smarturl.it Open in urlscan Pro
54.171.251.32 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://smarturl.it/hailstan_store
Effective URL:
https://smarturl.it/hailstan_store
Submission: On March 24 via manual (March 24th 2023, 11:31:22 am UTC) from AU — Scanned from IT

Summary HTTP 60 Redirects Behaviour Indicators

Summary

This website contacted 24 IPs in 5 countries across 14 domains to perform 60 HTTP transactions. The main IP is 54.171.251.32, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is smarturl.it. The Cisco Umbrella rank of the primary domain is 229061.
TLS certificate: Issued by Amazon RSA 2048 M01 on March 2nd 2023. Valid for: a year.

This is the only time smarturl.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	54.171.251.32 54.171.251.32	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	143.204.89.122 143.204.89.122	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2.19.70.117 2.19.70.117	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
5	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2602:803:c003... 2602:803:c003:200::37	26667 (RUBICONPR...) (RUBICONPROJECT)
2	23.2.211.147 23.2.211.147	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2 3	52.95.126.160 52.95.126.160	16509 (AMAZON-02) (AMAZON-02)
6 8	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:b442:a922:75e3:f08a	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 3	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
1 3	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
60	24

4 54.171.251.32 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-251-32.eu-west-1.compute.amazonaws.com

smarturl.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-122.fra50.r.cloudfront.net

display-service.linkfire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

48a376f87d3685280d2fa0f31bc067d5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.70.117 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-70-117.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

smarttag.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::37 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

beacon-ams3.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.2.211.147 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-2-211-147.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.126.160 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 69.173.144.138 (Frankfurt am Main, Germany) 6 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:b442:a922:75e3:f08a (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.151.131 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 48a376f87d3685280d2fa0f31bc067d5.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 135	78 KB
14	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 cm.g.doubleclick.net — Cisco Umbrella Rank: 206	213 KB
13	rubiconproject.com 6 redirects ads.rubiconproject.com — Cisco Umbrella Rank: 2336 smarttag.rubiconproject.com — Cisco Umbrella Rank: 15144 beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 9154 eus.rubiconproject.com — Cisco Umbrella Rank: 556 pixel.rubiconproject.com — Cisco Umbrella Rank: 322 token.rubiconproject.com — Cisco Umbrella Rank: 553	28 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	114 KB
6	amazon-adsystem.com 4 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 938 s.amazon-adsystem.com — Cisco Umbrella Rank: 276	4 KB
4	smarturl.it 1 redirects smarturl.it — Cisco Umbrella Rank: 229061	101 KB
3	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 309 fonts.googleapis.com — Cisco Umbrella Rank: 31	8 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	97 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 330	265 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 326	648 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 446	619 B
1	google.it adservice.google.it — Cisco Umbrella Rank: 55835	531 B
1	linkfire.com display-service.linkfire.com — Cisco Umbrella Rank: 342585	84 KB
60	14

	Domain	Requested by
9	pagead2.googlesyndication.com	smarturl.it securepubads.g.doubleclick.net tpc.googlesyndication.com smarttag.rubiconproject.com googleads.g.doubleclick.net www.googletagservices.com
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com googleads.g.doubleclick.net
6	securepubads.g.doubleclick.net	smarturl.it securepubads.g.doubleclick.net www.googletagservices.com
5	googleads.g.doubleclick.net	smarturl.it smarttag.rubiconproject.com googleads.g.doubleclick.net
4	token.rubiconproject.com	4 redirects
4	pixel.rubiconproject.com	2 redirects
4	fonts.gstatic.com	fonts.googleapis.com
4	smarturl.it	1 redirects smarturl.it
3	cm.g.doubleclick.net	1 redirects
3	s.amazon-adsystem.com	2 redirects
3	aax-eu.amazon-adsystem.com	2 redirects
3	www.gstatic.com	googleads.g.doubleclick.net
2	eus.rubiconproject.com	smarturl.it eus.rubiconproject.com
2	www.googletagservices.com	securepubads.g.doubleclick.net googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	fonts.googleapis.com	ajax.googleapis.com googleads.g.doubleclick.net
1	match.adsrvr.org	smarturl.it
1	px.ads.linkedin.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	beacon-ams3.rubiconproject.com	smarttag.rubiconproject.com
1	smarttag.rubiconproject.com	ads.rubiconproject.com
1	ads.rubiconproject.com	securepubads.g.doubleclick.net
1	48a376f87d3685280d2fa0f31bc067d5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.it	securepubads.g.doubleclick.net
1	ajax.googleapis.com	display-service.linkfire.com
1	display-service.linkfire.com	smarturl.it
60	27

This site contains no links.

Subject Issuer	Validity	Valid
smarturl.it Amazon RSA 2048 M01	`2023-03-02` - `2024-03-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
display-service.linkfire.com Amazon RSA 2048 M01	`2023-02-23` - `2023-08-12`	6 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google.it GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://smarturl.it/hailstan_store
Frame ID: C84B9BB0C6C7296191ED1CAF516E8EB2
Requests: 19 HTTP requests in this frame

Frame: https://48a376f87d3685280d2fa0f31bc067d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4B17568A4889E09014AB1C468288CE73
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 42645C8E0FC4AC53318358BC2BC97A1C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C5436F48007F3827F806F04D09237823
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdDUyOcnlmF2wbTkP-o0NphAJgnpVg1nl0VmME04Yn6bzK4-73Jo-QrCEbOLefWcmFARcuEC3Hg1CS9Li6Mp6ZC4PyZP9p6hHgycOaGJeoS6xSs11z299QdRcGbDja8HXzh2DaTC0AygHGKkQ8ledToGhjLQ7bIrAvnrt8o_FUyqXWDUrUlHUtlgf4cxWM2Mn7I-ZillOncw3kZOz2RPUlmDR6IaBM03V8Lsc1tM8DVNgLFlfgXa7kh_KpavJzmVVOQCGpQ3J7o_ZovwlpLBu5HmMaBqDcVo0WyALaMF9t-E3sO_UN-1MrSiEOWbNvLPtHnaqSBQX6iovgeGSc&sai=AMfl-YQ8loRZxRwsdPblOUR1IARI36alF0Zuj585WcYSGtCirKPBlw-spGdNRYfeWRa_CxA13r7V1X-5yVehI_tvmLqX5JB65ZrkOpGLahqVvfA-gBM_edKid8dYLLyXfTg6ktqS_KHBdVsa8ivdYQW9&sig=Cg0ArKJSzCDkrF9j0qH8EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F848A7F501F8DFD22EA66921D42BE731
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adfetch?adk=830082962&adsafe=medium&client=ca-pub-6579838053286784&format=300x250_as&ip=2001:ac8:24:44::&output=html&unviewed_position_start=1&url=https://smarturl.it/hailstan_store&sub_client=bidder-403064&hl=it&aceid=MA4PtADrFrQAWRi0AJwctAC2HLQAImo0AdSDNAGShDQBuIU0ARaGNAEYhjQB9YY0Af-GNAEEhzQBCIc0AQuHNAENhzQBFIc0AWiHNAGIhzQBjIc0Aa6HNAG9hzQBzYc0AdOHNAHWhzQB14c0AdqHNAHghzQB44c0AeeHNAH1hzQB_Yc0AQSINAEJiDQBCog0AQuINAEMiDQBIIg0ASaINAFLc0EBU3NBAewd2gGzSw4C-6JdAtf2iAJo-YgCVfyIAsr8iALhOaoCJ0KqAihCqgIpQqoCtkKqAhxEqgIbUaoCD1aqAvB2qgL9eKoCgJuqAoGbqgKCm6oCoqiqAuSsqgLcyKoCf82qAnXaqgKg5aoCXe6qAqn0qgKL9qoCVPiqAgz6qgIl-6oCQvuqAvz-qgIdFKsCcBmrAvkeqwI1IKsCVyCrAlwhqwKyIqsCPCOrAlQoqwLxKKsCDiqrAvsrqwKCNasC3jerAvc4qwLyOasC_TmrAg08qwIjPKsCSkCrAupAqwI9QasCkkGrAqhBqwKdQ6sCtESrAmlGqwJTSKsC3UmrAjhNqwLBTasC3E2rAttQqwIQUasCfVGrAqVUqwIuVqsCllarAsRXqwJEWKsCSVirAqNYqwK6WasC-1mrAnhaqwLjWqsC5FqrAhtbqwIvXKsCSFyrAndcqwLWXKsC2VyrAtxcqwJ1XasC2F6rAl5gqwIGYasCsWGrAr9jqwLkZKsCHmerAgZoqwJfaKsCS-0FA9YmEANUssUFKg39CEBt9guPip8ORm-mD86hNRF6934SaaP7ErGr-xLW4fsSIez7Eov1-xIiCfwSPgr8EmQL_BLhC_wSPw38Eo0N_BIMDvwSng78EroO_BLEDvwSzQ78EtYO_BIDD_wSDw_8Euhb0BOGvP8j8lzLJg&awbid_c=AKAmf-A0b_lUQxjStAopqC436BGTcgjRsFqzjjKn8L-VrmS6tjflc9UZQNQkVHxd-nc_NtSGQOQMrQE6Zg_22TG6RR1CgChUfJc3pwjEg5EPI48jMlks3H6zhjNyxWEhtj8VEWzacWFf7AQ3mZcyZpvW0AdtN20HLXMfCwAUpXle-0o_gYvb8FDEUwTgNdT4Norgcv_9s8s7jHlWi_KkH3y1Tb1VZ8yfMwAJe0C4ImvwqOVLmd5bC5O3OyhDc4TZ58a_czEZjWSeGh6ZlM0N7JeOIRvcu2TrO_L6uY4pX4Fc-3emQ8GyOmNz-rVt6wLRhU1Ub2sUnbsOZMaxIc0HpC62SNR916boi-yA0ENWTuVGC-dM4fp9AfnEjUEUND7j8xrldZ93_SABEMfTk7E3rpRyuqe4zsbgBAG02JrmBL12OmPM69STePkO3s7Q50SkhyZWuCxUibxwE3h7Dc5LqZQvmwJOc_C5UzE-c7ikBVqT1UoDbkfFGRo&awbid_d=AKAmf-DCc3lidmiBxEmyAI5BhxucK0oM-w2bIIgZCsKayqgPy-UBZs7-yjYvfNGkAhet5AMNY3AsEWy0DopbFko8fEzDLIiVxjKixdm3FRNem_csXdyVzOhXv30yUna0JQyXvjqbfgty6PFuejHb1cedLtZAyUyIo1lq1mqpiC7sGwCyVRl2Li4c0hP2_WtBqFzeNc5H-K_MSBhlMs3-a9FnYjZaGbbTT2ptH0bCzEBCCtkMNRnvzFZEAaYd61One5Y3d1W-V-MEZ1rJ4PiWAZhALD1kLZEBIEPSPpSxwJT9Ayt9QiLUzmmTAEVk1yjpfeEPEK6w4uxEuI2LnT0t8R-1L8RHgVif8xjO0ir-mdKu9MEmgCz9-caRD1wlb2Sf0scHBi9ziFCfaKec9ICMiGqm2uHkAtwJBp4NAmX72UP4XK2qKpen3KFoEGQ-locKiJWsTdRHUYWE7eHVsVitD7tDRYuQRWe0FG0jk4x6VWmycXP2bC98s_wHd0sfy9habIdEJH4fz-7BY2TI5SQusijAbuDxjuOYrGJr4OELt8RpkLY9HiRe9egV3srAAvJI-zr047zfAs9AQv1VcXVSlgg3OQ2T36yBpYFo6lLTfYKXbQkJTQGuOWT3aC0h6YeyHY0C3b5ognD_uZKnTX7wYW4y3xWJEY-dM1iVTgQ-1qia6fBN-9E4K_6n0UKkfxc0MSxRrHuLvn5g0RvgVOnnQ90jfJU4npPPTsFC-EzK2siiwCqPvQRFa2S3BvIZ7vYQEbRorOWXxzuYcAvvibTk5shezBLDBzl2Nm9s-U2jPHU-zuTbUAtN8XSx0-32OfRkionhiOUgp6DT_Zx28vvHEQaKtdDqV4o6zRT36iL68-n10-n6d4I5LgOoICdLSz7W5tPZ-0j5DY0lmE0969SUL4rldXlTEA7kpQG2BmRGLC-PIhGZUhgIoKQR4u9U-jwhuR4bqbE4az8lt0UswnZAHVkm_0QF1W32YUJd0Wyio1XKH1sC5Wl-2mDzQlJz1aMVojkL4cKinYCX&cid=CAQSGwDUE5ymq_xYGKqyZqwuWnna_9kI2URHVoWHPRgB&exk=1570304352&rfl=https%3A%2F%2Fsmarturl.it%2Fhailstan_store&a_pr=8:F897ADBA3AA5D669
Frame ID: 609F4C8C2793976848577A0708F9CE2D
Requests: 14 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=it
Frame ID: F7C93CFBC18B0AA7BD0ABF790172BD20
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 385FE9FE3E3ACB195CEC8C1AC7B0E1AB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3b1Q3-2ktxseIVt-HK-LDpEKRyl8KDIxhU6os0UJEUg.js
Frame ID: 9C3AF6A9EF91B830C28F2402EF5A870E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

