189e99b19f4eacde881221c689c76b0fe5e07

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 03 Oct 2021 22:25:48 GMT
server: cloudflare
etag: "4036-615a2dec-301ef7;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=slOdPHo98pPcCACWbKTQA1SlE7of7JYJDFJJYvaP1Qkk%2Bsh%2Ff1HELSOtLnP2InWizsTH61iJYoongppLvt8S1KlxR2O9pVI1demQ%2BtRvdnGIiVjMVq5%2BtaVWwGzOj97M92w5palDEVHiI3akO%2BA8ew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 6d94765a19c7839d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16438
expires: Mon, 07 Feb 2022 00:43:07 GMT

GET
H2 200 fa-solid-900.woff2
www.u-pull-it.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 76 KB
77 KB 32ms
32ms Font
font/woff2 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/wp-content/litespeed/css/e33c1c4e9481650db7b1e36196fd2003.css?ver=d2003
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer: https://www.u-pull-it.com/wp-content/litespeed/css/e33c1c4e9481650db7b1e36196fd2003.css?ver=d2003
Origin: https://www.u-pull-it.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78196
last-modified: Tue, 25 Jan 2022 14:24:08 GMT
server: cloudflare
etag: "13174-61f00808-30572d;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B2H1i6L5yLfAqxahZUd9WIelEGTUlw6Ei07Nez%2BUkoaZFQUS8O3rPwezJJr3kk%2BDhXo9s0QyKnRbjzr5RHJK3ZQ0e%2BnVTaKdEzpMP0%2FmrzoTgUBfm7rhJvUqklVjIJCVaeb%2BAc%2BXl5G%2BS2KpwHKsWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6d94765a29fc839d-MXP
expires: Sun, 06 Feb 2022 00:21:11 GMT

GET
DATA 200
OK truncated Show response
/ 45 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 71f652d6e3c322295772c1f083ab62329a94464741c4167ea745b5da21123cc9

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 129b2f90622753ed6ccfd8e610d3236ec87f1b93af9afed05bc68e808b8f595e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c7a62d35038f015936e535fd55a52eb94116831c5008679867f55615470380

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4ef235c3eef8bef32e50772b0e1304d8b32c115f886b9ea90200b5834045c6e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 144 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5cb3c2477e41ca879dd08266a7cc5ca76272ff26f53fedcff5672feeaa7bb97

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 144 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 545a515e4e22ea119ed0f30968bc6a3b07c9c77755735a1d654a8b2206434d56

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1914c65f50a289e8c61022e4ff089c99f7e41459a50c7a7e8636fbd42342d582

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated Show response
/ 24 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cab68ec377f969057de608a48096cfdf97a36d37e1932eb008a0cb9cd451cbd1

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 329 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 269fcaffa15662f93737af0282f7a6bb79d0c927344246e0ba46a2190b707ad1

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 144 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68d792925bb05b01d7402881dda450299ae716a9d0a246ffcae999999485dca6

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c8c9ecb56342deee4103bf15c4dece3e0335d5a65a58c0fcac51fd30b328e16

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 010aae119961cd27aea895903153b1beef0d5643c82ae24f0d1180bad00f0ab6

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 2 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c347b2226f950fce2a949b71e33f067a0acf77e3ddc848c6b86248513466f4d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab347189e7ad45b87273fb8b92f2d47ce3def1c67808bd4f489fc2e4cc540f8c

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 87 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d68e4427f2af26e714883b6d7bb03cdf873c1d24b43b1fd91c8a0c6e78a3441c

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 324 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae9de52233685161ea61d4d2125cfdc5173e6b1a7fbeec4acd0a6f593c1e2458

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 854 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8567910c20a8d5d4780282da4d9bbd8d6ecb51cda15a6a52c0ff0e08d21e44ca

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 84ms
25ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-115192652-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2295
date: Sun, 06 Feb 2022 12:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 06 Feb 2022 14:04:52 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
209 B 33ms
32ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=874301640&t=pageview&_s=1&dl=https%3A%2F%2Fwww.u-pull-it.com%2F&ul=en-us&de=UTF-8&dt=CAR%20JUNKYARDS%20NEAR%20ME%20-%20U%20PULLL%20IT%20SELF%20SERVICE%20USED%20AUTO%20PARTS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1555091704&gjid=1487667039&cid=1146389484.1644151387&tid=UA-115192652-2&_gid=343829420.1644151387&_r=1&gtm=2ou220&z=102146745

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.u-pull-it.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 06 Feb 2022 12:43:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.u-pull-it.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 119ms
33ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-115192652-2&cid=1146389484.1644151387&jid=1555091704&gjid=1487667039&_gid=343829420.1644151387&_u=YEBAAUAAAAAAAC~&z=749845585

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.u-pull-it.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 06 Feb 2022 12:43:07 GMT
content-type: text/plain
access-control-allow-origin: https://www.u-pull-it.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cse_element__en.js Show response
www.google.com/cse/static/element/5ddefdcfb9e40bab/ 300 KB
100 KB 95ms
33ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/5ddefdcfb9e40bab/cse_element__en.js?usqp=CAM%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=008229716389279171738:ruztqiee2l8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cb8b21eea4af1109e66c8fbed04552f8220874c3543592d1a1efc376397756a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 21:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 401808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102017
x-xss-protection: 0
last-modified: Fri, 21 Jan 2022 13:37:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 01 Feb 2023 21:06:19 GMT

GET
H2 200 default+en.css
www.google.com/cse/static/element/5ddefdcfb9e40bab/ 41 KB
9 KB 89ms
28ms Stylesheet
text/css 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/5ddefdcfb9e40bab/default+en.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=008229716389279171738:ruztqiee2l8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 21:06:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 401806
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9086
x-xss-protection: 0
last-modified: Fri, 21 Jan 2022 13:37:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 01 Feb 2023 21:06:21 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 92ms
31ms Stylesheet
text/css 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=008229716389279171738:ruztqiee2l8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 11:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 06 Feb 2022 12:48:58 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/ 286 KB
103 KB 125ms
58ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1957707705603006&plah=www.u-pull-it.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1957707705603006

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

710d2166895f458497f72718b979dfcbfdf6a4463b8150d1f1e23f5661e0cf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105569
x-xss-protection: 0
server: cafe
etag: 9462996207390633819
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 06 Feb 2022 12:43:07 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220201/r20190131/ Frame D55C 10 KB
5 KB 89ms
28ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220201/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1957707705603006

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Sat, 05 Feb 2022 16:23:29 GMT
expires: Sat, 19 Feb 2022 16:23:29 GMT
cache-control: public, max-age=1209600
age: 73178
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
293 B 101ms
98ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-115192652-2&cid=1146389484.1644151387&jid=1555091704&_u=YEBAAUAAAAAAAC~&z=574333356

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Feb 2022 12:43:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.it/ads/ 42 B
501 B 132ms
71ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.it/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-115192652-2&cid=1146389484.1644151387&jid=1555091704&_u=YEBAAUAAAAAAAC~&z=574333356

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Feb 2022 12:43:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 text-editor.289ae80d76f0c5abea44.bundle.min.js Show response
www.u-pull-it.com/wp-content/plugins/elementor/assets/js/ 1 KB
1 KB 339ms
38ms Script
application/x-javascript 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/plugins/elementor/assets/js/text-editor.289ae80d76f0c5abea44.bundle.min.js
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/wp-content/litespeed/js/9c9d22345674ca26ecf5e3cc3ff14577.js?ver=14577
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cac931b3ab55a2abba862787ef55e78d628c87a940df1f1bb39293eaaa0d78f

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 25 Jan 2022 14:24:08 GMT
server: cloudflare
etag: W/"54b-61f00808-305696;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l5h2Mqh%2FtYVzQ%2FUl6om2arEKsf%2BMzKc90UPP0BrmxOEZuE1t4cqFlcuzZHCPM3ay5DllMJ37GW31%2B%2BCQQRmjg5JATcEq14mRGpeIcvUghvm4%2FeIkXJxbNonwx0YZs57Timuf5Lv1H4586NMisjsMGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6d94765eb87c839d-MXP
expires: Fri, 04 Feb 2022 11:53:41 GMT

GET
H3 200 async-ads.js Show response
cse.google.com/adsense/search/ 138 KB
51 KB 129ms
62ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/5ddefdcfb9e40bab/cse_element__en.js?usqp=CAM%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abf960f9666f54b7901ae35e3c047304a4d9375638557d4007f7695cb64def6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "2968442927710302350"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Sun, 06 Feb 2022 12:43:07 GMT

GET
H3 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 62ms
26ms Image
image/png 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/5ddefdcfb9e40bab/default+en.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.google.com/cse/static/element/5ddefdcfb9e40bab/default+en.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 05:46:24 GMT
x-content-type-options: nosniff
age: 370603
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 02 Feb 2023 05:46:24 GMT

GET
H2 204 generate_204
www.googleapis.com/ 0
178 B 148ms
68ms Image
text/plain 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 204 generate_204
clients1.google.com/ 0
178 B 111ms
26ms Image
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 217 B
645 B 100ms
38ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.u-pull-it.com&callback=_gfp_s_&client=ca-pub-1957707705603006

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1957707705603006&plah=www.u-pull-it.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

704503e2de416d481cada347ff52bf7207892e1d8d206f15dde77213f34c3ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.it/adsid/ 107 B
792 B 94ms
34ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.it/adsid/integrator.js?domain=www.u-pull-it.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 101ms
40ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.u-pull-it.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Feb 2022 12:43:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5190 266 KB
66 KB 1039ms
1039ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&adk=1812271804&adf=3025194257&lmt=1644151387&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.u-pull-it.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387588&bpp=2&bdt=538&idt=242&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5343799261868&frm=20&pv=2&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=257

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85bbe26b745f3c27832de4f79ae23834de14cab8ecf0b3735e2fb94b206776f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 06 Feb 2022 12:43:08 GMT
server: cafe
content-length: 67213
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 06 Feb 2022 12:43:08 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 36D1 94 KB
32 KB 648ms
648ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=3845584887&adf=3466629865&pi=t.ma~as.4651459360&w=1130&fwrn=4&fwrnh=100&lmt=1644151387&rafmt=1&psa=0&format=1130x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387598&bpp=3&bdt=547&idt=250&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5343799261868&frm=20&pv=1&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yeD0pNJMvA&p=https%3A//www.u-pull-it.com&dtd=255

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

848cc90319222bbe2344d96a75ee7f6338210fc8bc531087c4a2c1a96b327989

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 06 Feb 2022 12:43:08 GMT
server: cafe
content-length: 32699
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 06 Feb 2022 12:43:08 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4C85 137 KB
44 KB 573ms
573ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=1643172156&adf=697320281&pi=t.ma~as.4651459360&w=750&fwrn=4&fwrnh=100&lmt=1644151387&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387610&bpp=1&bdt=560&idt=343&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=1&correlator=5343799261868&frm=20&pv=1&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=1803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MVI1HqZYps&p=https%3A//www.u-pull-it.com&dtd=347

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27c8a4d6283a731fe888e0bc99e694ff1780cbf4ba3893b40f55919af4c9c389

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17845836043024390609/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17845836043024390609/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COy4wJuN6_UCFcWQ_QcdSbcFHg&gqi=W8L_YaXMO9SrrATPoLHYCg&layout=/sadbundle/%24csp%253Der3%24/17845836043024390609/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17845836043024390609/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17845836043024390609/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COy4wJuN6_UCFcWQ_QcdSbcFHg&gqi=W8L_YaXMO9SrrATPoLHYCg&layout=/sadbundle/%24csp%253Der3%24/17845836043024390609/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 06 Feb 2022 12:43:08 GMT
server: cafe
content-length: 44886
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 06 Feb 2022 12:43:08 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6A05 79 KB
29 KB 520ms
520ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=2108774078&adf=4050763930&pi=t.ma~as.4651459360&w=370&fwrn=4&fwrnh=100&lmt=1644151387&rafmt=1&psa=0&format=370x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387613&bpp=1&bdt=562&idt=364&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280%2C750x280&nras=1&correlator=5343799261868&frm=20&pv=1&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=995&ady=1174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=cmJ8tkajUQ&p=https%3A//www.u-pull-it.com&dtd=366

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fde8cb41821a30a1282255a385d4c3bbf0ef4001b4f97b90751ab69be85f973

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 06 Feb 2022 12:43:08 GMT
server: cafe
content-length: 30149
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 06 Feb 2022 12:43:08 GMT
cache-control: private

GET
H2 200 css
fonts.googleapis.com/ Frame 6A05 6 KB
1 KB 95ms
33ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=2108774078&adf=4050763930&pi=t.ma~as.4651459360&w=370&fwrn=4&fwrnh=100&lmt=1644151387&rafmt=1&psa=0&format=370x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387613&bpp=1&bdt=562&idt=364&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280%2C750x280&nras=1&correlator=5343799261868&frm=20&pv=1&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=995&ady=1174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=cmJ8tkajUQ&p=https%3A//www.u-pull-it.com&dtd=366

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 06 Feb 2022 11:31:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 06 Feb 2022 12:43:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Feb 2022 12:43:08 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 6A05 1 KB
955 B 113ms
52ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1259
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Feb 2022 12:22:09 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 36D1 8 KB
961 B 95ms
35ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=3845584887&adf=3466629865&pi=t.ma~as.4651459360&w=1130&fwrn=4&fwrnh=100&lmt=1644151387&rafmt=1&psa=0&format=1130x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387598&bpp=3&bdt=547&idt=250&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5343799261868&frm=20&pv=1&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yeD0pNJMvA&p=https%3A//www.u-pull-it.com&dtd=255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 06 Feb 2022 11:15:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 06 Feb 2022 12:43:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Feb 2022 12:43:08 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/ Frame 6A05 19 KB
8 KB 82ms
25ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d507787e9cb8cc91e5cf3f2aae4a816e9466a7164df455e377f47cff68bef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:33:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 571
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7737
x-xss-protection: 0
server: cafe
etag: 11249816806015362922
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Feb 2022 12:33:37 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 6A05 2 KB
1 KB 119ms
62ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:37:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Feb 2022 12:37:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6A05 123 KB
38 KB 145ms
84ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643806174374025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 06 Feb 2022 12:43:08 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 6A05 14 KB
6 KB 105ms
48ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 12229469669374805284
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Feb 2022 12:35:58 GMT

GET
H2 200 4b5ee2b4ff5a9298bcc39e4df8189ef4.js Show response
www.gstatic.com/mysidia/ Frame 6A05 27 KB
12 KB 86ms
26ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b5ee2b4ff5a9298bcc39e4df8189ef4.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61ded43bae7eeb79ab544e26dbad051960b7db1da4ceed550be859e979be23ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 16:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11337
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 15:21:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 04 May 2022 16:38:18 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13478589528717302069/ Frame 6A05 18 KB
19 KB 91ms
53ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13478589528717302069/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd91107c9caee2cb782d878816b4509cbd72a1562abed0f197a36cf0d158322e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:04:04 GMT
x-content-type-options: nosniff
age: 596344
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18779
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 14:44:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 30 Jan 2023 15:04:04 GMT

GET
DATA 200
OK truncated
/ Frame 6A05 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6A05 0
0 105ms
104ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6w8wXML_YbEvto3v9Q_m1KagD_HvlZRo0NuaxuIP29keEAEguIr1V2D9gpGE6BGgAeqUj-ADyAEJqQKF7wPBzjWzPqgDAcgDywSqBMsBT9D-DfyBFd1zrtY1_aj5KhHlMspSBHKLAD-dUhDBK-el6tJPsQZhZsxws--mJXgcokUztG_kNdhwObaN96pzp3NsmYCxQP6VPamhO0yBd-jzkG7GZq0YsdiPL0k7WtvwJEmQkitwITrTsfmznvUWhBaFIjlbCld4JRQuwtqnE5STnIzZCGp9RiJQ8pBb9j1oLHYY0B9lFwwl9u7gaQRs-zNQaeRqK5WGrkI_Ne5OnRxtV2Q63dIA95qMpI7idVw2DpxjepeDnvPMlNzABPzjs9GOBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAf-6vAfqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ7uIO0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTE5NTc3MDc3MDU2MDMwMDYYAA&sigh=uciW7mNNUyw&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=2108774078&adf=4050763930&pi=t.ma~as.4651459360&w=370&fwrn=4&fwrnh=100&lmt=1644151387&rafmt=1&psa=0&format=370x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387613&bpp=1&bdt=562&idt=364&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280%2C750x280&nras=1&correlator=5343799261868&frm=20&pv=1&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=995&ady=1174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=cmJ8tkajUQ&p=https%3A//www.u-pull-it.com&dtd=366
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 06 Feb 2022 12:43:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 06 Feb 2022 12:43:08 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 36D1 1 KB
909 B 86ms
63ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=3845584887&adf=3466629865&pi=t.ma~as.4651459360&w=1130&fwrn=4&fwrnh=100&lmt=1644151387&rafmt=1&psa=0&format=1130x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387598&bpp=3&bdt=547&idt=250&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5343799261868&frm=20&pv=1&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yeD0pNJMvA&p=https%3A//www.u-pull-it.com&dtd=255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1259
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Feb 2022 12:22:09 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/ Frame 36D1 19 KB
8 KB 53ms
31ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=3845584887&adf=3466629865&pi=t.ma~as.4651459360&w=1130&fwrn=4&fwrnh=100&lmt=1644151387&rafmt=1&psa=0&format=1130x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387598&bpp=3&bdt=547&idt=250&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5343799261868&frm=20&pv=1&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yeD0pNJMvA&p=https%3A//www.u-pull-it.com&dtd=255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d507787e9cb8cc91e5cf3f2aae4a816e9466a7164df455e377f47cff68bef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:33:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 571
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7737
x-xss-protection: 0
server: cafe
etag: 11249816806015362922
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Feb 2022 12:33:37 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 36D1 2 KB
1 KB 73ms
51ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=3845584887&adf=3466629865&pi=t.ma~as.4651459360&w=1130&fwrn=4&fwrnh=100&lmt=1644151387&rafmt=1&psa=0&format=1130x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387598&bpp=3&bdt=547&idt=250&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5343799261868&frm=20&pv=1&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yeD0pNJMvA&p=https%3A//www.u-pull-it.com&dtd=255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:37:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Feb 2022 12:37:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 36D1 123 KB
37 KB 194ms
168ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=3845584887&adf=3466629865&pi=t.ma~as.4651459360&w=1130&fwrn=4&fwrnh=100&lmt=1644151387&rafmt=1&psa=0&format=1130x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387598&bpp=3&bdt=547&idt=250&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5343799261868&frm=20&pv=1&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yeD0pNJMvA&p=https%3A//www.u-pull-it.com&dtd=255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643806174374025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 06 Feb 2022 12:43:08 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 36D1 14 KB
6 KB 50ms
29ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=3845584887&adf=3466629865&pi=t.ma~as.4651459360&w=1130&fwrn=4&fwrnh=100&lmt=1644151387&rafmt=1&psa=0&format=1130x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387598&bpp=3&bdt=547&idt=250&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5343799261868&frm=20&pv=1&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yeD0pNJMvA&p=https%3A//www.u-pull-it.com&dtd=255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 12229469669374805284
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Feb 2022 12:35:58 GMT

GET
H2 200 4b5ee2b4ff5a9298bcc39e4df8189ef4.js Show response
www.gstatic.com/mysidia/ Frame 36D1 27 KB
11 KB 54ms
29ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b5ee2b4ff5a9298bcc39e4df8189ef4.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=3845584887&adf=3466629865&pi=t.ma~as.4651459360&w=1130&fwrn=4&fwrnh=100&lmt=1644151387&rafmt=1&psa=0&format=1130x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387598&bpp=3&bdt=547&idt=250&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5343799261868&frm=20&pv=1&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yeD0pNJMvA&p=https%3A//www.u-pull-it.com&dtd=255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61ded43bae7eeb79ab544e26dbad051960b7db1da4ceed550be859e979be23ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 16:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11337
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 15:21:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 04 May 2022 16:38:18 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 4C85 67 B
196 B 72ms
52ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=1643172156&adf=697320281&pi=t.ma~as.4651459360&w=750&fwrn=4&fwrnh=100&lmt=1644151387&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387610&bpp=1&bdt=560&idt=343&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=1&correlator=5343799261868&frm=20&pv=1&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=1803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MVI1HqZYps&p=https%3A//www.u-pull-it.com&dtd=347