LinkTitle

Page URL History Show full URLs

http://smarturl.it/hailstan_store HTTP 301
https://smarturl.it/hailstan_store Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

60
Requests

88 %
HTTPS

63 %
IPv6

14
Domains

27
Subdomains

24
IPs

5
Countries

724 kB
Transfer

1722 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://smarturl.it/hailstan_store HTTP 301
https://smarturl.it/hailstan_store Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 50

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=n4dCfEL7TIibjvaQ8ML9Ag&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=n4dCfEL7TIibjvaQ8ML9Ag

Request Chain 51

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/3DSi-N0DbG3-QekLO7jzk8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-VVWdHrpE2oLo3PRPTsXTxF0EztlQFSEFpUQwyA--~A

Request Chain 52

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LFMGP0NF-14-LSV3

Request Chain 54

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=HXCI6um3TI-wgW9fkvlB-g&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=HXCI6um3TI-wgW9fkvlB-g

Request Chain 55

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZNR1AwTkYtMTQtTFNWMw==

Request Chain 56

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDU4NTcyZTg2ZjMxMzAzMDc0Y2UyOWM5Zjg5MGM3NWY2OTgzYzQzNw

Request Chain 57

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPV4IomsGSrX10BIdOuAYOE&google_cver=1

60 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request hailstan_store Show response
smarturl.it/
Redirect Chain

http://smarturl.it/hailstan_store
https://smarturl.it/hailstan_store

99 KB
100 KB

246ms
142ms

Document
text/html

54.171.251.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://smarturl.it/hailstan_store
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.251.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-251-32.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e53284c63833fc350b03720856317997e8e7f610bf7cc63c4f96a08bedd26b2b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

content-type: text/html; charset=UTF-8
date: Fri, 24 Mar 2023 11:31:16 GMT
server: nginx
x-redirector-version: redirector-v3

Redirect headers

Connection: keep-alive
Content-Length: 134
Content-Type: text/html
Date: Fri, 24 Mar 2023 11:31:16 GMT
Location: https://smarturl.it:443/hailstan_store
Server: awselb/2.0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 122ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: smarturl.it
URL: https://smarturl.it/hailstan_store

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0b6af1afaba68724717c4a77a7e020c8268aa0673916541c6f02949ef12d64f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://smarturl.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:31:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27475
x-xss-protection: 0
server: sffe
etag: "1520 / 312 of 1000 / last-modified: 1679655999"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 24 Mar 2023 11:31:16 GMT

GET
H2 200 script.js Show response
display-service.linkfire.com/widgets/linkfire-widgets/ 249 KB
84 KB 118ms
36ms Script
text/javascript 143.204.89.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://display-service.linkfire.com/widgets/linkfire-widgets/script.js
Requested by: Host: smarturl.it
URL: https://smarturl.it/hailstan_store
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-122.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e18b2658817f04c70d5c897f75c930bb3768fbf951a7e78cb5f478e398305a5

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://smarturl.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 13:07:04 GMT
content-encoding: gzip
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
last-modified: Mon, 13 Mar 2023 13:06:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 944653
etag: W/"4fa67ccdf6026e77d853398620678f29"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=600
cross-origin-resource-policy: cross-origin
x-amz-cf-id: LT6ZS3uIvI5JBwKm2ThTG6Bh6U0n8Dfhc0MWw2ZtxkYwoEjNAM-z-g==

POST
H2 200 / Show response
smarturl.it/~/tr/visit/ 70 B
186 B 100ms
100ms XHR
application/json 54.171.251.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://smarturl.it/~/tr/visit/
Requested by: Host: smarturl.it
URL: https://smarturl.it/hailstan_store
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.251.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-251-32.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c9d96456fb82f973c786634c9bcda2c8b0811ff83df4199ebdd2626acd476029

Request headers

Referer: https://smarturl.it/hailstan_store
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 24 Mar 2023 11:31:16 GMT
x-redirector-version: redirector-v3
server: nginx
content-type: application/json; charset=UTF-8

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 183ms
100ms Fetch
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: smarturl.it
URL: https://smarturl.it/hailstan_store

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://smarturl.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:31:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48737
x-xss-protection: 0
server: cafe
etag: 4845097182154484711
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 24 Mar 2023 11:31:17 GMT

GET
H2 200 pubads_impl_2023032101.js Show response
securepubads.g.doubleclick.net/gpt/ 396 KB
134 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73fb2fa0d192c9fe74aaef182a6dbc31c29e7cc863038f0d69eac0d5c8ae204f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://smarturl.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 10:58:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1937
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136519
x-xss-protection: 0
last-modified: Tue, 21 Mar 2023 08:35:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 23 Mar 2024 10:58:59 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 68 B
79 B 131ms
73ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=smarturl.it

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fcaa907b9d20113054616e3aaac5b09f790e56c3a51c0e5ba86a08e00c401c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://smarturl.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:31:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55
x-xss-protection: 0
expires: Fri, 24 Mar 2023 11:31:17 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 92ms
28ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: display-service.linkfire.com
URL: https://display-service.linkfire.com/widgets/linkfire-widgets/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://smarturl.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 12:28:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169381
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Mar 2024 12:28:16 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 101ms
37ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=IBM+Plex+Sans:500,600,700

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7dffcaa3fab3fa0d959108cc10cb49f046c6a8db7e49ace8362a40c8c2e9c12d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://smarturl.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 24 Mar 2023 11:31:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 11:22:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Mar 2023 11:31:17 GMT

GET
H2 200 integrator.js Show response
adservice.google.it/adsid/ 107 B
531 B 132ms
36ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.it/adsid/integrator.js?domain=smarturl.it

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://smarturl.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:31:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 103ms
38ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=smarturl.it

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://smarturl.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:31:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 562ms
561ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1551611902665268&correlator=2624397821516637&output=ldjh&gdfp_req=1&vrg=2023032101&ptt=17&impl=fif&iu_parts=22051246401%2CInterstitial_Footer_Client&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=2627475421&sfv=1-0-40&cust_params=explicit%3Dno%26linkid%3D341632ae-93e1-4893-9007-dbd0c09a238a%26boardid%3D91a0ce14-018c-4eeb-a9a3-78747015356c%26toplevelboardid%3D5817b55d-314c-422f-a09e-840b0ca6a4e4%26organizationid%3D5817b55d-314c-422f-a09e-840b0ca6a4e4%26countrycode%3DIT%26city%3DMilan%26days%3D%26planid%3D2235c21b-7da1-4131-a1ad-11d1ceacf0c2&sc=1&cookie_enabled=1&abxe=1&dt=1679657477070&lmt=1679657477&dlt=1679657476746&idt=274&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsmarturl.it%2Fhailstan_store&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=640&ohw=0&ga_vid=584921159.1679657477&ga_sid=1679657477&ga_hid=814409878&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aef301bd9ed110ba53c8b5a088217d42e2b86ac4334188389b9ee07ab7de3f36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://smarturl.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:31:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9951
x-xss-protection: 0
google-lineitem-id: 6194319093
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138418999962
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://smarturl.it
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
48a376f87d3685280d2fa0f31bc067d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4B17 6 KB
3 KB 148ms
35ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://48a376f87d3685280d2fa0f31bc067d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://smarturl.it/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 11:31:17 GMT
expires: Sat, 23 Mar 2024 11:31:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 interact Show response
smarturl.it/~/tr/ 70 B
186 B 103ms
102ms Fetch
application/json 54.171.251.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://smarturl.it/~/tr/interact
Requested by: Host: smarturl.it
URL: https://smarturl.it/hailstan_store
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.251.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-251-32.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c9d96456fb82f973c786634c9bcda2c8b0811ff83df4199ebdd2626acd476029

Request headers

Referer: https://smarturl.it/hailstan_store
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 24 Mar 2023 11:31:17 GMT
x-redirector-version: redirector-v3
server: nginx
content-type: application/json; charset=UTF-8

GET
H2 200 zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v14/ 18 KB
19 KB 112ms
48ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v14/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49791a696302b5112cec6f474d4d188ec3da019fab43b744b558c8b5e6644785

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://smarturl.it
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:41 GMT
x-content-type-options: nosniff
age: 269616
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18860
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:50:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:41 GMT

GET
H2 200 zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v14/ 19 KB
19 KB 148ms
83ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v14/zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf4eae9216be01f9a411ac93c5008eb38a3abdbb12fdb50ef974a4599e90220a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://smarturl.it
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:42 GMT
x-content-type-options: nosniff
age: 269615
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19124
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:47:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:42 GMT

GET
H2 200 zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v14/ 18 KB
18 KB 104ms
40ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v14/zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea18ca3fe3ae4d94d21bb36a2912258193fb4f257be81be3dabe0e3809a312e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://smarturl.it
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:41 GMT
x-content-type-options: nosniff
age: 269616
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18232
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:41 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 77ms
77ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023032101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53bc96ad0de2117ea0e7b79d23bbb151fcad673f16d8436c88fb0d7f32aa46a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://smarturl.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:31:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11285
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 116ms
38ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://smarturl.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:31:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Mar 2023 11:31:17 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4264 13 KB
5 KB 31ms
28ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://smarturl.it/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
age: 1926
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 10:59:11 GMT
expires: Sat, 23 Mar 2024 10:59:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C543 783 B
1 KB 117ms
51ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7ce0c6a5f8eda1425952b12b78e2e36ab8603310098664b30972fa8d2bd584ca

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZIsf06E5GlK8ojoJrUXMcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://smarturl.it/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-ZIsf06E5GlK8ojoJrUXMcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 11:31:17 GMT
expires: Fri, 24 Mar 2023 11:31:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 3b1Q3-2ktxseIVt-HK-LDpEKRyl8KDIxhU6os0UJEUg.js Show response
pagead2.googlesyndication.com/bg/ Frame 4264 36 KB
14 KB 87ms
29ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3b1Q3-2ktxseIVt-HK-LDpEKRyl8KDIxhU6os0UJEUg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbd50dfeda4b71b1e215b7e1caf8b0e910a47297c283231854ea8b345091148

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 20:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14404
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Mar 2024 20:26:55 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F848 0
0 68ms
68ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdDUyOcnlmF2wbTkP-o0NphAJgnpVg1nl0VmME04Yn6bzK4-73Jo-QrCEbOLefWcmFARcuEC3Hg1CS9Li6Mp6ZC4PyZP9p6hHgycOaGJeoS6xSs11z299QdRcGbDja8HXzh2DaTC0AygHGKkQ8ledToGhjLQ7bIrAvnrt8o_FUyqXWDUrUlHUtlgf4cxWM2Mn7I-ZillOncw3kZOz2RPUlmDR6IaBM03V8Lsc1tM8DVNgLFlfgXa7kh_KpavJzmVVOQCGpQ3J7o_ZovwlpLBu5HmMaBqDcVo0WyALaMF9t-E3sO_UN-1MrSiEOWbNvLPtHnaqSBQX6iovgeGSc&sai=AMfl-YQ8loRZxRwsdPblOUR1IARI36alF0Zuj585WcYSGtCirKPBlw-spGdNRYfeWRa_CxA13r7V1X-5yVehI_tvmLqX5JB65ZrkOpGLahqVvfA-gBM_edKid8dYLLyXfTg6ktqS_KHBdVsa8ivdYQW9&sig=Cg0ArKJSzCDkrF9j0qH8EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: smarturl.it
URL: https://smarturl.it/hailstan_store

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://smarturl.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:31:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 24 Mar 2023 11:31:17 GMT

GET
H2 200 23872.js Show response
ads.rubiconproject.com/ad/ Frame F848 30 KB
9 KB 96ms
25ms Script
text/javascript 2.19.70.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/23872.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032101.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.70.117 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-70-117.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: 1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://smarturl.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:31:17 GMT
content-encoding: gzip
server: Apache
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=7446
access-control-allow-credentials: true
content-length: 8916
expires: Fri, 24 Mar 2023 13:35:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F848 158 KB
49 KB 120ms
41ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc5e5e5fcb0512d00c16a63f06157a3d039a2810e184226ffede0b5f2f223293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://smarturl.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:31:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679493709445325"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Mar 2023 11:31:17 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C543 0
0 62ms
61ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023032101&jk=1551611902665268&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4264 0
10 B 28ms
28ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?jI0-Pw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:31:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 2720482-15.js Show response
smarttag.rubiconproject.com/a/23872/403064/ Frame F848 9 KB
5 KB 360ms
153ms Script
text/javascript 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://smarttag.rubiconproject.com/a/23872/403064/2720482-15.js?&cb=0.09537325275325803&tk_st=1&rf=https%3A//smarturl.it/hailstan_store&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=403064_15&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/23872.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5cc39515a7693860f81df5315fd318fc4071ef3f1d16c9a96ab655d63d401732