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 18:14:59 GMT
x-content-type-options: nosniff
server: cafe
age: 66489
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 2462972746714251406
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Sun, 06 Feb 2022 18:14:59 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 36D1 0
0 142ms
141ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ca4lvW8L_YfPoNauO7_UP77qa0Ay4nY3_ZtyTmpbCD7bakL2NDhABILiK9Vdg_YKRhOgRoAHErLOaKMgBCakChe8Dwc41sz6oAwHIA8sEqgTTAU_QtIupdyIxTdkMaQevKTDiJ-jxy22Ys7B4RduRJRKaMOOSs3jOt7vMfdEk0h9ig25N0zMu8famlQSMw_xUVscm4AFabYKkuLYjFUAopGQt_Dk8XvEEsGU5ecvQOFfok9g9WwZ0ii0Btvecy_qo77Sw3K9VZxtwM1GhSFxN8ybblNvbBAl5s1xUuIF1uQu_vkAzj3wm2_jkmLC3q5EeMPzMsZUbYtctJFj2tfb2tJd4AE3d3RIlQjirxcz7lZdL0hkuvn-s8jID2fyohKXlvtSNr7XABLCc_Z_wA5IFBAgEGAGSBQQIBRgEoAYugAfE5IP6AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEELKWQdIICQiA4YAQEAEYH4AKAcgLAbgTiCfYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMTk1NzcwNzcwNTYwMzAwNhgA&sigh=48N6SeobhE0&uach_m=[UACH]&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=3845584887&adf=3466629865&pi=t.ma~as.4651459360&w=1130&fwrn=4&fwrnh=100&lmt=1644151387&rafmt=1&psa=0&format=1130x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387598&bpp=3&bdt=547&idt=250&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5343799261868&frm=20&pv=1&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yeD0pNJMvA&p=https%3A//www.u-pull-it.com&dtd=255

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=3845584887&adf=3466629865&pi=t.ma~as.4651459360&w=1130&fwrn=4&fwrnh=100&lmt=1644151387&rafmt=1&psa=0&format=1130x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387598&bpp=3&bdt=547&idt=250&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5343799261868&frm=20&pv=1&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yeD0pNJMvA&p=https%3A//www.u-pull-it.com&dtd=255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 06 Feb 2022 12:43:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 06 Feb 2022 12:43:08 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7359838705416393650/ Frame 36D1 29 KB
29 KB 62ms
62ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7359838705416393650/downsize_200k_v1?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=3845584887&adf=3466629865&pi=t.ma~as.4651459360&w=1130&fwrn=4&fwrnh=100&lmt=1644151387&rafmt=1&psa=0&format=1130x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387598&bpp=3&bdt=547&idt=250&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5343799261868&frm=20&pv=1&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yeD0pNJMvA&p=https%3A//www.u-pull-it.com&dtd=255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80c4cb672a05a4d2de6dd19d4c0268afbdaa7dcf90d8312b44b1476c03d74713

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 12:24:42 GMT
x-content-type-options: nosniff
age: 433106
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29821
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 15:51:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Feb 2023 12:24:42 GMT

GET
DATA 200
OK truncated
/ Frame 36D1 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 36D1 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17845836043024390609/ Frame 8AA6 86 KB
22 KB 68ms
32ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17845836043024390609/index.html

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3ad102ea9240c0a7250947a2240dfdf5462885c297ebd2cf37165a34ee7c3de

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Tue, 01 Feb 2022 16:29:32 GMT
expires: Wed, 01 Feb 2023 16:29:32 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Feb 2022 12:53:25 GMT
content-type: text/html
content-length: 22015
age: 418416
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F9EE 0
0 102ms
102ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTscaW8L_YayfPMWh9u8Pye6W8AHK3IKUaIPk1InUD6zw1ITkDBABILiK9Vdg_YKRhOgRoAG85JiYA8gBCakChe8Dwc41sz6oAwHIA0iqBOYBT9Aj-X_dsuIMd2zN6EVYqC6VpJircpNpIFoV5k5C2zWqLWfj4ObIpXpqEo8KU-yj-vbWUG5ruxOnpYB3MiAGqyPFzZLf5Swj-F9iT1Mkqx8RysnLnSqSLtu4-t_-ZERHB-nLOfWvot2PLijTx69hl4zI-ckJ9-w9Ut1Ro9NjRDdisV0Ae-bxda4gP7XHdbzveFCFeRBgmo9EsydCMpL-GpSIaef_yBAvz3dvmLqBq9tl_jxgGim7AXWQVkrAfdNNvwXt9huhxQQNa4Bbf59JBIPNSvwGfVg_RpKQIv_3l0NIXaG-aRrABL6776LqA6AGLoAHrJvnZ6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEIfUB9IICQiA4YAQEAEYH4AKAcgLAdgTA9AVAYAXAbIXHAoaCAASFHB1Yi0xOTU3NzA3NzA1NjAzMDA2GAA&sigh=bjj-NmdKkDg&uach_m=[UACH]&template_id=419

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=1643172156&adf=697320281&pi=t.ma~as.4651459360&w=750&fwrn=4&fwrnh=100&lmt=1644151387&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387610&bpp=1&bdt=560&idt=343&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=1&correlator=5343799261868&frm=20&pv=1&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=1803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MVI1HqZYps&p=https%3A//www.u-pull-it.com&dtd=347
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 06 Feb 2022 12:43:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 06 Feb 2022 12:43:08 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/ Frame F9EE 19 KB
8 KB 63ms
29ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=1643172156&adf=697320281&pi=t.ma~as.4651459360&w=750&fwrn=4&fwrnh=100&lmt=1644151387&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387610&bpp=1&bdt=560&idt=343&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=1&correlator=5343799261868&frm=20&pv=1&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=1803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MVI1HqZYps&p=https%3A//www.u-pull-it.com&dtd=347

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d507787e9cb8cc91e5cf3f2aae4a816e9466a7164df455e377f47cff68bef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:41:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7737
x-xss-protection: 0
server: cafe
etag: 11249816806015362922
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Feb 2022 12:41:14 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame F9EE 2 KB
1 KB 86ms
52ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=1643172156&adf=697320281&pi=t.ma~as.4651459360&w=750&fwrn=4&fwrnh=100&lmt=1644151387&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387610&bpp=1&bdt=560&idt=343&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=1&correlator=5343799261868&frm=20&pv=1&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=1803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MVI1HqZYps&p=https%3A//www.u-pull-it.com&dtd=347

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 429
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Feb 2022 12:35:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F9EE 123 KB
37 KB 88ms
88ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=1643172156&adf=697320281&pi=t.ma~as.4651459360&w=750&fwrn=4&fwrnh=100&lmt=1644151387&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387610&bpp=1&bdt=560&idt=343&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=1&correlator=5343799261868&frm=20&pv=1&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=1803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MVI1HqZYps&p=https%3A//www.u-pull-it.com&dtd=347

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643806174374025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 06 Feb 2022 12:43:08 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame F9EE 14 KB
6 KB 81ms
47ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=1643172156&adf=697320281&pi=t.ma~as.4651459360&w=750&fwrn=4&fwrnh=100&lmt=1644151387&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387610&bpp=1&bdt=560&idt=343&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=1&correlator=5343799261868&frm=20&pv=1&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=1803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MVI1HqZYps&p=https%3A//www.u-pull-it.com&dtd=347

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 12229469669374805284
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Feb 2022 12:35:58 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8AA6 2 KB
563 B 71ms
35ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17845836043024390609/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ba3a69eac14f205d41ae36f8edbc79a8bff293a19ddac18f62bb9cdc7deb440e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 06 Feb 2022 12:30:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 06 Feb 2022 12:43:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Feb 2022 12:43:08 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 8AA6 16 KB
6 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17845836043024390609/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 04:22:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30015
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 07 Feb 2022 04:22:53 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 8AA6 26 KB
10 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17845836043024390609/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 06 Feb 2022 14:22:06 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8200 143 B
163 B 30ms
30ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=1643172156&adf=697320281&pi=t.ma~as.4651459360&w=750&fwrn=4&fwrnh=100&lmt=1644151387&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387610&bpp=1&bdt=560&idt=343&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=1&correlator=5343799261868&frm=20&pv=1&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=1803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MVI1HqZYps&p=https%3A//www.u-pull-it.com&dtd=347

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=1643172156&adf=697320281&pi=t.ma~as.4651459360&w=750&fwrn=4&fwrnh=100&lmt=1644151387&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387610&bpp=1&bdt=560&idt=343&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=1&correlator=5343799261868&frm=20&pv=1&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=1803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MVI1HqZYps&p=https%3A//www.u-pull-it.com&dtd=347

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Sun, 06 Feb 2022 12:03:04 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 2404
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 6A05 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b797cec0d9367827829b1e26e3b6345565131cdd8828e03debc3aca00212d08c

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 6A05 15 KB
16 KB 85ms
25ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 326809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 17:56:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 6A05 15 KB
15 KB 88ms
32ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 17:58:32 GMT
x-content-type-options: nosniff
age: 326676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 17:58:32 GMT

GET
DATA 200
OK truncated
/ Frame F9EE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53e4f0d543b4219da0ef6eb5fdd014eb7d87518da234eba0d8748b1a4cfe76a5

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 36D1 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1b255e6f6b53f7e439eeb776c18e68c958c1fcf833dc741adb0019344c6d190

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 8AA6 13 KB
13 KB 49ms
49ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7209c26bc245ae1b293f4b9622201b1dc97282229a2e8fcae555f36caa8650e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 14:06:47 GMT
x-content-type-options: nosniff
age: 426981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13008
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:10:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Feb 2023 14:06:47 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame 36D1 28 KB
28 KB 47ms
47ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 18:14:29 GMT
x-content-type-options: nosniff
age: 412119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28196
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 17:53:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Feb 2023 18:14:29 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8200
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

88ms
88ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=1643172156&adf=697320281&pi=t.ma~as.4651459360&w=750&fwrn=4&fwrnh=100&lmt=1644151387&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387610&bpp=1&bdt=560&idt=343&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=1&correlator=5343799261868&frm=20&pv=1&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=1803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MVI1HqZYps&p=https%3A//www.u-pull-it.com&dtd=347

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 06 Feb 2022 12:43:08 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 06 Feb 2022 12:43:08 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 06 Feb 2022 12:43:08 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 -RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js Show response
pagead2.googlesyndication.com/bg/ Frame 928B 35 KB
13 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f91417ba47adb96f6358862c68ce52f90977d4f5e806c99deaf76414766d0d02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 05:33:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13701
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 05:33:46 GMT

GET
H3 200 -RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js Show response
pagead2.googlesyndication.com/bg/ Frame 8AA6 35 KB
13 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f91417ba47adb96f6358862c68ce52f90977d4f5e806c99deaf76414766d0d02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 05:33:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13701
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 05:33:46 GMT

GET
H3 200 2022_11_Logo_Actronics_SRL_Tagline_RGB.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17845836043024390609/ Frame 8AA6 9 KB
10 KB 27ms
27ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17845836043024390609/2022_11_Logo_Actronics_SRL_Tagline_RGB.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=1643172156&adf=697320281&pi=t.ma~as.4651459360&w=750&fwrn=4&fwrnh=100&lmt=1644151387&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387610&bpp=1&bdt=560&idt=343&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=1&correlator=5343799261868&frm=20&pv=1&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=1803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MVI1HqZYps&p=https%3A//www.u-pull-it.com&dtd=347

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a59889a776750a558efc117bb5592b7303fa2e28775e638c75b2a3440435b06

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 418416
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9722
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 12:53:25 GMT
server: sffe
date: Tue, 01 Feb 2022 16:29:32 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Feb 2023 16:29:32 GMT

GET
H3 200 abs.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17845836043024390609/ Frame 8AA6 11 KB
11 KB 28ms
28ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17845836043024390609/abs.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=1643172156&adf=697320281&pi=t.ma~as.4651459360&w=750&fwrn=4&fwrnh=100&lmt=1644151387&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387610&bpp=1&bdt=560&idt=343&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=1&correlator=5343799261868&frm=20&pv=1&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=1803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MVI1HqZYps&p=https%3A//www.u-pull-it.com&dtd=347

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc73c0ef50d2836de7729973a39e5729fb5976a28fd3a4c84cacd7cc1ba2bbbc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 418416
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11618
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 12:53:25 GMT
server: sffe
date: Tue, 01 Feb 2022 16:29:32 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Feb 2023 16:29:32 GMT

GET
H3 200 ecu.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17845836043024390609/ Frame 8AA6 19 KB
19 KB 46ms
45ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17845836043024390609/ecu.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=1643172156&adf=697320281&pi=t.ma~as.4651459360&w=750&fwrn=4&fwrnh=100&lmt=1644151387&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387610&bpp=1&bdt=560&idt=343&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=1&correlator=5343799261868&frm=20&pv=1&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=1803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MVI1HqZYps&p=https%3A//www.u-pull-it.com&dtd=347

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c65b63d6606dafcab4ea6ab0305cf0dbe7db6661e2605b1db3c3bf92ca3715d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 418416
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18992
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 12:53:25 GMT
server: sffe
date: Tue, 01 Feb 2022 16:29:32 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Feb 2023 16:29:32 GMT

GET
H3 200 cluster.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17845836043024390609/ Frame 8AA6 37 KB
37 KB 54ms
53ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17845836043024390609/cluster.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=1643172156&adf=697320281&pi=t.ma~as.4651459360&w=750&fwrn=4&fwrnh=100&lmt=1644151387&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387610&bpp=1&bdt=560&idt=343&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=1&correlator=5343799261868&frm=20&pv=1&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=1803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MVI1HqZYps&p=https%3A//www.u-pull-it.com&dtd=347

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

692c4903bf8aa41213b72263d11469e77197d7a9bbab59b7b27765a6e6f7e888

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 418416
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38014
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 12:53:25 GMT
server: sffe
date: Tue, 01 Feb 2022 16:29:32 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Feb 2023 16:29:32 GMT

GET
H3 200 tcu.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17845836043024390609/ Frame 8AA6 27 KB
27 KB 38ms
38ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17845836043024390609/tcu.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=1643172156&adf=697320281&pi=t.ma~as.4651459360&w=750&fwrn=4&fwrnh=100&lmt=1644151387&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387610&bpp=1&bdt=560&idt=343&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=1&correlator=5343799261868&frm=20&pv=1&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=1803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MVI1HqZYps&p=https%3A//www.u-pull-it.com&dtd=347

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffe24743e493fbe4c9c5439571b59c9f4316fa6598c4b4aa0eee22e314d88dad

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 418416
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28016
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 12:53:25 GMT
server: sffe
date: Tue, 01 Feb 2022 16:29:32 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Feb 2023 16:29:32 GMT

GET
H3 200 auto.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17845836043024390609/ Frame 8AA6 262 KB
262 KB 62ms
62ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17845836043024390609/auto.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=1643172156&adf=697320281&pi=t.ma~as.4651459360&w=750&fwrn=4&fwrnh=100&lmt=1644151387&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387610&bpp=1&bdt=560&idt=343&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=1&correlator=5343799261868&frm=20&pv=1&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=1803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MVI1HqZYps&p=https%3A//www.u-pull-it.com&dtd=347

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eee6db5ea028d106a9910c672d2f97b2ca9d97a1962d9fb61a10e345c73b3ffa

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 418416
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 268017
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 12:53:25 GMT
server: sffe
date: Tue, 01 Feb 2022 16:29:32 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Feb 2023 16:29:32 GMT

GET
H3 200 2022_300x250.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17845836043024390609/ Frame 8AA6 8 KB
8 KB 32ms
32ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17845836043024390609/2022_300x250.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=1643172156&adf=697320281&pi=t.ma~as.4651459360&w=750&fwrn=4&fwrnh=100&lmt=1644151387&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387610&bpp=1&bdt=560&idt=343&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=1&correlator=5343799261868&frm=20&pv=1&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=1803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MVI1HqZYps&p=https%3A//www.u-pull-it.com&dtd=347

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3db14c3e41ef33e22ceb9650bc75be5a1980965caa10804082a061a7df493efa

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 418416
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8468
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 12:53:25 GMT
server: sffe
date: Tue, 01 Feb 2022 16:29:32 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Feb 2023 16:29:32 GMT

GET
H3 200 -RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js Show response
pagead2.googlesyndication.com/bg/ Frame AB94 35 KB
13 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=3845584887&adf=3466629865&pi=t.ma~as.4651459360&w=1130&fwrn=4&fwrnh=100&lmt=1644151387&rafmt=1&psa=0&format=1130x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644151387598&bpp=3&bdt=547&idt=250&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5343799261868&frm=20&pv=1&ga_vid=1146389484.1644151387&ga_sid=1644151388&ga_hid=874301640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C42531398%2C44750773%2C31063221%2C31062930&oid=2&pvsid=2875662532827413&pem=484&tmod=1468575408&uas=0&nvt=2&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yeD0pNJMvA&p=https%3A//www.u-pull-it.com&dtd=255

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f91417ba47adb96f6358862c68ce52f90977d4f5e806c99deaf76414766d0d02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 05:33:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13701
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 05:33:46 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/ 150 KB
53 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

601086495737e77f9b38156a492ba535647397540b550948e7855c32bd15f127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54420
x-xss-protection: 0
server: cafe
etag: 13017451725836572900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Feb 2022 12:43:08 GMT

GET
H3 200 integrator.js Show response
adservice.google.it/adsid/ 107 B
122 B 69ms
35ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.it/adsid/integrator.js?domain=www.u-pull-it.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Feb 2022 12:43:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 67ms
34ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.u-pull-it.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Feb 2022 12:43:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/ Frame 53FE 10 KB
5 KB 29ms
29ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Sat, 05 Feb 2022 16:38:08 GMT
expires: Sat, 19 Feb 2022 16:38:08 GMT
cache-control: public, max-age=1209600
age: 72301
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/ Frame FB0E 10 KB
5 KB 28ms
28ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Sat, 05 Feb 2022 16:38:08 GMT
expires: Sat, 19 Feb 2022 16:38:08 GMT
cache-control: public, max-age=1209600
age: 72301
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css2
fonts.googleapis.com/ Frame 53FE 4 KB
634 B 37ms
37ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 06 Feb 2022 11:51:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 06 Feb 2022 12:43:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Feb 2022 12:43:09 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 53FE 205 B
229 B 64ms
30ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 19:21:40 GMT
x-content-type-options: nosniff
age: 62489
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 05 Feb 2023 19:21:40 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 53FE 604 B
628 B 64ms
30ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:20:04 GMT
x-content-type-options: nosniff
age: 1385
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 06 Feb 2023 12:20:04 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/elements/html/ Frame 53FE 19 KB
8 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

097fe57903bfaee075f670a6eb95c1afbc03e27bb8ba702daf3a9cc95cbfd0fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:28:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 891
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8077
x-xss-protection: 0
server: cafe
etag: 15073115138517226628
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Feb 2022 12:28:18 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356520481313741674/ Frame EA7A 114 KB
21 KB 26ms
26ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356520481313741674/index.html

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1029aa87d4fa3c3a9bcc19ed4cff14833a8f273ad5d719dc491f94f68d9da74d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Tue, 01 Feb 2022 16:27:39 GMT
expires: Wed, 01 Feb 2023 16:27:39 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 31 Jan 2022 17:07:06 GMT
content-type: text/html
content-length: 21512
age: 418530
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FB0E 0
0 101ms
101ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2HwKW8L_YaLQNYeT7_UPrPCPuALV3c-VaMv4mMfTD-35jf26KxABILiK9Vdg_YKRhOgRoAGc8oGZKMgBCakChe8Dwc41sz6oAwHIA0iqBNYBT9DHZsj_9w-0F6gOKNYlnqozQn7Ut5UqrfDm0HvDzN8ELU5H6OY4S72wH08L218vABJxFCkVXswDDLcNPcYppHSTmcxEnS-DtddWZ_RGMT7RsreX-3NTDPAaGXopHeKyMaUARPLsNFtMG6BJ6vj3BLmGKDyttBxgtyDrxcoHO-d5VNbHr7pgZ0-uA0it5ToLEGgediZIPy_w8mGxhl3qb9pX-gmzx2ovXC0Uv5XnKveAp2lLAG9atURTcfyJ0RDXh57H50ncc3nsY622Jy5bFSWmSVxMOMAEnZiDo-MDkgUECAQYAZIFBAgFGASgBi6AB5yq0vgCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ9dV80ggJCIDhgBAQARgfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTE5NTc3MDc3MDU2MDMwMDYYAA&sigh=bWLPQaCvjfo&uach_m=[UACH]&template_id=419