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://smarturl.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 11:31:18 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: text/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 adfetch Show response
googleads.g.doubleclick.net/pagead/ Frame 609F 112 KB
38 KB 157ms
87ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adfetch?adk=830082962&adsafe=medium&client=ca-pub-6579838053286784&format=300x250_as&ip=2001:ac8:24:44::&output=html&unviewed_position_start=1&url=https://smarturl.it/hailstan_store&sub_client=bidder-403064&hl=it&aceid=MA4PtADrFrQAWRi0AJwctAC2HLQAImo0AdSDNAGShDQBuIU0ARaGNAEYhjQB9YY0Af-GNAEEhzQBCIc0AQuHNAENhzQBFIc0AWiHNAGIhzQBjIc0Aa6HNAG9hzQBzYc0AdOHNAHWhzQB14c0AdqHNAHghzQB44c0AeeHNAH1hzQB_Yc0AQSINAEJiDQBCog0AQuINAEMiDQBIIg0ASaINAFLc0EBU3NBAewd2gGzSw4C-6JdAtf2iAJo-YgCVfyIAsr8iALhOaoCJ0KqAihCqgIpQqoCtkKqAhxEqgIbUaoCD1aqAvB2qgL9eKoCgJuqAoGbqgKCm6oCoqiqAuSsqgLcyKoCf82qAnXaqgKg5aoCXe6qAqn0qgKL9qoCVPiqAgz6qgIl-6oCQvuqAvz-qgIdFKsCcBmrAvkeqwI1IKsCVyCrAlwhqwKyIqsCPCOrAlQoqwLxKKsCDiqrAvsrqwKCNasC3jerAvc4qwLyOasC_TmrAg08qwIjPKsCSkCrAupAqwI9QasCkkGrAqhBqwKdQ6sCtESrAmlGqwJTSKsC3UmrAjhNqwLBTasC3E2rAttQqwIQUasCfVGrAqVUqwIuVqsCllarAsRXqwJEWKsCSVirAqNYqwK6WasC-1mrAnhaqwLjWqsC5FqrAhtbqwIvXKsCSFyrAndcqwLWXKsC2VyrAtxcqwJ1XasC2F6rAl5gqwIGYasCsWGrAr9jqwLkZKsCHmerAgZoqwJfaKsCS-0FA9YmEANUssUFKg39CEBt9guPip8ORm-mD86hNRF6934SaaP7ErGr-xLW4fsSIez7Eov1-xIiCfwSPgr8EmQL_BLhC_wSPw38Eo0N_BIMDvwSng78EroO_BLEDvwSzQ78EtYO_BIDD_wSDw_8Euhb0BOGvP8j8lzLJg&awbid_c=AKAmf-A0b_lUQxjStAopqC436BGTcgjRsFqzjjKn8L-VrmS6tjflc9UZQNQkVHxd-nc_NtSGQOQMrQE6Zg_22TG6RR1CgChUfJc3pwjEg5EPI48jMlks3H6zhjNyxWEhtj8VEWzacWFf7AQ3mZcyZpvW0AdtN20HLXMfCwAUpXle-0o_gYvb8FDEUwTgNdT4Norgcv_9s8s7jHlWi_KkH3y1Tb1VZ8yfMwAJe0C4ImvwqOVLmd5bC5O3OyhDc4TZ58a_czEZjWSeGh6ZlM0N7JeOIRvcu2TrO_L6uY4pX4Fc-3emQ8GyOmNz-rVt6wLRhU1Ub2sUnbsOZMaxIc0HpC62SNR916boi-yA0ENWTuVGC-dM4fp9AfnEjUEUND7j8xrldZ93_SABEMfTk7E3rpRyuqe4zsbgBAG02JrmBL12OmPM69STePkO3s7Q50SkhyZWuCxUibxwE3h7Dc5LqZQvmwJOc_C5UzE-c7ikBVqT1UoDbkfFGRo&awbid_d=AKAmf-DCc3lidmiBxEmyAI5BhxucK0oM-w2bIIgZCsKayqgPy-UBZs7-yjYvfNGkAhet5AMNY3AsEWy0DopbFko8fEzDLIiVxjKixdm3FRNem_csXdyVzOhXv30yUna0JQyXvjqbfgty6PFuejHb1cedLtZAyUyIo1lq1mqpiC7sGwCyVRl2Li4c0hP2_WtBqFzeNc5H-K_MSBhlMs3-a9FnYjZaGbbTT2ptH0bCzEBCCtkMNRnvzFZEAaYd61One5Y3d1W-V-MEZ1rJ4PiWAZhALD1kLZEBIEPSPpSxwJT9Ayt9QiLUzmmTAEVk1yjpfeEPEK6w4uxEuI2LnT0t8R-1L8RHgVif8xjO0ir-mdKu9MEmgCz9-caRD1wlb2Sf0scHBi9ziFCfaKec9ICMiGqm2uHkAtwJBp4NAmX72UP4XK2qKpen3KFoEGQ-locKiJWsTdRHUYWE7eHVsVitD7tDRYuQRWe0FG0jk4x6VWmycXP2bC98s_wHd0sfy9habIdEJH4fz-7BY2TI5SQusijAbuDxjuOYrGJr4OELt8RpkLY9HiRe9egV3srAAvJI-zr047zfAs9AQv1VcXVSlgg3OQ2T36yBpYFo6lLTfYKXbQkJTQGuOWT3aC0h6YeyHY0C3b5ognD_uZKnTX7wYW4y3xWJEY-dM1iVTgQ-1qia6fBN-9E4K_6n0UKkfxc0MSxRrHuLvn5g0RvgVOnnQ90jfJU4npPPTsFC-EzK2siiwCqPvQRFa2S3BvIZ7vYQEbRorOWXxzuYcAvvibTk5shezBLDBzl2Nm9s-U2jPHU-zuTbUAtN8XSx0-32OfRkionhiOUgp6DT_Zx28vvHEQaKtdDqV4o6zRT36iL68-n10-n6d4I5LgOoICdLSz7W5tPZ-0j5DY0lmE0969SUL4rldXlTEA7kpQG2BmRGLC-PIhGZUhgIoKQR4u9U-jwhuR4bqbE4az8lt0UswnZAHVkm_0QF1W32YUJd0Wyio1XKH1sC5Wl-2mDzQlJz1aMVojkL4cKinYCX&cid=CAQSGwDUE5ymq_xYGKqyZqwuWnna_9kI2URHVoWHPRgB&exk=1570304352&rfl=https%3A%2F%2Fsmarturl.it%2Fhailstan_store&a_pr=8:F897ADBA3AA5D669

Requested by

Host: smarturl.it
URL: https://smarturl.it/hailstan_store

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9720024c52eae550fd8a4229c3b5ddad5af9d512b2adadc31ac57bbc9a5c850

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://smarturl.it/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 38339
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 11:31:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 xbfe_backfill.js Show response
googleads.g.doubleclick.net/pagead/ Frame F848 7 KB
4 KB 98ms
28ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js

Requested by

Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/23872/403064/2720482-15.js?&cb=0.09537325275325803&tk_st=1&rf=https%3A//smarturl.it/hailstan_store&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=403064_15&rp_secure=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d252ef715596a18ae31690327a2a05170d235165c134e7e19e7d38ab1db18ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://smarturl.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 10:54:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2181
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3332
x-xss-protection: 0
server: cafe
etag: 17978550389519879348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 24 Mar 2023 11:54:57 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F848 0
20 B 65ms
64ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-CDEwjCAHvN44iK6JLREBCObFKBsl6vNTImeGgONbDrh6XRzYPF-QuhnySqiV6sPzXVCJCrxUk08M0ZnvFLeK4CBWbpSg&pr=8:F897ADBA3AA5D669

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://smarturl.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 11:31:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 31dfd8c5-c0bf-4a22-96c7-9d305b11a243
beacon-ams3.rubiconproject.com/beacon/d/ Frame F848 43 B
354 B 179ms
34ms Image
image/avif 2602:803:c003:200::37
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-ams3.rubiconproject.com/beacon/d/31dfd8c5-c0bf-4a22-96c7-9d305b11a243?oo=0&accountId=23872&siteId=403064&zoneId=2720482&sizeId=15&e=6A1E40E384DA563B2CCE3263316413B98ACB1161FEE4871084082E282D87114976D5CB848EB66E6C1DECFA8D823B9F316EB69AE2A0CA654B59DAFE5D324C7B760246BA6B882801CC7DA83110B80B530F540D854F63E6C3A19D6E49C5D483782F099AC745816C078C863A4ACA1AA8F2373FA4FCCEE5AF6D0975394A3573E9258A08134E79330163F8D9F5EF3DFEA449C20AE267F6F80FD7BC40B31182FA5C6BD943845A52A882C55734EA96380FB64E0F8EE4F9E488FA1EF1E82A954C1004678A

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

2602:803:c003:200::37 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://smarturl.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Mar 2023 11:31:17 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/avif
Cache-Control: private, max-age=0, no-cache
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: 01 Jan 1970 10:00:00 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame F7C9 281 B
554 B 122ms
33ms Document
text/html 23.2.211.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=it
Requested by: Host: smarturl.it
URL: https://smarturl.it/hailstan_store
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.2.211.147 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-2-211-147.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://smarturl.it/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 24 Mar 2023 11:31:18 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F848 0
0 75ms
75ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_MEkcU1HVuf78YYJB-Ki7c6RhfmZOtR6EUh5d931mKjGqlVZswoNtiY9CHvdZPmQnVGAwscdbjDLZMy38LHtEpCD3sf65zmiPTNm2zQ46sm0FuegglMdM9Ke6qegboJoInCccYwEx_cBdZbFXjGWU2Icr3W6bVy93U9JwD9tTgil_YqR_qoCyecCwc7rrlZdN5odCYSI0gGlVH-sL3GoPnIQ2WAADBMyWB72Qfilwno8-DvUqGQZ9AivUeaAqwPiTlCsfXcqT7FeBghPX8qzda5MYfIBda3xglH-EGvlZTj_IbGVXFCdwzgfjPGz3zS9i3SX2QE11wSGUm9O5n7Y&sai=AMfl-YQ-_CWSUwqv8TFLkKWUZb0NI9V2mFCWpSoYyWJv--zuSQlNOKItg96MRlkreYqJ1M_-Dde-OzyDaWMWvdqPCPM7jg8_xVS9hXbpf2MoD1qLijQXD3AmWJKkuSu_vHTKC_nRob6UNupafOCM-xG8&sig=Cg0ArKJSzJivcE1KzLx1EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://smarturl.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:31:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 24 Mar 2023 11:31:18 GMT

GET
DATA 200
OK truncated
/ Frame F848 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 377096a425570a8f4260acfb96cffcc1f8ab9fae90bb470351d45cb8a894e990

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 7c1d8e9d6d01f7f85b67a0c0330f57be.js Show response
www.gstatic.com/mysidia/ Frame 609F 15 KB
7 KB 92ms
28ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7c1d8e9d6d01f7f85b67a0c0330f57be.js?tag=client_fast_engine