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 06 Feb 2022 12:43:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/ Frame FB0E 19 KB
8 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d507787e9cb8cc91e5cf3f2aae4a816e9466a7164df455e377f47cff68bef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:41:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7737
x-xss-protection: 0
server: cafe
etag: 11249816806015362922
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Feb 2022 12:41:14 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame FB0E 2 KB
1 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Feb 2022 12:35:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FB0E 123 KB
37 KB 87ms
52ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643806174374025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 06 Feb 2022 12:43:09 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame FB0E 14 KB
6 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 12229469669374805284
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Feb 2022 12:35:58 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6E8B 8 KB
888 B 35ms
34ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 06 Feb 2022 11:27:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 06 Feb 2022 12:43:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Feb 2022 12:43:09 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 6E8B 1 KB
882 B 25ms
25ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1260
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Feb 2022 12:22:09 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/ Frame 6E8B 19 KB
8 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d507787e9cb8cc91e5cf3f2aae4a816e9466a7164df455e377f47cff68bef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:41:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7737
x-xss-protection: 0
server: cafe
etag: 11249816806015362922
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Feb 2022 12:41:14 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 6E8B 2 KB
1 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Feb 2022 12:35:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6E8B 123 KB
37 KB 82ms
81ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643806174374025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 06 Feb 2022 12:43:09 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 6E8B 14 KB
6 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 12229469669374805284
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Feb 2022 12:35:58 GMT

GET
H3 200 4b5ee2b4ff5a9298bcc39e4df8189ef4.js Show response
www.gstatic.com/mysidia/ Frame 6E8B 27 KB
11 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b5ee2b4ff5a9298bcc39e4df8189ef4.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61ded43bae7eeb79ab544e26dbad051960b7db1da4ceed550be859e979be23ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 16:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245091
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11337
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 15:21:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 04 May 2022 16:38:18 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame EA7A 4 KB
539 B 34ms
34ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:regular,italic,700italic,600italic

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356520481313741674/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

181fa72810544f2fae63d68c64263e3f4bd4d6c0492aead132d193f53cd14ff3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 06 Feb 2022 10:57:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 06 Feb 2022 12:43:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Feb 2022 12:43:09 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame EA7A 16 KB
6 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356520481313741674/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 04:22:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 07 Feb 2022 04:22:53 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame EA7A 26 KB
10 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356520481313741674/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80463
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 06 Feb 2022 14:22:06 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 95E5 143 B
163 B 28ms
28ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Sun, 06 Feb 2022 12:03:04 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 2405
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EEFE 143 B
163 B 28ms
28ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Sun, 06 Feb 2022 12:03:04 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 2405
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pxiGyp8kv8JHgFVrJJLucHtA.woff2
fonts.gstatic.com/s/poppins/v19/ Frame EA7A 8 KB
8 KB 77ms
40ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v19/pxiGyp8kv8JHgFVrJJLucHtA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:regular,italic,700italic,600italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:30:16 GMT
x-content-type-options: nosniff
age: 321173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8668
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:10:31 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 19:30:16 GMT

GET
H3 200 pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2
fonts.gstatic.com/s/poppins/v19/ Frame EA7A 8 KB
8 KB 82ms
45ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v19/pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:regular,italic,700italic,600italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b0864712c6e7ca75f8c003f7bc1a9270af33d6becd4119463771593274c48d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 20:02:42 GMT
x-content-type-options: nosniff
age: 319227
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8596
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:11:25 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 20:02:42 GMT

GET
H3 200 pxiDyp8kv8JHgFVrJJLmr19VF9eO.woff2
fonts.gstatic.com/s/poppins/v19/ Frame EA7A 9 KB
9 KB 71ms
34ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v19/pxiDyp8kv8JHgFVrJJLmr19VF9eO.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:regular,italic,700italic,600italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ad6c8bd3624555dd79177efe91f0aca20e7f28597fa6b49762c27f337500d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 20:06:42 GMT
x-content-type-options: nosniff
age: 318987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8724
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:11:13 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 20:06:42 GMT

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v19/ Frame EA7A 8 KB
8 KB 57ms
30ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v19/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:regular,italic,700italic,600italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:30:15 GMT
x-content-type-options: nosniff
age: 321174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:17:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 19:30:15 GMT

GET
DATA 200
OK truncated
/ Frame FB0E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21436b641b6810efe969e01b2b3504e0a3028818527cbcd94c6d8798c1a64e22

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 95E5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

81ms
81ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 06 Feb 2022 12:43:09 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 06 Feb 2022 12:43:09 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 06 Feb 2022 12:43:09 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EEFE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

81ms
81ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 06 Feb 2022 12:43:09 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 06 Feb 2022 12:43:09 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 06 Feb 2022 12:43:09 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 -RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js Show response
pagead2.googlesyndication.com/bg/ Frame EA7A 35 KB
13 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f91417ba47adb96f6358862c68ce52f90977d4f5e806c99deaf76414766d0d02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 05:33:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13701
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 05:33:46 GMT

GET
H3 200 copy_6_mesi.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356520481313741674/ Frame EA7A 7 KB
7 KB 27ms
27ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356520481313741674/copy_6_mesi.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d354ef5276006cd964582092356d2ab1b4580ff631f0051521c5ada9ad5be748

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 418530
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7519
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 17:07:06 GMT
server: sffe
date: Tue, 01 Feb 2022 16:27:39 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Feb 2023 16:27:39 GMT

GET
H3 200 bollo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356520481313741674/ Frame EA7A 6 KB
6 KB 32ms
32ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356520481313741674/bollo.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

288e657f032a90ded7790386da06a70bf79e10c905d25f759d758a8a0a24d092

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 418530
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6199
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 17:07:06 GMT
server: sffe
date: Tue, 01 Feb 2022 16:27:39 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Feb 2023 16:27:39 GMT

GET
H3 200 5.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356520481313741674/ Frame EA7A 43 KB
43 KB 31ms
31ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356520481313741674/5.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cea13f2f745b2c28c14c400c67a3e4e34c683297403dcadba75583d8b6f9e01

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 418530
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43935
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 17:07:06 GMT
server: sffe
date: Tue, 01 Feb 2022 16:27:39 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Feb 2023 16:27:39 GMT

GET
H3 200 copy_50_euro.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356520481313741674/ Frame EA7A 12 KB
12 KB 29ms
29ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356520481313741674/copy_50_euro.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dca48f72b56fa46cfdc2138c776ce0bef3bf597f7b8b09dca9e56de103beb37

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 418530
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12597
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 17:07:06 GMT
server: sffe
date: Tue, 01 Feb 2022 16:27:39 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Feb 2023 16:27:39 GMT

GET
H3 200 telepass-logo_1.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356520481313741674/ Frame EA7A 6 KB
2 KB 33ms
32ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356520481313741674/telepass-logo_1.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01c3926e7f8411106488d10e5d87d7b031cb90bf4b9976c90da7e9289b72c9a2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 418530
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2092
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 17:07:06 GMT
server: sffe
date: Tue, 01 Feb 2022 16:27:39 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Feb 2023 16:27:39 GMT

GET
H3 200 telepass-pay.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356520481313741674/ Frame EA7A 6 KB
2 KB 34ms
33ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356520481313741674/telepass-pay.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f40841e9a8cdb843e399639691c773d1aa8c34413fb5e7d8249120f2e8ec3763

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 418530
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2068
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 17:07:06 GMT
server: sffe
date: Tue, 01 Feb 2022 16:27:39 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Feb 2023 16:27:39 GMT

GET
H3 200 sfumatura.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356520481313741674/ Frame EA7A 4 KB
5 KB 34ms
33ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356520481313741674/sfumatura.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

406bb9afd50be9b98cd86d57a519e8f2efe23f57d03bbf8bb4a5006b2b26c09d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 418530
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4585
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 17:07:06 GMT
server: sffe
date: Tue, 01 Feb 2022 16:27:39 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Feb 2023 16:27:39 GMT

GET
H3 200 2b.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356520481313741674/ Frame EA7A 26 KB
26 KB 38ms
37ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356520481313741674/2b.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b8edacb7592853755f12070a4d79267e9867071a9afef8e72846e415f8fc2b7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 182724
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26255
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 17:07:06 GMT
server: sffe
date: Fri, 04 Feb 2022 09:57:45 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 04 Feb 2023 09:57:45 GMT

GET
H3 200 4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356520481313741674/ Frame EA7A 16 KB
16 KB 35ms
34ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356520481313741674/4.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d4a26808f38f993f0d7dd44c4f6ee87aedd932d74f49bbe03508707d26d9f8b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 418530
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16796
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 17:07:06 GMT
server: sffe
date: Tue, 01 Feb 2022 16:27:39 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Feb 2023 16:27:39 GMT

GET
H3 200 2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356520481313741674/ Frame EA7A 36 KB
36 KB 36ms
35ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356520481313741674/2.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7976f271ee72fac18a797578c9352aeb9d505eb9a8e326b94cec5c23a5cee78

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 418530
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36749
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 17:07:06 GMT
server: sffe
date: Tue, 01 Feb 2022 16:27:39 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Feb 2023 16:27:39 GMT

GET
H3 200 1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356520481313741674/ Frame EA7A 38 KB
38 KB 33ms
33ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356520481313741674/1.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c1fb927811195120caf8969f99effecd07c4cb564779cb74e68bd3c9c2d5ed4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 418530
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38538
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 17:07:06 GMT
server: sffe
date: Tue, 01 Feb 2022 16:27:39 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Feb 2023 16:27:39 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 86ms
51ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220201&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da87fc8f7abf62d62331987cb8dca4a3e264b3882f29d0a3941c304eeb517bcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Feb 2022 12:43:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10013
x-xss-protection: 0

GET
H2 200 LKQ-Pick-Your-Part-U-Pull-It-Fort-Lauderdale-Inventory-385x221.jpg
www.u-pull-it.com/wp-content/uploads/2020/03/ 32 KB
32 KB 435ms
134ms Image
image/jpeg 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u-pull-it.com/wp-content/uploads/2020/03/LKQ-Pick-Your-Part-U-Pull-It-Fort-Lauderdale-Inventory-385x221.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1803331ac1ae7310264f16b1f099e80fb7152e4cfc11fd3f77fdfa230e41dead

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:10 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 03 Oct 2021 22:26:09 GMT
server: cloudflare
etag: "7f5f-615a2e01-305262;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7O8Iadpf4pkFTAuT%2B5KezuO%2BSjqmt6CYld9pkh6869sCiTgQB%2FHKJVtFv7kw192gnyW9fslSPy4%2F51pw3tA9ZD2etjhb2qWJnh1VvXHH6irVB0YJA1cmq19BgpR1FR%2F5SC6Hly1o5tFD6R0YC79BpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 6d94766b690e839d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32607
expires: Mon, 07 Feb 2022 00:43:10 GMT

GET
H2 200 LKQ-ATLANTIC-PICK-YOUR-PART-6000-Dyer-Blvd-Riviera-Beach-Florida-33407-1-55x55.jpg
www.u-pull-it.com/wp-content/uploads/2020/10/ 2 KB
2 KB 372ms
72ms Image
image/jpeg 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u-pull-it.com/wp-content/uploads/2020/10/LKQ-ATLANTIC-PICK-YOUR-PART-6000-Dyer-Blvd-Riviera-Beach-Florida-33407-1-55x55.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98fc59738581a7df8d5413d21dee9fedb220242d44ae93cf29e8bddd3c99fc66

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:10 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 03 Oct 2021 22:26:07 GMT
server: cloudflare
etag: "789-615a2dff-304837;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xrPfmt%2BlSz1Dl3WeD%2FIZ8e2gH%2Bhsak7LjCosu%2BKxxKtWw6Pkta%2BQnh3xxq6IxP%2FwgIpeg8RnsFY7s3xrIW4FL%2BesSppRxjXz8v3qWNr%2BSEDn9Bd1geJwnTvndesQW61Rp5pE%2BJ196GYv420vw8gMDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 6d94766b6911839d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1929
expires: Mon, 07 Feb 2022 00:43:10 GMT

GET
H2 200 LKQ-ABC-Pick-Your-Part-451-Benoist-Farms-Rd-West-Palm-Beach-Florida-33411-1-55x55.jpg
www.u-pull-it.com/wp-content/uploads/2020/10/ 2 KB
2 KB 430ms
129ms Image
image/jpeg 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u-pull-it.com/wp-content/uploads/2020/10/LKQ-ABC-Pick-Your-Part-451-Benoist-Farms-Rd-West-Palm-Beach-Florida-33411-1-55x55.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb0f48018f5d8a496e151fb7e24002bd01d51775e48f3f6553e857912f11fcb5

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:10 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 03 Oct 2021 22:26:07 GMT
server: cloudflare
etag: "802-615a2dff-3048be;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aiIceSQPtetq2fOjdTi2jwZdCT6vQwuuH%2Fb2Gm%2FacQLPWLq7zxxfrySCmJ1JqtuDzvHz3YwWZhXKJP9MT6xQv0RdOi4IpRgbwRjlOsy1jtuC%2FpHT52w12FpBZ8SDSO5KUXciBN8fI3Z4XNeStP4SCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 6d94766b6912839d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2050
expires: Mon, 07 Feb 2022 00:43:10 GMT

GET
H2 200 LKQ-Pick-Your-Part-%E2%80%93-Denver-6100-North-Federal-Blvd.-Denver-Colorado-80221-55x55.jpg
www.u-pull-it.com/wp-content/uploads/2020/04/ 2 KB
2 KB 378ms
76ms Image
image/jpeg 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u-pull-it.com/wp-content/uploads/2020/04/LKQ-Pick-Your-Part-%E2%80%93-Denver-6100-North-Federal-Blvd.-Denver-Colorado-80221-55x55.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35fca37817b60e72f52e777a987cedc8cbf8afa78807f18bbcaba7fc032efc25

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:10 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 03 Oct 2021 22:26:08 GMT
server: cloudflare
etag: "79b-615a2e00-304c8f;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dj%2FPyjMIDauqcGb2vevsUU47N4F2GLIojG6TgJFWTLVruqmblzoe5Kgksi61Fd4%2FhkI%2F2Suy%2BzTdOwIzcuh0l8lBi6ElIMD63iMz%2BFJ0e6fgOayG9hggAzjBkw1aD4ib%2FzCNCnGDAvMmBJwl5OgIoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 6d94766b6913839d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1947
expires: Mon, 07 Feb 2022 00:43:10 GMT

GET
H2 200 LKQ-Pick-Your-Part-%E2%80%93-Aurora-11602-E-33rd-Ave.-Aurora-Colorado-80010-55x55.jpg
www.u-pull-it.com/wp-content/uploads/2020/04/ 2 KB
2 KB 426ms
125ms Image
image/jpeg 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u-pull-it.com/wp-content/uploads/2020/04/LKQ-Pick-Your-Part-%E2%80%93-Aurora-11602-E-33rd-Ave.-Aurora-Colorado-80010-55x55.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 832719a2b492702de18ee3f1a05acf2cbe3741f8e7f00cfa8d4f0c78009c47fa

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:10 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 03 Oct 2021 22:26:07 GMT
server: cloudflare
etag: "6fb-615a2dff-304b4c;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ze4MjeVKvV33%2Burb9rynoRGUCUUyoLNadEa9CW0ZkJ8zhrzQ7dnqB2lYWdBEeHAeC4IU3QYV13kC5HD5zfltom6RyroMOEt3AWu7ciBgrj9%2BJF7%2B5C8%2Fmuz%2FHugIPjlzfBU2%2Fq2fwtCT1GT%2B8xgpDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 6d94766b6914839d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1787
expires: Mon, 07 Feb 2022 00:43:10 GMT

GET
H2 200 LKQ-Pick-Your-Part-%E2%80%93-Wilmington-1232-Blinn-Ave.-Wilmington-California-90744-55x55.jpg
www.u-pull-it.com/wp-content/uploads/2020/04/ 2 KB
2 KB 434ms
133ms Image
image/jpeg 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u-pull-it.com/wp-content/uploads/2020/04/LKQ-Pick-Your-Part-%E2%80%93-Wilmington-1232-Blinn-Ave.-Wilmington-California-90744-55x55.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff71ef72c3d5249b5cdf00ad11dfaf01920f6890e4a4e319601ce01b53c5c72b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:10 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 03 Oct 2021 22:26:08 GMT
server: cloudflare
etag: "77a-615a2e00-304c09;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jeAnwkBk8wMyOUX6matA4VeSIlqFf7Pg%2F3b41z1PuKMoz0dCnesSDyO6h57dCZqKOKvOag%2ByG1rS39STPeukgOk2UnMhOMgzGdJSXV%2FqchnbFbkL0AChUVgeG%2FJwEhL3JfqupbwLDA1Ov5zCVKhUIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 6d94766b6915839d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1914
expires: Mon, 07 Feb 2022 00:43:10 GMT

GET
H2 200 Best-Used-Auto-Parts-Junkyards-in-Houston-Texas-385x257.jpg
www.u-pull-it.com/wp-content/uploads/2020/10/ 24 KB
25 KB 427ms
126ms Image
image/jpeg 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u-pull-it.com/wp-content/uploads/2020/10/Best-Used-Auto-Parts-Junkyards-in-Houston-Texas-385x257.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7d8a7ef498fd336004d7f2a4691a0606a66d736fdad20e243eb200b88d82ab3

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:10 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 03 Oct 2021 22:26:07 GMT
server: cloudflare
etag: "61ce-615a2dff-304909;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TpjvuTLmvxFh%2Bxqeq%2BreveK%2BjIEsc2wVE0RFJPgFVbYF%2B4ScMFNgqLqXzeOJmtN097D9SVfd2omUPErQJroLcVsmlptpy700o7yM%2Flxp1mqmlPL7Z67hMRHVSxJOqgqtFnhnm8l6aMYA9jRPkpq61A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 6d94766b6917839d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25038
expires: Mon, 07 Feb 2022 00:43:10 GMT

GET
H2 200 LKQ-PICK-YOUR-PART-UPULLIT-FORT-LAUDERDALE-55x55.jpg
www.u-pull-it.com/wp-content/uploads/2020/10/ 2 KB
2 KB 420ms
120ms Image
image/jpeg 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u-pull-it.com/wp-content/uploads/2020/10/LKQ-PICK-YOUR-PART-UPULLIT-FORT-LAUDERDALE-55x55.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 187d646d0fbfbe3eaaef6b16b8c4cfea7c06db887b953da5e4fbf811eb355ff9

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:10 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 03 Oct 2021 22:26:07 GMT
server: cloudflare
etag: "84e-615a2dff-304875;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TBaG%2F5XIRwrrykdwyl%2FSwrCNecT56qN63O8bG%2BLl6jQktk%2BEGCC0Ns0j03FxUbi9Sbj4qJ4VLwAPbiqX2kj%2FKTYjf9BpenMQ6kxDxZQAaU6eSRI81KR5QL8Zheth%2FaQe2l5IdX%2FCTNRFg5o8MalemA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 6d94766b6919839d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2126
expires: Mon, 07 Feb 2022 00:43:10 GMT

GET
H2 200 PULL-A-PART_INDIANAPOLIS-55x55.jpg
www.u-pull-it.com/wp-content/uploads/2018/12/ 2 KB
3 KB 423ms
123ms Image
image/jpeg 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u-pull-it.com/wp-content/uploads/2018/12/PULL-A-PART_INDIANAPOLIS-55x55.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f0b7b0e4fa443fd16c3c3a2d42cf4094177283c51c596305038990ec27282da

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:10 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 03 Oct 2021 22:25:48 GMT
server: cloudflare
etag: "866-615a2dec-302294;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4RMQE%2BNGDM1LU%2BeEgtXyYk7VcdVhqglNEbZuwpK4%2B1TGOk6sP0hezHmMjlIQBVwO4HABvY48N7uu%2BDNC16vaLByf2U1iwvRCSxcJ2eRVNW53GxBIhTHEjg%2FuctCtnVhCzZRv6eY5cW2PpXnraKcOyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 6d94766b691b839d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2150
expires: Mon, 07 Feb 2022 00:43:10 GMT