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=830082962&adsafe=medium&client=ca-pub-6579838053286784&format=300x250_as&ip=2001:ac8:24:44::&output=html&unviewed_position_start=1&url=https://smarturl.it/hailstan_store&sub_client=bidder-403064&hl=it&aceid=MA4PtADrFrQAWRi0AJwctAC2HLQAImo0AdSDNAGShDQBuIU0ARaGNAEYhjQB9YY0Af-GNAEEhzQBCIc0AQuHNAENhzQBFIc0AWiHNAGIhzQBjIc0Aa6HNAG9hzQBzYc0AdOHNAHWhzQB14c0AdqHNAHghzQB44c0AeeHNAH1hzQB_Yc0AQSINAEJiDQBCog0AQuINAEMiDQBIIg0ASaINAFLc0EBU3NBAewd2gGzSw4C-6JdAtf2iAJo-YgCVfyIAsr8iALhOaoCJ0KqAihCqgIpQqoCtkKqAhxEqgIbUaoCD1aqAvB2qgL9eKoCgJuqAoGbqgKCm6oCoqiqAuSsqgLcyKoCf82qAnXaqgKg5aoCXe6qAqn0qgKL9qoCVPiqAgz6qgIl-6oCQvuqAvz-qgIdFKsCcBmrAvkeqwI1IKsCVyCrAlwhqwKyIqsCPCOrAlQoqwLxKKsCDiqrAvsrqwKCNasC3jerAvc4qwLyOasC_TmrAg08qwIjPKsCSkCrAupAqwI9QasCkkGrAqhBqwKdQ6sCtESrAmlGqwJTSKsC3UmrAjhNqwLBTasC3E2rAttQqwIQUasCfVGrAqVUqwIuVqsCllarAsRXqwJEWKsCSVirAqNYqwK6WasC-1mrAnhaqwLjWqsC5FqrAhtbqwIvXKsCSFyrAndcqwLWXKsC2VyrAtxcqwJ1XasC2F6rAl5gqwIGYasCsWGrAr9jqwLkZKsCHmerAgZoqwJfaKsCS-0FA9YmEANUssUFKg39CEBt9guPip8ORm-mD86hNRF6934SaaP7ErGr-xLW4fsSIez7Eov1-xIiCfwSPgr8EmQL_BLhC_wSPw38Eo0N_BIMDvwSng78EroO_BLEDvwSzQ78EtYO_BIDD_wSDw_8Euhb0BOGvP8j8lzLJg&awbid_c=AKAmf-A0b_lUQxjStAopqC436BGTcgjRsFqzjjKn8L-VrmS6tjflc9UZQNQkVHxd-nc_NtSGQOQMrQE6Zg_22TG6RR1CgChUfJc3pwjEg5EPI48jMlks3H6zhjNyxWEhtj8VEWzacWFf7AQ3mZcyZpvW0AdtN20HLXMfCwAUpXle-0o_gYvb8FDEUwTgNdT4Norgcv_9s8s7jHlWi_KkH3y1Tb1VZ8yfMwAJe0C4ImvwqOVLmd5bC5O3OyhDc4TZ58a_czEZjWSeGh6ZlM0N7JeOIRvcu2TrO_L6uY4pX4Fc-3emQ8GyOmNz-rVt6wLRhU1Ub2sUnbsOZMaxIc0HpC62SNR916boi-yA0ENWTuVGC-dM4fp9AfnEjUEUND7j8xrldZ93_SABEMfTk7E3rpRyuqe4zsbgBAG02JrmBL12OmPM69STePkO3s7Q50SkhyZWuCxUibxwE3h7Dc5LqZQvmwJOc_C5UzE-c7ikBVqT1UoDbkfFGRo&awbid_d=AKAmf-DCc3lidmiBxEmyAI5BhxucK0oM-w2bIIgZCsKayqgPy-UBZs7-yjYvfNGkAhet5AMNY3AsEWy0DopbFko8fEzDLIiVxjKixdm3FRNem_csXdyVzOhXv30yUna0JQyXvjqbfgty6PFuejHb1cedLtZAyUyIo1lq1mqpiC7sGwCyVRl2Li4c0hP2_WtBqFzeNc5H-K_MSBhlMs3-a9FnYjZaGbbTT2ptH0bCzEBCCtkMNRnvzFZEAaYd61One5Y3d1W-V-MEZ1rJ4PiWAZhALD1kLZEBIEPSPpSxwJT9Ayt9QiLUzmmTAEVk1yjpfeEPEK6w4uxEuI2LnT0t8R-1L8RHgVif8xjO0ir-mdKu9MEmgCz9-caRD1wlb2Sf0scHBi9ziFCfaKec9ICMiGqm2uHkAtwJBp4NAmX72UP4XK2qKpen3KFoEGQ-locKiJWsTdRHUYWE7eHVsVitD7tDRYuQRWe0FG0jk4x6VWmycXP2bC98s_wHd0sfy9habIdEJH4fz-7BY2TI5SQusijAbuDxjuOYrGJr4OELt8RpkLY9HiRe9egV3srAAvJI-zr047zfAs9AQv1VcXVSlgg3OQ2T36yBpYFo6lLTfYKXbQkJTQGuOWT3aC0h6YeyHY0C3b5ognD_uZKnTX7wYW4y3xWJEY-dM1iVTgQ-1qia6fBN-9E4K_6n0UKkfxc0MSxRrHuLvn5g0RvgVOnnQ90jfJU4npPPTsFC-EzK2siiwCqPvQRFa2S3BvIZ7vYQEbRorOWXxzuYcAvvibTk5shezBLDBzl2Nm9s-U2jPHU-zuTbUAtN8XSx0-32OfRkionhiOUgp6DT_Zx28vvHEQaKtdDqV4o6zRT36iL68-n10-n6d4I5LgOoICdLSz7W5tPZ-0j5DY0lmE0969SUL4rldXlTEA7kpQG2BmRGLC-PIhGZUhgIoKQR4u9U-jwhuR4bqbE4az8lt0UswnZAHVkm_0QF1W32YUJd0Wyio1XKH1sC5Wl-2mDzQlJz1aMVojkL4cKinYCX&cid=CAQSGwDUE5ymq_xYGKqyZqwuWnna_9kI2URHVoWHPRgB&exk=1570304352&rfl=https%3A%2F%2Fsmarturl.it%2Fhailstan_store&a_pr=8:F897ADBA3AA5D669

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad8bc54eed188ec85e976a96a505fef9ced1943734786b62c1ff2c2e73aa5cf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 00:41:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 557381
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6258
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 21:56:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Jun 2023 00:41:37 GMT

GET
H2 200 66307eedf77200a17fb3bea50b98f1ea.js Show response
www.gstatic.com/mysidia/ Frame 609F 12 KB
5 KB 94ms
30ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/66307eedf77200a17fb3bea50b98f1ea.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85eded5b801ddd51a40ca41b2fbac44c31493d572a0333b682c66a7e665c64ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 03:53:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 545879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5247
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 21:56:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Jun 2023 03:53:19 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 609F 8 KB
991 B 37ms
36ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 24 Mar 2023 11:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 10:18:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Mar 2023 11:31:18 GMT

GET
H3 200 load_preloaded_resource.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 609F 3 KB
1 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/load_preloaded_resource.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9de103952ef65bbed1caa4c723a8c4a88760791eb92dd092e410f643a1e256f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:18:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69155
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1131
x-xss-protection: 0
server: cafe
etag: 8942511002004314746
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:18:43 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 69ms
69ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023032101&jk=1551611902665268&bg=!IyClIHTNAAbO2UOH7tk7ADkAdvg8WsGnt3G3tu9LIgkZWUA8WRubvpOokbizW2fkCsEPSfb0zXQx2iKDz6mQNAk0UU37GjeRsBECAAAAa1IAAAACaAEHCgAJwaDJZN1xJ9cXmQKmAt4VI9FFuVAcxSqawdlEq-iM0DJl-tcWExdSalLZzXHU6a1_b2ql-QJyVZfKsw4xbGKyDhrZHGfKJuexi4f4bA1FerjL-Zbw_XfbamktZLO8VQD7-58K7bRgQJe03xUjYgBiiwNczYVO6eV392VV_5nmcXE9sHMi9ehLe0qPQTRoIKsBHvbyv-ZCOBjesptHqmo7GJcnYQrdsmIVLhegm1TPEqftRYQTA9wprm6bVHEF4QdnJ98PYm_cUk01gc_i06GbggqVrfrHbtmOXqQkIBSQt4BAWKozspVOu_HGAEUa2g0Z9Tvg1I0egRlRec8ptPnEZaaJijoYpLagDZNTWGNQkM4VIEPK_K3_QU3hEOmuCK7ds3kYYTb4CCBmNQS0QjZr3RwRXf67INERb7trB5A5hxrlty_ErXy6W63q8HaT8LUoUw9UcE9DVB3MITZrVJQumkjHqeuS35XLeMeFTEsCx1AJwBsgFi3bt5azu_lAwVoKV2AsYTVIRY8tYNkOIPiECABbo_IkmaudLvEYn37gDtEQEr70iV1byjZs2vglADRqotB5a-K8mEb-YVfCLv2uDqvbc0Y8vhoGSrTe7TJ4bKKPNIwVOuzMvTC8sFh9gRnm9yJH7hKF0E04zFRTlWcx-VgDu4jwAYhZyWB98Z41N0FuWIPnyzsc7DbZxPg3Jn9QF_8z803csV0nQkO2LmINAp4Jq8CK75wCEO8GSpuqxRPMn--5xmip-UQVMGCDF8zStAz2ArO2iT8uRrS2q6zYnsXw77oxDAMBuJRvjldF0kUEfXnAkSKrQ4rBer6lHq0HD-8NJFsHsfiIJUq7A3AiCy6YsdP1V-RVWzGF7VH_G1Vdwurrc6yo_Qm7eKb8rL_Ibd7P5NusD2Hr950lUFjVE_JR
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://smarturl.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/ Frame 609F 28 KB
11 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11f1414c6342d8a5a5124286921298b09b1e776f0aae7bbc4c83b96685166019

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:17:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69257
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10980
x-xss-protection: 0
server: cafe
etag: 17255800071175307161
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:17:01 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 609F 3 KB
1 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/window_focus.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:15:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69326
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1307
x-xss-protection: 0
server: cafe
etag: 18393213423120915576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:15:52 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 609F 28 KB
11 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/qs_click_protection.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3694bc5a1eac1e9d958aeb602388bd2d9372876d4b033318646c95d439e6df25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:15:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69326
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11165
x-xss-protection: 0
server: cafe
etag: 702724599392347572
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:15:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 609F 158 KB
49 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc5e5e5fcb0512d00c16a63f06157a3d039a2810e184226ffede0b5f2f223293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679493709445325"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Mar 2023 11:31:18 GMT

GET
H2 200 2d4d1720ca9317f0a648fa48ce84d2a3.js Show response
www.gstatic.com/mysidia/ Frame 609F 48 KB
18 KB 32ms
29ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2d4d1720ca9317f0a648fa48ce84d2a3.js?tag=mysidia_one_click_handler_one_afma

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57ddb0bbe9e1b8fc77264a81fd5608871fa9b3077e32a124103993118dc13cfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 16:58:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 498761
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18753
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 21:56:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Jun 2023 16:58:37 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F7C9 33 KB
10 KB 33ms
32ms Script
text/html 23.2.211.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=it
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.2.211.147 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-2-211-147.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d7f3d4df76645e0f59185b6537ce53b0dc069e880c3a8a8229195fa2d46c129d

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 11:31:18 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Mar 2023 05:11:53 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=63630
Connection: keep-alive
Content-Length: 9997
Expires: Sat, 25 Mar 2023 05:11:48 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 609F 0
133 B 75ms
72ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cabc5BoodZL_zApX_gAfF4Z34Ba6s94FulYmNv7IO5Zbvub0qEAEgur7wFmD9gpGE6BGgAZW2r54DyAEBqAMByAPLBKoEwQFP0JgsnR11eOpM7IGriyztA8STqHaDP42RShYvYo4tgx0NhvCOC0GOqGk8PIZAKT-ExIMUD1Tj9InDY33kLyu7su2zxjVa44Ko4yi5MhkNLLfslid1uZeeosCPS8b9rZMZ5dhCIA44qcZPNbkjtoMUsAaMyX8PARdW4lh1S2Ihr3FEcw4pXuJBj9hJxmG_HmCUOuuLsqvBq3uqZnAZjQFTKHO1b23ltgjtujSWHvsw6YQJIg3WwrCfZkZgXjF80B3rwAS039Ko5wOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAH08nQYagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB0ggRCIDhgBAQARgAMgKqAjoCgEDyCA1iaWRkZXItNDAzMDY0gAoEyAsB2BMMiBQF0BUBmBYBgBcBshcICgYIABIAGAA&sigh=BHo35Ic2cCs&uach_m=[UACH]&pr=8:F897ADBA3AA5D669&cid=CAQSKQDUE5ymHYrPhdbNRCxRWuFlbc0MKsZIIK7tCWPmwNgsC55qfChfp3tbGAE&vis=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/adfetch?adk=830082962&adsafe=medium&client=ca-pub-6579838053286784&format=300x250_as&ip=2001:ac8:24:44::&output=html&unviewed_position_start=1&url=https://smarturl.it/hailstan_store&sub_client=bidder-403064&hl=it&aceid=MA4PtADrFrQAWRi0AJwctAC2HLQAImo0AdSDNAGShDQBuIU0ARaGNAEYhjQB9YY0Af-GNAEEhzQBCIc0AQuHNAENhzQBFIc0AWiHNAGIhzQBjIc0Aa6HNAG9hzQBzYc0AdOHNAHWhzQB14c0AdqHNAHghzQB44c0AeeHNAH1hzQB_Yc0AQSINAEJiDQBCog0AQuINAEMiDQBIIg0ASaINAFLc0EBU3NBAewd2gGzSw4C-6JdAtf2iAJo-YgCVfyIAsr8iALhOaoCJ0KqAihCqgIpQqoCtkKqAhxEqgIbUaoCD1aqAvB2qgL9eKoCgJuqAoGbqgKCm6oCoqiqAuSsqgLcyKoCf82qAnXaqgKg5aoCXe6qAqn0qgKL9qoCVPiqAgz6qgIl-6oCQvuqAvz-qgIdFKsCcBmrAvkeqwI1IKsCVyCrAlwhqwKyIqsCPCOrAlQoqwLxKKsCDiqrAvsrqwKCNasC3jerAvc4qwLyOasC_TmrAg08qwIjPKsCSkCrAupAqwI9QasCkkGrAqhBqwKdQ6sCtESrAmlGqwJTSKsC3UmrAjhNqwLBTasC3E2rAttQqwIQUasCfVGrAqVUqwIuVqsCllarAsRXqwJEWKsCSVirAqNYqwK6WasC-1mrAnhaqwLjWqsC5FqrAhtbqwIvXKsCSFyrAndcqwLWXKsC2VyrAtxcqwJ1XasC2F6rAl5gqwIGYasCsWGrAr9jqwLkZKsCHmerAgZoqwJfaKsCS-0FA9YmEANUssUFKg39CEBt9guPip8ORm-mD86hNRF6934SaaP7ErGr-xLW4fsSIez7Eov1-xIiCfwSPgr8EmQL_BLhC_wSPw38Eo0N_BIMDvwSng78EroO_BLEDvwSzQ78EtYO_BIDD_wSDw_8Euhb0BOGvP8j8lzLJg&awbid_c=AKAmf-A0b_lUQxjStAopqC436BGTcgjRsFqzjjKn8L-VrmS6tjflc9UZQNQkVHxd-nc_NtSGQOQMrQE6Zg_22TG6RR1CgChUfJc3pwjEg5EPI48jMlks3H6zhjNyxWEhtj8VEWzacWFf7AQ3mZcyZpvW0AdtN20HLXMfCwAUpXle-0o_gYvb8FDEUwTgNdT4Norgcv_9s8s7jHlWi_KkH3y1Tb1VZ8yfMwAJe0C4ImvwqOVLmd5bC5O3OyhDc4TZ58a_czEZjWSeGh6ZlM0N7JeOIRvcu2TrO_L6uY4pX4Fc-3emQ8GyOmNz-rVt6wLRhU1Ub2sUnbsOZMaxIc0HpC62SNR916boi-yA0ENWTuVGC-dM4fp9AfnEjUEUND7j8xrldZ93_SABEMfTk7E3rpRyuqe4zsbgBAG02JrmBL12OmPM69STePkO3s7Q50SkhyZWuCxUibxwE3h7Dc5LqZQvmwJOc_C5UzE-c7ikBVqT1UoDbkfFGRo&awbid_d=AKAmf-DCc3lidmiBxEmyAI5BhxucK0oM-w2bIIgZCsKayqgPy-UBZs7-yjYvfNGkAhet5AMNY3AsEWy0DopbFko8fEzDLIiVxjKixdm3FRNem_csXdyVzOhXv30yUna0JQyXvjqbfgty6PFuejHb1cedLtZAyUyIo1lq1mqpiC7sGwCyVRl2Li4c0hP2_WtBqFzeNc5H-K_MSBhlMs3-a9FnYjZaGbbTT2ptH0bCzEBCCtkMNRnvzFZEAaYd61One5Y3d1W-V-MEZ1rJ4PiWAZhALD1kLZEBIEPSPpSxwJT9Ayt9QiLUzmmTAEVk1yjpfeEPEK6w4uxEuI2LnT0t8R-1L8RHgVif8xjO0ir-mdKu9MEmgCz9-caRD1wlb2Sf0scHBi9ziFCfaKec9ICMiGqm2uHkAtwJBp4NAmX72UP4XK2qKpen3KFoEGQ-locKiJWsTdRHUYWE7eHVsVitD7tDRYuQRWe0FG0jk4x6VWmycXP2bC98s_wHd0sfy9habIdEJH4fz-7BY2TI5SQusijAbuDxjuOYrGJr4OELt8RpkLY9HiRe9egV3srAAvJI-zr047zfAs9AQv1VcXVSlgg3OQ2T36yBpYFo6lLTfYKXbQkJTQGuOWT3aC0h6YeyHY0C3b5ognD_uZKnTX7wYW4y3xWJEY-dM1iVTgQ-1qia6fBN-9E4K_6n0UKkfxc0MSxRrHuLvn5g0RvgVOnnQ90jfJU4npPPTsFC-EzK2siiwCqPvQRFa2S3BvIZ7vYQEbRorOWXxzuYcAvvibTk5shezBLDBzl2Nm9s-U2jPHU-zuTbUAtN8XSx0-32OfRkionhiOUgp6DT_Zx28vvHEQaKtdDqV4o6zRT36iL68-n10-n6d4I5LgOoICdLSz7W5tPZ-0j5DY0lmE0969SUL4rldXlTEA7kpQG2BmRGLC-PIhGZUhgIoKQR4u9U-jwhuR4bqbE4az8lt0UswnZAHVkm_0QF1W32YUJd0Wyio1XKH1sC5Wl-2mDzQlJz1aMVojkL4cKinYCX&cid=CAQSGwDUE5ymq_xYGKqyZqwuWnna_9kI2URHVoWHPRgB&exk=1570304352&rfl=https%3A%2F%2Fsmarturl.it%2Fhailstan_store&a_pr=8:F897ADBA3AA5D669
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 24 Mar 2023 11:31:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 385F 143 B
212 B 31ms
30ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/adfetch?adk=830082962&adsafe=medium&client=ca-pub-6579838053286784&format=300x250_as&ip=2001:ac8:24:44::&output=html&unviewed_position_start=1&url=https://smarturl.it/hailstan_store&sub_client=bidder-403064&hl=it&aceid=MA4PtADrFrQAWRi0AJwctAC2HLQAImo0AdSDNAGShDQBuIU0ARaGNAEYhjQB9YY0Af-GNAEEhzQBCIc0AQuHNAENhzQBFIc0AWiHNAGIhzQBjIc0Aa6HNAG9hzQBzYc0AdOHNAHWhzQB14c0AdqHNAHghzQB44c0AeeHNAH1hzQB_Yc0AQSINAEJiDQBCog0AQuINAEMiDQBIIg0ASaINAFLc0EBU3NBAewd2gGzSw4C-6JdAtf2iAJo-YgCVfyIAsr8iALhOaoCJ0KqAihCqgIpQqoCtkKqAhxEqgIbUaoCD1aqAvB2qgL9eKoCgJuqAoGbqgKCm6oCoqiqAuSsqgLcyKoCf82qAnXaqgKg5aoCXe6qAqn0qgKL9qoCVPiqAgz6qgIl-6oCQvuqAvz-qgIdFKsCcBmrAvkeqwI1IKsCVyCrAlwhqwKyIqsCPCOrAlQoqwLxKKsCDiqrAvsrqwKCNasC3jerAvc4qwLyOasC_TmrAg08qwIjPKsCSkCrAupAqwI9QasCkkGrAqhBqwKdQ6sCtESrAmlGqwJTSKsC3UmrAjhNqwLBTasC3E2rAttQqwIQUasCfVGrAqVUqwIuVqsCllarAsRXqwJEWKsCSVirAqNYqwK6WasC-1mrAnhaqwLjWqsC5FqrAhtbqwIvXKsCSFyrAndcqwLWXKsC2VyrAtxcqwJ1XasC2F6rAl5gqwIGYasCsWGrAr9jqwLkZKsCHmerAgZoqwJfaKsCS-0FA9YmEANUssUFKg39CEBt9guPip8ORm-mD86hNRF6934SaaP7ErGr-xLW4fsSIez7Eov1-xIiCfwSPgr8EmQL_BLhC_wSPw38Eo0N_BIMDvwSng78EroO_BLEDvwSzQ78EtYO_BIDD_wSDw_8Euhb0BOGvP8j8lzLJg&awbid_c=AKAmf-A0b_lUQxjStAopqC436BGTcgjRsFqzjjKn8L-VrmS6tjflc9UZQNQkVHxd-nc_NtSGQOQMrQE6Zg_22TG6RR1CgChUfJc3pwjEg5EPI48jMlks3H6zhjNyxWEhtj8VEWzacWFf7AQ3mZcyZpvW0AdtN20HLXMfCwAUpXle-0o_gYvb8FDEUwTgNdT4Norgcv_9s8s7jHlWi_KkH3y1Tb1VZ8yfMwAJe0C4ImvwqOVLmd5bC5O3OyhDc4TZ58a_czEZjWSeGh6ZlM0N7JeOIRvcu2TrO_L6uY4pX4Fc-3emQ8GyOmNz-rVt6wLRhU1Ub2sUnbsOZMaxIc0HpC62SNR916boi-yA0ENWTuVGC-dM4fp9AfnEjUEUND7j8xrldZ93_SABEMfTk7E3rpRyuqe4zsbgBAG02JrmBL12OmPM69STePkO3s7Q50SkhyZWuCxUibxwE3h7Dc5LqZQvmwJOc_C5UzE-c7ikBVqT1UoDbkfFGRo&awbid_d=AKAmf-DCc3lidmiBxEmyAI5BhxucK0oM-w2bIIgZCsKayqgPy-UBZs7-yjYvfNGkAhet5AMNY3AsEWy0DopbFko8fEzDLIiVxjKixdm3FRNem_csXdyVzOhXv30yUna0JQyXvjqbfgty6PFuejHb1cedLtZAyUyIo1lq1mqpiC7sGwCyVRl2Li4c0hP2_WtBqFzeNc5H-K_MSBhlMs3-a9FnYjZaGbbTT2ptH0bCzEBCCtkMNRnvzFZEAaYd61One5Y3d1W-V-MEZ1rJ4PiWAZhALD1kLZEBIEPSPpSxwJT9Ayt9QiLUzmmTAEVk1yjpfeEPEK6w4uxEuI2LnT0t8R-1L8RHgVif8xjO0ir-mdKu9MEmgCz9-caRD1wlb2Sf0scHBi9ziFCfaKec9ICMiGqm2uHkAtwJBp4NAmX72UP4XK2qKpen3KFoEGQ-locKiJWsTdRHUYWE7eHVsVitD7tDRYuQRWe0FG0jk4x6VWmycXP2bC98s_wHd0sfy9habIdEJH4fz-7BY2TI5SQusijAbuDxjuOYrGJr4OELt8RpkLY9HiRe9egV3srAAvJI-zr047zfAs9AQv1VcXVSlgg3OQ2T36yBpYFo6lLTfYKXbQkJTQGuOWT3aC0h6YeyHY0C3b5ognD_uZKnTX7wYW4y3xWJEY-dM1iVTgQ-1qia6fBN-9E4K_6n0UKkfxc0MSxRrHuLvn5g0RvgVOnnQ90jfJU4npPPTsFC-EzK2siiwCqPvQRFa2S3BvIZ7vYQEbRorOWXxzuYcAvvibTk5shezBLDBzl2Nm9s-U2jPHU-zuTbUAtN8XSx0-32OfRkionhiOUgp6DT_Zx28vvHEQaKtdDqV4o6zRT36iL68-n10-n6d4I5LgOoICdLSz7W5tPZ-0j5DY0lmE0969SUL4rldXlTEA7kpQG2BmRGLC-PIhGZUhgIoKQR4u9U-jwhuR4bqbE4az8lt0UswnZAHVkm_0QF1W32YUJd0Wyio1XKH1sC5Wl-2mDzQlJz1aMVojkL4cKinYCX&cid=CAQSGwDUE5ymq_xYGKqyZqwuWnna_9kI2URHVoWHPRgB&exk=1570304352&rfl=https%3A%2F%2Fsmarturl.it%2Fhailstan_store&a_pr=8:F897ADBA3AA5D669
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 2076
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 10:56:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 609F 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf9c6e98a354a7a2ae4cc2b103ada35255d2155b0ae1248a5aa646d7da22e6b6