GET
H2 200 u-pull-and-pay-houston-55x55.jpg
www.u-pull-it.com/wp-content/uploads/2018/12/ 2 KB
3 KB 432ms
132ms Image
image/jpeg 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u-pull-it.com/wp-content/uploads/2018/12/u-pull-and-pay-houston-55x55.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36d884759d3ded477757e1a0b4bbccaa4ebdf88f83e5dbf1f6aa260f3bbbb9cb

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:10 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 03 Oct 2021 22:25:48 GMT
server: cloudflare
etag: "88b-615a2dec-30227d;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KX5mXXEPOmu%2BR0CU%2FNjKNry6YuMfxq3bQFDK%2FxJzCUxSyk9%2BEtj43wAmMEV0f1L%2FwqQFcEna5mL1jZ4tZguSFeZgowwJaInBxEifGNofljaWVM673CjOXmuNxUAm1TmjhclYpWLGFJq0Uwzcg0vDDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 6d94766b691f839d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2187
expires: Mon, 07 Feb 2022 00:43:10 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 104ms
104ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 06 Feb 2022 12:43:09 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D85F 13 KB
5 KB 26ms
26ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 06 Feb 2022 12:26:42 GMT
expires: Mon, 06 Feb 2023 12:26:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 987
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A51C 783 B
535 B 37ms
37ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

051aa2aa134ad28486aa3164a0d71aa175b79d53745608768ceed07730341f67

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qc8c/OlEa36dDRByeGK2uA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 06 Feb 2022 12:43:09 GMT
date: Sun, 06 Feb 2022 12:43:09 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-qc8c/OlEa36dDRByeGK2uA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 36D1 42 B
64 B 69ms
69ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuYRNbdZSMDdpPPtrjI6e2XSliX64qJVYRu0r9F_89w4XMwbp4Qz9bJGb9oH5Be4zzPM52Eq7WHjFE9OFXPgissEKem2kwhOhyt_4PUyH3S9c5nUKgv6g&sai=AMfl-YRkvzCi27o11Ss0LLXJF8YzD5laSTAypUS-Sq3Jnl1q14WSrdZS8PVdMz50lN07sEpGtwKC-XQatlL2&sig=Cg0ArKJSzOCaGVZIlf-ZEAE&id=lidar2&mcvt=1005&p=0,0,280,1130&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20220202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3845584887&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644151387854&rpt=1031&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Feb 2022 12:43:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 -RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js Show response
pagead2.googlesyndication.com/bg/ Frame D85F 35 KB
13 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f91417ba47adb96f6358862c68ce52f90977d4f5e806c99deaf76414766d0d02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 05:33:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13701
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 05:33:46 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A51C 0
0 77ms
77ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220201&jk=2875662532827413&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D85F 0
10 B 27ms
27ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?MzHotw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:43:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
21 B 64ms
64ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220201&jk=2875662532827413&bg=!u7iluPzNAAYZkRhwGZE7ACkAdvg8WqzD9R2n2CaCGNv40qLIqRHFo9cjk0t8BEM9TIpjzADOxttfagIAAABhUgAAAAtoAQcKAF50DLtcZLsvTtBU5JcMCCgtuIdk3eV296M2a0pP9-oE1qpZieoDd1c9ivp5sQTVRQe5bEU6vhzt8dwIE3DUZRkqgIgwtslQQnzG4gXg8ARvuFj7aN0xFzitN8AmsGkDmQKNVg9mG9GwGF2QBv28S1_XcEwQma-B72qtYw8lVDJb9YVLiG6paC8ol8QURAvU_XNYWawyYMxMUfRl-OXwn77tbu6wA7yjEoc6aiiwNTIe68AdPuYTG8xJe3RRVRK2EI5AbT2mqsavDrB29TgohMfa4JddbcroJCoDNc4rQ2M6itIg9VLojQSy28MvbBprAcFQZGr1bpVcZVTOBmsDCtZtkbd12LWDjDdRMQCgW8Fq4NCS0YfyG_tvFUpg5VHnbWu48kEB8CC4cIa_LFS3AWTI0QcDz0w9w8S2bJjcW2peJyN1yOELgXqIAlamD0NiHtRLL_vLOC9MutfpIQyvSWzhYcPUSIjpbh4JtALwX4oRM-Cp4_80X_XQ8YjsTXkIUZBdEznNvyY04FA5lJWT6mYB9XzDiHGueVok9ld_i35LYIR_dXjwTNZ4EOHxIg-aH1ORjpq8EB0vohF51xO2BNsK3DGPia1hLGX6LAVwf7vbWQNN--IjHc6xmYyWM8OQWNkW8YdAhdD2MkrAhZRgUp8TFLY4YXz-7GBHjagkKr-mnn5RNmG6u7guRRokSmx1wb7kC4b0dCqcMBUW0Cn8SsIFHsL3ffbzeq0GM_YEi52gBBPIbCJLfRzlM6GpzxjdptxoGjBGbR7c-J6nKzm13FZAtlbZUcqqw-bWQ_CDpSHcnC_U1F6iTKSGWBTlT1ze8rApdIRi9wVWHOdGcBLB-DaN2a_5GWdMs27oEE8yPuK29On8RSS0gJE716ClMCcUAE0WGUjf8oANElTHBSWU7gfkW23hMoTsjKOX8ndxISZjUw4a7sw_HWhbbRs3H5xc80dzQNa99rXcGPlp_6zz-qc5pYz0z8SnHONA-IKRfK0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Feb 2022 12:43:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FB0E 42 B
64 B 64ms
64ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvF84IX_33jfbETKeqD-nWer8MUM76P61jeUFkVg0mlrPY5z4fnm5TmVpL8psrm1blZPgWTZE4OwlqgMjoh8onvsp54BrXb0V1x5E-ikS3nFVUoq3nyzA&sai=AMfl-YTym9VJNcAVaf9Az-9jEQeJfhUvcXGACb_ulKwhiWcRXgPXwZ6mDfxchQjnaoqe6xJwc9EJs1qiMPBa&sig=Cg0ArKJSzObwYaVVuwb8EAE&id=lidar2&mcvt=1000&p=0,1,124.25,1006&mtos=0,773,1000,1138,1203&tos=0,773,227,138,65&v=20220202&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&app=0&itpl=2&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644151389139&rpt=218&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Feb 2022 12:43:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.u-pull-it.com/	1970-01-20 00:45:24	Name: _lscache_vary Value: 35560ef88ab562dc327af76f20ca95cc
.u-pull-it.com/	1970-01-20 18:13:43	Name: _ga Value: GA1.2.1146389484.1644151387
.u-pull-it.com/	1970-01-20 00:43:57	Name: _gid Value: GA1.2.343829420.1644151387
.u-pull-it.com/	1970-01-20 00:42:31	Name: _gat_gtag_UA_115192652_2 Value: 1
.u-pull-it.com/	1970-01-20 10:04:07	Name: __gads Value: ID=53c93b142c2c8102-22fe65f835cd00bd:T=1644151387:RT=1644151387:S=ALNI_MaWh8uBLX0g2Io5sy8_bEcv0yceiQ
.doubleclick.net/	1970-01-20 10:04:07	Name: IDE Value: AHWqTUnp2MP5rYDIMMNHm4kaBPA710lIjiGk6ahdj4sJ_oVhm4S1FNhmhJShxBqQ1YM
.doubleclick.net/	1970-01-20 00:42:34	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1(Line 22) Message: The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356520481313741674/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356520481313741674/index.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.it
clients1.google.com
cse.google.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.it
www.googleapis.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.u-pull-it.com
142.250.184.226
2606:4700:e4::ac40:ad16
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:827::2003
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::2008
2a00:1450:400c:c06::9a
0058b35acb32c71242691060f6c85edd4d68ce71e8a4ae6da17c60f9a7819dea
010aae119961cd27aea895903153b1beef0d5643c82ae24f0d1180bad00f0ab6
014899709e9abfbb29ff89d5964d40a1d3efbecb1faf88173e999a08e7c8a4d3
01c3926e7f8411106488d10e5d87d7b031cb90bf4b9976c90da7e9289b72c9a2
0385ba4f9e7baf0cd4c8eb69afa560a0b0eb355d3e1baa4bd3cc8b2c8e45d5f7
051aa2aa134ad28486aa3164a0d71aa175b79d53745608768ceed07730341f67
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
097fe57903bfaee075f670a6eb95c1afbc03e27bb8ba702daf3a9cc95cbfd0fe
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1029aa87d4fa3c3a9bcc19ed4cff14833a8f273ad5d719dc491f94f68d9da74d
10b71a5a833605ed51291d417eb189e99b19f4eacde881221c689c76b0fe5e07
129b2f90622753ed6ccfd8e610d3236ec87f1b93af9afed05bc68e808b8f595e
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
16f753762797f6d0783a7d74897d179fa104c3946301380911115d6efffe622b
1803331ac1ae7310264f16b1f099e80fb7152e4cfc11fd3f77fdfa230e41dead
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
181fa72810544f2fae63d68c64263e3f4bd4d6c0492aead132d193f53cd14ff3
187d646d0fbfbe3eaaef6b16b8c4cfea7c06db887b953da5e4fbf811eb355ff9
1914c65f50a289e8c61022e4ff089c99f7e41459a50c7a7e8636fbd42342d582
21436b641b6810efe969e01b2b3504e0a3028818527cbcd94c6d8798c1a64e22
2320e98c348f70864c1093c40f834a4c59543baae078bdf4a3d9e609e2924654
269fcaffa15662f93737af0282f7a6bb79d0c927344246e0ba46a2190b707ad1
27c8a4d6283a731fe888e0bc99e694ff1780cbf4ba3893b40f55919af4c9c389
288e657f032a90ded7790386da06a70bf79e10c905d25f759d758a8a0a24d092
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2b8edacb7592853755f12070a4d79267e9867071a9afef8e72846e415f8fc2b7
2cac931b3ab55a2abba862787ef55e78d628c87a940df1f1bb39293eaaa0d78f
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2dae60c1ae93830b79a4a973b55a51e457d539eb298da9fca643b3ed0042d569
31033aafac839fe09042525e8861e8e8bb9bb7a877309cb03e547f03693e7fca
321ddcf81fbfd4bc14255430ea728d48eefc7870cd72cbbd1b87bcfd5d0416c5
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
34b6fbf1d6e59e931eafbf2a913a686868f3b64c6a98ad6d117aa6d657f76868
35fca37817b60e72f52e777a987cedc8cbf8afa78807f18bbcaba7fc032efc25
36d884759d3ded477757e1a0b4bbccaa4ebdf88f83e5dbf1f6aa260f3bbbb9cb
3ad6c8bd3624555dd79177efe91f0aca20e7f28597fa6b49762c27f337500d8d
3c8c9ecb56342deee4103bf15c4dece3e0335d5a65a58c0fcac51fd30b328e16
3db14c3e41ef33e22ceb9650bc75be5a1980965caa10804082a061a7df493efa
3fde8cb41821a30a1282255a385d4c3bbf0ef4001b4f97b90751ab69be85f973
406bb9afd50be9b98cd86d57a519e8f2efe23f57d03bbf8bb4a5006b2b26c09d
42f04ee0dfec219e46d062e2bae79eee3499d1bfcbb260bbbb78cc4a7cda0d6e
42ffbeb4bebb4a2fd22fc5661a9b4843cfcbfec8c1c6e9731ed49cb11e5f70d9
449efa6c99cda11ec2f0873a3b8575d6477e482a6523a48c101d36572eb72742
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
49d4be8be611ea416f078b0cac27ea6b677cec33d8e5f0ce29542da2deaa9d80
4b0864712c6e7ca75f8c003f7bc1a9270af33d6becd4119463771593274c48d2
4c347b2226f950fce2a949b71e33f067a0acf77e3ddc848c6b86248513466f4d
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dca48f72b56fa46cfdc2138c776ce0bef3bf597f7b8b09dca9e56de103beb37
4fecc04a26eea4188c3e0e5b28ab84af44d6d76992c9ba36146a10c414f288aa
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
52f1c429d3f82fb1ab271ac382d7d769ab3a99f85455200f730cceac136d8b29
53e4f0d543b4219da0ef6eb5fdd014eb7d87518da234eba0d8748b1a4cfe76a5
545a515e4e22ea119ed0f30968bc6a3b07c9c77755735a1d654a8b2206434d56
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56c7a62d35038f015936e535fd55a52eb94116831c5008679867f55615470380
5b387cd72d1c80a0c7aaf5a7e7e9f10acdb76857ebef49fc0ac0b14174fa1636
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cb8b21eea4af1109e66c8fbed04552f8220874c3543592d1a1efc376397756a
5d4a26808f38f993f0d7dd44c4f6ee87aedd932d74f49bbe03508707d26d9f8b
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
601086495737e77f9b38156a492ba535647397540b550948e7855c32bd15f127
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ded43bae7eeb79ab544e26dbad051960b7db1da4ceed550be859e979be23ba
68d792925bb05b01d7402881dda450299ae716a9d0a246ffcae999999485dca6
68e9325be2037baf4361e4cf39a4ebf5619b92aa2a0da34484152b93a08b3623
692c4903bf8aa41213b72263d11469e77197d7a9bbab59b7b27765a6e6f7e888
6e6f3e6e46e5f2d2ddd0f5c7f50cbb06058260292fa52bb0c3b668c8218e4931
704503e2de416d481cada347ff52bf7207892e1d8d206f15dde77213f34c3ee1
710d2166895f458497f72718b979dfcbfdf6a4463b8150d1f1e23f5661e0cf1d
71f652d6e3c322295772c1f083ab62329a94464741c4167ea745b5da21123cc9
7209c26bc245ae1b293f4b9622201b1dc97282229a2e8fcae555f36caa8650e8
745aa7922c7f2b2b90fed47707f158c11b5c6d65ebb515bb55db1c57f545b267
76d507787e9cb8cc91e5cf3f2aae4a816e9466a7164df455e377f47cff68bef3
7a59889a776750a558efc117bb5592b7303fa2e28775e638c75b2a3440435b06
7c1fb927811195120caf8969f99effecd07c4cb564779cb74e68bd3c9c2d5ed4
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7ef1bb35d078499d5e68d0e512a205e3011574896787e614c9e2365443dae72e
7f3a5aa4dcb3c0912452ca3c83baa8113278b60b4037bd1580338dca32d58d71
80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d
80c4cb672a05a4d2de6dd19d4c0268afbdaa7dcf90d8312b44b1476c03d74713
832719a2b492702de18ee3f1a05acf2cbe3741f8e7f00cfa8d4f0c78009c47fa
848cc90319222bbe2344d96a75ee7f6338210fc8bc531087c4a2c1a96b327989
8567910c20a8d5d4780282da4d9bbd8d6ecb51cda15a6a52c0ff0e08d21e44ca
85bbe26b745f3c27832de4f79ae23834de14cab8ecf0b3735e2fb94b206776f8
883ad5e99217795191d9b87ad696ceb0b508b6c3c257899eb39ffb94938420d4
8f0b7b0e4fa443fd16c3c3a2d42cf4094177283c51c596305038990ec27282da
8ffd4fa5a264b3e898d603cdb70ace1d105677ea64c5bbcb12e19c26269fd2c6
943e028100328495e950208f3da149c633cd00272275310031f90fac060cf80a
98fc59738581a7df8d5413d21dee9fedb220242d44ae93cf29e8bddd3c99fc66
9c65b63d6606dafcab4ea6ab0305cf0dbe7db6661e2605b1db3c3bf92ca3715d
9cea13f2f745b2c28c14c400c67a3e4e34c683297403dcadba75583d8b6f9e01
9ffcca15dc6aa1936d268a8c3f1b0237193fc9d8dd5f23627daf57c1eb273b5d
a13dd898914f9e42ad6ff63d9b852a77767ad51b2d48db285129258395138b22
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a198c3338edcdaab4efbdb7784d627e2bee2e510730b7ccd008d683aabf9f1c3
a3e4ba355dfc9f329b78853bec058aae1ec6faba763013efe129740525dd1e2d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4ef235c3eef8bef32e50772b0e1304d8b32c115f886b9ea90200b5834045c6e
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
ab347189e7ad45b87273fb8b92f2d47ce3def1c67808bd4f489fc2e4cc540f8c
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
abf960f9666f54b7901ae35e3c047304a4d9375638557d4007f7695cb64def6b
ad879f7ef2970533c1cae474b822894d6c736259e46f9ff5f52da2b0a405db02
ae3ab6e55cd6b5a798aeba2ef677cd891ae62a2bcf15395bfcc917d4751aeae2
ae9de52233685161ea61d4d2125cfdc5173e6b1a7fbeec4acd0a6f593c1e2458
af7abbd50259f3bcff758cf50b078fa045c1b5adc3e0456baa0b64170ab97c54
b0a265b5c72dd333fc0340fd81ce10ba69b74ea2c956d143c7004ee51797c287
b1b255e6f6b53f7e439eeb776c18e68c958c1fcf833dc741adb0019344c6d190
b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d
b758e4ade89d0f63877c3ad2aa989ca9910aa958de5e8148e4ffa1ea42513365
b797cec0d9367827829b1e26e3b6345565131cdd8828e03debc3aca00212d08c
ba3a69eac14f205d41ae36f8edbc79a8bff293a19ddac18f62bb9cdc7deb440e
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bea82a0e496f9ac4fc5a0349674c20fc8733ac9651e2d06d6ece1a63d15ca735
c13c3bee4e1b31c9287f7720de7a0586e3c411ae1f25a3137593265c3bb03cb2
c3ad102ea9240c0a7250947a2240dfdf5462885c297ebd2cf37165a34ee7c3de
c7976f271ee72fac18a797578c9352aeb9d505eb9a8e326b94cec5c23a5cee78
cab68ec377f969057de608a48096cfdf97a36d37e1932eb008a0cb9cd451cbd1
cc73c0ef50d2836de7729973a39e5729fb5976a28fd3a4c84cacd7cc1ba2bbbc
cfe02bd50e2842b72df433fc489678e766b5c82be918efbecbe277038896353a
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d354ef5276006cd964582092356d2ab1b4580ff631f0051521c5ada9ad5be748
d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc
d5cb3c2477e41ca879dd08266a7cc5ca76272ff26f53fedcff5672feeaa7bb97
d68e4427f2af26e714883b6d7bb03cdf873c1d24b43b1fd91c8a0c6e78a3441c
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d9ac50bf404d7817475d636a0db03afa86a8b991912126863dcffd7b50d19daa
da87fc8f7abf62d62331987cb8dca4a3e264b3882f29d0a3941c304eeb517bcb
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
dde8490690d90faf4b84d4c8f83cfb3980f432ddcff3ee47f5e58a0efb954d58
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea3318e2b92bdbbc82916c7f662dd295a53d8d7c99bd16cd45c5392c26d62256
eb0f48018f5d8a496e151fb7e24002bd01d51775e48f3f6553e857912f11fcb5
eee6db5ea028d106a9910c672d2f97b2ca9d97a1962d9fb61a10e345c73b3ffa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3749103b4853851dc340e4bd226c2e35f565c3de7b5c53c8d585845092763a9
f40841e9a8cdb843e399639691c773d1aa8c34413fb5e7d8249120f2e8ec3763
f71a9986cb020bf7a514780063787879d613df7c6248eb7d2cb6801f2d7c86b6
f7d8a7ef498fd336004d7f2a4691a0606a66d736fdad20e243eb200b88d82ab3
f91417ba47adb96f6358862c68ce52f90977d4f5e806c99deaf76414766d0d02
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
fd57a03a1fa028e612c6dd570dac10933c925b2939d6e9859178b33c19c38805
fd91107c9caee2cb782d878816b4509cbd72a1562abed0f197a36cf0d158322e
ff71ef72c3d5249b5cdf00ad11dfaf01920f6890e4a4e319601ce01b53c5c72b
ffe24743e493fbe4c9c5439571b59c9f4316fa6598c4b4aa0eee22e314d88dad

www.u-pull-it.com Open in urlscan Pro 2606:4700:e4::ac40:ad16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

179 Requests

100 %HTTPS

94 %IPv6

11 Domains

19 Subdomains

19 IPs

3 Countries

2586 kBTransfer

7825 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

179 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 34 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.u-pull-it.com Open in urlscan Pro
2606:4700:e4::ac40:ad16 Public Scan

Screenshot
Live screenshot

Full Image

179
Requests

100 %
HTTPS

94 %
IPv6

11
Domains

19
Subdomains

19
IPs

3
Countries

2586 kB
Transfer

7825 kB
Size

7
Cookies

179 HTTP transactions
34 data transactions