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 609F 28 KB
28 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:38 GMT
x-content-type-options: nosniff
age: 269620
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:38 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 385F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

43ms
43ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 11:31:18 GMT
expires: Fri, 24 Mar 2023 11:31:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 11:31:18 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame F7C9
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=n4dCfEL7TIibjvaQ8ML9Ag&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=n4dCfEL7TIibjvaQ8ML9Ag

43 B
479 B

55ms
55ms

Image
image/gif

52.95.126.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=n4dCfEL7TIibjvaQ8ML9Ag

Protocol

HTTP/1.1

Server

52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Mar 2023 11:31:19 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: JSV8N0M6CTJWHHKTPCGD
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=n4dCfEL7TIibjvaQ8ML9Ag
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame F7C9
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/3DSi-N0DbG3-QekLO7jzk8n5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-VVWdHrpE2oLo3PRPTsXTxF0EztlQFSEFpUQwyA--~A

0
239 B

28ms
28ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-VVWdHrpE2oLo3PRPTsXTxF0EztlQFSEFpUQwyA--~A
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Fri, 24 Mar 2023 11:31:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-VVWdHrpE2oLo3PRPTsXTxF0EztlQFSEFpUQwyA--~A
content-length: 0

GET
H2

200

setuid
px.ads.linkedin.com/ Frame F7C9
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LFMGP0NF-14-LSV3

0
648 B

304ms
192ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LFMGP0NF-14-LSV3
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:31:18 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: F6CA7F3A34C749A8B46B5258B82CF167 Ref B: DUS30EDGE0907 Ref C: 2023-03-24T11:31:18Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX3o7tft6zqswrE2S6Heg==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LFMGP0NF-14-LSV3
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame F7C9 70 B
265 B 167ms
49ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: smarturl.it
URL: https://smarturl.it/hailstan_store
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 24 Mar 2023 11:31:18 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F7C9
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=HXCI6um3TI-wgW9fkvlB-g&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=HXCI6um3TI-wgW9fkvlB-g

43 B
479 B

118ms
118ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=HXCI6um3TI-wgW9fkvlB-g

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Mar 2023 11:31:19 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: QXSFMA9S7H3PPSZASPFY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=HXCI6um3TI-wgW9fkvlB-g
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F7C9
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZNR1AwTkYtMTQtTFNWMw==

170 B
243 B

42ms
40ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZNR1AwTkYtMTQtTFNWMw==

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 11:31:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZNR1AwTkYtMTQtTFNWMw==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F7C9
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDU4NTcyZTg2ZjMxMzAzMDc0Y2UyOWM5Zjg5MGM3NWY2OTgzYzQzNw

170 B
232 B

42ms
41ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDU4NTcyZTg2ZjMxMzAzMDc0Y2UyOWM5Zjg5MGM3NWY2OTgzYzQzNw

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 11:31:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDU4NTcyZTg2ZjMxMzAzMDc0Y2UyOWM5Zjg5MGM3NWY2OTgzYzQzNw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame F7C9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPV4IomsGSrX10BIdOuAYOE&google_cver=1

0
239 B

113ms
27ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPV4IomsGSrX10BIdOuAYOE&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 24 Mar 2023 11:31:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPV4IomsGSrX10BIdOuAYOE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 3b1Q3-2ktxseIVt-HK-LDpEKRyl8KDIxhU6os0UJEUg.js Show response
pagead2.googlesyndication.com/bg/ Frame 9C3A 36 KB
14 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3b1Q3-2ktxseIVt-HK-LDpEKRyl8KDIxhU6os0UJEUg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbd50dfeda4b71b1e215b7e1caf8b0e910a47297c283231854ea8b345091148

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 20:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14404
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Mar 2024 20:26:55 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F848 42 B
64 B 62ms
61ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuINT7LdrPABbaKb7nMRLvqIkxDFw1z15vgixCFbuX6GMD4sRbsh8fGurH6fEmTuJrDGKPtsLHa1uYo2vZbFnsYOMmibU4t3oYaeCxvSvY6ZnvpBvyw&sig=Cg0ArKJSzJtgEuLFFlEtEAE&id=lidar2&mcvt=1000&p=649,658,903,958&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230322&bin=7&avms=nio&bs=1600,1200&mc=0.98&vu=1&app=0&itpl=19&adk=2627475421&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679657477663&rpt=656&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://smarturl.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 11:31:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 609F 42 B
64 B 69ms
69ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst0YiogbWgIhvQmMTUfM7p90ABkPu5jytCDKTNCfHcGgGY1V3DvosIxQeWuUPqOxTkdkotY-3snUsrwzGqRHX7T0VBCNEzmbIoxV6_ugNOrOSN5_QtKjdDKpzvVzKKVzQEZsAtThg&sai=AMfl-YT-Ug4a7om4RY0Tia_5q8lGSxrdGHmoNTNpnBc4aDZuNtjoos3XdfDEV7gnIANYeUfQVuNqJ6AYFl4gPHQ3Cr9HEE5WTv4l2Qs&sig=Cg0ArKJSzFHH46fPvgdoEAE&cid=CAQSKQDUE5ymHYrPhdbNRCxRWuFlbc0MKsZIIK7tCWPmwNgsC55qfChfp3tbGAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230322&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=830082962&rs=5&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679657478170&rpt=505&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 11:31:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.smarturl.it/	1970-01-20 10:35:43	Name: LF_nativeCount_amazon-music Value: 0-1679743876000
.smarturl.it/	1970-01-20 10:34:18	Name: LF_session_461a117ae78179808d9456d5d0e1d408 Value: 1
.smarturl.it/	1970-01-20 19:55:53	Name: __gads Value: ID=c681407ff1d5efd6:T=1679657477:S=ALNI_MbFVGeXAOseHiIDP0e0IxCUGQ1u3g
.smarturl.it/	1970-01-20 19:55:53	Name: __gpi Value: UID=00000bcb37281531:T=1679657477:RT=1679657477:S=ALNI_MZuWfaLO56yONP1gxVr6J3rtGjOxg
.doubleclick.net/	1970-01-20 19:55:53	Name: IDE Value: AHWqTUlr-doyAOReKz7tMUhdK7pO5eTmf4QH6D8A6S30MlAZzvBuxv6ky1AqIkAeS-U
.rubiconproject.com/	1970-01-20 19:19:53	Name: khaos Value: LFMGP0NF-14-LSV3
.rubiconproject.com/	1970-01-20 19:19:53	Name: audit Value: 1\|SDziDG3X/EgeCD7RI0IWDlqbBgMWySGKaxJuuRhJfvdwNUgf/WiLwdThwhkazNPp8GcKMSsD+wYCAvn18b4xWy9d0VekmPF2sqlSNZOaaDQ=
.doubleclick.net/	1970-01-20 10:34:21	Name: DSID Value: NO_DATA
.yahoo.com/	1970-01-20 19:20:15	Name: A3 Value: d=AQABBAaKHWQCEDarwgPCwKVkCh21_76yUM4FEgEBAQHbHmQnZAAAAAAA_eMAAA&S=AQAAAmlnqUm-DEtlklRof3Ys3G0
.linkedin.com/	1970-01-20 19:19:53	Name: bcookie Value: "v=2&d8ecc63e-b75a-4a11-8469-ee735d50acb8"
.linkedin.com/	1970-01-20 14:53:29	Name: li_gc Value: MTswOzE2Nzk2NTc0Nzg7MjswMjH33dCtLCC1iPxUqZQQLC1ShziwwqhxsZJFRRQuSs2NbQ==
.linkedin.com/	1970-01-20 10:35:43	Name: lidc Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2615:u=1:x=1:i=1679657478:t=1679743878:v=2:sig=AQFLhs0LAoELn-7glsLngHRPJMinMcE9"
.amazon-adsystem.com/	1970-01-20 20:10:17	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-20 15:09:19	Name: ad-id Value: A-2Pj8SQBktHpTVj6m0AXGw

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

48a376f87d3685280d2fa0f31bc067d5.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
ads.rubiconproject.com
adservice.google.com
adservice.google.it
ajax.googleapis.com
beacon-ams3.rubiconproject.com
cm.g.doubleclick.net
display-service.linkfire.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
match.adsrvr.org
pagead2.googlesyndication.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
s.amazon-adsystem.com
securepubads.g.doubleclick.net
smarttag.rubiconproject.com
smarturl.it
token.rubiconproject.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.181.226
143.204.89.122
2.19.70.117
23.2.211.147
2602:803:c003:200::37
2602:803:c003:200::41
2620:1ec:21::14
2a00:1450:4001:803::200a
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2003
2a05:d018:d29:3602:b442:a922:75e3:f08a
52.223.40.198
52.46.151.131
52.95.126.160
54.171.251.32
69.173.144.138
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fcaa907b9d20113054616e3aaac5b09f790e56c3a51c0e5ba86a08e00c401c3
11f1414c6342d8a5a5124286921298b09b1e776f0aae7bbc4c83b96685166019
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222
3694bc5a1eac1e9d958aeb602388bd2d9372876d4b033318646c95d439e6df25
377096a425570a8f4260acfb96cffcc1f8ab9fae90bb470351d45cb8a894e990
3d252ef715596a18ae31690327a2a05170d235165c134e7e19e7d38ab1db18ca
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
49791a696302b5112cec6f474d4d188ec3da019fab43b744b558c8b5e6644785
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
53bc96ad0de2117ea0e7b79d23bbb151fcad673f16d8436c88fb0d7f32aa46a5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57ddb0bbe9e1b8fc77264a81fd5608871fa9b3077e32a124103993118dc13cfb
5cc39515a7693860f81df5315fd318fc4071ef3f1d16c9a96ab655d63d401732
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
73fb2fa0d192c9fe74aaef182a6dbc31c29e7cc863038f0d69eac0d5c8ae204f
7ce0c6a5f8eda1425952b12b78e2e36ab8603310098664b30972fa8d2bd584ca
7dffcaa3fab3fa0d959108cc10cb49f046c6a8db7e49ace8362a40c8c2e9c12d
7e18b2658817f04c70d5c897f75c930bb3768fbf951a7e78cb5f478e398305a5
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
85eded5b801ddd51a40ca41b2fbac44c31493d572a0333b682c66a7e665c64ad
88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9de103952ef65bbed1caa4c723a8c4a88760791eb92dd092e410f643a1e256f4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ad8bc54eed188ec85e976a96a505fef9ced1943734786b62c1ff2c2e73aa5cf1
aef301bd9ed110ba53c8b5a088217d42e2b86ac4334188389b9ee07ab7de3f36
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bf4eae9216be01f9a411ac93c5008eb38a3abdbb12fdb50ef974a4599e90220a
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c9d96456fb82f973c786634c9bcda2c8b0811ff83df4199ebdd2626acd476029
cf9c6e98a354a7a2ae4cc2b103ada35255d2155b0ae1248a5aa646d7da22e6b6
d7f3d4df76645e0f59185b6537ce53b0dc069e880c3a8a8229195fa2d46c129d
d9720024c52eae550fd8a4229c3b5ddad5af9d512b2adadc31ac57bbc9a5c850
ddbd50dfeda4b71b1e215b7e1caf8b0e910a47297c283231854ea8b345091148
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53284c63833fc350b03720856317997e8e7f610bf7cc63c4f96a08bedd26b2b
ea18ca3fe3ae4d94d21bb36a2912258193fb4f257be81be3dabe0e3809a312e5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b6af1afaba68724717c4a77a7e020c8268aa0673916541c6f02949ef12d64f
fc5e5e5fcb0512d00c16a63f06157a3d039a2810e184226ffede0b5f2f223293

smarturl.it Open in urlscan Pro 54.171.251.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

88 %HTTPS

63 %IPv6

14 Domains

27 Subdomains

24 IPs

5 Countries

724 kBTransfer

1722 kBSize

14 Cookies

0 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

smarturl.it Open in urlscan Pro
54.171.251.32 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

88 %
HTTPS

63 %
IPv6

14
Domains

27
Subdomains

24
IPs

5
Countries

724 kB
Transfer

1722 kB
Size

14
Cookies

60 HTTP transactions
2 data transactions